The evolution of operating systems for smart cards has passed through the same stages as for all other computer systems. The original special-purpose programs for single applications were repeatedly generalized and extended. The end result was a structured, general-purpose operating system that is easy to use. From a modern perspective, the programs for smart card microcontrollers that existed at the beginning of the 1980s, at the start of this evolution, cannot be considered to be true operating systems. They were nothing more than application programs embedded in the ROM of a chip. However, since manufacturing mask-programmed microcontrollers is expensive and time-consuming, the demand for general-purpose kernel routines grew very quickly. Specialpurpose application programs stored in EEPROM could then be built on top of these routines, using them as necessary. However, this also increased the demand for memory, which led some companies to move in the opposite direction, back to special software for specific applications. However, a steadily increasing market demand for individually tailored solutions, which continues to exist, has more or less forced producers of operating systems to design their programs to meet this demand. Presently, the individualized approach with specially developed ROM software is only used for applications involving a very large number of cards. Generalpurpose operating systems based on standard commands are the norm, since in principle they can be used for any type of application. If this is not possible for some reason, these operating systems are at least designed so that they can be modified to meet the requirements of any particular application with a minimum of time and effort.

The ‘historical’ development of smart card operating systems from 1980 to the present can be very well illustrated by the smart cards used in the German mobile telephone networks. The smart cards used since 1987 in the C-Netz (the German precursor of the GSM, or D-Netz) have an operating system that is optimized for this application. The modifications include a custom transmission protocol, special commands and a file structure specially adapted to the application. All in all, this type of card certainly has a complete operating system, but it is totally tailored for use in the C-Netz. The essential components of the application based on this operating system were tailored to the special requirements of the library-oriented operating system and its underlying hardware. The next step was the transition from a special solution to a somewhat more open operating system architecture. One representative of this is the first GSM card, whose design is significantly more open and multifunctional. When GSM smart cards were specified, there were already proposed standards for the command sets and data structures of smart cards, which meant that the cornerstone had been laid for compatibility among various operating systems. Starting from this basis, further developments came step by step. Applications based on this operating system are largely independent of the hardware and are based on the various interfaces of the operating system. Modern operating systems for GSM have functions such as memory management, multiple file trees and state machines, which brings them very close to the features provided by multiapplication operating systems. They can manage several applications independently while preventing interaction among the applications. Most of them also have very complex state machines and a large command set, and some of them support several data transmission protocols.

Even these operating systems do not represent the end of the evolution. Smart cards for mobile telephones are taking on more and more of the functions of the telephone itself, such as driving the display and polling the keypad. In order to provide the maximum possible flexibility, it is necessary to break with what has up to now been a rigid fundamental principle in the smart card world. A modern smart card operating system must be able to run third-party program code in the card. With smart card operating systems, it goes without saying that this will not have any detrimental effect on the functionality or security of any other applications in the card. All modern smart card operating systems have a layered structure, with only the bottom layers being dependent on the hardware. The hardware is increasingly abstracted in the layers built on top of these lower layers. In the foreseeable future, it is certainly possible for the evolution of smart card operating systems to lead (via several intermediate steps) to an international quasi-standard for generalpurpose operating systems, as has already occurred with many other types of operating systems. It may take a while, but sooner or later a certain industry standard comes to predominate, and competitors in the market must support it as the ‘least common denominator’ if they wish to continue to operate successfully. Such a standard does not yet exist in the smart card world, but the first signs of one can already be seen. The basis for this, in contrast to the PC world for example, is formed by international standards and specifications. These are primarily the ISO/IEC 7816 family of standards, the UICC specifications (TS 102.221) and the EMV specifications.