Multos is a multiapplication smart card operating system originating from the development of the Mondex system for electronic purses. Starting with this system, an operating system that is primarily optimized to meet the requirements of electronic payment systems was developed in several steps. The publisher of the specifications, license issuer and operator of the certification services for Multos is the Maosco Consortium [Maosco]. The majority of the Multos specifications are confidential, so here we can only present a summary of the features of this operating system. One interesting detail is that certain core operating system components of Multos are certified in accordance with ITSEC E6, which is the highest possible evaluation level. Multos corresponds to a typical ISO/IEC 7816-4 compliant operating system and can interpret downloadable program code. Program code is typically developed in C and translated into the Multos executable language (MEL) using a special compiler. MEL is a hardwareindependent program code that is executed by a stack-oriented virtual machine called the ‘application abstraction machine’ (AAM). From within MEL, an application can access the operating system services of the Multiapplication Operating System (MAOS) via various interfaces. Before an application can be loaded into a Multos smart card, it must be digitally signed by a licensed Multos certification service using relatively elaborate mechanisms. As is usual with payment cards, large portions of the completion process are also specified in detail.

Basic Card
Since 1996, a smart card operating system with an interpreter for the Basic programming language has been available from the German company Zeitcontrol [Zeitcontrol]. This operating system is called Basic Card, and it is available in various versions with different features and for hardware platforms with various memory sizes. Besides Java Card and Multos, it is one of the few multiapplication operating systems to allow executable program code to be downloaded by third parties. The procedure for generating downloadable programs for Basic Card is based on traditional Basic interpreters. A compiler translates the source code into P-code, which is transferred to a memory region of the smart card microcontroller reserved for this purpose using a special loader program. After this, the program code stored in this region can be processed by the interpreter as necessary. With regard to data types, control structures and functions, the version of Basic supported by Basic Card corresponds to the presently common simpler dialects of this programming language, which has existed for several decades. It has also been extended to include some functions specific to smart cards, such as an interface to the smart card file system. In addition, there is support for the T = 0 and T = 1 data transmission protocols for contact-type cards, and for contactless data transmission in accordance with the ISO/IEC 14 443 B standard. For typical security applications, a variety of cryptographic algorithms can be called via an interface (including DES, triple DES, AES, RSA with a key length of 1024 bits, elliptic curves with a key length of 160 bits and the SHA-1 hash algorithm). Compared with other smart card operating systems with interpreters, the program code is very compact and the execution speed is relatively high. These two aspects are primarily due to the facts that in procedural terms, Basic can be easily and quickly interpreted, and that no sophisticated security mechanisms are used for preparing applications. Nevertheless, for certain applications that require programs in smart cards to be developed quickly and easily, Basic Card can certainly represent an alternative to other smart card operating systems. The main unconventional aspect of Basic Card is the fact that it is the product of a relatively small company, which has continued to further develop it over the course of many years, rather than one of the giants of the IT industry, as some of the other smart card operating systems with interpreters.

Windows for Smart Cards
In 1998, Microsoft announced Windows for Smart Cards (WSC) as a version of Windows for smart cards. This smart card operating system was intended to increase the bandwidth of the Microsoft operating system and was doubtless intended to be an alternative to Java Card, which was not yet a widely used operating system. After several years of development and several alpha, beta and final versions of the operating system, accompanied by a rather large promotional effort in terms of the modest smart card market, Windows for Smart Cards was cancelled in mid-May and the source code was offered for sale to several companies. Due to a lack of acceptance by the smart card industry, which is very demanding with regard to reliability and security, WSC never achieved any significant market success during this period. Windows for Smart Cards was a smart card operating system designed to be used with multiple applications, and it also supported downloadable program code. Many parts of the bytecode supported by the virtual machine (VM) were very similar to the machine code of 8051-type processors, which had a positive effect on execution speed. Loading programs into the memory of the smart card was protected using the usual cryptographic mechanisms. Downloaded programs could access various operating system functions, such as cryptographic algorithms, data transmission and file management, via several APIs. There was also a GSM 11.14 API in order to allow compliant value-added services for SIMs to be developed using the SIM Application Toolkit.19 Such services could be developed using Microsoft’s standard, powerful development environments for Basic and C. All that was necessary was to link in a few library components and place suitable compiler directives in the code. Windows for Smart Cards was a complete operating system, which means that it also included a complete file management system with rule-based access mechanisms. File management was based on ISO/IEC 7816-4 and ISO/IEC 7816-9, thus providing a large measure of compatibility with current standards. The file management system had one unusual feature, which is that it was the first file management system for smart card operating system to use a file allocation table (FAT). Figure 5.58 shows the basic functionality ofWindows for Smart Cards in the form of a data flow diagram. The programs generated using a development environment and loaded into the smart card were called ‘runtime environment’ (RTE) applications. The operating system was informed of the presence of an RTE application via a dispatch table to allow the corresponding
program code to be executed by the VM as necessary. Another option was to permanently integrate certain applications or commands in the ROM code. Such items were called ‘non-RTE applications’. A ‘file system builder’ (FS builder) could be used to create the files needed by a particular application, along with their access conditions. These files could then be loaded into the smart card as well, where they could be accessed by an RTE application.

Since the end of the 1990s, the open-source operating system Linux has altered large portions of the software industry. Up to now, the focus of Linux has been computers in the PC area, which have much higher performance than smart cards. However, for some time there have been efforts to establish Linux in the area of typical microcontroller applications. Up to now, this has presupposed a level of performance that typically can only be provided by 32-bit processors, along with memory demands on the order of several kilobytes of ROM and several tens of kilobytes of RAM. Current smart card microcontrollers cannot yet meet these demands. However, it is certainly conceivable that the versions of Linux available up to now could have their hardware requirements further reduced. At the same time, the performance of smart card microcontrollers increases with every new generation, so it would be possible for Linux to be available for smart cards in the not too distant future. Besides Linux, it is naturally possible for another open-source operating system for smart cards to appear. The only important consideration is that it can be used without licensing, since the high licensing fees resulting from the large quantities in which smart cards are produced and used represent one of the most significant barriers to the use of standard operating systems in smart cards.