GB2430774A - Software updating with version comparison steps - Google Patents
Software updating with version comparison steps Download PDFInfo
- Publication number
- GB2430774A GB2430774A GB0520131A GB0520131A GB2430774A GB 2430774 A GB2430774 A GB 2430774A GB 0520131 A GB0520131 A GB 0520131A GB 0520131 A GB0520131 A GB 0520131A GB 2430774 A GB2430774 A GB 2430774A
- Authority
- GB
- United Kingdom
- Prior art keywords
- software
- processor unit
- replacement
- current
- validation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- H04Q7/321—
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides for a method of software updating in a processor unit and comprising the step of validating replacement software serving to update the software currently in the processor unit and as compared with the current software, wherein the validation of the replacement software includes a first step at download of the software to the processor unit, and a second step conducted at a power-up (boot) stage for the processor unit and the processor unit in particular forming part of a mobile radio communications device. In particular the validation may comprise company version information of the current and replacement (updated) software. The two part validation may be under or associated with boot code control.
Description
METHOD OF SOFTWARE
UPDATING AND RELATED DEVICE
The present invention relates to a method of updating software within a processor unit and to a device including such a processor unit.
There is increasing interest in the improvement of security mechanisms associated with electronic devices and in particular mobile radio communication devices such as cellular phone handsets. The improvement of such security measures is considered to offer the advantage of reducing criminal activity in genera] and also a reduction in lost-revenue that can arise, for example, through the theft of subsidized cellular phone handsets.
The improvement in security mechanisms has lead to a variety of principles being agreed by operator associations such as the GSMA and manufacturer associations such as EICTA, and in accordance with such principles, the international mobile equipment identifier (IMEI), and also the data paths that carry that number to the handset air-interface, are required to be protected against unauthorised alterations.
One such known principle relates to the prevention of so-called softwareversion rollback. This principle has been developed to take account of the potential situation in which an earlier version of handset software, and having a known security fault, is accidentally or otherwise loaded onto a handset in order to replace a later version of the software which did not exhibit such a security weakness.
Software version rollback prevention therefore seeks to prevent the overwriting of a later version of software with an earlier version and so as to prevent the security of the handset becoming compromised through the reintroduction of an earlier software version having a known security fault.
Standard mechanisms for preventing software rollback are currently known and which involve incorporation of a security manager function into the software itself This security manager function is arranged to examine any new software that is download to the handset to replace currently running software. In particular, the security manager function is arranged to initiate and control a comparison between the version number of the software newly downloaded, and that currently running in the handset.
If the newly downloaded software has a version number higher than that of the currently running software, the new software is fully downloaded. If not, the new software is rejected and no overwriting of the software currently running in the handset takes place. It is found that such a security mechanism is usually run in parallel with a software verification process which, for example, can employ a Public Key Infrastructure (PKI) mechanism, to ensure that the newly received software originates from a trusted sauce.
However, a number of disadvantages and limitations have been identified in such known mechanisms.
The present invention seeks to provide for a method of software updating, and also a related device, having advantages over known such methods and devices.
In particular, the present invention seeks to provide for a security mechanism that can overcome disadvantages in the current art while maintaining a high degree of protection against unwanted software version rollback.
According to one aspect of the present invention there is provided a method of software updating in a processor unit and comprising the step of: validating replacement software serving to update the software currently in the processor unit and as compared with the current software; wherein the validation of the replacement software includes a first step at download of the software to the processor unit, and a second step conducted at a power-up stage for the processor unit.
The present invention can advantageously employ boot code for performing the validation check of the replacement software against the current software, the required validation can be achieved in an efficient and advantageous maimer prior to execution of the replacement software. Further, the invention does not require the incorporation of validation ftinctionality within the actual software.
The said first step can be arranged to include verification that the software is from a trusted source, and preferably by means of cryptographic key structures.
Further, the said first step can include reading of a header within the replacement software to he downloaded so as to identify the version number of such replacement software. Then, a comparison between the version numbers of the current software and the replacement software can be readily conducted.
The comparison between the software version numbers is advantageously provided by way of boot code control.
The said second step can advantageously include comparison of version numbers between the replacement software and the current software and such second step can advantageously be provided under boot code control.
The invention proves advantageous in preventing software-version rollback so as to decrease the risk of theft of the handset, inappropriate access to different networks and so as to limit a possible loss of credibility of the processor unit manufacturer with system and service providers with whom the processor unit might be employed.
According to another aspect of the present invention, there is provided a processor unit including means for validating replacement software serving to update the current software within the processor unit and as compared with the said current software and arranged to execute a first validation step at download of the replacement software to the processor unit and arranged to provide for a second step in the validation procedure at power-up of the processor unit.
The processor unit can further be arranged such that the first step is conducted by means arranged to verify that the replacement software is from a trusted source, wherein the verification can be executed by means of cryptographic key structures.
The unit can further be arranged to read a header within the replacement software so as to identify the version number of the replacement software.
Comparison means can therefore be included and arranged to compare a version number of the replacement software with that of the current software.
As noted, advantageously, the boot code is provided for assisting with control of the said first step in the validation procedure.
The unit can be further arranged such that the second step includes comparison of version numbers of the replacement software and the current software.
Again, and as noted, boot code is arranged to control the validation offered by way of the said second step.
As will be appreciated, the method and processor unit of the present invention can be arranged such that all aspects relating to the validation of the replacement software are conducted via the boot code associated with the imit. The invention provides an advantageous alternative to the inclusion of a verification mechanism within the software itself which disadvantageously can be readily hacked. Thus, the boot code can serve to verify that the replacement software is from a trusted party, such as by using Public Key Infrastructure (PKI) techniques, and then subsequently to read the header of the data block so as to allow for checking of the version number of the replacement software for comparison purposes with that of the current software.
Advantageously, it will be appreciated that the replacement software is not executed at this stage.
Yet further, and in accordance with the second step noted above, the boot code can be arranged to compare the version number of the replacement software against the version number of the current software stored in the secured area of the processor unit. Then, if the version number of the replacement software build is equal to, or greater than, the version number of the current software stored in the secure area, the boot code allows the replacement software to run in place of the current software.
Again, it is noted that the actual software is not allowed to run until the aforementioned version-number comparison has been completed.
The present invention advantageously provides for a method and processor unit serving to prevent software version rollback and which can be arranged to operate in an efficient and secure manner. Advantageously, little software and/or hardware overhead arises. Thus, no specific memory portion is required and the present invention can readily be implemented on the basis of a standard integrated circuit package.
As will be appreciated, the verification step, and in particular the version number comparison, is conducted twice, i.e. first while an attempted download of the replacement software build is being conducted, and subsequently, as part of the power-up process for the processor unit. The combination of two such checks allows for the processor unit to readily determine if a third party is attempting to download a software build with an older version number and might thereby be seeking to compromise the security of the processor unit.
At the first check, i.e. at download of the new build, download is allowed if(i) the new software version number is equal to, or greater than, the version number of the current build, or (ii) if the checksum of the old build is corrupted. This can compensate for interruption of the build download such that the checksum is not properly writtenlcalculated. The second check advantageously negates the risk associated with (ii) above, i.e. a potential deliberate corruption by a hacker.
In any case, through use of the boot code for controlling and executing the version comparison, security aspects relating to the present invention can be readily enhanced since the boot code can be protected to sufficient extent by standard security techniques based on the use of checksums and encryption etc. The invention is described further hereinafter, by way of example only, with reference to the accompanying drawings in which: Fig. I is a schematic illustration of a data block prepared for transmission to a processor unit of, for example, a mobile radio communication device, embodying the functionality of the present invention; Fig. 2 is a flow diagram illustrating a first step in a method embodying the present invention; Fig. 3 is a flow diagram ola second step of such a method; and Fig. 4 is a schematic block diagram of a mobile radio communication device embodying the present invention.
Turning now to Fig. 1, there is illustrated a data block 10 prepared for use as part of the functionality of the present invention and in relation to a mobile radio communications handset.
The block 10 comprises a replacement handset software build 12 which is intended to replace software currently found on the handset, a software version number 14 serving to identify the particular version of the replacement handset software 12. A checksum 16 and associated signature 18 are also incorporated so as to achieve an appropriate level of security for the software and related version number.
In preparation of the downloading of the software 10 to the handset, the software version number 14 is prepared in the header part of the data block 10 and then, by means of an appropriate PC too!, the checksum 16 for the handset software 12 and software version number 14 is prepared by means of, for example, a one-way hash algorithm such as for example SHA1. The checksum 16 is then signed by way of a Private Key of the aforementioned PC tool so as to provide for the signature.
The software then prepared for downloading to the handset includes not only the actual handset software and its related version number, but also the checksum 16 and signature 18. Thus, the checksum 16 and the signature are intended both to he downloaded to the handset along with the executable handset software 12.
As noted from the previous discussions, the invention advantageously comprises a two-stage process for verifying the acceptability of the replacement software so as to ensure that software rollback can be prevented.
With regard to Fig. 2, there is illustrated a flow diagram relating to the first of the aforementioned two steps and which provides for verification of the replacement sollware during the attempted downloading of the replacement software build. Here a sequence is illustrated starting at block 20 in which, during the download procedure, the signature 18 (see Fig. I) applied to the software is verified by means of a Public Key. As will be described, such verification is advantageously provided by way of boot code. Ii verification of the signature cannot be achieved, the boot code will not then allow the replacement build to be downloaded to the handset and so the procedure will terminate quickly as indicated at step 22.
However, if the signature within the replacement software build is verified, a checksum for the current software within the handset is retrieved for verification as indicated at step 24. If the checksum of the current software has been corrupted, this particular embodiment of the present invention as illustrated in Fig. 2 allows for the boot code to control the download of the replacement software as indicated at step 26.
Assuming however the checksum of the current build is retrieved and, through comparison with the checksum 16 (see Fig. I) of the current software, there is found to be a match, the process continues to step 28 where a comparison between the version number of the replacement software build, with that of the current software build is conducted. Should such comparison indicate that the version number of the current software build is greater than the version number of the replacement software build, the procedure continues via arrow 30 back to step 22 so that downloading of the replacement software is prevented.
If, however, at step 28 it is identified that the version number of the replacement software build is greater than or equal to the version number of the current software build, then the method continues to step 32 where downloading of the replacement build is allowed.
Once the replacement software build has been downloaded, the replacement handset software is ready for use once the handset has been appropriately powered-up.
However, in accordance with the illustrated embodiment of the present invention, a further software verification step seeking to prevent software version rollback is conducted at the power-up procedure.
This is indicated in Fig. 3 and commences at block 34 wherein boot code is arranged to read the software version number of the current software stored in a secure area of handset memory and subsequently to compare that version number with the version number of the replacement software build downloaded to the handset.
At step 36, it is determined whether the version number of the current software stored in the secure area is less than or equal to the version number of the replacement software build. If at step 36, it is determined that the version number of the current software stored in the secure area is actually greater than the version number of the replacement software build, the method continues to step 38 where it is determined that powerup of the handset should not occur such that the replacement software will not then run.
However, if at step 36 it is determined that the version number of the replacement software is greater than or equal to the version number of the current software, the boot code is arranged to write the new version number of the software update within the secured area and subsequently allow the handset to power-up in a normal manner as indicated by step 42.
Of course, the version number provided within the aforementioned secure area can be set at any appropriate value in accordance with the subsequent control of the power-up procedure. For example, the initial version number can be set at "zero" for the first time so that the boot code will allow the handset to power-up the very first time it is loaded irrespective version number of that software.
Turning now to Fig. 4, there is provided for the purpose of clarity a schematic representation of a mobile radio communications device 44 in the form a cellular phone handset 46 and which is arranged for operation in accordance with the present invention.
The handset 46 comprises standard components such as an antenna 48, receptiopjtransniission circuitry 50 and memory arrangement 52 associated with a processor unit 54 of the handset 46.
Yet further, and in accordance with an aspect of the present invention, the handset 46 also includes software validation means 56 arranged to provide for a validation routine under the control of boot code within the processor unit 54.
As will be appreciated from the above, such functionality within the handset 46 dictates that all aspects relating to the validation of replacement software within the handset can be conducted via the boot code associated with the processor unit and, in particular, as part of a two step process arranged for execution both during software download and, subsequently, at handset power-up.
The advantages of the present invention can be readily achieved on the basis that the boot code is provided in a secure and tamper-proof manner.
As noted above, the prevention of software version rollback within, for example, a mobile communication device handset, according to the present invention advantageously enhances the integrity of the security thereof Handsets that are known to be secure against the software rollback are therefore less likely to be the target of theft, are less likely to achieve inappropriate access to different networks and so in turn will serve to enhance the credibility of handset manufacturer with network operators.
Claims (19)
1. A method of software updating in a processor unit and comprising the step of: validating replacement software serving to update the software currently in the processor unit and as compared with the current software; wherein the validation of the replacement software includes a first step at download of the software to the processor unit, and a second step conducted at a power-up stage for the processor unit.
2. A method as claimed in Claim 1, wherein the said first step includes verification that the software is from a trusted source.
3. A method as claimed in Claim 1 or 2, wherein the verification includes use of cryptographic key structures.
4. A method as claimed in Claim 1, 2 or 3, wherein the said first step includes reading of a header within the replacement software so as to identify the version number of the replacement software.
5. A method as claimed in Claim 1, 2, 3 or 4, wherein the said second step includes comparison of version numbers between the replacement software and the current software.
6. A method as claimed in any one or more of Claims I to 5, wherein said validation is executed via boot code associated with the processor unit and prior to execution of the software within the processor unit.
7. A method as claimed in Claim 6 and including in said first step conducting a comparison between software version numbers of the current and replacement software and conducted by way of boot code control.
8. A method as claimed in Claim 6 or 7, wherein the second step is provided under boot code control.
9. A processor unit including means for validating replacement software serving to update the current software within the processor unit and as compared with the said current software, and arranged to execute a first validation step at download of the replacement software to the processor unit and arranged to provide for a second step in the validation procedure at power-up of the processor unit.
10. A processor unit as claimed in Claim 9 and arranged such that the first step is conducted by means arranged to verify that the replacement software is from a trusted source, the verification being provided by means of cryptographic key structures.
11. A processor unit as claimed in Claim 9 or 10, and arranged to read a header within the replacement software so as to identify the version number of the replacement software.
12. A processor unit as claimed in Claim 11 and including comparison means arranged to compare version numbers of the replacement software and the current software.
13. A processor unit as claimed in Claim 9, 10, 11 or 12 and further arranged with comparison means for the comparison of version numbers of the replacement software and the current software.
14. A processor unit as claimed in Claim 9, 10, 11, 12 or 13 and arranged such that the said validation is executed via boot code associated with the unit and prior to execution of the replacement software therein.
15. A processor unit as claimed in Claim 14 and including boot code provided for assisting with control of the first step in the validation procedure.
16. A processor unit as claimed in Claim 14 or 15 and including boot code arranged for control of the said second step.
17. A mobile radio communications device including a processor unit as claimed in any one or more of Claims 9 to 16.
18. A method of software updating in a processor unit ad substantially as hereinhefore described with reference to, and as illustrated in, Figs. 1, 2 and 3 of the accompanying drawings.
19. A processor unit including means for validating replacement software and substantially as hereinbefore described with reference to the accompanying drawings.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0520131A GB2430774B (en) | 2005-10-03 | 2005-10-03 | Method of software updating and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| GB0520131A GB2430774B (en) | 2005-10-03 | 2005-10-03 | Method of software updating and related device |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| GB0520131D0 GB0520131D0 (en) | 2005-11-09 |
| GB2430774A true GB2430774A (en) | 2007-04-04 |
| GB2430774B GB2430774B (en) | 2007-08-08 |
Family
ID=35395209
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB0520131A Active GB2430774B (en) | 2005-10-03 | 2005-10-03 | Method of software updating and related device |
Country Status (1)
| Country | Link |
|---|---|
| GB (1) | GB2430774B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080244556A1 (en) * | 2007-03-30 | 2008-10-02 | Microsoft Corporation | Prevention of exploitation of update rollback |
| US8543839B2 (en) | 2008-06-23 | 2013-09-24 | St-Ericsson Sa | Electronic device and method of software or firmware updating of an electronic device |
| WO2014131652A1 (en) * | 2013-03-01 | 2014-09-04 | St-Ericsson Sa | A method for software anti-rollback recovery |
| US8993943B2 (en) | 2010-10-20 | 2015-03-31 | Trumpf Huettinger Gmbh + Co. Kg | Systems for operating multiple plasma and/or induction heating systems and related methods |
| CN104798040A (en) * | 2012-11-07 | 2015-07-22 | 高通股份有限公司 | Method for providing anti-rollback protection in device which has no internal non-volatile memory |
| US9503006B2 (en) | 2010-10-20 | 2016-11-22 | Trumpf Huettinger Gmbh + Co. Kg | Plasma and induction heating power supply systems and related methods |
| EP3291122A1 (en) * | 2016-08-30 | 2018-03-07 | Winbond Electronics Corp. | Anti-rollback version upgrade in secured memory chip |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020026634A1 (en) * | 1998-05-18 | 2002-02-28 | Robert Shaw | Secure data downloading, recovery and upgrading |
| US20030095648A1 (en) * | 1999-10-05 | 2003-05-22 | Lifecor, Inc. | Fault-tolerant remote reprogramming for a patient-worn medical device |
| US6584559B1 (en) * | 2000-01-28 | 2003-06-24 | Avaya Technology Corp. | Firmware download scheme for high-availability systems |
| US6775778B1 (en) * | 1998-05-29 | 2004-08-10 | Texas Instruments Incorporated | Secure computing device having boot read only memory verification of program code |
| EP1461694A2 (en) * | 2001-09-17 | 2004-09-29 | Soma Networks, Inc. | Software update method, apparatus and system |
| US6892297B1 (en) * | 2000-03-16 | 2005-05-10 | International Business Machines Corporation | Method and system for searching an updated version of boot code for updating current running boot code prior to loading an operating system |
-
2005
- 2005-10-03 GB GB0520131A patent/GB2430774B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020026634A1 (en) * | 1998-05-18 | 2002-02-28 | Robert Shaw | Secure data downloading, recovery and upgrading |
| US6775778B1 (en) * | 1998-05-29 | 2004-08-10 | Texas Instruments Incorporated | Secure computing device having boot read only memory verification of program code |
| US20030095648A1 (en) * | 1999-10-05 | 2003-05-22 | Lifecor, Inc. | Fault-tolerant remote reprogramming for a patient-worn medical device |
| US6584559B1 (en) * | 2000-01-28 | 2003-06-24 | Avaya Technology Corp. | Firmware download scheme for high-availability systems |
| US6892297B1 (en) * | 2000-03-16 | 2005-05-10 | International Business Machines Corporation | Method and system for searching an updated version of boot code for updating current running boot code prior to loading an operating system |
| EP1461694A2 (en) * | 2001-09-17 | 2004-09-29 | Soma Networks, Inc. | Software update method, apparatus and system |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8756694B2 (en) * | 2007-03-30 | 2014-06-17 | Microsoft Corporation | Prevention of exploitation of update rollback |
| US20080244556A1 (en) * | 2007-03-30 | 2008-10-02 | Microsoft Corporation | Prevention of exploitation of update rollback |
| US8543839B2 (en) | 2008-06-23 | 2013-09-24 | St-Ericsson Sa | Electronic device and method of software or firmware updating of an electronic device |
| US9503006B2 (en) | 2010-10-20 | 2016-11-22 | Trumpf Huettinger Gmbh + Co. Kg | Plasma and induction heating power supply systems and related methods |
| US8993943B2 (en) | 2010-10-20 | 2015-03-31 | Trumpf Huettinger Gmbh + Co. Kg | Systems for operating multiple plasma and/or induction heating systems and related methods |
| CN104798040A (en) * | 2012-11-07 | 2015-07-22 | 高通股份有限公司 | Method for providing anti-rollback protection in device which has no internal non-volatile memory |
| EP2917828A1 (en) * | 2012-11-07 | 2015-09-16 | Qualcomm Incorporated | Methods for providing anti-rollback protection in a device which has no internal non-volatile memory |
| WO2014131652A1 (en) * | 2013-03-01 | 2014-09-04 | St-Ericsson Sa | A method for software anti-rollback recovery |
| CN104956374A (en) * | 2013-03-01 | 2015-09-30 | 意法爱立信有限公司 | A method for software anti-rollback recovery |
| EP3291122A1 (en) * | 2016-08-30 | 2018-03-07 | Winbond Electronics Corp. | Anti-rollback version upgrade in secured memory chip |
| CN107797827A (en) * | 2016-08-30 | 2018-03-13 | 华邦电子股份有限公司 | Secure storage system and the method for safe storage |
| TWI676116B (en) * | 2016-08-30 | 2019-11-01 | 華邦電子股份有限公司 | Secured storage system and method for secure storage |
| KR20200064968A (en) * | 2016-08-30 | 2020-06-08 | 윈본드 일렉트로닉스 코포레이션 | Anti-rollback version upgrade in secured memory chip |
| KR102254256B1 (en) * | 2016-08-30 | 2021-05-21 | 윈본드 일렉트로닉스 코포레이션 | Anti-rollback version upgrade in secured memory chip |
Also Published As
| Publication number | Publication date |
|---|---|
| GB0520131D0 (en) | 2005-11-09 |
| GB2430774B (en) | 2007-08-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11126710B2 (en) | Method and device for verifying the integrity of platform software of an electronic device | |
| JP4854677B2 (en) | Updating the memory content of the processing device | |
| US20080003980A1 (en) | Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof | |
| KR101030819B1 (en) | Method for loading an application in a device, device and smart card therefor | |
| KR101681136B1 (en) | Platform validation and management of wireless devices | |
| US8452970B2 (en) | System and method for code signing | |
| US20080005577A1 (en) | Subsidy lock enabled handset device with asymmetric verification unlocking control and method thereof | |
| US20150163247A1 (en) | Policy-based runtime control of a software application | |
| CN109829294B (en) | Firmware verification method, system, server and electronic equipment | |
| EP1659810A1 (en) | Updating configuration parameters in a mobile terminal | |
| WO2003021991A1 (en) | Method of verifying downloaded software and corresponding device | |
| GB2430774A (en) | Software updating with version comparison steps | |
| US20030059049A1 (en) | Method and apparatus for secure mobile transaction | |
| WO2019071650A1 (en) | Method for upgrading application in security element and related device | |
| GB2425193A (en) | Method for updating the software in a processor unit | |
| CN110247877B (en) | Management method and terminal for offline management instruction | |
| US7698739B2 (en) | Updating code with validation | |
| US8191150B2 (en) | Method and arrangement relating to a communication device | |
| Falk et al. | Protecting reconfiguration in future mobile communication systems | |
| GB2414139A (en) | Integrated Circuit Architecture for Mobile Radio Communications Device. |