The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Secure Enclave"
m (→ART Object) |
(SEP is used for more than just Touch ID) |
||
(16 intermediate revisions by 6 users not shown) | |||
Line 1: | Line 1: | ||
− | The '''Secure Enclave''' is part of the [[A7]] |
+ | The '''Secure Enclave''' is part of the [[A7]] and newer chips used for data protection, [[Touch ID]], and [[Face ID]]. The purpose of the Secure Enclave is to handle keys and other info such as biometrics that is sensitive enough to not be handled by the [[Application Processor|AP]]. It is isolated with a hardware filter so the AP cannot access it. It shares RAM with the AP, but it's portion of the RAM (known as TZ0) is encrypted. The secure enclave itself is a flashable 4MB AKF processor core called the secure enclave processor (SEP) as documented in [http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220130308838%22.PGNR.&OS=DN/20130308838&RS=DN/20130308838 Apple Patent Application 20130308838]. The technology used is similar to [http://www.arm.com/products/processors/technologies/trustzone/index.php ARM's TrustZone/SecurCore] but contains proprietary code for Apple KF cores in general and SEP specifically. It is also responsible for generating the UID key on A9 or newer chips that protects user data at rest. |
− | The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver. |
+ | The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver as seen [http://winocm.com/images/ioregdump.txt here] |
==SEP OS== |
==SEP OS== |
||
− | The SEP has its own OS called SEP OS and there exists a tool called seputil which is used to communicate with it. |
+ | The SEP has its own OS called SEP OS and there exists a tool called [[seputil]] which is used to communicate with it. |
− | |||
− | seputil has the following valid commands: |
||
− | |||
− | <pre> |
||
− | seputil: seputil [--wait] --load <file> |
||
− | seputil: seputil '<SEP console command>' |
||
− | seputil: seputil <command> |
||
− | seputil: |
||
− | seputil: Valid <command> words: |
||
− | seputil: --ping Send a PING operation to the SEP OS |
||
− | seputil: --load Load <file> as the SEP runtime firmware |
||
− | seputil: --restore Load <file> as the SEP runtime firmware in restore mode |
||
− | seputil: --restore+art Load <file> as the SEP runtime firmware in restore mode with ART |
||
− | seputil: --wait Pause for kernel driver to load before failing |
||
− | seputil: --preflight Pre-flight load/restore firmware against ART to pre-check for boot failures |
||
− | seputil: --log Dump the mailbox message log |
||
− | seputil: --rom status Get the ROM status |
||
− | seputil: --rom tz0 Send a ROM TZ0 command |
||
− | seputil: --rom nop Send a ROM NOP command |
||
− | seputil: --rom nonce Send a ROM nonce request |
||
− | seputil: --new-nonce Request new SEP/OS nonce |
||
− | seputil: --kill-nonce Request invalidate SEP/OS nonce |
||
− | seputil: --art get Dump current ART from Memory |
||
− | seputil: --art set Persist the supplied ART to storage |
||
− | seputil: --art clear Clear the persisted ART |
||
− | seputil: --art ctrtest Counter self-test (DESTRUCTIVE - WILL BRICK DEVICE) |
||
− | seputil: --sleep Sleep the SEP NOW! |
||
− | seputil: --nap Nap the SEP NOW! |
||
− | seputil: --pingflood Ping SEP endlessly |
||
− | seputil: --clkgate Enable SEP clock gating |
||
− | seputil: --get <obj> Read obj and write to stdout |
||
− | seputil: --put <obj> Read stdin and write to obj |
||
− | seputil: --boot-check <file> Check whether a firmware might be bootable WRT the current ART |
||
− | seputil: --dump-fw <file> Dump measurements of firmware file |
||
− | seputil: Bare words on the commandline are sent to the SEP as a console command |
||
− | </pre> |
||
− | |||
− | ==Examples== |
||
− | <pre> |
||
− | ./seputil --pingflood |
||
− | SEP ping #1000 |
||
− | SEP ping #2000 |
||
− | SEP ping #3000 |
||
− | SEP ping #4000 |
||
− | |||
− | ./seputil --load sep-firmware.img4 |
||
− | seputil: load fw returned 0xe00002d5 |
||
− | seputil: load failed |
||
− | |||
− | ./seputil --new-nonce |
||
− | Nonce (20 bytes): 0x67fc18385630dc6429726677d196c81466f47b5e |
||
− | |||
− | ./seputil --art get |
||
− | raw ART: 305e0201003037020218340414519c0248f04d316a3d71e03978b4126fbfb2b15c0400041467fc18385630dc6429726677d196c81466f47b5e3103c00100042027b6dadbab356612997af0203cefeae51fe90cd985ee7cdd6211c766b8cc7a60 |
||
− | Successfully parsed ART: |
||
− | counter: 6196 |
||
− | manifest hash (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c |
||
− | sleep hash is absent |
||
− | restore nonce (20 bytes): 67fc18385630dc6429726677d196c81466f47b5e |
||
− | |||
− | ./seputil --log |
||
− | Kernel message log has 128 entries |
||
− | 289344381444: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289344385176: 0x0000000000000000 TX interrupt |
||
− | 289344391044: 0x0000000000000000 TX interrupt |
||
− | 289344408988: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289344409016: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289344413132: 0x0000000000000000 RX interrupt |
||
− | 289344413304: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289344413904: 0x0000000000000000 RX interrupt |
||
− | 289344413944: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289344414176: 0x0018000000dd1007 TX message ept 7, tag 10, opcode dd, param 0, data 180000 |
||
− | 289344443356: 0x0000000000000000 RX interrupt |
||
− | 289344443428: 0x0068000000dd9007 RX message ept 7, tag 90, opcode dd, param 0, data 680000 |
||
− | 289346822748: 0x0000000000130000 TX message ept 0, tag 0, opcode 13, param 0, data 0 |
||
− | 289346829480: 0x0000000000000000 RX interrupt |
||
− | 289346829560: 0x0000000000110000 RX message ept 0, tag 0, opcode 11, param 0, data 0 |
||
− | 289346830136: 0x0000000000120000 TX message ept 0, tag 0, opcode 12, param 0, data 0 |
||
− | 289406511168: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289406511204: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289406538900: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289406538936: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289406543628: 0x0000000000000000 TX interrupt |
||
− | 289406549916: 0x0000000000000000 TX interrupt |
||
− | 289406566580: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289406566612: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289406571220: 0x0000000000000000 RX interrupt |
||
− | 289406571476: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289406571908: 0x0000000000000000 RX interrupt |
||
− | 289406571952: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289406572320: 0x0018000000de1007 TX message ept 7, tag 10, opcode de, param 0, data 180000 |
||
− | 289406605068: 0x0000000000000000 RX interrupt |
||
− | 289406605152: 0x0068000000de9007 RX message ept 7, tag 90, opcode de, param 0, data 680000 |
||
− | 289407383260: 0x003c000000df0907 TX message ept 7, tag 9, opcode df, param 0, data 3c0000 |
||
− | 289407396284: 0x0000000000000000 RX interrupt |
||
− | 289407396380: 0x002c000000df8907 RX message ept 7, tag 89, opcode df, param 0, data 2c0000 |
||
− | 289407403656: 0x003c000000e00907 TX message ept 7, tag 9, opcode e0, param 0, data 3c0000 |
||
− | 289407411688: 0x0000000000000000 RX interrupt |
||
− | 289407411736: 0x002c000000e08907 RX message ept 7, tag 89, opcode e0, param 0, data 2c0000 |
||
− | 289407414732: 0x003c000000e10907 TX message ept 7, tag 9, opcode e1, param 0, data 3c0000 |
||
− | 289407422472: 0x0000000000000000 RX interrupt |
||
− | 289407422524: 0x002c000000e18907 RX message ept 7, tag 89, opcode e1, param 0, data 2c0000 |
||
− | 289408986276: 0x0000000000130000 TX message ept 0, tag 0, opcode 13, param 0, data 0 |
||
− | 289408991756: 0x0000000000000000 RX interrupt |
||
− | 289408991824: 0x0000000000110000 RX message ept 0, tag 0, opcode 11, param 0, data 0 |
||
− | 289408992472: 0x0000000000120000 TX message ept 0, tag 0, opcode 12, param 0, data 0 |
||
− | 289459393276: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289459393348: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289459423004: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289459423048: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289459452628: 0x0000000000000000 TX interrupt |
||
− | 289459453612: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289459453664: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289459466460: 0x0000000000000000 TX interrupt |
||
− | 289459469548: 0x0000000000000000 RX interrupt |
||
− | 289459470000: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289459470632: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289459471304: 0x0018000000e21007 TX message ept 7, tag 10, opcode e2, param 0, data 180000 |
||
− | 289459524572: 0x0000000000000000 RX interrupt |
||
− | 289459524728: 0x0068000000e29007 RX message ept 7, tag 90, opcode e2, param 0, data 680000 |
||
− | 289459532644: 0x004c000000e30f07 TX message ept 7, tag f, opcode e3, param 0, data 4c0000 |
||
− | 289459552888: 0x0000000000000000 RX interrupt |
||
− | 289459553044: 0x002c000000e38f07 RX message ept 7, tag 8f, opcode e3, param 0, data 2c0000 |
||
− | 289459646732: 0x0018000000e41007 TX message ept 7, tag 10, opcode e4, param 0, data 180000 |
||
− | 289459681116: 0x0000000000000000 RX interrupt |
||
− | 289459681272: 0x0068000000e49007 RX message ept 7, tag 90, opcode e4, param 0, data 680000 |
||
− | 289461898836: 0x0000000000130000 TX message ept 0, tag 0, opcode 13, param 0, data 0 |
||
− | 289461906796: 0x0000000000000000 RX interrupt |
||
− | 289461906968: 0x0000000000110000 RX message ept 0, tag 0, opcode 11, param 0, data 0 |
||
− | 289461908400: 0x0000000000120000 TX message ept 0, tag 0, opcode 12, param 0, data 0 |
||
− | 289526725980: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289526726016: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289526757512: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289526757552: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289526774468: 0x0000000000000000 TX interrupt |
||
− | 289526782688: 0x0000000000000000 TX interrupt |
||
− | 289526786468: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289526786540: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289526795320: 0x0000000000000000 RX interrupt |
||
− | 289526795828: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289526796304: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289526796984: 0x0018000000e51007 TX message ept 7, tag 10, opcode e5, param 0, data 180000 |
||
− | 289526847216: 0x0000000000000000 RX interrupt |
||
− | 289526847348: 0x0068000000e59007 RX message ept 7, tag 90, opcode e5, param 0, data 680000 |
||
− | 289529224460: 0x0000000000130000 TX message ept 0, tag 0, opcode 13, param 0, data 0 |
||
− | 289529235316: 0x0000000000000000 RX interrupt |
||
− | 289529235488: 0x0000000000110000 RX message ept 0, tag 0, opcode 11, param 0, data 0 |
||
− | 289529236920: 0x0000000000120000 TX message ept 0, tag 0, opcode 12, param 0, data 0 |
||
− | 289584681764: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289584681836: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289584710576: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289584710608: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289584730996: 0x0000000000000000 TX interrupt |
||
− | 289584738992: 0x0000000000000000 TX interrupt |
||
− | 289584739572: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289584739612: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289584748648: 0x0000000000000000 RX interrupt |
||
− | 289584748984: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289584749300: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 289584749332: 0x0018000000e61007 TX message ept 7, tag 10, opcode e6, param 0, data 180000 |
||
− | 289584790484: 0x0000000000000000 RX interrupt |
||
− | 289584790568: 0x0068000000e69007 RX message ept 7, tag 90, opcode e6, param 0, data 680000 |
||
− | 289587176748: 0x0000000000130000 TX message ept 0, tag 0, opcode 13, param 0, data 0 |
||
− | 289587185760: 0x0000000000000000 RX interrupt |
||
− | 289587185916: 0x0000000000110000 RX message ept 0, tag 0, opcode 11, param 0, data 0 |
||
− | 289587186840: 0x0000000000120000 TX message ept 0, tag 0, opcode 12, param 0, data 0 |
||
− | 288741485000: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 288741485084: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 288741514772: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 288741514812: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 288741533984: 0x0000000000000000 TX interrupt |
||
− | 288741541992: 0x0000000000000000 TX interrupt |
||
− | 288741543608: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 288741543680: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 288741552216: 0x0000000000000000 RX interrupt |
||
− | 288741552884: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 288741553388: 0x0000000000010000 RX message ept 0, tag 0, opcode 1, param 0, data 0 |
||
− | 288741553672: 0x0018000000db1007 TX message ept 7, tag 10, opcode db, param 0, data 180000 |
||
− | 288741591912: 0x0000000000000000 RX interrupt |
||
− | 288741592040: 0x0068000000db9007 RX message ept 7, tag 90, opcode db, param 0, data 680000 |
||
− | 288741599128: 0x004c000000dc0f07 TX message ept 7, tag f, opcode dc, param 0, data 4c0000 |
||
− | 288741620732: 0x0000000000000000 RX interrupt |
||
− | 288741620900: 0x002c000000dc8f07 RX message ept 7, tag 8f, opcode dc, param 0, data 2c0000 |
||
− | 288742902624: 0x0000000000130000 TX message ept 0, tag 0, opcode 13, param 0, data 0 |
||
− | 288742912320: 0x0000000000000000 RX interrupt |
||
− | 288742912496: 0x0000000000110000 RX message ept 0, tag 0, opcode 11, param 0, data 0 |
||
− | 288742913700: 0x0000000000120000 TX message ept 0, tag 0, opcode 12, param 0, data 0 |
||
− | 289344354176: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289344354216: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | 289344381416: 0x0000000000000000 TX message ept 0, tag 0, opcode 0, param 0, data 0 |
||
− | |||
− | ./seputil --boot-check sep-firmware.img4 |
||
− | preflight: manifest hash matches sepi |
||
− | bootCheck: SEP may boot with ART |
||
− | |||
− | ./seputil --dump-fw sep-firmware.img4 |
||
− | manifest digest (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c |
||
− | sepi digest (20 bytes): a22813c5ceaeada5b7eeaa55808f3019814e8b8e |
||
− | sepi nonce (20 bytes): e5074bd1befefc685c6b5ec6797ffc851366f76f |
||
− | rsep digest (20 bytes): cb9f4c6520889e2582414c5969fb0abc3b0d8277 |
||
− | rsep nonce (20 bytes): e5074bd1befefc685c6b5ec6797ffc851366f76f |
||
− | </pre> |
||
− | |||
− | ==ART Object== |
||
− | |||
− | Example 1: |
||
− | <pre> |
||
− | ./seputil --art get |
||
− | raw ART: 305e0201003037020218340414519c0248f04d316a3d71e03978b4126fbfb2b15c0400041467fc18385630dc6429726677d196c81466f47b5e3103c00100042027b6dadbab356612997af0203cefeae51fe90cd985ee7cdd6211c766b8cc7a60 |
||
− | Successfully parsed ART: |
||
− | counter: 6196 |
||
− | manifest hash (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c |
||
− | sleep hash is absent |
||
− | restore nonce (20 bytes): 67fc18385630dc6429726677d196c81466f47b5e |
||
− | </pre> |
||
− | |||
− | raw ART is also a [http://en.wikipedia.org/wiki/Abstract_Syntax_Notation_One#Example_encoded_in_DER DER encoded ASN.1 object]: |
||
− | |||
− | <pre> |
||
− | 30 — type tag indicating SEQUENCE |
||
− | 5e — length in octets of value that follows (92) |
||
− | 02 — type tag indicating INTEGER |
||
− | 01 — length in octets of value that follows |
||
− | 00 — value (0) |
||
− | 30 — type tag indicating SEQUENCE |
||
− | 37 — length in octets of value that follows (55) |
||
− | 02 — type tag indicating INTEGER |
||
− | 02 — length in octets of value that follows |
||
− | 1834 — value (6196) (of counter) |
||
− | 04 — type tag indicating STRING |
||
− | 14 — length in octets of value that follows (20) |
||
− | 519c0248f04d316a3d71e03978b4126fbfb2b15c — value (of manifest hash) |
||
− | 04 — type tag indicating STRING |
||
− | 00 — length in octets of value that follows (0); empty, so no value to follow (sleep has is absent) |
||
− | 04 — type tag indicating STRING |
||
− | 14 — length in octets of value that follows (20) |
||
− | 67fc18385630dc6429726677d196c81466f47b5e — value (of restore nonce) |
||
− | 31 — type tag indicating SET |
||
− | 03 — length in octets of value that follows (3) |
||
− | c00100 — value |
||
− | 04 — type tag indicating STRING |
||
− | 20 — length in octets of value that follows (32) |
||
− | 27b6dadbab356612997af0203cefeae51fe90cd985ee7cdd6211c766b8cc7a60 — value |
||
− | </pre> |
||
− | |||
− | Example 2: |
||
− | <pre> |
||
− | ./seputil --art get |
||
− | raw ART: 3072020100304b0202186c0414519c0248f04d316a3d71e03978b4126fbfb2b15c04147f75cb9012128cf71eb8fcd6b13e56a02a7324db041467fc18385630dc6429726677d196c81466f47b5e3103c0010004209ce3646167631d0df8d4db28973db8d5a27f85d345ad6ec220aeb1e22f39f31f |
||
− | Successfully parsed ART: |
||
− | counter: 6252 |
||
− | manifest hash (20 bytes): 519c0248f04d316a3d71e03978b4126fbfb2b15c |
||
− | sleep hash (20 bytes): 7f75cb9012128cf71eb8fcd6b13e56a02a7324db |
||
− | restore nonce (20 bytes): 67fc18385630dc6429726677d196c81466f47b5e |
||
− | </pre> |
||
− | |||
− | Decode: |
||
− | |||
− | <pre> |
||
− | SEQUENCE (3 elem) |
||
− | INTEGER 0 |
||
− | SEQUENCE (5 elem) |
||
− | INTEGER 6252 |
||
− | OCTET STRING (20 byte) 519C0248F04D316A3D71E03978B4126FBFB2B15C |
||
− | OCTET STRING (20 byte) 7F75CB9012128CF71EB8FCD6B13E56A02A7324DB |
||
− | OCTET STRING (20 byte) 67FC18385630DC6429726677D196C81466F47B5E |
||
− | SET (1 elem) |
||
− | Private 0 (1 byte) 00 |
||
− | OCTET STRING (32 byte) 9CE3646167631D0DF8D4DB28973DB8D5A27F85D345AD6EC220AEB1E22F39F31F |
||
− | </pre> |
||
==Further References== |
==Further References== |
Revision as of 02:00, 4 August 2018
The Secure Enclave is part of the A7 and newer chips used for data protection, Touch ID, and Face ID. The purpose of the Secure Enclave is to handle keys and other info such as biometrics that is sensitive enough to not be handled by the AP. It is isolated with a hardware filter so the AP cannot access it. It shares RAM with the AP, but it's portion of the RAM (known as TZ0) is encrypted. The secure enclave itself is a flashable 4MB AKF processor core called the secure enclave processor (SEP) as documented in Apple Patent Application 20130308838. The technology used is similar to ARM's TrustZone/SecurCore but contains proprietary code for Apple KF cores in general and SEP specifically. It is also responsible for generating the UID key on A9 or newer chips that protects user data at rest.
The SEP is located in the devicetree under IODeviceTree:/arm-io/sep and manged by the AppleSEPManager driver as seen here
SEP OS
The SEP has its own OS called SEP OS and there exists a tool called seputil which is used to communicate with it.