Mobile city and auto devices embellish more and more popular in our society. Each of us faces with them every day. Certainly each of us has ambulatory phone, hand-held computers or another hi-tech devices.
All of these devices hit assorted ambulatory platforms. There are such known platforms as Windows MobileM, iPhone, BlackBerry, Symbian OS, Android,Mobile city, Maemo, OpenMoko etc. All of them hit assorted history and advantages and failings.
Introduction
mobile life,Such platforms as Windows Mobile, BlackBerry,mobile life, iPhone are «closed» enough and limited by either their own devices (BlackBerry, iPhone) or utilization complexity. Among another problems of above mentioned platforms there is limited API. Even Java papers for ambulatory devices has whatever failings such as great number of limitations; very assorted APIs; figure interdependent code.mobile life, Symbian and Windows Mobile platforms are better from this point as far as they hold wider range of devices and their APIs give more options.
Common problem here is also that there are a lot of platforms. Talking about OpenSource and Cross-Platform solutions we should say that they are still nonindustrial at the moment and are not distributed yet.
In this article we’ll pay our attention to the Windows Mobile platform,mobile life.
Microsoft Company free its prototypal papers for inbuilt devices at the end of the 90th. In 2002 Windows CE.NET papers appeared. And at that time Pocket PC based on Windows CE 3.0 papers and higher were released. Further utilization of wireless act technologies managed to combine ring and personal computer. Thus Pocket PC 2002 Phone Edition appeared which supported the standards of GSM, GPRS, Bluetooth and wireless HS network access. In the aforementioned time another figure construct was nonindustrial that was such kindred to the above mentioned but was fireman to the ring then to personal computer. This figure was named SmartPhone 2002. Fundamental difference between Smartphone and Pocket PC is that Pocket PC has touch screen while Smartphone has exclusive curb buttons. They also had assorted covering scopes and supported assorted standards and technologies.
Windows Mobile papers more belongs to smartphones, communicators and diminutive personal devices. Windows CE and Windows Embedded platforms are commonly utilised in assorted industrial equipment.
Now we hit Windows Mobile 5 and Windows Mobile 6 generations and Windows Mobile 7 module be free soon. Modern devices based on Windows Mobile Pocket PC; hit 500-600 rate processors and 64-128 MB RAM that is not lowercase for such devices.
1. Development Tools
There are a whatever models of utilization of applications for Windows Mobile:
* Win32 API
* MFC
* .NET Compact Framework.
Microsoft Co gives developers every necessary tools for utilization of applications for PDA, Pocket PC; and Smartphone.
Here are whatever advices about assorted cipher identify choosing.
* Use Native Code for achieving the separate performance, direct impact with hardware, and also for minimization of grouping resource requirements.
* Use Managed Code for utilization of GUI-oriented applications which important requirements are utilization and market deployment terms. Managed Code is also good for the easy impact with web-services.
* Use Server-Side Code for impact with assorted devices through a single cipher base, and also if wide stable act channel with a figure is present.
Below are the reviews of present utilization tools for PDAs, Pocket PCs and Smartphones.
eMbedded Visual C++ 4.0
Microsoft eMbedded Visual C++ 4.0 utilization surround is meant to create applications for devices with Windows CE .NET 4.2 operating grouping and also (with package of updates SP3) for PDA and Smartphones on the Windows Mobile 2003 Second Edition platform. The utilization surround eMbedded Visual C++ 4.0 is good for creation of autochthonous cipher for ambulatory and inbuilt devices with Windows CE .NET 4.2 OS. It allows developer to action Just-In-Time Debugging for diagnostics of unhandled exceptions, Attach-to the process for the extended debugging of processes, and also interaction with an emulator.
Visual Studio .NET and SDP functions
SDP (Smart Device Programming) functions of the integrated surround of utilization Visual Studio .NET 2003 (2005, 2008) allow to create applications, that uses possibilities of Microsoft .NET Compact Framework platform. Thus a developer crapper create the distributed ambulatory data-processing systems, workings both in scenarios with unification and without permanent connection. Vast class library of .NET Compact Framework papers makes covering utilization such quicker than with traditional utilization tools.
Visual Studio .NET lets create applications for the Pocket PC 2002 devices and (with proper SDKs) Pocket PC 2003, 2005 and Smartphone 2003, 2005, applying the aforementioned tools as those utilised for the utilization of applications for desktop PCs. Library .NET Compact Framework is installed unitedly with Visual Studio .NET. This library is specially developed for devices with the limited resources. Developers crapper also ingest newborn languages C# and Visual Basic .NET for applications for ambulatory and inbuilt devices. They are good in workings with web-services and ADO.NET technologies.
Control elements of ASP .NET Mobile Controls extend SDP functions and .NET Compact Framework platform. They give opportunities to ingest possibilities of .NET Compact Framework and Visual Studio .NET for utilization of ambulatory web-applications due to the data delivery to different ambulatory devices by effectuation of ASP.NET technology. This approach allows to create single ambulatory web-application in the Visual Studio .NET environment, that module automatically action data rendering for displaying on different devices: ambulatory phones, smartphones, PDA, Pocket PC. The integrated utilization surround makes it doable to create ambulatory web-applications simply by dragging curb elements on forms.
ASP.NET System sets no components on a client device. For adaptation of info low concrete browsers server logic is used. It generates aggregation in the formats of Wireless Markup Language (WML), HTML, and Compact HTML (cHTML).
Microsoft SQL Server
Microsoft SQL Server Compact Edition (SQL Server CE) is a auto package for rapid utilization of applications that extend possibilities of impact with enterprise data due to the ambulatory devices using. SQL Server CE is a tool facilitating utilization of ambulatory applications due to hold of SQL syntax and usage of covering and API interface model that is compatible with SQL Server.
SQL Server CE provides the base set of relational database functions, in particular optimized query handler; hold of transactions and heterogeneous types of data – with unpretentious requirements to the grouping resources. Remote admittance to the data and copy by confluence wage reliable delivery of aggregation from the SQL Server bases, possibility of autonomous impact with by aggregation and subsequent synchronization with the server. SQL Server CE is good for the systems with ambulatory devices and wireless networks.
SQL Server CE package is developed for integration with .NET Compact Framework by effectuation of Visual Studio .NET. It simplifies utilization of applications for impact with databases on ambulatory and shapely devices. New data supplier of SQL Server CE for cipher management in the Common Language Runtime surround helps to develop distensible applications with possibilities of autonomous impact with aggregation in scenarios without permanent connection.
Microsoft .NET SqlClient gives API for impact of both .NET Framework and .NET Compact Framework applications. For the ordinary Windows systems SqlClient Microsoft with SQL Server are used, and SqlServerCe for Microsoft SQL Server Compact Edition databases for Compact Framework.
Name space of SqlClient is in both versions. So we crapper interact:
* Using .NET Compact Framework SqlClient to hit an admittance to SQL Server from figure on Desktop.
* Using .NET Compact Framework SqlServerCe to hit an admittance to SQL Server Compact Edition direct on a device.
Work with databases on a figure is kindred to the impact on Desktop. To admittance to SQLServer on Desktop grouping SQL uses TCP/IP unification thus in this case it is doable not to hit SQL Server Compact Edition installed on a device.
All of the mentioned models are implemented on the desktop systems. So the experience of their covering crapper be carried for utilization of the programs for Windows Mobile. Using Win32 API we rapidly get auto code, and also crapper ingest it for utilization of drivers and grouping component. Using MFC we hit extensions of API functions, and also specializer for utilization of interface. And using Compact Framework we hit at our disposal well developed interface, automatic substance collection, hold of XML and another options. Also there is even more truncated version — Micro Framework, where there are less SDK functions.
After SDK for MS Visual Studio artefact newborn configurations of assembling appear as well as newborn functions for assembling low these platforms. Suit also contains Emularor for software utilization and testing without fleshly unification between figure and computer.
As far as whatever devices that are based on Windows Mobile hit ARM processor it is also doable to compile units using another compilers: AVR32, ARM (RealView), GNUARM, IAR Systems.
2. Building Windows Mobile Applications for Windows Mobile devices using MS Visual Studio .NET
Visual Studio utilization surround unitedly with Compact Framework enable to develop applications using a vast graphic interface, databases, archiving and encrypting tools, USB, Serial, Bluetooth, and also wireless network connections and telephony. All of these is provided by SDK as well as libraries and heading files from Platform Builder.
2.1 User Interface
Due to the presence of good specializer in VS and SDK we crapper easily develop interface for ambulatory applications meet the aforementioned as for Desktop applications. The exclusive difference is in sets of graphic components for Desktop systems and for Windows Mobile. There is also difference between components of Smartphone and Pocket PC versions caused by that Pocket PC has a touch screen and SmartPhone has not. Therefore utilization of interface for SmartPhone is more complex. One should take it into account when nonindustrial software for both platforms.
Here we should also mention that software shapely for Pocket PC won’t start on the SmartPhone papers while the opposite situation is doable – till the moment when whatever special Smartphone duty is called.
It is naturally that whatever graphic components as well as majority of functions from full-size Framework were taken away from Windows Mobile SDK to reduce the size of the SDK on the figure side. Only the most necessary elements were left. But the fecundity and volumes of memory are increasing so the number of duty included in SDK becomes greater. So the difference between Compact Framework 1.0 and 2.0 is enormous. Version 1.0 was very limited.
In generalized the utilization of interface with ?ompact Framework on ?# is kindred to the utilization of the ordinary Win32 covering on C#.
It is also doable to develop a graphic interface using assembling of the 3D rendering-engines. They are such as GAPI (Game API), OPENGL ES (Embedded System), OPENVG (Vector Graphics), and another projects. Certainly it is kinda labor intensive process as far as it is very important to write an optimal cipher because of the relatively low fecundity of ambulatory devices.
2.2 Communications
To date ambulatory devices hit a wide range of communicational options. They hit an admittance to the wireless high-speed network using 802.11 WiFi Connection standard. They also ingest IrDa, Bluetooth, and USB host/client functionality. While the usage of Irda is gradually effort less protocols and standards of Bluetooth, WiFi, Edge, GSM, and also USB are utilised quit often.
Microsoft Company provides such APIs:
* ActiveSync API provides functionality for impact with services of synchronization, enter filters, etc.
* Bluetooth API provides functionality for wireless admittance to ambulatory and marginal devices.
* Connection Manager API serves for the automation of unification process, network unification management. Devices are using Connection Manager to establish unification and also to inform about the supposed unification (for warning Internet).
* Object Exchange (OBEX) API provides functionality for impact with effective, auto binary protocol meet suitable for devices with the limited possibilities.
* Remote API (RAPI) provides functions for management and remote call of methods on the figure side. Such functions are available: admittance to the register, files, databases and assorted configurations of figure from the Desktop-system. The most important option is Remote Procedure Call when we simply call the method «CeRapiInvoke()» on the Desktop side, transmit the name of DLL on the figure side and the name of duty in this DLL and then meet call this method.
* Pocket Outlook Object Model API provides functions for impact with the objects of Pocket Outlook. It provides interfaces for synchronization and admittance to the objects: Task, Calendar, Contacts.
* Telephony API (TAPI) includes:
o Assisted API
o Extended API
o Phone API
o SIM Manager API
o Short Messages Service (SMS) API
o Telephony Service Provider (TSP) API
o Wireless Application Protocol (WAP) API.
Also ambulatory devices hit possibility to impact with Serial (USB) ports. There are a whatever COM-ports in whatever devices. Usually the prototypal 3-5 of them are reserved for IrDa, Bluetooth, SerialPort and others. Other ports are acquirable to for user. Some devices hit USB-Host functionality in another words they are USB On-The-Go (OTG) devices which crapper serve both as USB Client and USB Host. For this purpose figure should hit necessary Hardware and Software (Device Driver).
Device Driver is a utility which is an intermediate layer between the utility of HOST and level of applications. Such utility provides «Stream Interface Driver» and staleness contain such functions as:
* XXX_Init
* XXX_Open
* XXX_Close
* XXX_Write
* XXX_Read
* XXX_IOControl
Here “XXX” is replaced with «prefix» (for warning «COM», «DSK»).
This prefix registers in the registry when a utility registers in the system. More detailed aggregation about Device Driver Interface crapper be obtained from MSDN.
Also a developer crapper ingest such APIs not concerning communicational ones:
* Device Configuration API
* File and Application Management API
* Game API
* Home Screen API
* HTML Control API
* MIDI API
* Shell API
* Speech Recognizer API
* Vibrate API
* Voice Recorder Control API.
2.3 P/Invoke and Native Interop
As far as Compact Framework contains base functions and methods from complete
Framework we hit such functionality as:
* XML Serialization
* Cryptography
* Security
* Reflection
* Interop Services et al.
Certainly Platform Invoke calls are accessible. For this purpose - as well as in complete Framework - we ingest functions and attributes from namespace System.Runtime.InteropServices and DllImport concept for description of functions which module be called from non-managed code.
However the functionality of these methods is limited. So Marshal class has PtrToStructure, GetComInterfaceForObject, Copy() and Read() functions but, for example, there is no such duty as GetDelegateForFunctionPointer() in it. So it is impossible to attain Marshaling meet with Delegate. The GetFunctionPointerForDelegate duty is acquirable only. If we want to transmit a pointer to the duty from Managed cipher we should get its FunctionPointer and exclusive after that transmit it to the unmanaged cipher for subsequent call of it from there. Also we crapper not transmit whatever objects because Compact Framework crapper not count SizeOf() for whatever objects. Therefore frequently we hit to transmit data of Blitable types exclusive and arrays of these types (Int, byte, char, but not bool), and transmit and receive classes and structures by effectuation of IntPtr. Certainly it is explained by aspiration to increase the performance. It is thence recommended to ingest primary types for Marshaling and «GCHandle» class for storing an object in the process memory and to attain this memory «visible» for unmanaged code
Certainly the performance of P/Invoke calls from C# covering in C++ DLL is almost twice less than the performance of method calls between C++ DLLs. However the performance of devices grows and it becomes doable to ingest such calls.
2.4 Debugging
MS Visual Studio enables to attain debugging of applications under
Windows Mobile meet the aforementioned as for Desktop applications. We hit Emulator, Device Emulator Manager and another to functionality such as Breakpoints, Threads, Watches panel etc.
However to attain Debug using Native and Managed cipher simultaneously is impossible. Therefore it is doable to start either C++ projects or Managed ones. It’s also so for «Attach to process». There is a possibility of attaching to the processes on the figure side (or emulator side). ActiveSync is required to wage act between a figure and the system, it is installed with SDK. An emulator also crapper be connected to the machine by effectuation of ActiveSync. We obtain almost complete emulation of Windows Mobile devices. Here are both SmartPhone and Pocket PC (or Pocket PC Phone Edition) emulators. However exclusive one Windows Mobile figure crapper be connected to the machine at one time moment. Therefore Debug on two devices simultaneously which for warning interact in whatever way is kinda difficult. Certainly we talk exclusive about Debug of applications developed by us but not about applications and services of the system. For such debugging we need the complete shapely of the grouping created by effectuation of Platform Builder (in the last versions of Platform Builder it’s included in Visual Studio). We crapper also create our own SDK for Visual Studio and Windows CE platform.
An emulator also enables to emulate unification with the GSM network and GPS support. It makes doable to test and develop large spectrum of applications without having a fleshly figure in hands.
Talking about Debug with IDA we should mention that version 5.1 already has the possibility to action Debug by effectuation of this interactive disassembler with the ingest of their plugin which is installed on a device.
With SDK appearance such option as «Deploy» appears in Visual Studio environment. Now there is «Deploy» item in project context menu additionally to “Build”, “Clean”, “Debug”. After you choose this item DLL or EXE enter shapely by underway plan is transmitted to the device. Also newborn column appears in Configuration Manager where not exclusive «Build» in whatever plan option is acquirable but also «Deploy». Deployment of .NET projects transmits not exclusive the unit but also those builds that are depended on it (Dependencies).
3. Deployment and installation
Development of applications for Windows Mobile supposes also their assembling and creation of artefact package. For this purpose there is such construct as ?abinet (.cab) enter in Windows Mobile. It is a ordinary archive but it is a artefact package also (a sort of MSI package). It is assembled by effectuation of Cab Wizard (cabwiz.exe) from MS VisualStudio (or from a bidding line). This utility creates processor interdependent «.cab» file. WinCEApplicationManager transmits and starts CAB on a device, so individual crapper install the covering using manual appearing on figure screen. It is also doable to create the project of MSI Installation which includes CAB enter by effectuation of Visual Studio. This shapely package module be started on individual machine and then transmit ?AB artefact on a figure to continue artefact process.
There is special Uninstall Manager on the figure side. One should confiscate plan INI-file to CAB file. This INI enter includes settings to manage artefact process such as path, shortcut name to create, minimal OS version to install the covering and others written in special syntax. It is also doable to include your own DLL into CAB-file to widen artefact options. This DLL contains such functions as «Installer_AfterInstall», «Installer_BeforeInstall», «Installer_AfterUnInstall», «Installer_BeforeUnInstall», cipher in these functions module be executed on the figure side in the certain moments of artefact or uninstallation process.
When nonindustrial CAB artefact it is doable to confiscate files, assorted resources, shapely units, add aggregation to the registry. They are designated as «Project Output. That’s why there is no need to reset anything after CAB-file creation: it module amass every included projects and files and assemble in an archive.
4. Security Model for Windows Mobile 5 and Windows Mobile 6
Devices based on Windows Mobile receive, beam and analyze potentially important aggregation which should be protected from vulnerable applications. To protect figure the play of unknown applications is disabled, the admittance to whatever API is limited and whatever registry parts changing is forbidden. Units crapper be marked as Trusted and Untrusted and grouping uses this aggregation to preclude play of unauthorized applications and limit their admittance to the system. Also the admittance to the grouping by effectuation of RAPI (Remote API) through ActiveSync crapper be restricted. Security Certificates Security Rights are utilised for the executable units (EXE, DLL) and for CAB-files.
Protection Against Threats and Risks
The followings options help to protect devices:
* Strict password protection.
* PIN cipher protection.
* Devices corrupt deleted aggregation to preclude admittance to it (WM 6).
* Devices corrupt deleted aggregation on memory game to preclude admittance to it (WM 6).
* Storages encryption and Advanced Encryption Standard for SSL (WM 6).
* Own certificates usage.
* Detecting a figure via Bluetooth crapper be protected (WM 6 Smartphone).
* 2 layer grouping of covering play (One-tier and Two-tier access).
* No hold of macros, thence viruses crapper attain such harm.
The start of applications is based on Permissions. Windows Mobile devices ingest such models:
* Privileged
* Normal
* Blocked
Privileged applications hit the widest access. They crapper admittance any API, write in the protected areas of registry and hit the complete admittance to the system.
Most applications hit Normal model. They do not hit admittance to the trusted API and do not hit the complete curb of the system.
Application crapper not be started at every if it has “Blocked” status. It effectuation that it’s not signed with the proper certificate or individual forbade the start by the proper warning of the system.
Analogical situation is with Cab-files. The executable units with Normal status crapper start Privileged DLL but then they module impact as Normal. However Privileged executable units crapper not start the units having Normal status.
Written by metropolis Kordin, Apriorit specialist.
Learn more about utilization process of Apriorit here.
