6. Radio Frequencies
Operates in the 1850 MHz band and from:
– 1850 to 1910 MHz Mobile to Base
– 1930 – 1990 MHz Base to Mobile
There are 300 forward/reverse channels in this
band.
Each channel is 200 KHz
GSM uses TDMA to fit 8 conversations on
a channel.
So, technically, GSM is TDMA and FDMA
based.
7. GSM Frequency Band
GSM operates at four main frequency bands
:
i.900 MHz : Used by most GSM networks.
ii.1800 MHz : In UK
iii. 1900 MHz : AS PCS concept in USA.
iv.800 MHZ : Enhancing now.
8. Key Terms
An MS can have one of the following states :
1.Idle: MS is ON but a call is not in progress.
Registration, Roaming, International Roaming,
Location Updating, Paging.
2.Active : MS is ON and A call is in progress.
Handover
3.Detached : MS is OFF.
9. GSM Services
GSM was designed to do 3 things:
– 1. Bearer data services: Faxes, text
messages, web pages.
Basic GSM had a basic data rate that is limited to
9.6 kbps
– Extended by GMRS and EDGE to around 384 Kbps
– 2. Voice traffic
But, at a lower quality than analog.
– 3. Other features:
Call forwarding, caller id, etc…
– Meaning, we need to connect to the SS7 network
10. SIM Card Secrets
The SIM card has a secret serial number
that is only known by your cellular
provider and the SIM card.
– You, as the customer, do not know the
number.
This secret number acts as a key, and it is
32 bits in length.
11. Authentication and Security
GSM uses a challenge/response public key
setup.
The base station sends a random number to the
mobile.
– This acts as the base station’s public key.
The mobile then uses an algorithm called A3 to
encrypt it’s secret key using the random public
key that it was sent by the base station.
– A5 is a derivative of DES.
Several rounds of shifts and XORs.
12. Authentication and Security
This encrypted information is then sent
back to the base station.
The base station performs a reverse
operation, and checks to see that the
mobile sent the correct secret code.
– If not, it is denied access.
A3 has proved to be very difficult to break.
– Though, given a significant amount of time, it
can be broken.
13. Authentication and Security
GSM also uses another database for
security.
This database maintains a list of stolen
cell phones, and cell phones that have
technical errors.
– These are also not allowed access to the
digital network.
14. GSM conclusion
Widely used.
– Upwards of 70% of phones.
Uses SIM cards so customers can use any phone
and for security.
Allows more customers than analog.
Worse voice quality than analog.
Purely digital.
Open source, very complex standard.
Uses TDMA.
Will be replaced by CDMA in the near future.
15.
16. What is Cell?
In wireless telephony, a cell is the geographical area covered by a RF.
The transmitter facility itself is called the cell site.
Several coordinated cell sites are called a cell system.
When you sign up with a cellular telephone service provider, you generally
are given access to their cell system, which is essentially local.
When travelling out of the range of this cell system, the cell system can
enable you to be transferred to a neighboring company's cell system
without your being aware of it. This is called roaming
service.
17. Why cellular systems?
Solves the problem of spectral congestion
Reuse of radio channel in different cells
Enable a fixed number of channels to serve an arbitrarily
large number of
users by reusing the channel throughout the coverage
region
18. Why hexagon for theoretical
coverage?
For a given distance between the center of a polygon and its farthest perimeter
points, the hexagon has the largest area of the three
Thus by using hexagon geometry, the fewest number of cells can cover a
geographic region, and hexagon closely approximates a circular radiation
pattern which would occur for an omnidirectionl BS antenna and free space
propagation
19. When using hexagons to model a coverage areas, BS t ransmitters are depicted
as ither being in the center of the cell (center-excited cells) or on the three of
the six cell vertices (edge-excited cells)
Normally omnidirectional antennas are used in center-excited cells and
directional antennas are used in corner-excited cel
ls
20.
21. GSM Architecture
Mobile Station (MS)
Mobile Equipment (ME)
Subscriber Identity Module (SIM)
Base Station Subsystem (BSS)
Base Transceiver Station (BTS)
Base Station Controller (BSC)
Network Switching Subsystem(NSS)
Mobile Switching Center (MSC)
Home Location Register (HLR)
Visitor Location Register (VLR)
Authentication Center (AUC)
Equipment Identity Register (EIR)
Operation and Support Subsystem (OSS)
22.
23.
24.
25. System Architecture
Mobile Station (MS)
The Mobile Station is made up of two entities:
1. Mobile Equipment (ME)
2. Subscriber Identity Module (SIM)
26. System Architecture
Mobile Station (MS)
Mobile Equipment
Portable,vehicle mounted, hand held device
Uniquely identified by an IMEI (International
Mobile Equipment Identity)
Voice and data transmission
Monitoring power and signal quality of surrounding
cells for optimum handover
Power level : 0.8W – 20 W
160 character long SMS.
27. System Architecture
Mobile Station (MS) contd.
Subscriber Identity Module (SIM)
Smart card contains the International Mobile
Subscriber Identity (IMSI)
Allows user to send and receive calls and receive other
subscribed services
Encoded network identification details
- Key Ki,Kc and A3,A5 and A8 algorithms
Protected by a password or PIN
Can be moved from phone to phone – contains key
information to activate the phone
28.
29.
30.
31. BSC
Typically a BSC has tens or even hundreds of BTSs under its control.
The BSC handles allocation of radio channels, receives
measurements from the mobile phones, and controls handovers
from BTS to BTS (except in the case of an inter-BSC handover in
which case control is in part the responsibility of the anchor MSC).
A key function of the BSC is to act as a concentrator where many
different low capacity connections to BTSs (with relatively low
utilisation) become reduced to a smaller number of connections
towards the mobile switching center (MSC) (with a high level of
utilisation).
33. Some more base station
equipment
Typical macro cell
Typical micro cell
34.
35.
36.
37.
38.
39.
40.
41.
42. Source Coding :The process by which information symbols are mapped to
alphabetical symbols.
The mapping is generally performed in sequences or groups of information
and alphabetical symbols.
Channel coding is a technique used for controlling errors in data
transmissionover unreliable or noisy communication channels.
It includes
Digital Modulation schemes
Line coding schemes
Forward Correction(FEC) codes
43. Interleaving :Interleaving, a technique for making FEC more robust with
respect to burst errors;
Ciphering:A cipher (pronounced SAI-fuhr) is any method of encrypting text
(concealing its readability and meaning). It is also sometimes used to refer
to the encrypted text message itself although here the term ciphertext is
preferred.
Burst formating : Burst is a term used in a number of information
technology contexts to mean a specific amount of data sent or received in
one intermittent operation.
Modulation :n electronics and telecommunications, modulation is the
process of varying one or more properties of a periodic waveform, called
the carrier signal, with a modulating signal that typically contains
information to be transmitted.
48. GSM Burst Periods
Since GSM is TDMA based, it uses burst
periods to make up a frame.
– 8 burst periods make up one frame.
– A burst is like a slot in the train.
– A burst period is where a phone gets to send
digital information.
Phones send around 14 bits of information in every
burst.
– However, a burst period only lasts .577 ms.
Phones are only bursting information at around
1700 times a second, much less than the 8000
times a second a landline phone samples at.
49. GSM Frames
8 burst periods make 1 frame.
The frame length in time is 4.615 ms
– .577 ms times 8
Each frame carries 164 bits
– 114 are for voice
– The rest are for synchronization and CRC checks
Each frame can carry up to 8 voice samples, or,
the frame can be dedicated to other necessary
information.
50. GSM Frames
Different frames mean different things.
– For instance, this data structure contains
information about the cell site.
The cell phone scans for this information when it is
turned on.
51. GSM Frames
This is the burst that occurs when the
mobile transmits its access key back to the
base station.
52. Speech Coding
GSM uses LPC – Linear Predictive Coding.
– Uses interpolation.
– Basically, previous samples, which don’t change very
quickly, are used to predict current samples.
So, instead of actually sending the voice sample,
the delta in the voice sample is sent.
Also, silence is not transmitted.
– This increases throughput by about 40%.
– This bits can be used for other conversations.
53. Digital Modulation
Uses Gaussian minimum shift keying.
Very complex, uses filters, phase shifts,
and frequency shifts to actually send out
binary digits.
54. Power Requirements
Since GSM is purely digital, it requires a
lot less power since it doesn’t have to
transmit an analog wave.
The maximum output power of a GSM
phone is only 2 watts.
– And this can be notched down by the
controlling cell phone tower.
– The minimum power is only 20 mW.
55. GSM Call Processing
Unlike AMPS, the cell tower can transmit
on any of its frequencies.
The cell phone is actually pre-programmed
in the SIM card to have a set of radio
frequencies that it should check first.
– When this fails, it needs to search through all
frequencies.
When it detects the tower identifying
itself, call processing begins.
56. SIM Card Secrets
The SIM card has a secret serial number
that is only known by your cellular
provider and the SIM card.
– You, as the customer, do not know the
number.
This secret number acts as a key, and it is
32 bits in length.
57. Authentication and Security
GSM uses a challenge/response public key
setup.
The base station sends a random number to the
mobile.
– This acts as the base station’s public key.
The mobile then uses an algorithm called A3 to
encrypt it’s secret key using the random public
key that it was sent by the base station.
– A5 is a derivative of DES.
Several rounds of shifts and XORs.
58. Authentication and Security
This encrypted information is then sent
back to the base station.
The base station performs a reverse
operation, and checks to see that the
mobile sent the correct secret code.
– If not, it is denied access.
A3 has proved to be very difficult to break.
– Though, given a significant amount of time, it
can be broken.
59. Authentication and Security
GSM also uses another database for
security.
This database maintains a list of stolen
cell phones, and cell phones that have
technical errors.
– These are also not allowed access to the
digital network.
60. General architecture of BTS
A BTS is usually composed of:
Transceiver (TRX) :Provides transmission and reception of signals. It
also does sending and reception of signals to and from higher
network entities (like the base station controller in mobile
telephony).
Power amplifier (PA) :Amplifies the signal from TRX for transmission
through antenna; may be integrated with TRX.
CombinerCombines feeds from several TRXs so that they could be
sent out through a single antenna. Allows for a reduction in the
number of antenna used.
Multiplexer :For separating sending and receiving signals to/from
antenna. Does sending and receiving signals through the same
antenna ports (cables to antenna) used.
61. General architecture of BTS
AntennaThis is the structure that the BTS lies underneath; it can be
installed as it is or disguised in some way (Concealed cell sites).
Alarm extension systemCollects working status alarms of various
units in the BTS and extends them to operations and maintenance
(O&M) monitoring stations.
Control function :Controls and manages the various units of BTS,
including any software. On-the-spot configurations, status changes,
software upgrades, etc. are done through the control function.
Baseband receiver unit (BBxx)Frequency hopping, signal DSP.
62.
63. GSM conclusion
Widely used.
– Upwards of 70% of phones.
Uses SIM cards so customers can use any phone
and for security.
Allows more customers than analog.
Worse voice quality than analog.
Purely digital.
Open source, very complex standard.
Uses TDMA.
Will be replaced by CDMA in the near future.