gsm workout
play

GSM Workout Improving GSM protocol analysis Harald Welte - PowerPoint PPT Presentation

Nov 04, 2022 •173 likes •466 views

airprobe.org GSM Um interface TODO GSM Workout Improving GSM protocol analysis Harald Welte gnumonks.org gpl-violations.org OpenBSC airprobe.org hmw-consulting.de FOSS.in conference, December 2009, Bangalore/India Harald Welte GSM

  1. airprobe.org GSM Um interface TODO GSM Workout Improving GSM protocol analysis Harald Welte gnumonks.org gpl-violations.org OpenBSC airprobe.org hmw-consulting.de FOSS.in conference, December 2009, Bangalore/India Harald Welte GSM Workout

  2. airprobe.org GSM Um interface TODO Outline airprobe.org 1 GSM Um interface 2 Time Division Multiplex Logical Channels The Layers of the Um Interface Um Layer 1 Um Layer 2 TODO 3 GSMTAP ip.access wireshark dissectors Harald Welte GSM Workout

  3. airprobe.org GSM Um interface TODO The FOSS.in/2009 GSM workout What do we want to achieve? improve airprobe.org GSM protocol analyzer improve wireshark protocol dissectors for GSM Harald Welte GSM Workout

  4. airprobe.org GSM Um interface TODO The FOSS.in/2009 GSM workout What skills do you need? general underestanding about communications protocols wireshark usage and preferrably wireshark dissector architecture GSM protocol knowledge not really required Harald Welte GSM Workout

  5. airprobe.org GSM Um interface TODO airprobe architecture Software to receive GSM off the air implements GSM layer 0 and 1, sometimes 2 many implementations available in airprobe.org gsm-receiver and gsm-tvoid most popular Intermediate data formate to pass information to protocol analyzer Actual protocol analyzers like gsmdecode, part of airprobe wireshark.org project Harald Welte GSM Workout

  6. airprobe.org GSM Um interface TODO Intermediate data formats Intermediate data formate to pass information between GSM receiver and actual protocol analyzer hex bytes for every layer 2 or layer 3 message, or PCAP file with GSM encapsulation type, or some non-standard frames through tun/tap device, or GSMTAP header (like wiretap) inside UDP packets over loopback device Harald Welte GSM Workout

  7. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um Overview Modeled after the U interface of ISDN Broadcast channels: SCH, BCCH, FCCH Common channels: CCCH (PCH & AGCH), RACH Dedicated Channels: Dm SDCCH, FACCH, SACCH Bm TCH/H, TCH/F Harald Welte GSM Workout

  8. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um Channels & Layers CCCH & SCH BCCH SDCCH SDCCH SDCCH TCH TCH TCH RACH L3 L2 L1 Time-Division Multiplexing GMSK Radiomodem Harald Welte GSM Workout

  9. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um TDM Structure ARFCN (Absolute Radio Freq. Chan. Num.)– A 270,833 Hz radio channel. ARFCNs within a BTS numbered C0, C1, etc. 8 timeslots per frame on each ARFCN, numbered T0..T7. “physical channel” – one slot on one ARFCN, designated C0T0, C0T1, C1T5, etc. Physical channel TDM follows a 26- or 52-frame multiframe, carrying multiple logical channels. Harald Welte GSM Workout

  10. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um –TDM Example Figure: Example of traffic channel TDM Harald Welte GSM Workout

  11. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um The Beacon The beacon is always on C0T0 and always constant full power SCH (Sync.) – TDM timing and reduced BTS identity FCCH (Freq. Corr.) – Fine frequency synchronization BCCH (Broadcast Control) – Cell configuration and neighbor list CCCH (Common Control) – a set of unicast channels PCH paging channel for network-originated transactions AGCH access grant channel RACH uplink access request Harald Welte GSM Workout

  12. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um SCH – Synchronization CHannel First channel acquired by a handset T1, T2, T3’ – TDM clocks for GSM frame number BCC – 3 bits, identifies BTS in the local group NCC – 3 bits, identifies network within a region BSIC is NCC:BCC Harald Welte GSM Workout

  13. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um BCCH – Broadcast Control CHannel Second channel acquired by the handset. A repeating cycle of system information messages. Type 1 ARFCN set Type 2 Neighbor list Type 3 Cell/Network identity, CCCH configuration Type 4 Network identity, cell selection parameters GPRS adds a few more (7, 9, 13, 16, 17) Harald Welte GSM Workout

  14. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um CCCH – Common Control CHannel PCH Paging Unicast. Handsets addressed by IMSI or TMSI, never IMEI. Handset sees paging request and then requests service on RACH. RACH Random Access Handset requests channel with RACH burst, 8-bit tag. AGCH Access Grant BTS answers on AGCH, echoing tag and timestamp. Harald Welte GSM Workout

  15. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um Dm Channels SDCCH Most heavily used control channel: registration, SMS transfers, call setup in many networks. Payload rate of 0.8 kb/s. FACCH Blank and burst channel steals bandwidth from traffic. Used for in-call signaling, call setup in some networks. Payload rate up to 9.2 kb/s on TCH/F. SACCH Low rate channel muxed onto every other logical channel type. Used for timing/power control, measurement reports and in-call SMS transfers. Harald Welte GSM Workout

  16. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Frequency Hopping Intended to improve radio performance through diversity in fading and interference Two ways to implement hopping Baseband hopping: N fixed-frequency transceivers are connected to N baseband processors through a switch or commutator. Allows CA of N ARFCNs. C0 can be in the CA. Synthesizer hopping: Each of N baseband processors connects to a dedicated transceiver. This requires transceivers that can be retuned and settled in less than 30 µ s. Allows CA to have ≫ N ARFNCs. C0 is not in the CA. Some networks implement synchronous hopping to prevent collisions of hopping bursts from neighboring cells. Harald Welte GSM Workout

  17. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Frequency Hopping Parameters A hopping sequence is an ordered list of ARFCNs used by a given physical channel (PCH), synced to the GSM frame clock. Each PCH can have an independent hopping sequence. CA Cell Allocation, set of ARFCNs used for hopping in BTS HSN Hopping Sequence Number, parameter used in pseudorandom algorithm generating hopping sequence MA Mobile Allocation, subset of CA used by a particular PCH MAIO MA Index Offset, offset added to hopping sequence when indexing MA. CA is the same for every PCH in the BTS HSN, MA and MAIO can be different for every PCH, usually only MAIO is unique Harald Welte GSM Workout

  18. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um The Layers The Layers are not exactly the ISO model, but a similar theme. L1 The radiomodem, TDM and FEC functions L2 Frame segmentation and retransmission L3 Connection & mobility management L4 Relay functions between BSC and other entities Harald Welte GSM Workout

  19. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um The Layers Layer 3 Layer 3 entity entity Datalink Datalink layer layer/layer 3 service access point primitives Datalink Datalink Datalink layer layer layer peer-to-peer protocol entity entity Datalink layer service access point Datalink Physical layer layer/ service access point physical layer Physical Physical primitives layer layer entity entity Physical connection Figure: Layers of a Dm channel Harald Welte GSM Workout

  20. Time Division Multiplex airprobe.org Logical Channels GSM Um interface The Layers of the Um Interface TODO Um Layer 1 Um Layer 2 Understanding Um L1 Analog radio path (transceiver, amplifiers, duplexer, antenna) GMSK or GMSK/EDGE radiomodem (“L0”) TDM to define logical channels FEC (Forward Error Correction) Rate-1/2 convolutional code is typical. 40-bit Fire code parity word on most control channels. 4-burst or 8-burst interleaving is typical. Harald Welte GSM Workout

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Presentation Workout: The 10 Tried-and-Tested Steps Presentation Workout: The 10 Tried-and-Tested

Presentation Workout: The 10 Tried-and-Tested Steps Presentation Workout: The 10 Tried-and-Tested

C08EJNNUJHI1 # Book Presentation Workout: The 10 Tried-and-Tested Steps That Will Build Your Presenting Skills Presentation Workout: The 10 Tried-and-Tested Steps Presentation Workout: The 10 Tried-and-Tested Steps That Will Build Your

304 views • 4 slides
Presentation Workout: The 10 Tried-and-Tested Steps That Will Build Presentation Workout: The 10

Presentation Workout: The 10 Tried-and-Tested Steps That Will Build Presentation Workout: The 10

[PDF] Presentation Workout: The 10 Tried-and-Tested Steps That Will Build Your Presenting Skills Presentation Workout: The 10 Tried-and-Tested Steps That Will Build Presentation Workout: The 10 Tried-and-Tested Steps That Will Build Your

308 views • 3 slides
Thrive Tribe find your next workout buddy Amy Kircher problem-solution statement Women are

Thrive Tribe find your next workout buddy Amy Kircher problem-solution statement Women are

Thrive Tribe find your next workout buddy Amy Kircher problem-solution statement Women are looking for a accountability workout partner for buddies are helpful accountability, motivation, and to make exercising make it more fun, but it

633 views • 20 slides
Getting the Most Out of Your Workout: Building Strength and Supplementation Presented by Dr.

Getting the Most Out of Your Workout: Building Strength and Supplementation Presented by Dr.

Getting the Most Out of Your Workout: Building Strength and Supplementation Presented by Dr. Michael Jurgelewicz Doctor of Chiroprac-c (DC) Licensed in CT and PA Diplomate of

760 views • 65 slides
P R E S E N T A T I O N Apricoach is a #1 mobile internet platform for Fitness Workout, which

P R E S E N T A T I O N Apricoach is a #1 mobile internet platform for Fitness Workout, which

P R E S E N T A T I O N Apricoach is a #1 mobile internet platform for Fitness Workout, which spans over various fjtness categories: Yoga Calisthenics Fitness Powerlifting Dance Martial arts Bodybuilding and others... What do we ofger

414 views • 10 slides
Lender Liability: Defending Against Attacks on Loans in Workout, Modification, Default and

Lender Liability: Defending Against Attacks on Loans in Workout, Modification, Default and

Presenting a live 90-minute webinar with interactive Q&A Lender Liability: Defending Against Attacks on Loans in Workout, Modification, Default and Bankruptcy Lessons From Recent Financial Litigation and Best Practices for Evaluating and

884 views • 56 slides
Exercise at Your Desk The workout for your workplace Shannon Ashcroft MEd CHES CPT Sit Now, Sit

Exercise at Your Desk The workout for your workplace Shannon Ashcroft MEd CHES CPT Sit Now, Sit

Exercise at Your Desk The workout for your workplace Shannon Ashcroft MEd CHES CPT Sit Now, Sit Later, Then Sit Some More! The average American will sit anywhere from 7.7 to 15 hours a day without moving Dont be a victim of the Desk

356 views • 35 slides
WorkOut: I/O Workload Outsourcing for Boosting RAID Reconstruction Performance Reconstruction

WorkOut: I/O Workload Outsourcing for Boosting RAID Reconstruction Performance Reconstruction

WorkOut: I/O Workload Outsourcing for Boosting RAID Reconstruction Performance Reconstruction Performance Suzhen Wu 1 , Hong Jiang 2 , Dan Feng 1 , Lei Tian 12 , Bo Mao 1 1 Huazhong University of Science & Technology 2 University of

495 views • 27 slides
The COVID-19 Storm and Recession Aftermath Landfall: Forbearance and Early Stage Workout

The COVID-19 Storm and Recession Aftermath Landfall: Forbearance and Early Stage Workout

Wednesday, May 13, 2020 The COVID-19 Storm and Recession Aftermath Landfall: Forbearance and Early Stage Workout Structures 2020 Recession Commercial loans in default and many businesses will not survive. Recovery will likely take years.

204 views • 17 slides
SESSION 1401 THE ULTIMATE Maureen (Mo) Hagan BScPT, BA PE WORKOUT FOR HEALTHY MIND ACE,

SESSION 1401 THE ULTIMATE Maureen (Mo) Hagan BScPT, BA PE WORKOUT FOR HEALTHY MIND ACE,

11/17/2019 SESSION 1401 THE ULTIMATE Maureen (Mo) Hagan BScPT, BA PE WORKOUT FOR HEALTHY MIND ACE, canfitpro certified Canadian Fitness Industry Leader of the BODY AGING Year 2019 IHRSA Women Leader of the year 2016 OPTIMYZ Top 100

155 views • 3 slides
DISTRESSED LOANS: BASIC ISSUES IN STRUCTURING A WORKOUT Checklist for Post-Default Agreements

DISTRESSED LOANS: BASIC ISSUES IN STRUCTURING A WORKOUT Checklist for Post-Default Agreements

DISTRESSED LOANS: BASIC ISSUES IN STRUCTURING A WORKOUT Checklist for Post-Default Agreements Presented By: William C. Cole 1 Scope of Presentation A post-default agreement can take many different forms. It can be characterized as a

390 views • 21 slides
Phone Number Workout 10 reps 4 6 5 The Rules: 7 8 9 15 reps 1. Write your phone number

Phone Number Workout 10 reps 4 6 5 The Rules: 7 8 9 15 reps 1. Write your phone number

Physical Education at Home 2020 1 2 3 Phone Number Workout 10 reps 4 6 5 The Rules: 7 8 9 15 reps 1. Write your phone number down 2. Go through your phone number one digit at a time and do the exercise 0 associated with that

548 views • 8 slides
Exercise Program Planning 101 KICK IT UP A NOTCH! Joni Alonso B.S. HFS NCBTMB Health Program

Exercise Program Planning 101 KICK IT UP A NOTCH! Joni Alonso B.S. HFS NCBTMB Health Program

8/31/2009 Exercise Program Planning 101 KICK IT UP A NOTCH! Joni Alonso B.S. HFS NCBTMB Health Program Specialist Components of a workout Components of a workout Warm-Up Warm-Up Conditioning 5-15 minutes Increases body

201 views • 8 slides
elasticity questions 1 If a television commercial which asserts that the last bite tastes

elasticity questions 1 If a television commercial which asserts that the last bite tastes

Utility winter 13.notebook March 21, 2013 Volunteer A Volunteer C Volunteer B Total Utility Marginal Utility Mar 108:58 AM Oct 188:09 AM Damien has 14 hours per week to spend at the movies or the gym. Each movie visit and workout

333 views • 5 slides
Supplementa=on$ Try$to$keep$things$simple$ Mul=$ Fish$oils$ Supplement$at$key$=mes$

Supplementa=on$ Try$to$keep$things$simple$ Mul=$ Fish$oils$ Supplement$at$key$=mes$

Supplementa=on$ Try$to$keep$things$simple$ Mul=$ Fish$oils$ Supplement$at$key$=mes$ CLA$ during$the$day;$ ALA$ Breakfast$ Green$tea$extract$ Pre$and$post$workout$ Aminos$/$Recovery$ Night$=me$

336 views • 11 slides
Welcome to neural pathways in the brain by activating the breath and acupuncture points on the

Welcome to neural pathways in the brain by activating the breath and acupuncture points on the

4/15/20 An easy three minute a day workout used to stimulate Welcome to neural pathways in the brain by activating the breath and acupuncture points on the Base Camp Well-Being earlobes. Energy Boost! A gentle practice to harmonize

452 views • 4 slides
Spread Spectrum Concept Frequency Hopping Spread Spectrum Direct Sequence Spread

Spread Spectrum Concept Frequency Hopping Spread Spectrum Direct Sequence Spread

CMPE 477 Wireless and Mobile Networks Lecture 6: Spread Spectrum Concept Frequency Hopping Spread Spectrum Direct Sequence Spread Spectrum CMPE 477 Spread Spectrum Problem of radio transmission: frequency dependent fading can

656 views • 17 slides
Run Your Own 6LoWPAN Based IoT Network 2016-10-11, Berlin Stefan Schmidt stefan@osg.samsung.com

Run Your Own 6LoWPAN Based IoT Network 2016-10-11, Berlin Stefan Schmidt stefan@osg.samsung.com

Run Your Own 6LoWPAN Based IoT Network 2016-10-11, Berlin Stefan Schmidt stefan@osg.samsung.com Samsung Open Source Group Agenda Motivation Linux-wpan Project Wpan-tools Hardware and Basic Setup Communication with RIOT and

731 views • 45 slides
UNIVERSITY OF MANCHESTER School of Computer Science CS3282: Digital communications Barry

UNIVERSITY OF MANCHESTER School of Computer Science CS3282: Digital communications Barry

UNIVERSITY OF MANCHESTER School of Computer Science CS3282: Digital communications Barry Cheetham Section 10 (shortened) Multiple access for wireless communications 4/05/06 CS3282 1 Multiple user access for wireless communications Allow

371 views • 6 slides
Recorp: Receiver-Oriented Policies for Industrial Wireless Networks Ryan Brummet*, Octav Chipara,

Recorp: Receiver-Oriented Policies for Industrial Wireless Networks Ryan Brummet*, Octav Chipara,

Recorp: Receiver-Oriented Policies for Industrial Wireless Networks Ryan Brummet*, Octav Chipara, Ted Herman University of Iowa | Mobile Systems Laboratory Industrial Wireless Networks Applications process control systems Workload

459 views • 14 slides
Real World IoT Systems Danny Hughes danny.hughes@cs.kuleuven.be

Real World IoT Systems Danny Hughes danny.hughes@cs.kuleuven.be

Real World IoT Systems Danny Hughes danny.hughes@cs.kuleuven.be iMinds-DistriNet KU Leuven Structure 1. Hardware Pla<orms 2. Network Protocols 3. OperaCng Systems

689 views • 36 slides
Seminar 2: Multi-Channel, Multi-Radio Wireless Mesh Networks r e l s s a K Andreas J.

Seminar 2: Multi-Channel, Multi-Radio Wireless Mesh Networks r e l s s a K Andreas J.

Seminar 2: Multi-Channel, Multi-Radio Wireless

1.19k views • 70 slides
D2D LTE and IoT Cdric Adjih, Inria Indo/French Workshop on D2D fo 5G/IoT 21 June 2016, Paris

D2D LTE and IoT Cdric Adjih, Inria Indo/French Workshop on D2D fo 5G/IoT 21 June 2016, Paris

D2D LTE and IoT Cdric Adjih, Inria Indo/French Workshop on D2D fo 5G/IoT 21 June 2016, Paris Context & Outline Inria in CEFIPRA D2D project: protocols, multihop wireless networks (MAC, Routing, ), Internet of Things (IoT)

795 views • 51 slides
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device FOSDEM 2017 2017-02-05, Brussels

Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device FOSDEM 2017 2017-02-05, Brussels

Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device FOSDEM 2017 2017-02-05, Brussels Stefan Schmidt stefan@osg.samsung.com Samsung Open Source Group Agenda Motivation Linux-wpan Project Hardware Confjguration

768 views • 42 slides

More recommend