Professional Documents
Culture Documents
The GSM System
The GSM System
History
In the beginning of the 1980s several different systems for mobile communications were developed in Europe. The need for a common system that allowed roaming between countries was early recognized. In 1982 a number of European countries created a new standardization organisation called ``Groupe Speciale Mobile'' (GSM). The mandate of this group was to develop a standard to be common for the countries that created it. In 1988 the GSM was included in the European Telecommunication Standards Institute (ETSI), and the standards developed by GSM thus became standards for all telecommunication administrations in Europe. The main work with the GSM took place from 1988 - 1990 and resulted in 12 series of specifications that in great detail specified the inner workings of GSM. In 1990, when phase 1 of the specifications was finished, there were three dominating automatic systems for mobile communications in the world [20] :
American AMPS from 1984, with networks in the US. British TACS from 1985, with network in Britain. Nordic NMT from 1981, with networks in the nordic countries.
Unlike these systems, the GSM is a fully digital system, allowing both speech and data services and allowing roaming across networks and countries. These features made GSM a very popular system, not only in european countries but also elsewhere. The term GSM has been chosen as a trademark for the system, meaning ``Global System for Mobile communications'', whereas the group within ETSI working with the standards has been renamed SMG (Special Mobile Group). Today GSM is the largest system for mobile communications in the world, and exist on all continents. From 1995, the specifications of GSM has moved into phase The GSM system is specified in 12 series of specifications. For phase 1, these specifications constitute over 4000 pages. Although much of the information in the specifications is redundant, it is impossible for most people to learn the GSM system from the specifications. It will therefore be given a short overview of the GSM system in this thesis, as well as the details necessary to understand the proposed solution to the location problem. For further reading, the books [20] and [27] give good understanding of the inner workings of the GSM system without moving into too great detail.
The GSM network is divided into three subsystems: 1. 2. 3. Base Station System (BSS) Network Switching Subsystem (NSS) Network Management System (NMS)
The BSS is a set of BS equipment (such as transceivers and controllers) that is in view by the MSC through a single A interface as being the entity responsible for communicating with MSs in a certain area. The radio equipment of a BSS may be composed of one or more cells. A BSS may consist of one or more BS. The interface between BSC and BTS is designed as an Abis interface.
(towards the MSC) the data rate for speech only (never for data or signalling) according to the transmission restrictions on the air interface. Air interface signalling and data processing Signalling towards the NSS and air interface The BSS consists of the following network elements: Base Station Controller (BSC) Base Transceiver Station (BTS) The BSS includes two types of machines: the BTS in contact with the MSs through the radio interface; and the BSC, the latter being in contact with the MSC. The function split is basically between transmission equipment, the BTS and managing equipment at the BSC. All radio-related functions are performed in the BSS, which consists of base station controllers (BSCs) and the base transceiver stations (BTSs).
handover for MSs moving between BTS in its control. It also reallocates frequencies to the BTSs in its area to meet locally heavy demands during peak hours or on special events. The BSC controls the power transmission of both BSSs and MSs in its area. The minimum power level for a mobile unit is broadcast over the BCCH. The BSC provides the time and frequency synchronization reference signals broadcast by its BTSs. The BSC also measures the time delay of received MS signals relative to the BTS clock. If the received MS signal is not centered in its assigned timeslot at the BTS, The BSC can direct the BTS to notify the MS to advance the timing such that proper synchronization takes place. The BSC may also perform traffic concentration to reduce the number of transmission lines from the BSC to its BTSs.
MAIN POINTS
(1) The BSS is responsible for communicating with mobile stations in cell areas. (2) Radio equipment of a BSS may sustain one or more cells. (3) One BSC controls ,one or more BTSs and can perform inter-BTS handovers. (4) The BTS serves as one cell in the cellular network and contains one or more TRXs. (5) The TRX serves full duplex communications to the MS.
Base Terminal Station (BTS) The BTS handles the radio interface to the mobile station. The BTS is the radio equipment (transceivers and antennas) needed to service each cell in the network. A group of BTSs are controlled by a BSC. A BTS is a network component that serves one cell and is controlled by a BSC. BTS is typically able to handle three to five radio carries, carrying between 24 and 40 simultaneous communication. Reducing the BTS volume is important to keeping down the cost of the cell sites.
Functions of BTS
The primary responsibility of the BTS is to transmit and receive radio signals from a mobile unit over an air interface. To perform this function completely, the signals are encoded, encrypted, multiplexed, modulated, and then fed to the antenna system at the cell site. then combining four of these signals to 64 kbps is essentially a part of BTS, though; it can be done at BSC or at MSC. The voice communication can be either at a full or half rate over logical speech channel. In order to keep the mobile synchronized, BTS transmits frequency and time synchronization signals over frequency correction channel (FCCH and BCCH logical channels. The received signal from the mobile is decoded, decrypted, and equalized for channel impairments. Random access detection is made by BTS, which then sends the message to BSC. The channel subsequent assignment is made by BSC. Timing advance is determined by BTS. BTS signals the mobile for proper timing adjustment. Uplink radio channel measurement corresponding to the downlink measurements made by MS has to be made by BTS. Types of BTS Incite BTS Consists of 1 TRX
Metro BTS Consists of 4 TRX Ultra BTS Consists of 12 TRX Flexi BTS Consists of 24 TRX Funtional Units of BTS Base Operations and Interfaces(BIOx) Unit It manages the following functions: BTS initialization and self testing Main clock and timing functions Collections & management of external and internal alarms Delivery of messages to the BSC through transmission unit Software downloads Operation and maintenance signaling Dual Variable Gain Duplexer Filter(DVxx) Unit Combines transmitted and received signals into one antenna Amplifies received signals with a variable gain low noise amplifier Power Supply (PWSx)Unit Sends an input alarm to BIOx unit when the input voltage is out of range. Sends an output alarm to BIOx unit when the output voltages fall below specific limits.
Send alarms to BIOx unit when temperature exceeds the specific limit. Receiver Multi coupler (M2Xa or M6xA) Unit It split received and Diversity-Received signals and distributes them to the Transceiver units. Transceiver Baseband (BB2x)Unit 1. Process digital speech and data channels signals 2. Manage all speech function signaling 3. Supports synthesized radio frequency and baseband frequency hopping. Transceiver (TSxx)Unit The transceiver unit performs RF modulation/demodulation and amplification for one RF carrier. The unit handles uplink signals from the MS to the BTS and downlink signals from the BTS to the MS. Wideband Combiner(WCxA) Unit It combines transmit signals from two or four Transceiver units; then feeds the combined signal to the antenna through the X port of the Dual Variable Gain Duplexer Filter Transmission(VXxx) Unit The transmission interfaces of the transmission node are implemented using FXC transmission units. Nokia Ultra site can host up to four FXC transmission units. A scalable number of transmission interfaces allow the operator to expand the capacity of the network as needed.
Network Switching Subsystem (NSS) - Contains the elements Mobile Services Switching Centre (MSC) Home Location Register (HLR) Visitor Location Register (VLR) Authentication Centre (AC) Equipment Identity Register (EIR) The Authentication Centre (AC) and Equipment Identity Register (EIR) are used to provide security. The subscriber and the mobile station have to be identified and authorised before accessing the network. These functions will be discussed later.
Function of NSS:
Call control. A mobile terminated call requires HLR enquiry to locate the called subscriber.
Mobility Management. The HLR always knows in which MSC/VLR area a particular subscriber is located.
An MSC/VLR knows in which Location Area a subscriber is located. This is enabled by a Location Update of which there are three types: Power On, Generic and Periodic Mobility Management also helps in maintaining ongoing calls for a moving subscriber by a procedure known as Handover. There are four types of Handovers: Intra Cell, Inter Cell-Intra BSC, Inter Cell - Inter BSC and Inter MSC Subscriber Data handling. A subscribers data is located in three places: the HLR, VLR and SIM card Security Issues. Subscriber verification is performed in the VLR by an authentication process. Speech encryption is carried out between BTS and Mobile Station. Various types of numbers are used in the GSM network for different functions. The most important ones are: IMSI, MSISDN, MSRN, LAI, LAC, CGI, TMSI and HON. Charging. The MSC is responsible for collecting charging information. It is sent to the Billing Centre which creates bills for the subscriber. Signalling towards Base Station Subsystem and other networks. The services offered by the GSM network are classified as: MOBILE SWITCHING CENTER (MSC) MSC performs the switching functions for all mobile stations located in the geographic covered by its assigned BSSs.
Function of the MSC include :(1) Call handling that copes with the mobile nature of subscribers (example : paging ) (2) Management of required logical radio link channel during calls. (3) Management of MSC-BSS signaling protocol (4) Handling location registration and ensure interworking between mobile station and VLR. (5) Control of inter -BSS handovers . (6) Acting as gateway MSC to interrogate the HLR. (7) Exchange of signaling with other system entities. (8) Other normal functions of the local exchange switch in the fixed network (example :-charging )
Um interface(MS-BTS) The Air interface is the interface between the BTS(Base Transceiver Station) and the MS (Mobile Station). The air interface is required for supporting : Universal use of any compatible mobile station in a GSM network A maximum spectral efficiency (2) A-bis Interface ( BTS-BSC) The physical transmission at the A-bis interface is base on the PCM 30 transmission principle of the ITU-T (international telecommunication union) at a data rate of 2048K bits/s. The Abis-interface is between the BSC(Base Station Controller) and the BTS. Functions implemented at the A-bis-interface are: Voice-data traffic exchange Signaling exchange between the BSC and the BTS Transporting synchronization information from the BSC to the BTS. Synchronization Signaling RT0 Speech data RT0 Signaling RT1
0
30 31
A-interface(BSC-MSC) The purpose behind the GSM specifications is to define several open interfaces, which then are limiting certain parts of the GSM system. Because of this interface openness, the operator maintaining the network may obtain different parts of the network from different GSM network suppliers. Also, when an interface is open it defines strictly what is happening through the interface and this in turn strictly defines what kind of actions/procedures/functions must be implemented between the interfaces. Nowadays, GSM specifications define two truly open interfaces. The first one is between the Mobile Station and the Base Station. This open-air interface is appropriately named the Air interface. The second one is between the Mobile Services Switching Centre MSC (which is the switching exchange in GSM) and the Base Station Controller (BSC). This interface is called the A interface. These two network elements will be discussed in greater detail in later chapters. The system includes more than the two defined interfaces but they are not totally open as the system specifications had not been completed when the commercial systems were launched. When operating analogue mobile networks, experience has shown that centralized intelligence generated excessive load in the system, thus decreasing the capacity. For this reason, the GSM specification, in principle, provides the means to distribute intelligence throughout the network. Referring to the interfaces, the more complicated the interfaces in use, the more intelligence is required between the interfaces in order to implement all the functions required. B INTERFACE (MSC - VLR)
The VLR is the location and management data base for the mobile subscribers roaming in the area controlled by the associated MSC(s). Whenever the MSC needs data related to a given mobile station currently located in its area, it interrogates the VLR. When a mobile station initiates a location updating procedure with an MSC, the MSC informs its VLR which stores the relevant information. This procedure occurs whenever an MS roams to another location area. Also, when a subscriber activates a specific supplementary service or modifies some data attached to a service, the MSC informs (via the VLR) the HLR which stores these modifications and updates the VLR if required. C INTERFACE (HLR and the MSC) The Gateway MSC must interrogate the HLR of the required subscriber to obtain routing information for a call or a short message directed to that subscriber. D INTERFACE (HLR - VLR) This interface is used to exchange the data related to the location of the mobile station and to the management of the subscriber. The main service provided to the mobile subscriber is the capability to set up or to receive calls within the whole service area. To support this, the location registers have to exchange data. The VLR informs the HLR of the location of a mobile station managed by the latter and provides it (either at location updating or at call set-up) with the roaming number of that station. The HLR sends to the VLR all the data needed to support the service to the mobile subscriber. The HLR then instructs the previous VLR to cancel the location registration of this subscriber. Exchanges of data may occur when the mobile subscriber requires a particular service, when he wants to change some data attached to his subscription or when some parameters of the subscription are modified by administrative means. E INTERFACE (MSC MSC) When a mobile station moves from one MSC area to another during a call, handover procedure has to be performed in order to continue the communication. For that purpose the MSCs have to exchange data to
initiate and then to realize the operation. After the handover operation has been completed, the MSCs will exchange information to transfer A-interface signaling as necessary. When a short message is to be transferred between a Mobile Station and Short Message Service Centre (SC), in either direction, this interface is used to transfer the message between the MSC serving the Mobile Station and the MSC which acts as the interface to the SC. F INTERFACE (MSC and EIR) This interface is used between MSC and EIR to exchange data, in order that the EIR can verify the status of the IMEI retrieved from the Mobile Station. G INTERFACE (VLR VLR) When a mobile subscriber moves from a VLR area to another Location Registration procedure will happen. This procedure may include the retrieval of the IMSI and authentication parameters from the old VLR. H INTERFACE (HLR - AuC) When an HLR receives a request for authentication and ciphering data for a Mobile Subscriber and it does not hold the requested data, the HLR requests the data from the AuC. The protocol used to transfer the data over this interface is not standardisation HANDOVER Handover, or handoff as it is called in North America, is the switching of an ongoing call to a different channel or cell. There are four different types of handover in the GSM system, which involve transferring a call between Channels (time slots) in the same cell, Cells (Base Transceiver Stations) under the control of the same Base Station Controller (BSC), Cells under the control of different BSCs, but belonging to the same Mobile services Switching Center (MSC), and Cells under the control of different MSCs.
The first two types of handover, called internal handovers, involve only one Base Station Controller (BSC). To save signaling bandwidth, they are managed by the BSC without involving the Mobile service Switching Center (MSC), except to notify it at the completion of the handover. The last two types of handover, called external handovers, are handled by the MSCs involved. Note that call control, such as provision of supplementary services and requests for further handoffs, is handled by the original MSC. Handovers can be initiated by either the mobile or the MSC (as a means of traffic load balancing). During its idle time slots, the mobile scans the Broadcast Control Channel of up to 16 neighboring cells, and forms a list of the six best candidates for possible handover, based on the received signal strength. This information is passed to the BSC and MSC, and is used by the handover algorithm.
1.0
1.0.1
1.0.2
Security
3G networks offer greater security than their 2G predecessors. By allowing the UE (User Equipment) to authenticate the network it is attaching to, the user can be sure the network is the intended one and not an impersonator. 3G networks use the KASUMI block crypto instead of the older A5/1 stream cipher. However, a number of serious weaknesses in the KASUMI cipher have been identified.[19] In addition to the 3G network infrastructure security, end-to-end security is offered when application frameworks such as IMS are accessed, although this is not strictly a 3G property.
1.0.3
Applications of 3G
The bandwidth and location information available to 3G devices gives rise to applications not previously available to mobile phone users. Some of the applications are:
1.1
Evolution
Both 3GPP and 3GPP2 are currently working on extensions to 3G standard that are based on an all-IP network infrastructure and using advanced wireless technologies such as MIMO, these specifications already display features characteristic for IMT-Advanced (4G), the successor of 3G. However, falling short of the bandwidth requirements for 4G
(which is 1 Gbit/s for stationary and 100 Mbit/s for mobile operation), these standards are classified as 3.9G or Pre-4G. 3GPP plans to meet the 4G goals with LTE Advanced, whereas Qualcomm has halted development of UMB in favour of the LTE family.[5] On 14 December 2009, Telia Sonera announced in an official press release that "We are very proud to be the first operator in the world to offer our customers 4G services."[20] With the launch of their LTE network, initially they are offering pre-4G (or beyond 3G) services in Stockholm, Sweden and Oslo, Nor
ABOUT 4G
In telecommunications, 4G is the fourth generation of cellular wireless standards. It is a successor to the 3G and 2G families of standards. In 2009, the ITU-R organization specified the IMT-Advanced (International Mobile Telecommunications Advanced) requirements for 4G standards, setting peak speed requirements for 4G service at 100 Mbit/s for high mobility communication (such as from trains and cars) and 1 Gbit/s for low mobility communication (such as pedestrians and stationary users).[1] A 4G system is expected to provide a comprehensive and secure all-IP based mobile broadband solution to laptop computer wireless modems, smartphones, and other mobile devices. Facilities such as ultra-broadband Internet access, IP telephony, gaming services, and streamed multimedia may be provided to users. Pre-4G technologies such as mobile WiMAX and first-release Long term [2] evolution (LTE) have been on the market since 2006 and 2009[3][4][5] respectively, and though often branded as 4G in marketing materials, the current versions of these technologies provide downstream peak bitrates of 144 Mbit/s and 100 Mbit/s respectively, and do consequently
not fulfill the original ITU-R requirements of data rates approximately up to 1 Gbit/s for 4G systems.
IMT-Advanced
compliant versions of the above two standards are under development and called LTE Advanced and WirelessMAN-Advanced respectively. ITU has decided that LTE Advanced and WirelessMAN-Advanced should be accorded the official designation of IMT-Advanced. On December 6, 2010, ITU announced that current versions of LTE, WiMax and other evolved 3G technologies that do not fulfill "IMT-Advanced" requirements could be considered "4G", provided they represent forerunners to IMT-Advanced and "a substantial level of improvement in performance and capabilities with respect to the initial third generation systems now deployed."[6] In all suggestions for 4G, the CDMA spread spectrum radio technology used in 3G systems and IS-95 is abandoned and replaced by OFDMA and other [ ] frequency-domain equalization schemes. citation needed This is combined with MIMO (Multiple In Multiple Out)
2.5G and 3G systems rely on double core network infrastructures; traditional circuit-switched network nodes (switching points) for telephony, and packet-switched GPRS nodes for various
SMS messaging and broadcasting File manipulation functions Active process block process "Always on" internet access Multimedia messaging service (MMS)
Internet applications for smart devices through wireless application protocol (WAP) Point-to-point (P2P) service: inter-networking with the Internet (IP) Point-to-Multipoint (P2M) service: point-to-multipoint multicast and point-to-multipoint group calls
If SMS over GPRS is used, an SMS transmission speed of about 30 SMS messages per minute may be achieved. This is much faster than using the ordinary SMS over GSM, whose SMS transmission speed is about 6 to 10 SMS messages per minute.
1.2
Usability
The maximum speed of a GPRS connection offered in 2003 was similar to a modem connection in an analog wire telephone network, about 32-40 kbit/s, depending on the phone used. Latency is very high; round-trip time (RTT) is typically about 600-700 ms and often reaches 1 s. GPRS is typically prioritized lower than speech, and thus the quality of connection varies greatly. Devices with latency/RTT improvements (via, for example, the extended UL TBF mode feature) are generally available. Also, network upgrades of features are available with certain operators. With these enhancements the active round-trip time can be reduced, resulting in significant increase in application-level throughput spe
1.3
the time the message was transmitted precise orbital information (the ephemeris)
the general system health and rough orbits of all GPS satellites (the almanac).
The receiver uses the messages it receives to determine the transit time of each message and computes the distance to each satellite. These distances along with the satellites' locations are used with the possible aid of trilateration, depending on which algorithm is used, to compute the position of the receiver. This position is then displayed, perhaps with a moving map display or latitude and longitude; elevation information may be included. Many GPS units show derived information such as direction and speed, calculated from position changes. Three satellites might seem enough to solve for position since space has three dimensions and a position near the Earth's surface can be assumed. However, even a very small clock error multiplied by the very large speed of light[31] the speed at which satellite signals propagate results in a large positional error. Therefore receivers use four or more satellites to solve for the receiver's location and time. The very accurately computed time is effectively hidden by most GPS applications, which use only the location. A few specialized GPS applications do however use the time; these include time transfer, traffic signal timing, and synchronization of cell phone base stations. Although four satellites are required for normal operation, fewer apply in special cases. If one variable is already known, a receiver can determine its position using only three satellites. For example, a ship or aircraft may have known elevation. Some GPS receivers may use additional clues or assumptions (such as reusing the last known altitude, dead reckoning, inertial navigation, or including information from the vehicle computer) to give a less accurate (degraded) position when fewer than four satellites are visible
1.4
Applications
While originally a military project, GPS is considered a dual-use technology, meaning it has significant military and civilian applications. GPS has become a widely deployed and useful tool for commerce, scientific uses, tracking, and surveillance. GPS's accurate time facilitates everyday activities such as banking, mobile phone operations, and even the control of power grids by allowing well synchronized hand-off switching.[38]
1.4.1
Civilian
See also: GNSS applications and GPS navigation device.
This antenna is mounted on the roof of a hut containing a scientific experiment needing precise timing.
Many civilian applications use one or more of GPS's three basic components: absolute location, relative movement, and time transfer.
[51]
second only to the atomic clocks upon which they are based. Cellular telephony: Clock synchronization enables time transfer, which is critical for synchronizing its spreading codes with other base stations to facilitate inter-cell handoff and support hybrid GPS/cellular position detection for mobile emergency calls and other applications. The first handsets with integrated GPS launched in the late 1990s. The U.S. Federal Communications Commission (FCC) mandated the feature in either the handset or in the towers (for use in triangulation) in 2002 so emergency services could locate 911 callers. Third-party software developers later gained access to GPS APIs from Nextel upon launch, followed by Sprint in 2006, and Verizon soon thereafter. Disaster relief/emergency services: Depend upon GPS for location and timing capabilities. Geofencing: Vehicle tracking systems, person tracking systems, and pet tracking systems use GPS to locate a vehicle, person, or pet. These devices are attached to the vehicle, person, or the pet collar. The application provides continuous tracking and mobile or Internet updates should the target leave a designated area.[52] Geotagging: Applying location coordinates to digital objects such as photographs and other documents for purposes such as creating map overlays.
GPS Aircraft Tracking GPS tours: Location determines what content to display; for instance,
is
information about an approaching point of interest. Map-making: Both civilian and military cartographers use GPS extensively. Navigation: Navigators value digitally precise velocity and orientation measurements.
power system measurements, making it possible to compute phasors. Recreation: For example, geocaching, geodashing, GPS drawing and waymarking. Surveying: Surveyors use absolute locations to make maps and determine property boundaries. Tectonics: GPS enables direct fault motion measurement in earthquakes. Telematics: GPS technology integrated with computers and mobile communications technology in automotive navigation systems Fleet Tracking: The use of GPS technology to identify, locate and maintain contact reports with one or more fleet vehicles in real-time.
problems with some amateur radio balloon launches that regularly reach 30 kilometres (19 mi).
1.4.2
Military
Attaching a GPS guidance kit to a 'dumb' bomb, March 2003. As of 2009, military applications of GPS include:
Navigation: GPS allows soldiers to find objectives, even in the dark or in unfamiliar territory, and to coordinate troop and supply movement. In the United States armed forces, commanders use the Commanders Digital Assistant and lower ranks use the Soldier Digital Assistant.[54][55][56][57] Target tracking: Various military weapons systems use GPS to track potential ground and air targets before flagging them as hostile.[citation needed] These weapon systems pass target coordinates to precision-guided munitions to allow them to engage targets accurately. Military aircraft, particularly in air-to-ground roles, use GPS to find targets (for example, gun camera video from AH-1 Cobras in Iraq show GPS co-ordinates that can be viewed with specialized software). Missile and projectile guidance: GPS allows accurate targeting of various military weapons including ICBMs, cruise missiles and precisionguided munitions. Artillery projectiles. Embedded GPS receivers able to withstand accelerations of 12,000 g or about 118 km/s2 have been developed for use in 155 millimetres (6.1 in) howitzers.[58] Search and Rescue: Downed pilots can be located faster if their position is known. Reconnaissance: Patrol movement can be managed more closely. GPS satellites carry a set of nuclear detonation detectors consisting of an optical sensor (Y-sensor), an X-ray sensor, a dosimeter, and an electromagnetic pulse (EMP) sensor (W-sensor),
that form a major portion of the United States Nuclear Detonation [59][60] Detection System.
1.5
Communication
The navigational signals transmitted by GPS satellites encode a variety of information including satellite positions, the state of the internal clocks, and the health of the network. These signals are transmitted on two separate carrier frequencies that are common to all satellites in the network. Two different encodings are used, a public encoding that enables lower resolution navigation, and an encrypted encoding used by the U.S. military.