Total

****** Mobile Communications Introduction ******
****** Computers for the next decades? ******

* Computers are integrated
o small, cheap, portable, replaceable - no more separate devices
* Technology is in the background
o computer are aware of their environment and adapt (location
awareness)
o computer recognize the location of the user and react appropriately
(e.g., call forwarding, fax forwarding, context awareness))
* Advances in technology
o more computing power in smaller devices
o flat, lightweight displays with low power consumption
o new user interfaces due to small dimensions
o more bandwidth per cubic meter
o multiple wireless interfaces: wireless LANs, wireless WANs,
regional wireless telecommunication networks etc. (overlay
networks)
****** Mobile communication ******
* Two aspects of mobility:
o user mobility: users communicate (wireless) anytime, anywhere,
with anyone
o device portability: devices can be connected anytime, anywhere to
the network
stationary computer
notebook in a
* Wireless vs. mobile Examples
hotel
wireless LANs in historic buildings
Personal Digital
Assistant (PDA)
* The demand for mobile communication creates the need for integration of
wireless networks into existing fixed networks:
o local area networks: standardization of IEEE 802.11
o Internet: Mobile IP extension of the internet protocol IP
o wide area networks: e.g., internetworking of GSM and ISDN, VoIP
over WLAN and POTS
****** Applications I ******
* Vehicles
o transmission of news, road condition, weather, music via DAB/DVB-T
o personal communication using GSM/UMTS
o position via GPS
o local ad-hoc network with vehicles close-by to prevent accidents,
guidance system, redundancy
o vehicle data (e.g., from buses, cars, high-speed trains) can be
transmitted in advance for maintenance
* Emergencies
o early transmission of patient data to the hospital, current status,
first diagnosis
o replacement of a fixed infrastructure in case of earthquakes,
hurricanes, fire etc.
o crisis, war, ...

****** Typical application: road traffic ******
ad hoc
UMTS, WLAN,
DAB, DVB, GSM,
cdma2000, TETRA, ...
Personal Travel Assistant,
PDA, Laptop,
GSM, UMTS, WLAN,
Bluetooth, ...
****** Mobile and wireless services Always Best Connected ******
UMTS
2 Mbit/s
UMTS, GSM
384 kbit/s
LAN
100 Mbit/s,
WLAN
54 Mbit/s
UMTS, GSM
115 kbit/s
GSM 115 kbit/s,
WLAN 11 Mbit/s
GSM/GPRS 53 kbit/s
Bluetooth 500 kbit/s
GSM/EDGE 384 kbit/s,
DSL/WLAN 3 Mbit/s
DSL/ WLAN
3 Mbit/s
****** Applications II ******
* Traveling salesmen
o direct access to customer files stored in a central location
o consistent databases for all agents
o mobile office
* Replacement of fixed networks
o remote sensors, e.g., weather, earth activities
o flexibility for trade shows
o LANs in historic buildings
* Entertainment, education, ...
o outdoor Internet access
o intelligent travel guide with up-to-date location dependent
information
o ad-hoc networks for multi user games
History
Info
****** Location dependent services ******
* Location aware services
o what services, e.g., printer, fax, phone, server etc. exist in the
local environment
* Follow-on services
o automatic call-forwarding, transmission of the actual workspace to
the current location(E-Mail)
* Information services
o push: e.g., current special offers in the supermarket
o pull: e.g., where is the Black Forrest Cheese Cake?
* Support services
o caches, intermediate results, state information etc. follow the
mobile device through the fixed network
* Privacy
o who should gain knowledge about the location
****** Mobile devices ******

performance
Pager
* receive only
* tiny displays
* simple text messages
Mobile phones
* voice, data
* simple graphical displays
PDA
* graphical displays
* character recognition
* simplified WWW
Smartphone
* tiny keyboard
* simple versions of standard applications
Laptop/Notebook
* fully functional
* standard applications
Sensors,
embedded
controllers
www.scatterweb.net
No clear separation between device types possible
(e.g. smart phones, embedded PCs, )
****** Effects of device portability ******
* Power consumption
o limited computing power, low quality displays, small disks due to
limited battery capacity
o CPU: power consumption ~ CV2f
# C: internal capacity, reduced by integration
# V: supply voltage, can be reduced to a certain limit
# f: clock frequency, can be reduced temporally
* Loss of data
o higher probability, has to be included in advance into the design
(e.g., defects, theft)
* Limited user interfaces
o compromise between size of fingers and portability
o integration of character/voice recognition, abstract symbols
* Limited memory
o limited usage of mass memories with moving parts
o flash-memory or ? as alternative
****** Wireless networks in comparison to fixed networks ******
* Higher loss-rates due to interference
o emissions of, e.g., engines, lightning
* Restrictive regulations of frequencies
o frequencies have to be coordinated, useful frequencies are almost
all occupied
* Low transmission rates
o local some Mbit/s, regional currently, e.g., 53kbit/s with GSM/GPRS
or about 150 kbit/s using EDGE
* Higher delays, higher jitter
o connection setup time with GSM in the second range, several hundred
milliseconds for other wireless systems
* Lower security, simpler active attacking
o radio interface accessible for everyone, base station can be
simulated, thus attracting calls from mobile phones
* Always shared medium
o secure access mechanisms important
****** Early history of wireless communication ******
* Many people in history used light for communication

o heliographs, flags (semaphore), ...
o 150 BC smoke signals for communication; (Polybius, Greece)
o 1794, optical telegraph, Claude Chappe
* Here electromagnetic waves are of special importance:
o 1831 Faraday demonstrates electromagnetic induction
o J. Maxwell (1831-79): theory of electromagnetic Fields, wave
equations (1864)
o H. Hertz (1857-94): demonstrates with an experiment the wave
character of electrical transmission through space (1888, in
Karlsruhe, Germany)
****** History of wireless communication I ******
* 1896 Guglielmo Marconi
o first demonstration of wireless telegraphy (digital!)
o long wave transmission, high transmission power necessary (> 200kw)
* 1907 Commercial transatlantic connections
o huge base stations (30 100m high antennas)
* 1915 Wireless voice transmission New York - San Francisco
* 1920 Discovery of short waves by Marconi
o reflection at the ionosphere
o smaller sender and receiver, possible due to the invention of the
vacuum tube (1906, Lee DeForest and Robert von Lieben)
* 1926 Train-phone on the line Hamburg - Berlin
o wires parallel to the railroad track
****** History of wireless communication II ******
* 1928 many TV broadcast trials (across Atlantic, color TV, news)
* 1933 Frequency modulation (E. H. Armstrong)
* 1958 A-Netz in Germany
o analog, 160MHz, connection setup only from the mobile station, no
handover, 80% coverage, 1971 11000 customers
* 1972 B-Netz in Germany
o analog, 160MHz, connection setup from the fixed network too (but
location of the mobile station has to be known)
o available also in A, NL and LUX, 1979 13000 customers in D
* 1979 NMT at 450MHz (Scandinavian countries)
* 1982 Start of GSM-specification
o goal: pan-European digital mobile phone system with roaming
* 1983 Start of the American AMPS (Advanced Mobile Phone System, analog)
* 1984 CT-1 standard (Europe) for cordless telephones
****** History of wireless communication III ******
* 1986 C-Netz in Germany
o analog voice transmission, 450MHz, hand-over possible, digital
signaling, automatic location of mobile device
o was in use until 2000, services: FAX, modem, X.25, e-mail, 98%
coverage
* 1991 Specification of DECT
o Digital European Cordless Telephone (today: Digital Enhanced
Cordless Telecommunications)
o 1880-1900MHz, ~100-500m range, 120 duplex channels, 1.2Mbit/s data
transmission, voice encryption, authentication, up to several 10000
user/km2, used in more than 50 countries
* 1992 Start of GSM
o in D as D1 and D2, fully digital, 900MHz, 124 channels
o automatic location, hand-over, cellular
o roaming in Europe - now worldwide in more than 200 countries
o services: data with 9.6kbit/s, FAX, voice, ...
****** History of wireless communication IV ******
* 1994 E-Netz in Germany
o GSM with 1800MHz, smaller cells
o as Eplus in D (1997 98% coverage of the population)
* 1996 HiperLAN (High Performance Radio Local Area Network)

o ETSI, standardization of type 1: 5.15 - 5.30GHz, 23.5Mbit/s
o recommendations for type 2 and 3 (both 5GHz) and 4 (17GHz) as
wireless ATM-networks (up to 155Mbit/s)
* 1997 Wireless LAN - IEEE802.11
o IEEE standard, 2.4 - 2.5GHz and infrared, 2Mbit/s
o already many (proprietary) products available in the beginning
* 1998 Specification of GSM successors
o for UMTS (Universal Mobile Telecommunications System) as European
proposals for IMT-2000
o Iridium
# 66 satellites (+6 spare), 1.6GHz to the mobile phone
****** History of wireless communication V ******
* 1999 Standardization of additional wireless LANs
o IEEE standard 802.11b, 2.4-2.5GHz, 11Mbit/s
o Bluetooth for piconets, 2.4GHz, <1Mbit/s
o decision about IMT-2000
# several members of a family: UMTS, cdma2000, DECT,
o Start of WAP (Wireless Application Protocol) and i-mode
# first step towards a unified Internet/mobile communication
system
# access to many services via the mobile phone
* 2000 GSM with higher data rates
o HSCSD offers up to 57,6kbit/s
o first GPRS trials with up to 50 kbit/s (packet oriented!)
o UMTS auctions/beauty contests
# Hype followed by disillusionment (50 B$ paid in Germany for 6
licenses!)
o Iridium goes bankrupt
* 2001 Start of 3G systems
o Cdma2000 in Korea, UMTS tests in Europe, Foma (almost UMTS) in
Japan
****** History of wireless communication VI ******
* 2002
o WLAN hot-spots start to spread
* 2003
o UMTS starts in Germany
o Start of DVB-T in Germany replacing analog TV
* 2005
o WiMax starts as DSL alternative (not mobile)
o first ZigBee products
* 2006
o HSDPA starts in Germany as fast UMTS download version offering > 3
Mbit/s
o WLAN draft for 250 Mbit/s (802.11n) using MIMO
o WPA2 mandatory for Wi-Fi WLAN devices
* 2007
o over 3.3 billion subscribers for mobile phones (NOT 3 bn people!)
* 2008
o real Internet widely available on mobile phones (standard
browsers, decent data rates)
o 7.2 Mbit/s HSDPA, 1.4 Mbit/s HSUPA available in Germany, more than
100 operators support HSPA worldwide
****** Wireless systems: overview of the development ******
cellular phones
satellites
wireless LAN
cordless phones
1992:
GSM
1994: DCS 1800

2001:
IMT-2000
1987: CT1+
1982:
Inmarsat-A
1992:
Inmarsat-B
Inmarsat-M
1998:
Iridium
1989:
CT 2
1991:
DECT
199x:
proprietary
1997:
IEEE 802.11
1999:
802.11b, Bluetooth
1988:
Inmarsat-C
analog
digital
1991:
D-AMPS
1991:
CDMA
1981:
NMT 450
1986:
NMT 900
1980: CT0
1984: CT1
1983:
AMPS
1993:
PDC
2000: GPRS
2000:
IEEE 802.11a
Fourth Generation
(Internet based)
****** Areas of research in mobile communication ******
* Wireless Communication
o transmission quality (bandwidth, error rate, delay)
o modulation, coding, interference
o media access, regulations
o ...
* Mobility
o location dependent services
o location transparency
o quality of service support (delay, jitter, security)
o ...
* Portability
o power consumption
o limited computing power, sizes of display, ...
o usability
o ...
****** Simple reference model used here ******

Application
Transport
Network
Data Link
Physical
Medium
Data Link
Physical
Application
Transport
Network
Data Link
Physical
Data Link
Physical
Network
Network
Radio
****** Influence of mobile communication to the layer model ******
***** Application layer *****
***** Transport layer *****
***** Network layer *****
***** Data link layer *****
***** Physical layer *****
***** service location *****
***** new/adaptive applications *****
***** multimedia *****
***** congestion/flow control *****
***** quality of service *****
***** addressing, routing *****
***** device location *****
***** hand-over *****
***** authentication *****
***** media access/control *****
***** multiplexing *****
***** encryption *****
***** modulation *****
***** interference *****
***** attenuation *****
***** frequency *****
****** Overlay Networks - the global goal ******
regional
metropolitan area
campus-based
in-house
vertical
handover
horizontal
handover
integration of heterogeneous fixed and mobile networks with varying
transmission characteristics
****** Mobile Communications Chapter 2: Wireless Transmission ******
* Frequencies
* Signals, antennas, signal propagation
* Multiplexing
* Spread spectrum, modulation
* Cellular systems
****** Data Communication Terms ******
* Data - entities that convey meaning, or information
* Signals - electric or electromagnetic representations of data

* An electromagnetic signal is a function of time, but it can also be
expressed as a function of frequency(the signal consists of components of
different frequencies)
* Transmission - communication of data by the propagation and processing of
signals
* Spectrumof a signal is the range of frequencies that it contains
* Data rate - rate at which data can be communicated (bps)
* Bandwidth - the bandwidth of the transmitted signal as constrained by the
transmitter and the nature of the transmission medium (Hertz)
* Noise - average level of noise over the communications path
* Error rate - rate at which errors occur
o Error = transmit 1 and receive 0; transmit 0 and receive 1
****** Data Communication Terms ******
* Transmission Medium
o Physical path between transmitter and receiver
* Guided Media
o Waves are guided along a solid medium
o E.g., copper twisted pair, copper coaxial cable, optical fiber
* Unguided Media
o Provides means of transmitting electromagnetic signals but does not
guide Usually referred to as wireless transmission
o E.g., atmosphere, outer space
o Transmission and reception are achieved by means of an antenna
****** Unguided Media ******
o Configurations for wireless transmission
# Directional signals at higher frequencies. it is possible
to focus the signal into a directional beam. The transmitting
and receiving antennas must be carefully aligned.
# Omnidirectional signals at lower frequencies. The signal
propagates in all directions from the antenna. the
transmitted signal spreads out in all directions and can be
received by many antennas.
****** Frequency-Traditional wired networks ******
* Twisted pair copper wires are used frequencies of several hundred kHz
* Coaxial cable are used for frequencies of several hundred MHz
* Fiber optics are used for frequency ranges of several hundred THz.
****** Frequencies for communication ******
* VLF = Very Low Frequency UHF = Ultra High Frequency
* LF = Low Frequency SHF = Super High Frequency
* MF = Medium Frequency EHF = Extra High Frequency
* HF = High Frequency UV = Ultraviolet Light
* VHF = Very High Frequency
* Frequency and wave length
= c/f
o
o wave length (distance occupied by a single cycle of the signal),
speed of light c 3x108m/s, frequency f
1 Mm
300 Hz
10 km
30 kHz
100 m
3 MHz
1 m
300 MHz
10 mm
30 GHz
100 m
3 THz
1 m
300 THz
visible light
VLF
LF
MF
HF
VHF
UHF
SHF
EHF
infrared
UV
optical transmission
coax cable
twisted pair
****** Frequencies for mobile communication ******
* VHF-/UHF-ranges for mobile radio
o simple, small antenna for cars
o deterministic propagation characteristics, reliable connections
* SHF and higher for directed radio links, satellite communication
o small antenna, beam forming
o large bandwidth available
* Wireless LANs use frequencies in UHF to SHF range
o some systems planned up to EHF
o limitations due to absorption by water and oxygen molecules
(resonance frequencies)
# weather dependent fading, signal loss caused by heavy
rainfall etc.
****** Frequencies and regulations ******
* ITU-R holds auctions for new frequencies, manages frequency bands
worldwide (WRC, World Radio Conferences)
Examples
Europe
USA
Japan
GSM 880-915, 925- AMPS, TDMA, CDMA,
PDC, FOMA 810-888,
960, 1710-1785,
GSM 824-849, 869-894 893-958
Cellular phones 1805-1880
TDMA, CDMA, GSM,
PDC 1429-1453, 1477UMTS 1920-1980,
UMTS 1850-1910,
1501
2110-2170
1930-1990
FOMA 1920-1980, 21102170
CT1+ 885-887, 930- PACS 1850-1910,
Cordless phones 932
1930-1990
PHS 1895-1918
CT2 864-868
PACS-UB 1910-1930
JCT 245-380
DECT 1880-1900
Wireless LANs
802.11b/g 2412-2472 802.11b/g 2412-2462 802.11b 2412-2484
802.11g 2412-2472
Other RF systems 27, 128, 418, 433, 315, 915
426, 868
868
****** Signals I ******
* physical representation of data
* Analog signal - signal intensity varies in a smooth fashion over time
o No breaks or discontinuities in the signal
* Digital signal - signal intensity maintains a constant level for some
period of time and then changes to another constant level
* Periodic signal - analog or digital signal pattern that repeats over time
o s(t +T) = s(t) where T is the period of the signal
Aperiodic signal - analog or digital signal pattern that doesn't repeat over
time
****** Signals I ******
* signal parameters of periodic signals: period T, frequency f=1/T,
amplitude A, phase shift
o sine wave as special periodic signal for a carrier: s(t) = At sin(2
ft t + t)
* Peak amplitude (A) - maximum value or strength of the signal over time
(measured in volts)
* Frequency (f)
o Rate, in cycles per second, or Hertz (Hz) at which the signal
repeats
* Period (T) - amount of time it takes for one repetition of the signal
o T = 1/f
* Phase ( ) - measure of the relative position in time within a single
period of a signal
****** Fourier representation of periodic signals ******
1
0
1
0
t
t
ideal periodic signal
real composition
(based on harmonics)
****** Signals II ******
* Different representations of signals
o amplitude (amplitude domain)
o frequency spectrum (frequency domain)
o phase state diagram (amplitude M and phase
in polar coordinates)
* Composed signals transferred into frequency domain using Fourier
transformation
* Digital signals need
o infinite frequencies for perfect transmission
o modulation with a carrier frequency for transmission (analog
signal!)
f [Hz]
A [V]
I= M cos
Q = M sin
A [V]
t[s]
****** Antenna ******
* An antenna is an electrical conductor or system of conductors
o Transmission - radiates electromagnetic energy into space
o Reception - collects electromagnetic energy from space
* In two-way communication, the same antenna can be used for transmission
and reception
* Radiation and reception of electromagnetic waves, coupling of wires to
space for radio transmission
****** Radiation Patterns ******
* Radiation pattern
o Graphical representation of radiation properties of an antenna
o Depicted as two-dimensional cross section
* Beam width (or half-power beam width)
o Measure of directivity of antenna
* Reception pattern
o Receiving antennas equivalent to radiation pattern
****** Types of Antennas ******
* Isotropic antenna (idealized)
o Radiates power equally in all directions
* Dipole antennas
o Half-wave dipole antenna (or Hertz antenna)
o Quarter-wave vertical antenna (or Marconi antenna)

* Parabolic Reflective Antenna
****** Antennas: isotropic radiator ******
* Isotropic radiator: equal radiation in all directions (three dimensional)
- only a theoretical reference antenna
* Real antennas always have directive effects (vertically and/or
horizontally)
* Radiation pattern: measurement of radiation around an antenna
z
y
x
z
y
x
ideal
isotropic
radiator
****** Antennas: simple dipoles ******
* Real antennas are not isotropic radiators but, e.g., dipoles with lengths
/4(directional) on car roofs or /2(omnidirectional) as Hertzian dipole
shape of antenna proportional to wavelength
* Example: Radiation pattern of a simple Hertzian dipole
* Gain: maximum power in the direction of the main lobe compared to the
power of an isotropic radiator (with the same average power)
side view (xy-plane)
x
y
side view (yz-plane)
z
y
top view (xz-plane)
x
z
simple
dipole
/4
/2
****** Antennas: directed and sectorized ******
* If an antenna is positioned, e.g., in a valley or between buildings, an
omnidirectional radiation pattern(Hertzian dipole) is not very useful.
* In this case, directional antennaswith certain fixed preferential
transmission and reception directions can be used.
* Directed antennas are typically applied in cellular systems
* Several directed antennas can be combined on a single pole to construct a
sectorized antenna
****** Antennas: directed and sectorized ******
side view (xy-plane)
x
y
side view (yz-plane)
z
y
top view (xz-plane)
x
z
top view, 3 sector
x
z
top view, 6 sector
x
z
* Often used for microwave connections or base stations for mobile phones
(e.g., radio coverage of a valley)
directed
antenna
sectorized
antenna
****** Antennas: diversity ******
* Grouping of 2 or more antennas-smart antennas
o multi-element antenna arrays
* Antenna diversity
o switched diversity, selection diversity
# receiver chooses antenna with largest output
o diversity combining
# combine output power to produce gain
# cophasing needed to avoid cancellation
+
/4
/2
/4
ground plane
/2
/2
+
/2
****** MIMO ******
* Multiple-Input Multiple-Output
o Use of several antennas at receiver and transmitter
o Increased data rates and transmission range without additional
transmit power or bandwidth via higher spectral efficiency, higher
link robustness, reduced fading
* Examples
o IEEE 802.11n, LTE, HSPA+,
* Functions
o Beamforming: emit the same signal from all antennas to maximize
signal power at receiver antenna
o Spatial multiplexing: split high-rate signal into multiple lower
rate streams and transmit over different antennas
o Diversity coding: transmit single stream over different antennas
with (near) orthogonal codes
sender
receiver
t1
t2
t3
Time of flight
t2=t1+d2
t3=t1+d3
1
2
3
Sending time
1: t0
2: t0-d2
3: t0-d3
****** Signal propagation ranges ******
* Transmission range
o communication possible
o low error rate
* Detection range
o detection of the signal possible

o no communication possible
* Interference range
o signal may not be detected
o signal adds to the background noise
distance
sender
transmission
detection
interference
****** Propagation Modes ******
* Ground-wave propagation
* Sky-wave propagation
* Line-of-sight propagation
* Ground wave(<2 MHz): Waves with low frequencies follow the earths
surface and can propagate long distances. These waves are used for, e.g.,
submarine communication or AM radio.
* Sky wave(230 MHz): Many international broadcasts and amateur radio use
these short waves that are reflected at the ionosphere. This way the
waves can bounce back and forth between the ionosphere and the earths
surface, travelling around the world.
* Line-of-sight(>30 MHz): Mobile phone systems, satellite systems, cordless
telephones etc. use even higher frequencies. The emitted waves follow a
straight line of sight. This enables direct communication with satellites
(no reflection at the ionosphere) or microwave links on the ground.
****** Ground Wave Propagation ******
****** Sky Wave Propagation ******
****** Line-of-Sight Propagation ******
****** Signal propagation-Additional ******
* Propagation in free space always like light (straight line)
* Receiving power proportional to 1/d in vacuum much more in real
environments (d = distance between sender and receiver)
***** Receiving power additionally influenced by *****
fading (frequency dependent)
shadowing
reflection at large obstacles
refraction depending on the density of a medium
scattering at small obstacles
diffraction at edges
reflection
scattering
diffraction
shadowing
refraction
****** Real world example ******
****** Multipath propagation ******
* Signal can take many different paths between sender and receiver due to
reflection, scattering, diffraction
* Time dispersion: signal is dispersed over time
o interference with neighbor symbols, Inter Symbol Interference
(ISI)
* The signal reaches a receiver directly and phase shifted
o distorted signal depending on the phases of the different parts
signal at sender
signal at receiver
LOS pulses
multipath
pulses
****** Effects of mobility ******
* Channel characteristics change over time and location
o signal paths change

o different delay variations of different signal parts
o different phases of signal parts
o
quick changes in the power received (short term fading)
* Additional changes in
o distance to sender
o obstacles further away
o slow changes in the average power received (long term fading)
short term fading
long term
fading
t
power
****** Mobile Communications Chapter 2: Wireless Transmission ******
* Frequencies
* Signals, antennas, signal propagation
* Multiplexing
* Spread spectrum, modulation
* Cellular systems
****** Multiplexing ******
* Multiplexing - carrying multiple signals on a single medium
o More efficient use of transmission medium
****** Multiplexing ******
* Multiplexing in 4 dimensions
o space (si)
o time (t)
o frequency (f)
o code (c)
* Goal: multiple use of a shared medium
* Important: guard spaces needed!
s2
s3
s1
f
t
c
k2
k3
k4
k5
k6
k1
f
t
c
f
t
c
channels ki
****** Frequency multiplex ******
* Divides the available frequency into non-overlapping bands with guard
spaces between to avoid overlapping (adjacent channel interference)
* Receiver only has to know the frequency to tune in to
* Used in analogue systems
****** Frequency multiplex ******
* Separation of the whole spectrum into smaller frequency bands
* A channel gets a certain band of the spectrum for the whole time
* Advantages
o no dynamic coordination necessary
o works also for analog signals
* Disadvantages
o waste of bandwidth if the traffic is distributed unevenly
o inflexible
k2
k3
k4
k5
k6
k1
f
t
c
****** Time multiplex ******
* Allows access to entire frequency bandwidth but for a limited amount of
time
* All senders use same frequency in at different time
* If two transmissions overlap known as co-channel interference
* Precise clock synchronisation required
****** Time multiplex ******
f
t
c
k2
k3
k4
k5
k6
k1
* A channel gets the whole spectrum for a certain amount of time
* Advantages
o only one carrier in the medium at any time
o throughput high even for many users
* Disadvantages
o precise synchronization necessary
****** Time and frequency multiplex ******
* By allowing a channel to use a certain frequency for a certain period of
time more efficient use of resource is achieved
* More robust against interference and tapping
* This is the scheme used by GSM between the handset and base station
* Requires coordination between the different senders
* Two senders will interfere if they select the same frequency
***** To avoid this the senders hop between frequencies: *****
if the hop is fast enough the period of interference may be so small that if
the coding of the data signal is sufficient to allow the receiver to recover
the data the interference is deemed acceptable
****** Time and frequency multiplex ******
f
* Combination of both methods
* A channel gets a certain frequency band for a certain amount of time
* Example: GSM, Bluetooth
* Advantages
o better protection against tapping
o protection against frequency selective interference
* but: precise coordination required
t
c
k2
k3
k4
k5
k6
k1
****** Code multiplex ******
* Each channel has a unique code
* All channels use the same spectrum at the same time
* Implemented using spread spectrum technology
* Advantages
o bandwidth efficient
o no coordination and synchronization necessary
o good protection against interference and tapping
* Disadvantages
o varying user data rates
o more complex signal regeneration
k2
k3
k4
k5
k6
k1
f
t
c
****** Code multiplex ******
* Highly complex scheme
* Receiver has to know the code & be able to separate out other traffic
on different codes which appear as background noise
* Receiver & transmitter must be synchronised to provide correct
decoding
* All signals must reach the receiver with relatively equal strength or the
receiver will not be able to distinguish between them
****** Modulation ******
* Digital modulation
o digital data is translated into an analog signal (baseband)
o ASK, FSK, PSK - main focus in this chapter
o differences in spectral efficiency, power efficiency, robustness
* Analog modulation
o shifts center frequency of baseband signal up to the radio carrier
* Motivation
o smaller antennas (e.g., /4)
o Frequency Division Multiplexing
o medium characteristics
* Basic schemes
o Amplitude Modulation (AM)
o Frequency Modulation (FM)
o Phase Modulation (PM)
****** Modulation and demodulation ******
synchronization
decision
digital
data
analog
demodulation
radio
carrier
analog
baseband
signal
101101001
radio receiver
digital
modulation
digital
data
analog
modulation
radio
carrier
analog
baseband
signal
101101001
radio transmitter
****** Digital modulation ******
* Modulation of digital signals known as Shift Keying
* Amplitude Shift Keying (ASK):
o very simple
o low bandwidth requirements
o very susceptible to interference
* Frequency Shift Keying (FSK):
o needs larger bandwidth
* Phase Shift Keying (PSK):
o more complex
o robust against interference
1
0
1
t
1
0
1
t
1
0
1
t
****** Advanced Frequency Shift Keying ******
* bandwidth needed for FSK depends on the distance between the carrier
frequencies
MSK (Minimum Shift
* special pre-computation avoids sudden phase shifts
Keying)
o bit separated into even and odd bits, the duration of each bit is
doubled
o depending on the bit values (even, odd) the higher or lower
frequency, original or inverted is chosen
o the frequency of one carrier is twice the frequency of the other
o Equivalent to offset QPSK
* even higher bandwidth efficiency using a Gaussian low-pass filter
GMSK
(Gaussian MSK), used in GSM
****** Example of MSK ******
data
even bits
odd bits
1
1
1
1
0
0
0
t
low frequency
high frequency
MSK
signal
bit
even 0 1 0 1
odd 0 0 1 1
signal h n n h value - - + +
h: high frequency
n: low frequency
+: original signal
-: inverted signal
No phase shifts!
****** Advanced Phase Shift Keying ******
* BPSK (Binary Phase Shift Keying):
o bit value 0: sine wave
o bit value 1: inverted sine wave
o very simple PSK
o low spectral efficiency
o robust, used e.g. in satellite systems
* QPSK (Quadrature Phase Shift Keying):
o 2 bits coded as one symbol
o symbol determines shift of sine wave
o needs less bandwidth compared to BPSK
o more complex
* Often also transmission of relative, not absolute phase shift: DQPSK Differential QPSK (IS-136, PHS)
11
10
00
01
Q
I
0
1
Q
I
11
01
10
00
A
t
****** Quadrature Amplitude Modulation ******
* Quadrature Amplitude Modulation (QAM)
o combines amplitude and phase modulation
o it is possible to code n bits using one symbol
o 2n discrete levels, n=2 identical to QPSK
* Bit error rate increases with n, but less errors compared to comparable
PSK schemes
o Example: 16-QAM (4 bits = 1 symbol)
o Symbols 0011 and 0001 have the same phase , but di erent
amplitude a. 0000 and 1000 have di erent phase, but same
amplitude.
0000
0001
0011
1000
Q
I
0010
a
****** Hierarchical Modulation ******
* DVB-T modulates two separate data streams onto a single DVB-T stream
* High Priority (HP) embedded within a Low Priority (LP) stream
* Multi carrier system, about 2000 or 8000 carriers
* QPSK, 16 QAM, 64QAM
* Example: 64QAM
o good reception: resolve the entire 64QAM constellation
o poor reception, mobile reception: resolve only QPSK portion
o 6 bit per QAM symbol, 2 most signi icant determine QPSK
o HP service coded in QPSK (2 bit), LP uses remaining 4 bit
Q
I
00
10
000010
010101
****** Spread spectrum technology ******
* Problem o radio transmission: requency dependent ading can wipe out
narrow band signals or duration o the inter erence
* Solution: spread the narrow band signal into a broad band signal using a
special code
o protection against narrow band inter erence
* Side e ects:
o coexistence o several signals without dynamic coordination
o tap-proo
* Alternatives: Direct Sequence, Frequency Hopping
detection at
receiver
inter erence
spread signal
signal
spread
inter erence
power
power
****** E ects o spreading and inter erence-(bandpass
dP/d
i)
dP/d
ii)
sender
dP/d
iii)
dP/d
iv)
receiver
v)
user signal
broadband inter erence
narrowband inter erence
ilter) ******
dP/d
****** Spreading and requency selective ading ******
requency
channel quality
1
2
3
4
5
6
narrow band signal
guard space
2
2
2
2
2
requency
channel quality
1
spread spectrum
narrowband channels
spread spectrum channels
****** DSSS (Direct Sequence Spread Spectrum) I(3G) ******
* XOR o the signal with pseudo-random number (chipping sequence)
o many chips per bit (e.g., 128) result in higher bandwidth o the
signal
* Advantages
o reduces requency selective ading
o in cellular networks
# base stations can use the same requency range
# several base stations can detect and recover the signal
# so t handover
* Disadvantages
o precise power control necessary
user data
chipping
sequence
resulting
signal
0
1
0
1
1
0
1
0
1
0
1
0
0
1
1
1
XOR
0
1
1
0
0
1
0
1
1
0
1
0
0
1
=
tb
tc
tb: bit period
tc: chip period
****** DSSS (Direct Sequence Spread Spectrum) II ******
X
user data
chipping
sequence
modulator
radio
carrier
spread
spectrum
signal
transmit
signal
transmitter
demodulator
received
signal
radio
carrier
X
chipping
sequence
lowpass
iltered
signal
receiver
integrator
products
decision
data
sampled
sums
correlator
****** FHSS (Frequency Hopping Spread Spectrum) I(Bluetooth) ******
* Discrete changes o carrier requency
o sequence o requency changes determined via pseudo random number
sequence
* Two versions
o Fast Hopping: several requencies per user bit
o Slow Hopping: several user bits per requency
* Advantages
o requency selective ading and inter erence limited to short period
o simple implementation
o uses only small portion o spectrum at any time
* Disadvantages
o not as robust as DSSS
o simpler to detect
****** FHSS (Frequency Hopping Spread Spectrum) II ******
user data
slow
hopping
(3 bits/hop)
ast
hopping
(3 hops/bit)
0
1
tb
0
1
1
t
1
2
3
t
td
1
2
3
t
td
tb: bit period td: dwell time(time spend on a channel with certain
****** FHSS (Frequency Hopping Spread Spectrum) III ******
modulator
user data
hopping
sequence
modulator
narrowband
signal
spread
transmit
signal
transmitter
received
signal
receiver
demodulator
data
requency
synthesizer
hopping
sequence
demodulator
requency
synthesizer
narrowband
signal
****** Cellular System ******
* Implements space division multiplex
o base station covers a certain transmission area (cell)
requency )
* Mobile stations communicate only via the base station

* Advantages o cell structures(small)
o higher capacity, higher number o users
o less transmission power needed
o more robust, decentralized
o base station deals with inter erence, transmission area etc.
locally
* Problems
o ixed network needed or the base stations
o handover (changing rom one cell to another) necessary
o inter erence with other cells
* Cell sizes rom some 100 m in cities to, e.g., 35 km on the country side
(GSM) - even less or higher requencies
****** Frequency planning I ******
* Frequency reuse only with a certain distance between the base stations
* Standard model using 7 requencies:
* Fixed requency assignment:
o certain requencies are assigned to a certain cell
o problem: di erent tra ic load in di erent cells
* Dynamic requency assignment:
o base station chooses requencies depending on the requencies
already used in neighbor cells
o more capacity in cells with more tra ic
o assignment can also be based on inter erence measurements
4
5
1
3
2
6
7
3
2
4
5
1
****** Frequency planning II ******
1
2
3
2
1
1
2
3
2
3
1
2
1
3
3
3
3
3
4
5
1
3
2
6
7
3
2
4
5
1
3
5
6
7
2
2
1
1
1
2
3
2
3
2
3
h1
h2
h3
g1
g2
g3
h1
h2
h3
g1
g2
g3
g1
g2
g3
3 cell cluster
7 cell cluster
3 cell cluster
with 3 sector antennas
****** Cell breathing ******
* CDM systems: cell size depends on current load
* Additional tra ic appears as noise to other users
* I the noise level is too high users drop out o cells
****** Mobile Communications Chapter 3 : Media Access ******
* Motivation
* SDMA, FDMA, TDMA
* Aloha, reservation schemes
* Collision avoidance, MACA
* Polling
* CDMA, SAMA
* Comparison
****** Motivation ******
* Can we apply media access methods rom ixed networks?
* Example CSMA/CD
o Carrier Sense Multiple Access with Collision Detection
o send as soon as the medium is ree, listen into the medium i
collision occurs (legacy method in IEEE 802.3)
* Problems in wireless networks
o signal strength decreases proportional to the square o the

distance
o the sender would apply CS and CD, but the collisions happen at the
receiver
o it might be the case that a sender cannot hear the collision,
i.e., CD does not work
o urthermore, CS might not work i , e.g., a terminal is hidden
****** Motivation - hidden and exposed terminals ******
* Hidden terminals
o A sends to B, C cannot receive A
o C wants to send to B, C senses a ree medium (CS ails)
o collision at B, A cannot receive the collision (CD ails)
o A is hidden or C
B
A
C
****** Exposed Terminal Problem ******
o A starts sending to B.
o C senses carrier, inds medium in use and has to wait or A->B to
end.
o D is outside the range o A, there ore waiting is not necessary.
A
B
C
D
****** Motivation - near and ar terminals ******
* Terminals A and B send, C receives
o signal strength decreases proportional to the square o the
distance
o the signal o terminal B there ore drowns out As signal
o C cannot receive A
* I C or example was an arbiter or sending rights, terminal B would
drown out terminal A already on the physical layer
* Also severe problem or CDMA-networks - precise power control needed!
A
B
C
****** Access methods SDMA/FDMA/TDMA ******
* The mobile phone may receive several base stations with di erent
quality.
* A typical application involves assigning an optimal base station to a
mobile phone user.
* A MAC algorithm could now decide which base station is best, taking into
account which requencies (FDM), time slots (TDM) or code (CDM)
* The multiplexing schemes are now used to control medium access!
* SDMA is never used in isolation but always in combination with one or
more other schemes.
* SDMA (Space Division Multiple Access)
o segment space into sectors, use directed antennas
o cell structure
****** FDMA ******
* FDMA (Frequency Division Multiple Access)
o assign a certain requency to a transmission channel between a
sender and a receiver
o permanent (e.g., radio broadcast), slow hopping (e.g., GSM), ast
hopping (FHSS, Frequency Hopping Spread Spectrum)
* Channels can be assigned to the same requency at all times, i.e., pure
FDMA,
* Change requencies according to a certain pattern, i.e., FDMA combined
with TDMA.
****** FDD/FDMA - general scheme, example GSM ******

t
124
1
124
1
20 MHz
200 kHz
890.2 MHz
935.2 MHz
915 MHz
960 MHz
****** FDMA ******
* uplink requency is u = 890 MHz + n0.2 MHz
* downlink requency is d = u + 45 MHz, i.e., d = 935 MHz + n0.2 MHz
or a certain channel n.
* Each channel (uplink and downlink) has a bandwidth o 200 kHz.
* 124 channels per direction are available at 900 MHz
****** TDMA ******
* TDMA (Time Division Multiple Access)
o assign the ixed sending requency to a transmission channel
between a sender and a receiver or a certain amount o time
* listening to di erent requencies at the same time is quite di icult,
but listening to many channels separated in time at the same requency is
simple.
* Fixed schemes do not need an identi ication, but are not as lexible
considering varying bandwidth requirements.
* Dynamic allocation schemes require an identi ication or each
transmission(MAC address)
****** TDD/TDMA - general scheme, example DECT ******
1
2
3
11
12
1
2
3
11
12
t
downlink
uplink
417 s
****** Aloha/slotted aloha ******
* Mechanism
o random, distributed (no central arbiter), time-multiplex
o Slotted Aloha additionally uses time-slots, sending must always
start at slot boundaries
* Aloha
* Slotted Aloha
sender A
sender B
sender C
collision
sender A
sender B
sender C
collision
t
t
****** DAMA - Demand Assigned Multiple Access ******
* Channel e iciency only 18% or Aloha, 36% or Slotted Aloha (assuming
Poisson distribution or packet arrival and packet length)
* Reservation can increase e iciency to 80%
o a sender reserves a uture time-slot
o sending within this reserved time-slot is possible without
collision
o reservation also causes higher delays
o typical scheme or satellite links
* Examples or reservation algorithms:
o Explicit Reservation according to Roberts (Reservation-ALOHA)
o Implicit Reservation (PRMA)
o Reservation-TDMA
****** Access method DAMA: Explicit Reservation ******
* Explicit Reservation (Reservation Aloha):
o two modes:
# ALOHA mode or reservation: competition or small reservation
slots, collisions possible
# reserved mode or data transmission within success ul
reserved slots (no collisions possible)
o it is important or all stations to keep the reservation list
consistent at any point in time and, there ore, all stations have
to synchronize rom time to time
Aloha
reserved
Aloha
reserved
Aloha
reserved
Aloha
collision
t
****** Access method DAMA: PRMA ******
* Implicit reservation (PRMA - Packet Reservation MA):
o a certain number o slots orm a rame, rames are repeated
o stations compete or empty slots according to the slotted aloha
principle
o once a station reserves a slot success ully, this slot is
automatically assigned to this station in all ollowing rames as
long as the station has data to send
o competition or this slots starts again as soon as the slot was
empty in the last rame
rame1
rame2
rame3
rame4
rame5
1
2
3
4
5
6
7
8
time-slot
collision at reservation attempts
A
C
D
A
B
A
F
A
C
A
B
A
A
B
A
F
A
B
A
F
D
A
C
E
E
B
A
F
D
t
ACDABA-F
ACDABA-F
AC-ABAFA---BAFD
ACEEBAFD
reservation
****** Access method DAMA: Reservation-TDMA ******
* Reservation Time Division Multiple Access
o every rame consists o N mini-slots and x data-slots
o every station has its own mini-slot and can reserve up to k dataslots using this mini-slot (i.e. x = N * k).
o other stations can send data in unused data-slots according to a
round-robin sending scheme (best-e ort tra ic)
N mini-slots
N * k data-slots
reservations or data-slots
other stations can use ree data-slots
based on a round-robin scheme
e.g. N=6, k=2
****** MACA - collision avoidance ******
* MACA (Multiple Access with Collision Avoidance) uses short signaling
packets or collision avoidance
o RTS (request to send): a sender request the right to send rom a
receiver with a short RTS packet be ore it sends a data packet
o CTS (clear to send): the receiver grants the right to send as soon
as it is ready to receive
* Signaling packets contain
o sender address
o receiver address
o packet size
* Variants o this method can be ound in IEEE802.11 as DFWMAC (Distributed
Foundation Wireless MAC)

****** MACA examples ******
* MACA avoids the problem o hidden terminals
o A and C want to send to B
o A sends RTS irst
o C waits a ter receiving CTS rom B
* MACA avoids the problem o exposed terminals
o B wants to send to A, C to another terminal
o now C does not have to wait or it cannot receive CTS rom A
A
B
C
RTS
CTS
CTS
A
B
C
RTS
CTS
RTS
****** MACA variant: DFWMAC in IEEE802.11 ******
idle
wait or the
right to send
wait or ACK
sender
receiver
packet ready to send; RTS
time-out;
RTS
CTS; data
ACK
RxBusy
idle
wait or
data
RTS; RxBusy
RTS;
CTS
data;
ACK
time-out
data;
NAK
ACK: positive acknowledgement
NAK: negative acknowledgement
RxBusy: receiver busy
time-out
NAK;
RTS
****** Polling mechanisms ******
* I one terminal can be heard by all others, this central terminal
(a.k.a. base station) can poll all other terminals according to a certain
scheme
o now all schemes known rom ixed networks can be used (typical
main rame - terminal scenario)
* Example: Randomly Addressed Polling
o base station signals readiness to all mobile terminals
o terminals ready to send can now transmit a random number without
collision with the help o CDMA or FDMA (the random number can be
seen as dynamic address)
o the base station now chooses one address or polling rom the list
o all random numbers (collision i two terminals choose the same
address)
o the base station acknowledges correct packets and continues polling
the next terminal
o this cycle starts again a ter polling all terminals o the list
****** ISMA (Inhibit Sense Multiple Access) ******
* Current state o the medium is signaled via a busy tone
o the base station signals on the downlink (base station to
terminals) i the medium is ree or not
o terminals must not send i the medium is busy
o terminals can access the medium as soon as the busy tone stops
o the base station signals collisions and success ul transmissions
via the busy tone and acknowledgements, respectively (media access
is not coordinated within this approach)
o mechanism used, e.g., or CDPD (USA, integrated into AMPS)
****** Mobile Communications Chapter 3 : Media Access ******
* Motivation
* SDMA, FDMA, TDMA
* Aloha, reservation schemes
* Collision avoidance, MACA
* Polling
* CDMA, SAMA
* Comparison
****** Access method CDMA ******
* CDMA (Code Division Multiple Access)
o all terminals send on the same requency probably at the same time
and can use the whole bandwidth o the transmission channel
o each sender has a unique random number, the sender XORs the signal
with this random number
o the receiver can tune into this signal i it knows the pseudo
random number, tuning is done via a correlation unction
* Disadvantages:
o higher complexity o a receiver (receiver cannot just listen into
the medium and start receiving i there is a signal)
o all signals should have the same strength at a receiver
* Advantages:
o all terminals can use the same requency, no planning needed
o huge code space (e.g. 232) compared to requency space
o inter erences (e.g. white noise) is not coded
o orward error correction and encryption can be easily integrated
****** CDMA in theory ******
* Sender A
o sends Ad = 1, key Ak = 010011 (assign: 0= -1, 1= +1)
o sending signal As = Ad * Ak = (-1, +1, -1, -1, +1, +1)
* Sender B
o sends Bd = 0, key Bk = 110101 (assign: 0= -1, 1= +1)
o sending signal Bs = Bd * Bk = (-1, -1, +1, -1, +1, -1)
* Both signals superimpose in space
o inter erence neglected (noise etc.)
o As + Bs = (-2, 0, 0, -2, +2, 0)
* Receiver wants to receive signal rom sender A
o apply key Ak bitwise (inner product) [Ae= (As + Bs )* Ak ]
# Ae = (-2, 0, 0, -2, +2, 0)
Ak = 2 + 0 + 0 + 2 + 2 + 0 = 6
# result greater than 0, there ore, original bit was 1
o receiving B [Be= (As + Bs )* Bk ]
# Be = (-2, 0, 0, -2, +2, 0)
Bk = -2 + 0 + 0 - 2 - 2 + 0 = 6, i.e. 0
****** CDMA on signal level I ******

data A
key A
signal A
data
key
key
sequence A
Real systems use much longer keys resulting in a larger distance
between single code words in code space.
1
0
1
1
0
0
1
0
0
1
0
0
0
1
0
1
1
0
0
1
1
0
1
1
0
1
1
1
0
0
0
1
0
0
0
1
1
0
0
Ad
Ak
As
****** CDMA on signal level II ******
signal A
data B
key B
key
sequence B
signal B
As + Bs
data key
1
0
0
0
0
0
1
1
0
1
0
1
0
0
0
0
1
0
1
1
1
1
1
1
0
0
1
1
0
1
0
0
0
0
1
0
1
1
1
Bd
Bk
Bs
As
****** CDMA on signal level III ******
Ak
(As + Bs) * Ak
integrator
output
comparator
output
As + Bs
data A
1
0
1
1
0
1
Ad
****** CDMA on signal level IV ******
integrator
output
comparator
output
Bk
(As + Bs) * Bk
As + Bs
data B
1
0
0
1
0
0
Bd
****** CDMA on signal level V ******
comparator
output
wrong
key K
integrator
output
(As + Bs) * K
As + Bs
(0)
(0)
?
****** SAMA - Spread Aloha Multiple Access ******
* Aloha has only a very low e iciency, CDMA needs complex receivers to be
able to receive di erent senders with individual codes at the same time
* Idea: use spread spectrum with only one single code (chipping sequence)
or spreading or all senders accessing according to aloha
1
sender A
0
sender B
0
1
t
narrow band
send or a
shorter period
with higher power
spread the signal e.g. using the chipping sequence 110101 (CDMA without CD)
Problem: ind a chipping sequence with good characteristics
1
1
collision
****** Comparison SDMA/TDMA/FDMA/CDMA ******
****** Mobile Communications Chapter 4: Wireless Telecommunication Systems
******
* Market
* GSM
* DECT
* TETRA
* UMTS/IMT-2000
****** Mobile phone subscribers worldwide ******
year
Subscribers [million]
0
200
400
600
800
1000
1200
1400
1600
1996
1997
1998
1999
2000
2001
2002
2003
2004
approx. 1.7 bn
GSM total
TDMA total
CDMA total
PDC total
Analogue total
W-CDMA
Total wireless
Prediction (1998)
2008:
>3.3 bn!
****** Development o mobile telecommunication systems ******
1G
2G
3G
2.5G
IS-95
cdmaOne
IS-136
TDMA
D-AMPS
GSM
PDC
GPRS
IMT-DS
UTRA FDD / W-CDMA
EDGE
IMT-TC
UTRA TDD / TD-CDMA
cdma2000 1X
1X EV-DV
(3X)
AMPS
NMT
IMT-SC
IS-136HS
UWC-136
IMT-TC
TD-SCDMA
CT0/1
CT2
IMT-FT
DECT
CDMA
TDMA
FDMA
IMT-MC
cdma2000 1X EV-DO
HSPA
****** Some statistics ******
* 16th April 2008: The GSMA, the global trade group or the mobile
industry, today announced that total connections to GSM mobile
communications networks have now passed the 3 Billion mark globally. The
third billion landmark has been reached just our years a ter the GSM
industry surpassed its irst billion, and just two years rom the second
billionth connection. The 3 Billion landmark has been surpassed just 17
years a ter the irst GSM network launch in 1991. Today more than 700
mobile operators across 218 countries and territories o the world are
adding new connections at the rate o 15 per second, or 1.3 million per
day.
* The worlds biggest GSM markets today are China (509 million), which is
growing at a rate o more than 7 million new connections a month and
accounts or 14% o the third billion growth; India (193 million),
growing at 6 million per month accounts or 12% o the third billion
growth, Russia (178 million) and Brazil (93 million) which both
contributed 4% o the third billion growth.
****** How does it work? ******
* How can the system locate a user?
* Why dont all phones ring at the same time?
* What happens i two users talk simultaneously?
* Why dont I get the bill rom my neighbor?
* Why can an Australian use her phone in Berlin?
* Why cant I simply overhear the neighbors communication?
* How secure is the mobile phone system?
* What are the key components o the mobile phone network?
****** GSM: Overview ******
* GSM
o ormerly: Groupe Spciale Mobile ( ounded 1982)
o now: Global System or Mobile Communication
o Pan-European standard (ETSI, European Telecommunications
Standardisation Institute)
o simultaneous introduction o essential services in three phases
(1991, 1994, 1996) by the European telecommunication
administrations (Germany: D1 and D2)
seamless roaming within
Europe possible
* Today many providers all over the world use GSM (218 countries in Asia,
A rica, Europe, Australia, America)
o more than 3 billion subscribers in more than 700 networks
o more than 75% o all digital mobile phones use GSM
o over 200 million SMS per month in Germany, > 550 billion/year
worldwide (> 10% o the revenues or many operators) [be aware:
these are only rough numbers]
****** Per ormance characteristics o GSM (wrt. analog sys.) ******
* Communication
o mobile, wireless communication; support or voice and data services
* Total mobility
o international access, chip-card enables use o access points o
di erent providers
* Worldwide connectivity
o one number, the network handles localization
* High capacity
o better requency e iciency, smaller cells, more customers per cell
* High transmission quality
o high audio quality and reliability or wireless, uninterrupted

phone calls at higher speeds (e.g., rom cars, trains)
* Security unctions
o access control, authentication via chip-card and PIN
****** Disadvantages o GSM ******
* There is no per ect system!!
o no end-to-end encryption o user data
o no ull ISDN bandwidth o 64 kbit/s to the user, no transparent Bchannel
* reduced concentration while driving
* electromagnetic radiation
* abuse o private data possible
* roaming pro iles accessible
* high complexity o the system
* several incompatibilities within the GSM standards
****** GSM: Mobile Services ******
* GSM o ers
o several types o connections
# voice connections, data connections, short message service
o multi-service options (combination o basic services)
* Three service domains
o Bearer Services
o Telematic Services
o Supplementary Services
GSM-PLMN
transit
network
(PSTN, ISDN)
source/
destination
network
TE
TE
bearer services
tele services
R, S
(U, S, R)
Um
MT
MS
****** Bearer Services ******
* Telecommunication services to trans er data between access points
* Speci ication o services up to the terminal inter ace (OSI layers 1-3)
* Di erent data rates or voice and data (original standard)
o data service (circuit switched)
# synchronous: 2.4, 4.8 or 9.6 kbit/s
# asynchronous: 300 - 1200 bit/s
o data service (packet switched)
# synchronous: 2.4, 4.8 or 9.6 kbit/s
# asynchronous: 300 - 9600 bit/s
* Today: data rates o approx. 50 kbit/s possible will be covered later!
(even more with new modulation)
****** Tele Services I ******
* Telecommunication services that enable voice communication via mobile
phones
* All these basic services have to obey cellular unctions, security
measurements etc.
* O ered services
o mobile telephony primary goal o GSM was to enable mobile telephony
o ering the traditional bandwidth o 3.1 kHz
o Emergency number common number throughout Europe (112); mandatory

or all service providers; ree o charge; connection with the
highest priority (preemption o other connections possible)
o Multinumbering several ISDN phone numbers per user possible
****** Tele Services II ******
* Additional services
o Non-Voice-Teleservices
# group 3 ax
# voice mailbox (implemented in the ixed network supporting
the mobile terminals)
# electronic mail (MHS, Message Handling System, implemented in
the ixed network)
# ...
# Short Message Service (SMS) alphanumeric data transmission
to/ rom the mobile terminal (160 characters) using the
signaling channel, thus allowing simultaneous use o basic
services and SMS (almost ignored in the beginning now the
most success ul add-on!)
****** Supplementary services ******
* Services in addition to the basic services, cannot be o ered stand-alone
* Similar to ISDN services besides lower bandwidth due to the radio link
* May di er between di erent service providers, countries and protocol
versions
* Important services
o identi ication: orwarding o caller number
o suppression o number orwarding
o automatic call-back
o con erencing with up to 7 participants
o locking o the mobile terminal (incoming or outgoing calls)
o ...
****** Architecture o the GSM system ******
* GSM is a PLMN (Public Land Mobile Network)
o several providers setup mobile networks ollowing the GSM standard
within each country
o components
# MS (mobile station)
# BS (base station)
# MSC (mobile switching center)
# LR (location register)
o subsystems
# RSS (radio subsystem): covers all radio aspects
# NSS (network and switching subsystem): call orwarding,
handover, switching
# OSS (operation subsystem): management o the network
****** Ingredients 1: Mobile Phones, PDAs & Co. ******
The visible but smallest
part o the network!
****** Ingredients 2: Antennas ******
Still visible cause many discussions
****** Ingredients 3: In rastructure 1 ******
Base Stations
Cabling
Microwave links
****** Ingredients 3: In rastructure 2 ******
Switching units
Data bases
Management
Monitoring
Not visible, but comprise the major part o the network (also rom an
investment point o view)
****** GSM: overview ******

ixed network
BSC
BSC
MSC
MSC
GMSC
OMC, EIR, AUC
VLR
HLR
NSS
with OSS
RSS
VLR
****** GSM: elements and inter aces ******
NSS
MS
MS
BTS
BSC
GMSC
IWF
OMC
BTS
BSC
MSC
MSC
Abis
Um
EIR
HLR
VLR
VLR
A
BSS
PDN
ISDN, PSTN
RSS
radio cell
radio cell
MS
AUC
OSS
signaling
O
****** GSM: system architecture ******
Um
Abis
A
BSS
radio subsystem
MS
MS
BTS
BSC
BTS
BTS
BSC
BTS
network and switching subsystem
MSC
MSC
ixed partner networks
IWF
ISDN PSTN
PSPDN CSPDN
SS7
EIR
HLR
VLR
ISDN PSTN
****** System architecture: radio subsystem ******
* Components
o MS (Mobile Station)
o BSS (Base Station Subsystem): consisting o
# BTS (Base Transceiver Station): sender and receiver
# BSC (Base Station Controller): controlling several
transceivers
* Inter aces
o Um : radio inter ace
o Abis : standardized, open inter ace with 16 kbit/s user channels
o A: standardized, open inter ace with 64 kbit/s user channels
Um
Abis
A
BSS
radio subsystem
network and switching subsystem
MS
MS
BTS
BSC
MSC
BTS
BTS
BSC
BTS
MSC
****** System architecture: network and switching subsystem ******
* Components
o MSC (Mobile Services Switching Center):
o IWF (Interworking Functions)
o ISDN (Integrated Services Digital Network)
o PSTN (Public Switched Telephone Network)
o PSPDN (Packet Switched Public Data Net.)
o CSPDN (Circuit Switched Public Data Net.)
* Databases
o HLR (Home Location Register)
o VLR (Visitor Location Register)
o EIR (Equipment Identity Register)
network subsystem
MSC
MSC
ixed partner networks
IWF
ISDN PSTN
PSPDN CSPDN
SS7
EIR
HLR
VLR
ISDN PSTN
****** Radio subsystem ******
* The Radio Subsystem (RSS) comprises the cellular mobile network up to the
switching centers
* Components
o Base Station Subsystem (BSS):
# Base Transceiver Station (BTS): radio components including
sender, receiver, antenna - i directed antennas are used one
BTS can cover several cells
# Base Station Controller (BSC): switching between BTSs,
controlling BTSs, managing o network resources, mapping o
radio channels (Um) onto terrestrial channels (A inter ace)
# BSS = BSC + sum(BTS) + interconnection
o Mobile Stations (MS)
****** GSM: cellular network ******
possible radio coverage o the cell
idealized shape o the cell
cell
segmentation o the area into cells
* use o several carrier requencies
* not the same requency in adjoining cells
* cell sizes vary rom some 100 m up to 35 km depending on user density,
geography, transceiver power etc.
* hexagonal shape o cells is idealized (cells overlap, shapes depend on
geography)
* i a mobile user changes cells handover o the connection to the neighbor
cell
****** GSM requency bands (examples) ******
Type
Channels
Uplink [MHz] Downlink [MHz]
GSM 850 128-251
824-849
869-894
GSM 900 0-124, 955-1023 876-915
921-960
classical 124 channels
890-915
935-960
extended +49 channels
880-915
925-960
GSM 1800 512-885
1710-1785
1805-1880
GSM 1900 512-810
1850-1910
1930-1990
GSM-R
955-1024, 0-124 876-915
921-960
exclusive 69 channels
876-880
921-925
* Additionally: GSM 400 (also named GSM 450 or GSM 480 at 450-458/460-468
or 479-486/489-496 MHz)
* Please note: requency ranges may vary depending on the country!
* Channels at the lower/upper edge o a requency band are typically not
used
****** Example coverage o GSM networks (www.gsmworld.com) ******
T-Mobile (GSM-900/1800) Germany
O2 (GSM-1800) Germany
AT&T (GSM-850/1900) USA
Vodacom (GSM-900) South A rica
****** Base Transceiver Station and Base Station Controller ******
* Tasks o a BSS are distributed over BSC and BTS
* BTS comprises radio speci ic unctions
* BSC is the switching center or radio channels
****** Mobile station ******
* Terminal or the use o GSM services
* A mobile station (MS) comprises several unctional groups
o MT (Mobile Terminal):
# o ers common unctions used by all services the MS o ers
# corresponds to the network termination (NT) o an ISDN access
# end-point o the radio inter ace (Um)
o TA (Terminal Adapter):
# terminal adaptation, hides radio speci ic characteristics

o TE (Terminal Equipment):
# peripheral device o the MS, o ers services to a user
# does not contain GSM speci ic unctions
o SIM (Subscriber Identity Module):
# personalization o the mobile terminal, stores user
parameters
R
S
Um
TE
TA
MT
****** Network and switching subsystem ******
* NSS is the main component o the public mobile network GSM
o switching, mobility management, interconnection to other networks,
system control
* Components
o Mobile Services Switching Center (MSC) controls all connections via
a separated network to/ rom a mobile terminal within the domain o
the MSC - several BSC can belong to a MSC
o Databases (important: scalability, high capacity, low delay)
# Home Location Register (HLR) central master database
containing user data, permanent and semi-permanent data o
all subscribers assigned to the HLR (one provider can have
several HLRs)
# Visitor Location Register (VLR) local database or a subset
o user data, including data about all user currently in the
domain o the VLR
****** Mobile Services Switching Center ******
* The MSC (mobile switching center) plays a central role in GSM
o switching unctions
o additional unctions or mobility support
o management o network resources
o interworking unctions via Gateway MSC (GMSC)
o integration o several databases
* Functions o a MSC
o speci ic unctions or paging and call orwarding
o termination o SS7 (signaling system no. 7)
o mobility speci ic signaling
o location registration and orwarding o location in ormation
o provision o new services ( ax, data calls)
o support o short message service (SMS)
o generation and orwarding o accounting and billing in ormation
****** Operation subsystem ******
* The OSS (Operation Subsystem) enables centralized operation, management,
and maintenance o all GSM subsystems
* Components
o Authentication Center (AUC)
# generates user speci ic authentication parameters on request
o a VLR
# authentication parameters used or authentication o mobile
terminals and encryption o user data on the air inter ace
within the GSM system
o Equipment Identity Register (EIR)
# registers GSM mobile stations and user rights
# stolen or mal unctioning mobile stations can be locked and
sometimes even localized
o Operation and Maintenance Center (OMC)
# di erent control capabilities or the radio subsystem and
the network subsystem

****** GSM - TDMA/FDMA ******
1
2
3
4
5
6
7
8
higher GSM rame structures
935-960 MHz
124 channels (200 kHz)
downlink
890-915 MHz
124 channels (200 kHz)
uplink
requency
time
GSM TDMA rame
GSM time-slot (normal burst)
4.615 ms
546.5 s
577 s
tail
user data
Training
S
guard
space
S
user data
tail
guard
space
3 bits
57 bits
26 bits
57 bits
1
1
3
****** GSM hierarchy o rames ******
0
1
2
2045
2046
2047
...
hyper rame
0
1
2
48
49
50
...
0
1
24
25
...
super rame
0
1
24
25
...
0
1
2
48
49
50
...
0
1
6
7
...
multi rame
rame
burst
slot
577 s
4.615 ms
120 ms
235.4 ms
6.12 s
3 h 28 min 53.76 s
****** GSM Protocol Architecture ******
****** GSM Protocol Stack ******
* Layer 1: Physical Layer
# Radio Transmission
* Layer 2: Data Link Layer (DLL)
# provides error- ree transmission between adjacent entities,
based on the ISDNs LAPD protocol or the Um and Abis
inter aces, and on SS7s Message Trans er Protocol (MTP) or
the other Layer inter aces
* Layer 3: Networking or Messaging Layer
# Responsible or the communication o network resources,
mobility, code ormat and call-related management messages
between various network entities
* The trans er o signalling in ormation in GSM ollows the layered OSI
model
****** GSM protocol layers or signaling ******
CM
MM
RR
MM
LAPDm
radio
LAPDm
radio
LAPD
PCM
RR
BTSM
CM
LAPD
PCM
RR
BTSM
16/64 kbit/s
Um
Abis
A
SS7
PCM
SS7
PCM
64 kbit/s /
2.048 Mbit/s
MS
BTS
BSC
MSC
BSSAP
BSSAP
****** GSM Protocol Architecture ******
****** Overview o Inter aces ******
* Um
# Radio inter ace between MS and BTS
# each physical channel supports a number o logical channels
* Abis
# between BTS and BSC
# primary unctions: tra ic channel transmission, terrestrial
channel management, and radio channel management
* A
# between BSC and MSC
# primary unctions: message trans er between di erent BSCs to
the MSC
****** Layer I: Physical Layer ******
Radio transmission orms this Layer
****** Layer I: Physical Layer ******
* SDMA,TDMA and FDMA
* Bursting and raming
* Modulation Techniques Gaussian Minimum Shi t Keying (GMSK)
* Channel Coding
* Interleaving-to distribute burst error
* Error detection, correction and blocking the data not correctable
* Power control methodology to minimize the co-channel inter erence
* Time synchronization approaches
****** GSM Physical Layer (MS Side) ******
Speech in GSM is digitally coded at a rate o 13 kbps
456 bits every 20 ms
260 bits every 20 ms
8 57 bits block
GMSK
Convolutional Encoder
184 bits ( 20 ms)
****** GSM Speech Transmission ******
****** GSM Normal Burst Formatting ******
****** GSM Frame Hierarchy ******
****** Logical Channels in GSM ******
Two major classes o logical channels
* Tra ic Channels (TCHs)
o Full-rate tra ic channel (TCH/F)
o Hal -rate tra ic channel (TCH/H)
o Enhanced ull rate

* Control Channels (CCHs)
o Broadcast Channels (BCH)
o Common Control Channels (CCCH)
o Dedicated Control Channels (DCCH)
****** Layer II: Data Link Layer (DLL) ******
Controls the low o packets to and rom network layer
****** GSM Layer II ******
* Connection-based Network
o Tra ic
o Signaling and Control
* Signaling and control data are conveyed through Layer II and Layer III
messages in GSM
* Purpose o Layer II is to check the low o packets or Layer III
* DLL checks the address and sequence # or Layer III
* Also manages Acks or transmission o the packets
* Allows two SAPs or signaling and SMS
* SMS tra ic is carried through a ake signaling packet that carries user
in ormation over signaling channels
o DLL allows SMS data to be multiplexed into signaling streams
****** GSM Layer II ******
* Signaling packet delivered to the physical layer is 184 bits which
con orms with the length o the DLL packets in the LAPD protocol used in
ISDN network
* The LAPD protocol is used or A and A-bis inter ace
* The DLL or the Um inter ace is LAPDm
****** LAPDm ******
* The Link Access Procedure on the Dm channel (LAPDm) is the protocol or
use by the data link layer on the radio inter ace.
***** LAPDm o ers *****
Reliable data trans er over connections
Address and sequence number checks
Data low control
Ack/unack data transmission
re-sequencing o data rames
Segmentation
Access point or the multiple services
* Functions
***** organization o Layer 3 in ormation into rames *****
***** peer-to-peer transmission o signaling data *****
***** in de ined rame ormats *****
***** recognition o rame ormats *****
***** establishment, maintenance, and *****
***** termination o one or more (parallel) data *****
***** links on signaling channels *****
****** LAPD Vs. LAPDm ******
* LAPDm uses no cyclic redundancy check bits or error detection
* Error correction and detection mechanism are provided by a combination o
block and convolutional coding used (in conjunction with bit
interleaving) in the physical layer
****** Frame ormat (LAPD) ******
****** Frame ormat (LAPDm) ******
***** Address ield: is used to carry the service access point identi ier
(SAPI), protocol revision type, nature o the message SAPI: When using command/
control rames, the SAPI identi ies the user or which a command rame is
intended, and the user transmitting a response rame *****
***** Control ield: is used to carry Sequence number and to speci y the types
o the rame (command or response) *****
***** Length indicator: Identi ies the length o the in ormation ield that is
used to distinguish the in ormation carrying iled rom ill-in bits *****
***** In ormation Field: Carries the Layer III payload *****

***** Fill-in bits: all 1 bits to extend the length to the desired 184 bits
*****
****** Layer II Messages ******
* Set asynchronous balanced mode
* Disconnect
* Unnumbered acknowledgement
* Receiver ready
* Receiver not ready
* Reject
* These messages are sent in peer-to-peer Layer II communications, DLL ack.
* These messages do not have Layer III in ormation bits
* Fill-in bits cover the in ormation bits ield
****** Layer III: Networking or Messaging Layer ******
The layer 3 protocols are used or the communication o network resources,
mobility, code ormat and call-related management messages between various
network entities
****** Layer III ******
* A number o mechanisms needed to establish, maintain and terminate a
mobile communication session
* Layer III implements the protocols needed to support these mechanisms
* A signaling protocol, the registration process, is composed o a sequence
o communication events or messages
* Layer III de ines the details o implementation o messages on the
logical channels encapsulated in DLL rames
* Transmit/receives the logical channels data and in ormation bits rom the
data lnk layer or addressed SAP.
****** Layer III Message Format ******
***** Transaction Identi ier (TI): to identi y a protocol that consists o a
sequence o message, allows multiple protocols to operate in parallel *****
***** Protocol Discriminator (PD): Identi ies the category o the operation
(management, supplementary services, call control) *****
***** Message Type (MT): Identi ies the type o messages or a given PD *****
***** In ormation Elements (IE): An optional ield or the time that an
instruction carries some in ormation that is speci ied by an IE identi ier
(IEI). *****
****** Layer III Message ******
* Radio Resource Management (RR),
* Mobility Management (MM) and
* Connection Management (CM).
****** Radio Resource Management (RR) ******
****** Mobility Management (MM) ******
* Assumes a reliable RR connection
* Responsible or
o location management and
o Security
****** Mobility Management (MM) ******
* Location management involves the procedures and
signaling or location updating, so that the mobiles current
location is stored at the HLR, allowing incoming calls to
be properly routed.
* Security involves the authentication o the mobile, to prevent
unauthorized access to the network, as well as the encryption o all
radio link tra ic.
- The protocols in the MM layer involve the SIM, MSC, VLR, and
the HLR, as well as the AuC (which is closely tied with
the HLR).
****** Connection Management (CM) ******
The CM unctional layer is divided into three sub layers.
- Call Control (CCCH)
- Supplementary Services(CCCH-SADCCH)
- Short Message Service (SADCCH)
Call Control (CC) sub layer
- manages call routing, establishment, maintenance, and release, and is closely
related to ISDN call control.
****** Connection Management (CM) ******
***** Supplementary Services sub layer *****
***** - manages the implementation o the various supplementary services (Call
Forwarding/waiting/hold ), and also allows users to access and modi y their
service subscription. Short Message Service sub layer *****
***** - handles the routing and delivery o short messages, both rom and to
the mobile subscriber. *****
****** Mobile Terminated Call ******
PSTN
calling
station
GMSC
HLR
VLR
BSS
BSS
BSS
MSC
MS
1
2
3
4
5
6
7
8
9
10
11
12
13
16
10
10
11
11
11
14
15
17
* 1: calling a GSM subscriber
* 2: orwarding call to GMSC
* 3: signal call setup to HLR
* 4, 5: request MSRN rom VLR
* 6: orward responsible MSC to GMSC
* 7: orward call to
* current MSC
* 8, 9: get current status o MS
* 10, 11: paging o MS
* 12, 13: MS answers
* 14, 15: security checks
* 16, 17: set up connection
****** Mobile Originated Call ******
* 1, 2: connection request
* 3, 4: security check
* 5-8: check resources ( ree circuit)
* 9-10: set up call
PSTN
GMSC
VLR
BSS
MSC
MS
1
2
6
5
3
4
9
10
7
8
****** MTC/MOC ******
BTS
MS
paging request
channel request
immediate assignment
paging response
authentication request
authentication response
ciphering command
ciphering complete
setup
call con irmed
assignment command
assignment complete
alerting
connect
connect acknowledge
data/speech exchange
BTS
MS
channel request
immediate assignment
service request
authentication request
authentication response
ciphering command
ciphering complete
setup
call con irmed
assignment command
assignment complete
alerting
connect
connect acknowledge
data/speech exchange
MTC
MOC
****** Handover ******
***** Mechanism to hand over the control o a mobile device to the neighbouring
cell *****
***** Reason *****

* Load balancing
* MS moves out o range
***** Types o Handover *****
Hard
So t
***** Four possible handover scenarios *****
Intra-cell handover
Inter-cell, intra-BSC handover
Inter-BSC, intra-MSC handover
Inter MSC handover
****** 4 types o handover ******
MSC
MSC
BSC
BSC
BSC
BTS
BTS
BTS
BTS
MS
MS
MS
MS
1
2
3
4
****** Handover decision ******
receive level
BTSold
receive level
BTSold
MS
MS
HO_MARGIN
BTSold
BTSnew
****** Handover procedure ******
HO access
BTSold
BSCnew
measurement
result
BSCold
Link establishment
MSC
MS
measurement
report
HO decision
HO required
BTSnew
HO request
resource allocation
ch. activation
ch. activation ack
HO request ack
HO command
HO command
HO command
HO complete
HO complete
clear command
clear command
clear complete
clear complete
****** Security in GSM ******
* Security services
o access control/authentication
# user
SIM (Subscriber Identity Module): secret PIN (personal
identi ication number)
# SIM
network: challenge response method
o con identiality
# voice and signaling encrypted on the wireless link (a ter
success ul authentication)
o anonymity
# temporary identity TMSI (Temporary Mobile Subscriber
Identity)
# newly assigned at each new location update (LUP)
# encrypted transmission
* 3 algorithms speci ied in GSM
o A3 or authentication (secret, open inter ace)(SIM&AuC)
o A5 or encryption (standardized)(Device)
o A8 or key generation (secret, open inter ace)(SIM&AuC)
secret:
* A3 and A8 available via the Internet
* network providers can use stronger mechanisms
****** Authentication ******
* Access control AC generates a random number RANDas challenge, and the SIM
within the MS answers with SRES(signed response) as response.
* The AuC per orms the basic generation o random values RAND, signed
responses SRES, and cipher keys Kc or each IMSI, and then orwards this
in ormation to the HLR
* The current VLR requests the appropriate values or RAND, SRES, and Kc
rom the HLR.
* The VLR sends the random value RAND to the SIM.
* Network and subscriber module, per orm the same operation with RAND and
the key Ki, called A3.
* The MS sends back the SRES generated by the SIM.
* The VLR can now compare both values.I they are the same, the VLR accepts
the subscriber, otherwise the subscriber is rejected
****** GSM - authentication ******
A3
RAND
Ki
128 bit
128 bit
SRES* 32 bit
A3
RAND
Ki
128 bit
128 bit
SRES 32 bit
SRES* =? SRES
SRES
RAND
SRES
32 bit
mobile network
SIM
AC
MSC
SIM
Ki: individual subscriber authentication key SRES: signed response
****** Encryption ******
* A ter authentication, MS and BSS can start using encryption by applying
the cipher key Kc .
* Kc is generated using the individual key Ki and a random value by
applying the algorithm A8.
* The SIM in the MS and the network both calculate the same Kc based on the
random value RAND.
* MS and BTS can now encrypt and decrypt data using the algorithm A5 and
the cipher key Kc.
****** GSM - key generation and encryption ******
A8
RAND
Ki
128 bit
128 bit
Kc
64 bit
A8
RAND
Ki
128 bit
128 bit
SRES
RAND
encrypted data
mobile network (BTS)
MS with SIM
AC
BSS
SIM
A5
Kc
64 bit
A5
MS
data
data
cipher
key
****** Authentication and Encryption Scheme ******
A3
Mobile Station
Radio Link
GSM Operator
A8
A5
A3
A8
A5
Ki
Ki
Challenge RAND
Kc
Kc
mi
Encrypted Data
mi
SIM
Signed response (SRES)
SRES
SRES
Fn
Fn
Authentication: are SRES values equal?
****** GPRS and DECT ******
****** Data services in GSM I ******
* Data transmission standardized with only 9.6 kbit/s
o advanced coding allows 14.4 kbit/s
o not enough or Internet and multimedia applications
* HSCSD (High-Speed Circuit Switched Data)
o mainly so tware update
o bundling o several time-slots to get higher AIUR (Air Inter ace
User Rate, e.g., 57.6 kbit/s using 4 slots @ 14.4)
o advantage: ready to use, constant quality, simple-(video)
o disadvantage: channels blocked or voice transmission (calldrop)
****** GPRS ******
* General Packet Radio Service
o General -> not restricted to GSM use Packet Radio -> enables packet
mode communication over air
o packet switching
o using ree slots only i data packets ready to send (e.g., 50 kbit/
s using 4 slots temporarily)
o standardization 1998, introduction 2001
o advantage: more lexible
o disadvantage: more investment needed (new hardware)
* Requires many new network elements into NSS
* Provides connections to external packet data networks (Internet, X.25)
* Main bene its
o Resources are reserved only when needed and charged accordingly
o Connection setup times are reduced
o Enables new service opportunities
****** GPRS characteristics ******
***** GPRS uses packet switched resource allocation *****
o resources allocated only when data is to be sent/received
***** Flexible channel allocation *****
one to eight time slots
available resources shared by active users
up and down link channels reserved separately
GPRS and circuit switched GSM services can use same time slots alternatively
****** Applications ******
o Standard data network protocol based
# IP based applications
# WWW, FTP, Telnet, ...
# Any conventional TCP/IP based applications
# X.25 based applications
# Packet Assembly/Disassembly (PAD) type approach
o GPRS speci ic protocol based
# Point-to-point applications
# Toll road system, UIC train control system
# Point-to-multipoint applications
# Weather in o, road tra ic in o, news, leet management
o SMS delivery (GPRS as a bearer or SMS)
****** GPRS ******
o Responsible or delivery and routing o data packets between the

mobile terminals and the external packet network.
* GPRS network elements
o GSN (GPRS Support Nodes): GGSN and SGSN
o GGSN (Gateway GSN)
# interworking unit between GPRS and PDN (Packet Data Network)
o SGSN (Serving GSN)
# supports the MS (location, billing, security)
o GR (GPRS Register)
# user addresses
****** GPRS architecture and inter aces ******
MS
BSS
GGSN
SGSN
MSC
Um
EIR
HLR/
GR
VLR
PDN
Gb
Gn
Gi
SGSN
Gn
****** Gateway GPRS Support Node ******
***** GGSN *****
* Typically located at one o the MSC sites
* One (or ew) per operator
* Main unctions
o Inter ace to external data networks
o Resembles to a data network router
o Forwards end user data to right SGSN
o Routes mobile originated packets to right destination
o Filters end user tra ic
o Collects charging in ormation or data network usage
o Data packets are not sent to MS unless the user has activated the
PDP address
****** Serving GPRS Support Node ******
***** SGSN *****
* Functionally connected with BSC, physically can be at MSC or BSC site
* One or ew BSCs or one (or ew) per every BSC
* One SGSN can support BSCs o several MSC sites
* Main unctions
o Authenticates GPRS mobiles
o Handles mobiles registration in GPRS network
o Handles mobiles mobility management
o Relays MO and MT data tra ic
# TCP/IP header compression, V.42bis data compression, error
control MS- SGSN (ARQ)
o Collect charging in ormation o air inter ace usage
****** GR ******
* New database: GPRS register (GR), colocated with the HLR. It stores
routing in ormation and maps the IMSI to PDN address (IP address, or
example).
* Um inter ace is the air-inter ace and connects the MS to the BSS.
* The inter ace between the BSS and the SGSN is called Gb.
* The inter ace between the SGSN and the GGSN is called the Gn inter ace.
****** Mobility Management ******

* There are three states in which the MS can be:
o IDLE state the MS is not reachable, and all PDP contexts are
deleted
o STANDBY state movement across routing areas is updated to the
SGSN but not across cells.
o READY state every movement o the MS is indicated to the SGSN.
****** Mobility management ******
***** Mobility management messages: *****
o Cell update (implicit, with any message)
# When MS changes the cell within a Routing Area in READY state
o Routing Area update
# When MS changes the cell between two Routing Areas in READY
or STANDBY state
# Two types o Routing Area Updates ( rom MSs point o view
only one type)
# Intra-SGSN Routing Area Update
# Inter-SGSN Routing Area Update
o Periodic Routing Area updates are applicable
****** Security: Based on GSM ******
***** Authentication *****
o SGSN uses same principle as MSC/VLR:
# Get triplet, send RAND to MS, wait or SRES rom MS, use Kc
o MS cant authenticate the network
***** Key management in MS *****
Kc generated same way rom RAND using Ki as in GSM
***** Ciphering *****
Ciphering algorithm is optimized or GPRS tra ic (GPRS - A5)
Ciphering is done between MS and SGSN
***** User con identiality *****
IMSI is only used i a temporary identity is not available
Temporary identity (TLLI) is exchanged over ciphered link
****** GPRS protocol architecture ******
* GPRS Backbone:SGSN GGSN
o GTP tunnels the user packets and related signalling in ormation
between the GPRS support nodes.
* Subnetwork dependent convergence protocol(SNDCP)
o It is used to trans er packets between SGSN and MS
* Data link layer
o LLC(MS-SGSN)
o RLC/MAC(MS-BSS)
* Physical layer
o PLL: channel coding, detection o errors, orward error correction,
interleaving, detection o physical link congestion
o RFL: modulation and demodulation
apps.
IP/X.25
LLC
GTP
MAC
radio
MAC
radio
FR
RLC
BSSGP
IP/X.25
FR
Um
Gb
Gn
L1/L2
L1/L2
MS
BSS
SGSN
GGSN
UDP/TCP
Gi
SNDCP
RLC
BSSGP
IP
IP
LLC
UDP/TCP
SNDCP
GTP
SNDCP sub-n/w dependent convergence protocol
GTP-GPRS tunnelling protocol BSSGP-Base Station Subsystem GPRS protocol
LLC-logical link control RLC-Radio link control
GTP-GPRS Tunnelling Protocol
* IP and X.25 are the packet- ormatting protocols or the transmission and
reception o packetized data
* MAC,LLC and IP-Internet services
* RLC-Voice data link
* SNDCP-Multiple way o connecting n/w and data link layer through IP/X.25.
* GTP-Use TCP and UDP to transmit and receive data and in ormation.
****** DECT ******
* DECT (Digital European Cordless Telephone) standardized by ETSI (ETS
300.175-x) or cordless telephones
* standard describes air inter ace between base-station and mobile phone
* DECT has been renamed or international marketing reasons into Digital
Enhanced Cordless Telecommunication
* Characteristics
o requency: 1880-1990 MHz
o channels: 120 ull duplex
o duplex mechanism: TDD (Time Division Duplex) with 10 ms rame
length
o multplexing scheme: FDMA with 10 carrier requencies, TDMA with 2x
12 slots
o modulation: digital, Gauian Minimum Shi t Key (GMSK)
o power: 10 mW average (max. 250 mW)
o range: approx. 50 m in buildings, 300 m open space
****** DECT system architecture re erence model ******
global
network
local
network
local
network
FT
FT
PT
PA
PT
PA
VDB
HDB
D1
D2
D3
D4
FT-Fixed Radio Transmission PT-portable Radio Transmission PA-Portable
Application
****** DECT re erence model ******
physical layer
medium access control
data link
control
data link
control
network
layer
OSI layer 1
OSI layer 2
OSI layer 3
U-Plane
C-Plane
signaling,
interworking
application
processes
* close to the OSI re erence model
* management plane over all layers
* several services in C(ontrol)- and U(ser)-plane
management
****** DECT layers I ******
* Physical layer
o modulation/demodulation
o generation o the physical channel structure with a guaranteed
throughput
o controlling o radio transmission
# channel assignment on request o the MAC layer
# detection o incoming signals
# sender/receiver synchronization
# collecting status in ormation or the management plane
* MAC layer
o maintaining basic services, activating/deactivating physical
channels
o multiplexing o logical channels
# e.g., C: signaling, I: user data, P: paging, Q: broadcast
o segmentation/reassembly
o error control/error correction
****** DECT time multiplex rame ******
slot
sync
A ield
DATA
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
B ield
D ield
1 rame = 10 ms
12 down slots
12 up slots
0
419
0
31
0
387
0
63
0
319
protected
mode
unprotected
mode
simplex bearer
25.6 kbit/s
32 kbit/s
420 bit + 52 s guard time (60 bit)
in 0.4167 ms
guard
X ield
0
3
A: network control
B: user data
X: transmission quality
****** DECT layers II ******
* Data link control layer
o creation and keeping up reliable connections between the mobile
terminal and basestation
o two DLC protocols or the control plane (C-Plane)
# connectionless broadcast service: paging unctionality
# Lc+LAPC protocol: in-call signaling (similar to LAPD within
ISDN), adapted to the underlying MAC service
o several services speci ied or the user plane (U-Plane)
# null-service: o ers unmodi ied MAC services
# rame relay: simple packet transmission
# rame switching: time-bounded packet transmission
# error correcting transmission: uses FEC, or delay critical,
time-bounded services
# bandwidth adaptive transmission
# Escape service: or urther enhancements o the standard
****** DECT layers III ******
* Network layer
o similar to ISDN (Q.931) and GSM (04.08)
o o ers services to request, check, reserve, control, and release
resources at the basestation and mobile terminal
o resources
# necessary or a wireless connection

# necessary or the connection o the DECT system to the ixed
network
o main tasks
# call control: setup, release, negotiation, control
# call independent services: call orwarding, accounting, call
redirecting
# mobility management: identity management, authentication,
management o the location register
****** Enhancements o the standard ******
* Several DECT Application Pro iles in addition to the DECT speci ication
o GAP (Generic Access Pro ile) standardized by ETSI in 1997
# assures interoperability between DECT equipment o di erent
manu acturers (minimal requirements or voice communication)
# enhanced management capabilities through the ixed network:
Cordless Terminal Mobility (CTM)
o DECT/GSM Interworking Pro ile (GIP): connection to GSM
o ISDN Interworking Pro iles (IAP, IIP): connection to ISDN
o Radio Local Loop Access Pro ile (RAP): public telephone service
o CTM Access Pro ile (CAP): support or user mobility
DECT
basestation
GAP
DECT
Common
Air Inter ace
DECT
Portable Part
ixed network
******
* DECT
* TETRA
* UMTS/IMT-2000
****** DECT ******
* DECT (Digital European Cordless Telephone) standardized by ETSI (ETS
300.175-x) or cordless telephones
* standard describes air inter ace between base-station and mobile phone
* DECT has been renamed or international marketing reasons into Digital
Enhanced Cordless Telecommunication
* Characteristics
o requency: 1880-1990 MHz
o channels: 120 ull duplex
o duplex mechanism: TDD (Time Division Duplex) with 10 ms rame
length
o multplexing scheme: FDMA with 10 carrier requencies, TDMA with 2x
12 slots
o modulation: digital, Gauian Minimum Shi t Key (GMSK)
o power: 10 mW average (max. 250 mW)
o range: approx. 50 m in buildings, 300 m open space
****** DECT system architecture re erence model ******
global
network
local
network
local
network
FT
FT
PT
PA
PT
PA
VDB
HDB
D1
D2
D3
D4
****** DECT re erence model ******
physical layer
medium access control
data link
control
data link
control
network
layer
OSI layer 1
OSI layer 2
OSI layer 3
U-Plane
C-Plane
signaling,
interworking
application
processes
* close to the OSI re erence model
* management plane over all layers
* several services in C(ontrol)- and U(ser)-plane
management
****** DECT layers I ******
* Physical layer
o modulation/demodulation
o generation o the physical channel structure with a guaranteed
throughput
o controlling o radio transmission
# channel assignment on request o the MAC layer
# detection o incoming signals
# sender/receiver synchronization
# collecting status in ormation or the management plane
* MAC layer
o maintaining basic services, activating/deactivating physical
channels
o multiplexing o logical channels
# e.g., C: signaling, I: user data, P: paging, Q: broadcast
o segmentation/reassembly
o error control/error correction
****** DECT time multiplex rame ******
slot
sync
A ield
DATA
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
B ield
D ield
1 rame = 10 ms
12 down slots
12 up slots
0
419
0
31
0
387
0
63
0
319
protected
mode
unprotected
mode
simplex bearer
25.6 kbit/s
32 kbit/s
420 bit + 52 s guard time (60 bit)
in 0.4167 ms
guard
X ield
0
3
A: network control
B: user data
X: transmission quality
****** DECT layers II ******
* Data link control layer
o creation and keeping up reliable connections between the mobile
terminal and basestation
o two DLC protocols or the control plane (C-Plane)
# connectionless broadcast service: paging unctionality
# Lc+LAPC protocol: in-call signaling (similar to LAPD within
ISDN), adapted to the underlying MAC service
o several services speci ied or the user plane (U-Plane)
# null-service: o ers unmodi ied MAC services
# rame relay: simple packet transmission
# rame switching: time-bounded packet transmission
# error correcting transmission: uses FEC, or delay critical,
time-bounded services
# bandwidth adaptive transmission
# Escape service: or urther enhancements o the standard
****** DECT layers III ******
* Network layer
o similar to ISDN (Q.931) and GSM (04.08)
o o ers services to request, check, reserve, control, and release
resources at the basestation and mobile terminal

o resources
# necessary or a wireless connection
# necessary or the connection o the DECT system to the ixed
network
o main tasks
# call control: setup, release, negotiation, control
# call independent services: call orwarding, accounting, call
redirecting
# mobility management: identity management, authentication,
management o the location register
****** Enhancements o the standard ******
* Several DECT Application Pro iles in addition to the DECT speci ication
o GAP (Generic Access Pro ile) standardized by ETSI in 1997
# assures interoperability between DECT equipment o di erent
manu acturers (minimal requirements or voice communication)
# enhanced management capabilities through the ixed network:
Cordless Terminal Mobility (CTM)
o DECT/GSM Interworking Pro ile (GIP): connection to GSM
o ISDN Interworking Pro iles (IAP, IIP): connection to ISDN
o Radio Local Loop Access Pro ile (RAP): public telephone service
o CTM Access Pro ile (CAP): support or user mobility
DECT
basestation
GAP
DECT
Common
Air Inter ace
DECT
Portable Part
ixed network
****** TETRA - Terrestrial Trunked Radio ******
* Trunked radio systems
o many di erent radio carriers
o assign single carrier or a short period to one user/group o users
o taxi service, leet management, rescue teams
o inter aces to public networks, voice and data services
o very reliable, ast call setup, local operation
* TETRA - ETSI standard
o ormerly: Trans European Trunked Radio
o point-to-point and point-to-multipoint
o encryption (end-to-end, air inter ace), authentication o devices,
users and networks
o group call, broadcast, sub-second group-call setup
o ad-hoc (direct mode), relay and in rastructure networks
o call queuing with pre-emptive priorities
****** TETRA Contracts by Sector (percentage) ******
Used in over 70 countries, more than 20 device manu acturers
****** TETRA Network Architecture ******
TETRA in rastructure
BS
BS
switch
switch
switch
NMS
BS
other TETRA networks
PSTN, ISDN,
Internet, PDN
DMO
ISI
PEI
AI
AI: Air Inter ace
BS: Base Station
DMO: Direct Mode Operation
ISI: Inter-System Inter ace
NMS: Network Management
System
PEI: Peripheral Equipment
Inter ace
****** TETRA Direct Mode I ******
* Direct Mode enables ad-hoc operation and is one o the most important
di erences to pure in rastructure-based networks such as GSM, cdma2000
or UMTS.
Individual Call
Group Call
Dual Watch alternating participation in
In rastructure and ad-hoc
network
Managed Direct Mode
network
Authorizing
mobile station
****** TETRA Direct Mode II ******
* An additional repeater may increase the transmission range (e.g. police
car)
Direct Mode with Gateway
network
Direct Mode with Repeater
Direct Mode with Repeater/Gateway
network
Managed Repeater/Gateway
network
Authorizing
Repeater
****** TETRA Technology ******
* Services
o Voice+Data (V+D) and Packet Data Optimized (PDO)
o Short data service (SDS)
* Frequencies
o Duplex: FDD, Modulation: DQPSK
o Europe (in MHz, not all available yet)
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 450-460 UL
/ 460-470 DL; 870-876 UL / 915-921 DL
o Other countries
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 806-821 UL
/ 851-866 DL
****** TDMA structure o the voice+data system ******
0
1
2
57
58
59
...
hyper rame
0
1
2
15
16
17
...
multi rame
0
1
2
3
0 slot 509
rame
14.17 ms
56.67 ms
1.02 s
61.2 s
CF
Control Frame
****** TETRA Data Rates ******
* In rastructure mode, V+D in kbit/s
* No. o time slots 1 2 3 4
* No protection 7.2 14.4 21.6 28.8
* Low protection 4.8 9.6 14.4 19.2
* High protection 2.4 4.8 7.2 9.6
* TETRA Release 2 Supporting higher data rates
o TEDS (TETRA Enhanced Data Service)
o up to 100 kbit/s
o backward compatibility
******
* TETRA
****** TETRA - Terrestrial Trunked Radio ******
* Trunked radio systems
o many di erent radio carriers
o assign single carrier or a short period to one user/group o users
o taxi service, leet management, rescue teams
o inter aces to public networks, voice and data services
o very reliable, ast call setup, local operation
* TETRA - ETSI standard
o ormerly: Trans European Trunked Radio
o point-to-point and point-to-multipoint
o encryption (end-to-end, air inter ace), authentication o devices,
users and networks
o group call, broadcast, sub-second group-call setup
o ad-hoc (direct mode), relay and in rastructure networks
o call queuing with pre-emptive priorities
****** TETRA Contracts by Sector (percentage) ******
Used in over 70 countries, more than 20 device manu acturers
****** TETRA Network Architecture ******
TETRA in rastructure
BS
BS
switch
switch
switch
NMS
BS
other TETRA networks
PSTN, ISDN,
Internet, PDN
DMO
ISI
PEI
AI
AI: Air Inter ace
BS: Base Station
DMO: Direct Mode Operation
ISI: Inter-System Inter ace
NMS: Network Management
System
PEI: Peripheral Equipment
Inter ace
****** TETRA Direct Mode I ******
* Direct Mode enables ad-hoc operation and is one o the most important
di erences to pure in rastructure-based networks such as GSM, cdma2000
or UMTS.
Individual Call
Group Call
Dual Watch alternating participation in
In rastructure and ad-hoc
network
Managed Direct Mode
network
Authorizing
mobile station
****** TETRA Direct Mode II ******
* An additional repeater may increase the transmission range (e.g. police
car)
Direct Mode with Gateway
network
Direct Mode with Repeater
Direct Mode with Repeater/Gateway
network
Managed Repeater/Gateway
network
Authorizing
Repeater
****** TETRA Technology ******
* Services
o Voice+Data (V+D) and Packet Data Optimized (PDO)
o Short data service (SDS)
* Frequencies
o Duplex: FDD, Modulation: DQPSK
o Europe (in MHz, not all available yet)
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 450-460 UL
/ 460-470 DL; 870-876 UL / 915-921 DL
o Other countries
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 806-821 UL
/ 851-866 DL
****** TDMA structure o the voice+data system ******
0
1
2
57
58
59
...
hyper rame
0
1
2
15
16
17
...
multi rame
0
1
2
3
0 slot 509
rame
14.17 ms
56.67 ms
1.02 s
61.2 s
CF
Control Frame
****** TETRA Data Rates ******
* In rastructure mode, V+D in kbit/s
* No. o time slots 1 2 3 4
* No protection 7.2 14.4 21.6 28.8
* Low protection 4.8 9.6 14.4 19.2
* High protection 2.4 4.8 7.2 9.6
* TETRA Release 2 Supporting higher data rates
o TEDS (TETRA Enhanced Data Service)
o up to 100 kbit/s
o backward compatibility
******
* UMTS/IMT-2000
****** UMTS and IMT-2000 ******
* Proposals or IMT-2000 (International Mobile Telecommunications)
o UWC-136, cdma2000, WP-CDMA
o UMTS (Universal Mobile Telecommunications System) rom ETSI
* UMTS
o UTRA (was: UMTS, now: Universal Terrestrial Radio Access)
o enhancements o GSM
# EDGE (Enhanced Data rates or GSM Evolution): GSM up to 384
kbit/s
# CAMEL (Customized Application or Mobile Enhanced Logic)
# VHE (virtual Home Environment)
o its into GMM (Global Multimedia Mobility) initiative rom ETSI
o requirements
# min. 144 kbit/s rural (goal: 384 kbit/s)
# min. 384 kbit/s suburban (goal: 512 kbit/s)
# up to 2 Mbit/s urban
****** Frequencies or IMT-2000 ******
IMT-2000
1850
1900
1950
2000
2050
2100
2150
2200
MHz
MSS
ITU allocation
(WRC 1992)
IMT-2000
MSS
Europe
China
Japan
North
America
UTRA
FDD
UTRA
FDD
T
D
D
T
D
D
MSS
MSS
DE
CT
GSM
1800
1850
1900
1950
2000
2050
2100
2150
2200
MHz
IMT-2000
MSS
IMT-2000
MSS
GSM
1800
cdma2000
W-CDMA
MSS
MSS
MSS
MSS
cdma2000
W-CDMA
PHS
PCS
rsv.
****** IMT-2000 amily ******

IMT-DS
(Direct Spread)
UTRA FDD
(W-CDMA)
3GPP
IMT-TC
(Time Code)
UTRA TDD
(TD-CDMA);
TD-SCDMA
3GPP
IMT-MC
(Multi Carrier)
cdma2000
3GPP2
IMT-SC
(Single Carrier)
UWC-136
(EDGE)
UWCC/3GPP
IMT-FT
(Freq. Time)
DECT
ETSI
GSM
(MAP)
ANSI-41
(IS-634)
IP-Network
IMT-2000
Core Network
ITU-T
IMT-2000
Radio Access
ITU-R
Inter ace or Internetworking
Flexible assignment o Core Network and Radio Access
Initial UMTS
(R99 w/ FDD)
****** GSM and UMTS Releases ******
GSM/EDGE Release 3G Release Abbreviated name Spec version Freeze date
number
(indicative only)
Phase 2+ Release 6 Release 6
Rel-6
6.x.y
December 2004 March 2005
Rel-5
5.x.y
March - June 2002
Rel-4
4.x.y
March 2001
Release 2000 R00
4.x.y
Renaming
Phase 2+ Release 9.x.y
2000
Release 1999 R99
3.x.y
March 2000
Phase 2+ Release 8.x.y
1999
Phase 2+ Release R98
7.x.y
early 1999
1998
6.x.y
early 1998
1997
5.x.y
early 1997
1996
Phase 2
Ph2
4.x.y
1995
Phase 1
Ph1
3.x.y
1992
****** Licensing Example: UMTS in Germany, 18. August 2000 ******
* UTRA-FDD:
o Uplink 1920-1980 MHz
o Downlink 2110-2170 MHz
o duplex spacing 190 MHz
o 12 channels, each 5 MHz
* UTRA-TDD:
o 1900-1920 MHz,
o 2010-2025 MHz;
o 5 MHz channels
* Coverage o the population
o 25% until 12/2003
o 50% until 12/2005
Sum: 50.81 billion
****** UMTS architecture ******
UTRAN
UE
CN
Iu
Uu
* UE (User Equipment)
* UTRAN (UTRA Network)
o Cell level mobility
o Radio Network Subsystem (RNS)
o Encapsulation o all radio speci ic tasks
* CN (Core Network)
o Inter system handover
o gateways to other networks ( ixed or wireless)
o Location management i there is no dedicated connection between UE
and UTRAN
****** UMTS domains and inter aces I ******
* User Equipment Domain
o Assigned to a single user in order to access UMTS services
* In rastructure Domain
o Shared among all users
o O ers UMTS services to all accepted users
USIM
Domain
Mobile Equipment
Domain
Access
Network
Domain
Serving
Network
Domain
Transit
Network
Domain
Home
Network
Domain
Cu
Uu
Iu
User Equipment Domain
Zu
Yu
Core Network Domain
In rastructure Domain
****** UMTS domains and inter aces II ******
***** User Equipment Domain *****
* Universal Subscriber Identity Module (USIM)
o Functions or encryption and authentication o users
o Located on a SIM inserted into a mobile device
* Mobile Equipment Domain
o Functions or radio transmission
o User inter ace or establishing/maintaining end-to-end connections
***** In rastructure Domain *****
Access Network Domain
* Access network dependent unctions and RAN
Core Network Domain
* Access network independent unctions
* Serving Network Domain
o Network currently responsible or communication
* Home Network Domain
o Location and access network independent unctions
****** DS-CDMA Spreading and scrambling o user data ******
* Constant chipping rate o 3.84 Mchip/s
* Di erent user data rates supported via di erent spreading actors
o higher data rate: less chips per bit and vice versa
* User separation via unique, quasi orthogonal scrambling codes
o users are not separated via orthogonal spreading codes
o much simpler management o codes: each station can use the same
orthogonal spreading codes
o precise synchronization not necessary as the scrambling codes stay
quasi-orthogonal
data1
data2
data3
scrambling
code1
spr.
code3
spr.
code2
spr.
code1
data4
data5
scrambling
code2
spr.
code4
spr.
code1
sender1
sender2
****** orthogonal variable spreading actor(OSVF) coding ******
1
1,1
1,-1
1,1,1,1
1,1,-1,-1
X
X,X
X,-X
1,-1,1,-1
1,-1,-1,1
1,-1,-1,1,1,-1,-1,1
1,-1,-1,1,-1,1,1,-1
1,-1,1,-1,1,-1,1,-1
1,-1,1,-1,-1,1,-1,1
1,1,-1,-1,1,1,-1,-1
1,1,-1,-1,-1,-1,1,1
1,1,1,1,1,1,1,1
1,1,1,1,-1,-1,-1,-1
SF=1
SF=2
SF=4
SF=8
SF=n
SF=2n
...
...
...
...
****** UMTS FDD rame structure ******
W-CDMA
* 1920-1980 MHz uplink
* 2110-2170 MHz downlink
* chipping rate: 3.840 Mchip/s
* so t handover
* QPSK
* complex power control (1500 power control cycles/s)
* spreading: UL: 4-256; DL:4-512
0
1
2
12
13
14
...
Radio rame
Pilot
FBI
TPC
Time slot
666.7 s
10 ms
Data
Data1
uplink DPDCH
uplink DPCCH
downlink DPCH
TPC
TFCI
Pilot
666.7 s
666.7 s
DPCCH
DPDCH
2560 chips, 10 bits
2560 chips, 10*2k bits (k = 0...6)
TFCI
2560 chips, 10*2k bits (k = 0...7)
Data2
DPDCH
DPCCH
FBI: Feedback In ormation

TPC: Transmit Power Control
TFCI: Transport Format Combination Indicator
DPCCH: Dedicated Physical Control Channel
DPDCH: Dedicated Physical Data Channel
DPCH: Dedicated Physical Channel
Slot structure NOT or user separation
but synchronization or periodic unctions!
****** Typical UTRA-FDD uplink data rates ******
User data rate [kbit/s] 12.2 (voice) 64 144 384
DPDCH [kbit/s]
60
240 480 960
DPCCH [kbit/s]
15
15 15 15
Spreading
64
16 8 4
****** UMTS TDD rame structure (burst type 2) ******
TD-CDMA
* 2560 chips per slot
* spreading: 1-16
* symmetric or asymmetric slot assignment to UL/DL (min. 1 per direction)
* tight synchronization needed
* simpler power control (100-800 power control cycles/s)
0
1
2
12
13
14
...
Radio rame
Data
1104 chips
Midample
256 chips
Data
1104 chips
Time slot
666.7 s
10 ms
Tra ic burst
GP
GP: guard period
96 chips
2560 chips
****** UTRAN architecture ******
* UTRAN comprises several RNSs
* Node B can support FDD or TDD or both
* RNC is responsible or handover decisions requiring signaling to the UE
* Cell o ers FDD or TDD
RNC: Radio Network Controller
RNS: Radio Network Subsystem
Node B
Node B
RNC
Iub
Node B
UE1
RNS
CN
Node B
Node B
RNC
Iub
Node B
RNS
Iur
Node B
UE2
UE3
Iu
****** UTRAN unctions ******
* Admission control
* Congestion control
* System in ormation broadcasting
* Radio channel encryption
* Handover
* SRNS moving
* Radio network con iguration
* Channel quality measurements
* Macro diversity
* Radio carrier control
* Radio resource control
* Data transmission over the radio inter ace
* Outer loop power control (FDD and TDD)
* Channel coding
* Access control
****** Core network: protocols ******
MSC
RNS
SGSN
GGSN
GMSC
HLR
VLR
RNS
Layer 1: PDH, SDH, SONET
Layer 2: ATM
Layer 3: IP
GPRS backbone (IP)
SS 7
GSM-CS
backbone
PSTN/
ISDN
PDN (X.25),
Internet (IP)
UTRAN
CN
****** Core network: architecture ******
BTS
Node B
BSC
Abis
BTS
BSS
MSC
Node B
Node B
RNC
Iub
Node B
RNS
Node B
SGSN
GGSN
GMSC
HLR
VLR
IuPS
IuCS
Iu
CN
EIR
Gn
Gi
PSTN
AuC
GR
****** Core network ******
* The Core Network (CN) and thus the Inter ace Iu, too, are separated into
two logical domains:
* Circuit Switched Domain (CSD)
o Circuit switched service incl. signaling
o Resource reservation at connection setup
o GSM components (MSC, GMSC, VLR)
o IuCS
* Packet Switched Domain (PSD)
o GPRS components (SGSN, GGSN)
o IuPS
* Release 99 uses the GSM/GPRS network and adds a new radio access!
o Helps to save a lot o money
o Much aster deployment
o Not as lexible as newer releases (5, 6)
****** UMTS protocol stacks (user plane) ******
apps. &
protocols
MAC
radio
MAC
radio
RLC
SAR
Uu
IuCS
UE
UTRAN
3G
MSC
RLC
AAL2
ATM
AAL2
ATM
SAR
apps. &
protocols
MAC
radio
MAC
radio
PDCP
GTP
Uu
IuPS
UE
UTRAN
3G
SGSN
RLC
AAL5
ATM
AAL5
ATM
UDP/IP
PDCP
RLC
UDP/IP
UDP/IP
Gn
GTP
GTP
L2
L1
UDP/IP
L2
L1
GTP
3G
GGSN
IP, PPP,
IP, PPP,
IP tunnel
Circuit
switched
Packet
switched
****** Support o mobility: macro diversity ******
* Multicasting o data via several physical channels
o Enables so t handover
o FDD mode only
* Uplink
o simultaneous reception o UE data at several Node Bs
o Reconstruction o data at Node B, SRNC or DRNC
* Downlink
o Simultaneous transmission o data via di erent cells
o Di erent spreading codes in di erent cells
CN
Node B
RNC
Node B
UE
****** Support o mobility: handover ******
* From and to other systems (e.g., UMTS to GSM)
o This is a must as UMTS coverage will be poor in the beginning
* RNS controlling the connection is called SRNS (Serving RNS)
* RNS o ering additional resources (e.g., or so t handover) is called
Dri t RNS (DRNS)
* End-to-end connections between UE and CN only via Iu at the SRNS
o Change o SRNS requires change o Iu
o Initiated by the SRNS
o Controlled by the RNC and CN

SRNC
UE
DRNC
Iur
CN
Iu
Node B
Iub
Node B
Iub
****** Example handover types in UMTS/GSM ******
RNC1
UE1
RNC2
Iur
3G MSC1
Iu
Node B1
Iub
Node B2
Node B3
3G MSC2
BSC
BTS
2G MSC3
A
Abis
UE2
UE3
UE4
****** Breathing Cells ******
* GSM
o Mobile device gets exclusive signal rom the base station
o Number o devices in a cell does not in luence cell size
* UMTS
o Cell size is closely correlated to the cell capacity
o Signal-to-nose ratio determines cell capacity
o Noise is generated by inter erence rom
# other cells
# other users o the same cell
o Inter erence increases noise level
o Devices at the edge o a cell cannot urther increase their output
power (max. power limit) and thus drop out o the cell
no more
communication possible
o Limitation o the max. number o users within a cell required
o Cell breathing complicates network planning
****** Breathing Cells: Example ******
****** UMTS services (originally) ******
* Data transmission service pro iles
* Virtual Home Environment (VHE)
o Enables access to personalized data independent o location, access
network, and device
o Network operators may o er new services without changing the
network
o Service providers may o er services based on components which
allow the automatic adaptation to new networks and devices
o Integration o existing IN services
Circuit switched
16 kbit/s
Voice
SMS successor, E-Mail
Packet switched
14.4 kbit/s
Simple Messaging
Circuit switched
14.4 kbit/s
Switched Data
asymmetrical, MM, downloads
Circuit switched
384 kbit/s
Medium MM
Low coverage, max. 6 km/h
Packet switched
2 Mbit/s
High MM
Bidirectional, video telephone
Circuit switched
128 kbit/s
High Interactive MM
Transport mode
Bandwidth
Service Pro ile
****** Example 3G Networks: Japan ******
FOMA (Freedom O Mobile multimedia
Access) in Japan
Examples or FOMA phones
****** Example 3G networks: Australia ******
cdma2000 1xEV-DO in Melbourne/Australia
Examples or 1xEV-DO devices
****** Isle o Man Start o UMTS in Europe as Test ******
****** UMTS in Monaco ******
****** UMTS in Europe ******
Voda one/Germany
Orange/UK
****** Some current enhancements ******
* GSM
o EMS/MMS
# EMS: 760 characters possible by chaining SMS, animated icons,
ring tones, was soon replaced by MMS (or simply skipped)
# MMS: transmission o images, video clips, audio
# see WAP 2.0 / chapter 10
o EDGE (Enhanced Data Rates or Global [was: GSM] Evolution)
# 8-PSK instead o GMSK, up to 384 kbit/s
# new modulation and coding schemes or GPRS
EGPRS
# MCS-1 to MCS-4 uses GMSK at rates 8.8/11.2/14.8/17.6
kbit/s
# MCS-5 to MCS-9 uses 8-PSK at rates 22.4/29.6/44.8/54.4/
59.2 kbit/s
* UMTS
o HSDPA (High-Speed Downlink Packet Access)
# initially up to 10 Mbit/s or the downlink, later > 20 Mbit/
s using MIMO- (Multiple Input Multiple Output-) antennas
# can use 16-QAM instead o QPSK (ideally > 13 Mbit/s)
# user rates e.g. 3.6 or 7.2 Mbit/s
o HSUPA (High-Speed Uplink Packet Access)
# initially up to 5 Mbit/s or the uplink
# user rates e.g. 1.45 Mbit/s
****** Satellite Systems ******
****** History o satellite communication ******
*
*
*
*
*
1945 Arthur C. Clarke publishes an essay about Extra Terrestrial Relays

1957 irst satellite SPUTNIK
1960 irst re lecting communication satellite ECHO
1963 irst geostationary satellite SYNCOM
1965 irst commercial geostationary satellite Satellit Early Bird
(INTELSAT I): 240 duplex telephone channels or 1 TV channel, 1.5 years
li etime
* 1976 three MARISAT satellites or maritime communication
* 1982 irst mobile satellite telephone system INMARSAT-A
* 1988 irst satellite system or mobile phones and data communication
INMARSAT-C
* 1993 irst digital satellite telephone system
* 1998 global satellite systems or small mobile phones
****** Applications ******
* Traditionally
o weather satellites
o radio and TV broadcast satellites
o military satellites
o satellites or navigation and localization (e.g., GPS)
* Telecommunication
o global telephone connections
o backbone or global networks
o connections or communication in remote places or underdeveloped
areas
o global mobile communication
*
satellite systems to extend cellular phone systems (e.g., GSM or AMPS)
replaced by iber optics
****** Classical satellite systems ******
base station
or gateway
Inter Satellite Link (ISL)
Mobile User Link (MUL)
Gateway Link (GWL)
ootprint
small cells (spotbeams)
User data
PSTN
ISDN
GSM
GWL
MUL
PSTN: Public Switched
Telephone Network
****** Basics ******
* Satellites in circular orbits
o attractive orce Fg = m g (R/r)
o centri ugal orce Fc = m r
o m: mass o the satellite
o R: radius o the earth (R = 6370 km)
o r: distance to the center o the earth
o g: acceleration o gravity (g = 9.81 m/s)
o : angular velocity ( = 2
, : rotation requency)
* Stable orbit
o Fg = Fc
****** Satellite period and orbits ******
10
20
30
40 x106 m
24
20
16
12
8
4
radius
satellite
period [h]
velocity [ x1000 km/h]
synchronous distance
35,786 km
****** Basics ******
* elliptical or circular orbits
* complete rotation time depends on distance satellite-earth
* inclination: angle between orbit and equator
* elevation: angle between satellite and horizon
* LOS (Line o Sight) to the satellite necessary or connection
*****
high elevation needed, less absorption due to e.g. buildings *****
Uplink: connection base station - satellite
Downlink: connection satellite - base station
typically separated requencies or uplink and downlink
* transponder used or sending/receiving and shi ting o requencies
* transparent transponder: only shi t o requencies
* regenerative transponder: additionally signal regeneration
****** Inclination ******
inclination d
d
satellite orbit
perigee
plane o satellite orbit
equatorial plane
****** Elevation ******
Elevation:
angle e between center o satellite beam
and sur ace
e
minimal elevation:
elevation needed at least
to communicate with the satellite
ootprint
****** Link budget o satellites ******
* Parameters like attenuation or received power determined by our
parameters:
* sending power
* gain o sending antenna
* distance between sender and receiver
* gain o receiving antenna
* Problems
* varying strength o received signal due to multipath propagation
* interruptions due to shadowing o signal (no LOS)
* Possible solutions
* Link Margin to eliminate variations in signal strength
* satellite diversity (usage o several visible satellites at the same
time) helps to use less sending power
L: Loss
: carrier requency
r: distance
c: speed o light
****** Atmospheric attenuation ******
Example: satellite systems at 4-6 GHz
elevation o the satellite

5
10
20
30
40
50
Attenuation o
the signal in %
10
20
30
40
50
rain absorption
og absorption
atmospheric absorption
e
****** Orbits I ******
* Four di erent types o satellite orbits can be identi ied depending on
the shape and diameter o the orbit:
* GEO: geostationary orbit, ca. 36000 km above earth sur ace
* LEO (Low Earth Orbit): ca. 500 - 1500 km
* MEO (Medium Earth Orbit) or ICO (Intermediate Circular Orbit): ca. 6000 20000 km
* HEO (Highly Elliptical Orbit) elliptical orbits
****** Orbits II ******
earth
km
35768
10000
1000
LEO (Globalstar, Irdium)
HEO
inner and outer Van
Allen belts
MEO (ICO)
GEO (Inmarsat)
Van-Allen-Belts:
ionized particles
2000 - 6000 km and
15000 - 30000 km
above earth sur ace
****** Geostationary satellites ******
* Orbit 35,786 km distance to earth sur ace, orbit in equatorial plane
(inclination 0)
*
complete rotation exactly one day, satellite is synchronous to earth
rotation
* ix antenna positions, no adjusting necessary
* satellites typically have a large ootprint (up to 34% o earth sur ace3 GEO), there ore di icult to reuse requencies
* bad elevations in areas with latitude above 60 due to ixed position
above the equator
* high transmit power needed
* high latency due to long distance (ca. 275 ms)
*
not use ul or global coverage or small mobile phones and data
transmission, typically used or radio and TV transmission
****** LEO systems ******
* Orbit ca. 500 - 1500 km above earth sur ace
* visibility o a satellite ca. 10 - 40 minutes
* global radio coverage possible

* latency comparable with terrestrial long distance connections, ca. 5 - 10
ms
* smaller ootprints, better requency reuse
* but now handover necessary rom one satellite to another
* many satellites necessary or global coverage (50-200)
* more complex systems due to moving satellites
* Examples:
* Iridium (start 1998, 66 satellites)
o Bankruptcy in 2000, deal with US DoD ( ree use, saving rom
deorbiting)
* Globalstar (start 1999, 48 satellites)
o Not many customers (2001: 44000), low stand-by times or mobiles
****** MEO systems ******
* Orbit ca. 5000 - 12000 km above earth sur ace(12)
* comparison with LEO systems:
* slower moving satellites
* less satellites needed
* simpler system design
* or many connections no hand-over needed
* higher latency, ca. 70 - 80 ms
* higher sending power needed
* special antennas or small ootprints needed
* Example:
* ICO (Intermediate Circular Orbit, Inmarsat) start ca. 2000
o Bankruptcy, planned joint ventures with Teledesic, Ellipso
cancelled again, start planned or 2003
****** Routing ******
* One solution: inter satellite links (ISL)
* reduced number o gateways needed
* orward connections or data packets within the satellite network as long
as possible
* only one uplink and one downlink per direction needed or the connection
o two mobile phones
* Problems:
* more complex ocusing o antennas between satellites
* high system complexity due to moving routers
* higher uel consumption
* thus shorter li etime
* Iridium and Teledesic planned with ISL
* Other systems use gateways and additionally terrestrial networks
****** Localization o mobile stations ******
* Mechanisms similar to GSM
* Gateways maintain registers with user data
o HLR (Home Location Register): static user data
o VLR (Visitor Location Register): (last known) location o the
mobile station
o SUMR (Satellite User Mapping Register):
# satellite assigned to a mobile station
# positions o all satellites
* Registration o mobile stations
o Localization o the mobile station via the satellites position
o requesting user data rom HLR
o updating VLR and SUMR
* Calling a mobile station
o localization using HLR/VLR similar to GSM
o connection setup using the appropriate satellite
****** Handover in satellite systems ******
* Several additional situations or handover in satellite systems compared
to cellular terrestrial mobile phone networks caused by the movement o
the satellites
o Intra satellite handover
# handover rom one spot beam to another
# mobile station still in the ootprint o the satellite, but
in another cell
o Inter satellite handover
# handover rom one satellite to another satellite
# mobile station leaves the ootprint o one satellite
o Gateway handover
# Handover rom one gateway to another
# mobile station still in the ootprint o a satellite, but
gateway leaves the ootprint
o Inter system handover
# Handover rom the satellite network to a terrestrial cellular
network
# mobile station can reach a terrestrial network again which
might be cheaper, has a lower latency etc.
****** Overview o LEO/MEO systems ******
****** Broadcast Systems ******
****** Unidirectional distribution systems ******
* Asymmetric communication environments
o bandwidth limitations o the transmission medium
o depends on applications, type o in ormation
o examples
# wireless networks with base station and mobile terminals
# client-server environments (diskless terminal)
# cable TV with set-top box
# in ormation services (pager, SMS)
* Special case: unidirectional distribution systems
o high bandwidth rom server to client (downstream), but no bandwidth
vice versa (upstream)
o problems o unidirectional broadcast systems
# a sender can optimize transmitted in ormation only or one
group o users/terminals
# unctions needed to individualize personal requirements/
applications
****** Unidirectional distribution ******
service provider
service user
sender
receiver
receiver
receiver
.
.
.
unidirectional
distribution
medium
A
A
A
A
A
A
A
B
B
B
B
optimized or expected
access pattern
o all users
individual access
pattern o one user
****** Structuring transmissions - broadcast disks ******
* Sender
o cyclic repetition o data blocks
o di erent patterns possible (optimization possible only i the
content is known)
* Receiver
o use o caching
# cost-based strategy: what are the costs or a user (waiting
time) i a data block has been requested but is currently not
cached
# application and cache have to know content o data blocks and
access patterns o user to optimize
A
B
C
A
B
C
lat disk
A
A
B
C
A
A
skewed disk
A
B
A
C
A
B
multi-disk
****** DAB: Digital Audio Broadcasting ******
* Media access
o COFDM (Coded Orthogonal Frequency Division Multiplex)
o SFN (Single Frequency Network)
o 192 to 1536 subcarriers within a 1.5 MHz requency band
* Frequencies
o irst phase: one out o 32 requency blocks or terrestrial TV
channels 5 to 12 (174 - 230 MHz, 5A - 12D)
o second phase: one out o 9 requency blocks in the L-band (14521467.5 MHz, LA - LI)
* Sending power: 6.1 kW (VHF, 120 km) or 4 kW (L-band, 30 km)
* Date-rates: 2.304 Mbit/s (net 1.2 to 1.536 Mbit/s)
* Modulation: Di erential 4-phase modulation (D-QPSK)
* Audio channels per requency block: typ. 6, max. 192 kbit/s
* Digital services: 0.6 - 16 kbit/s (PAD), 24 kbit/s (NPAD)
****** DAB transport mechanisms ******
* MSC (Main Service Channel)
o carries all user data (audio, multimedia, ...)
o consists o CIF (Common Interleaved Frames)
o each CIF 55296 bit, every 24 ms (depends on transmission mode)
o CIF contains CU (Capacity Units), 64 bit each
* FIC (Fast In ormation Channel)

o carries control in ormation
o consists o FIB (Fast In ormation Block)
o each FIB 256 bit (incl. 16 bit checksum)
o de ines con iguration and content o MSC
* Stream mode
o transparent data transmission with a ixed bit rate
* Packet mode
o trans er addressable packets
****** Transmission rame ******
synchronization
channel
SC
main service
channel
FIC
MSC
null
symbol
phase
re erence
symbol
data
symbol
data
symbol
data
symbol
. . . . . .
symbol
Tu
rame duration TF
guard interval Td
L
0
0
1
2
L-1
1
L
ast in ormation
channel
FIC
****** DAB sender ******
Transmitter
Transmission
Multiplexer
MSC
Multiplexer
OFDM
Packet
Mux
Channel
Coder
Audio
Encoder
Channel
Coder
DAB Signal
Service
In ormation
FIC
Multiplex
In ormation
Data
Services
Audio
Services
Radio Frequency
FIC: Fast In ormation Channel
MSC: Main Service Channel
OFDM: Orthogonal Frequency Division Multiplexing
1.5 MHz
carriers
****** DAB receiver ******
Packet
Demux
Audio
Decoder
Channel
Decoder
Independent
Data
Service
Audio
Service
Controller
Tuner
OFDM
Demodulator
User Inter ace
FIC
Control Bus
(partial)
MSC
****** Audio coding ******
* Goal
o audio transmission almost with CD quality
o robust against multipath propagation
o minimal distortion o audio signals during signal ading
* Mechanisms
o ully digital audio signals (PCM, 16 Bit, 48 kHz, stereo)
o MPEG compression o audio signals, compression ratio 1:10
o redundancy bits or error detection and correction
o burst errors typical or radio transmissions, there ore signal
interleaving - receivers can now correct single bit errors
resulting rom inter erence
o low symbol-rate, many symbols
# transmission o digital data using long symbol sequences,
separated by guard spaces
# delayed symbols, e.g., re lection, still remain within the
guard space
****** Bit rate management ******
* a DAB ensemble combines audio programs and data services with di erent
requirements or transmission quality and bit rates

* the standard allows dynamic recon iguration o the DAB multiplexing
scheme (i.e., during transmission)
* data rates can be variable, DAB can use ree capacities or other
services
* the multiplexer per orms this kind o bit rate management, there ore,
additional services can come rom di erent providers
****** Example o a recon iguration ******
D1
D2
D3
D4
D5
D6
D7
D8
D9
Audio 1
192 kbit/s
PAD
Audio 2
192 kbit/s
PAD
Audio 3
192 kbit/s
PAD
Audio 4
160 kbit/s
PAD
Audio 5
160 kbit/s
PAD
Audio 6
128 kbit/s
PAD
DAB - Multiplex
D1
D2
D3
D4
D5
D6
D7
D8
D9
Audio 1
192 kbit/s
PAD
Audio 2
192 kbit/s
PAD
Audio 3
128 kbit/s
PAD
Audio 4
160 kbit/s
PAD
Audio 5
160 kbit/s
PAD
Audio 7
96 kbit/s
PAD
DAB - Multiplex - recon igured
Audio 8
96 kbit/s
PAD
D10
D11
PAD-Program Associated Data
AUDIO PGM-6
DATA SERVICE-9/11
****** Multimedia Object Trans er Protocol (MOT) ******
* Problem
o broad range o receiver capabilities audio-only devices with
single/multiple line text display, additional color graphic
display, PC adapters etc.
o di erent types o receivers should at least be able to recognize
all kinds o program associated and program independent data and
process some o it
* Solution
o common standard or data transmission: MOT
o important or MOT is the support o data ormats used in other
multimedia systems (e.g., online services, Internet, CD-ROM)
o DAB can there ore transmit HTML documents rom the WWW with very
little additional e ort
****** MOT structure ******
* MOT ormats
o MHEG, Java, JPEG, ASCII, MPEG, HTML, HTTP, BMP, GIF, ...
* Header core
o size o header and body, content type
* Header extension
o handling in ormation, e.g., repetition distance, segmentation,
priority
o in ormation supports caching mechanisms
* Body
o arbitrary data
* DAB allows or many repetition schemes
o objects, segments, headers
header
core
header
extension
body
7 byte
****** Digital Video Broadcasting ******
* 1991 oundation o the ELG (European Launching Group) goal: development
o digital television in Europe
* 1993 renaming into DVB (Digital Video Broadcasting) goal: introduction o
digital television based on
o satellite transmission
o cable network technology
o later also terrestrial transmission
SDTV
EDTV
HDTV
Multimedia PC
B-ISDN, ADSL,etc.
DVD, etc.
Terrestrial
Receiver
Cable
Multipoint
Distribution
System
Satellites
DVB
Digital Video
Broadcasting
Integrated
Receiver-Decoder
DVB-S
DVB-C
DVB-T
****** DVB Container ******
* DVB transmits MPEG-2 container
o high lexibility or the transmission o digital data
o no restrictions regarding the type o in ormation
o DVB Service In ormation speci ies the content o a container
# NIT (Network In ormation Table): lists the services o a
provider, contains additional in ormation or set-top boxes
# SDT (Service Description Table): list o names and parameters
or each service within a MPEG multiplex channel
# EIT (Event In ormation Table): status in ormation about the
current transmission, additional in ormation or set-top
boxes
# TDT (Time and Date Table): Update in ormation or set-top
boxes
multimedia
data broadcasting
MPEG-2/DVB
container
single channel
high de inition television
MPEG-2/DVB
container
HDTV
multiple channels
standard de inition
MPEG-2/DVB
container
SDTV
multiple channels
enhanced de inition
MPEG-2/DVB
container
EDTV
****** Example: high-speed Internet access ******
* Asymmetric data exchange
o downlink: DVB receiver, data rate per user 6-38 Mbit/s
o return channel rom user to service provider: e.g., modem with 33
kbit/s, ISDN with 64 kbit/s, DSL with several 100 kbit/s etc.
DVB-S adapter
PC
Internet
TCP/IP
leased line
service provider
in ormation provider
satellite provider
satellite receiver
DVB/MPEG2 multiplex simultaneous to digital TV
****** DVB worldwide ******
****** Convergence o broadcasting and mobile comm. ******
* De inition o interaction channels
* Interacting/controlling broadcast via GSM, UMTS, DECT, PSTN,
* Example: mobile Internet services using IP over GSM/GPRS or UMTS as
interaction channel or DAB/DVB
mobile
terminal
DVB-T, DAB
(TV plus IP data)
GSM/GPRS,
UMTS
(IP data)
MUX
Internet
TV broadcaster
ISP
mobile operator
TV
data
broadcast
interaction
channels
****** Comparison o UMTS, DAB and DVB ******
****** Introduction to Wireless LANs IEEE 802.11 ******
****** Mobile Communication Technology according to IEEE (examples) ******
Local wireless networks
WLAN 802.11
802.11a
802.11b
802.11i/e//n//z
802.11g
WiFi
802.11h
Personal wireless nw
WPAN 802.15
802.15.4
802.15.1
802.15.2
Bluetooth
802.15.4a/b/c/d/e
ZigBee
802.15.3
Wireless distribution networks
WMAN 802.16 (Broadband Wireless Access)
[802.20 (Mobile Broadband Wireless Access)]
802.16e (addition to .16 or mobile devices)
+ Mobility
WiMAX
802.15.3b/c
802.15.5, .6 (WBAN)
****** Characteristics o wireless LANs ******
* Advantages
o very lexible within the reception area
o Ad-hoc networks without previous planning possible
o (almost) no wiring di iculties (e.g. historic buildings,
irewalls)
o more robust against disasters like, e.g., earthquakes, ire - or
users pulling a plug...

* Disadvantages
o typically very low bandwidth compared to wired networks (1-10 Mbit/
s) due to shared medium
o many proprietary solutions, especially or higher bit-rates,
standards take their time (e.g. IEEE 802.11n)
o products have to ollow many national restrictions i working
wireless, it takes a vary long time to establish global solutions
like, e.g., IMT-2000
****** Design goals or wireless LANs ******
* global, seamless operation
* low power or battery use
* no special permissions or licenses needed to use the LAN
* robust transmission technology
* simpli ied spontaneous cooperation at meetings
* easy to use or everyone, simple management
* protection o investment in wired networks
* security (no one should be able to read my data), privacy (no one should
be able to collect user pro iles), sa ety (low radiation)
* transparency concerning applications and higher layer protocols, but also
location awareness i necessary
*
****** Comparison: in rared vs. radio transmission ******
* In rared
o uses IR diodes, di use light, multiple re lections (walls,
urniture etc.)
* Advantages
o simple, cheap, available in many mobile devices
o no licenses needed
o simple shielding possible
* Disadvantages
o inter erence by sunlight, heat sources etc.
o many things shield or absorb IR light
o low bandwidth
* Example
o IrDA (In rared Data Association) inter ace available everywhere
* Radio
o typically using the license ree ISM band at 2.4 GHz
* Advantages
o experience rom wireless WAN and mobile phones can be used
o coverage o larger areas possible (radio can penetrate walls,
urniture etc.)
* Disadvantages
o very limited license ree requency bands
o shielding more di icult, inter erence with other electrical
devices
* Example
o Many di erent products
****** Comparison: in rastructure vs. ad-hoc networks ******
in rastructure network
ad-hoc network
AP
AP
AP
wired network
AP: Access Point
****** 802.11 - Architecture o an in rastructure network ******
* Station (STA)
o terminal with access mechanisms to the wireless medium and radio
contact to the access point
* Basic Service Set (BSS)

o group o stations using the same radio requency
* Access Point
o station integrated into the wireless LAN and the distribution
system
* Portal
o bridge to other (wired) networks
* Distribution System
o interconnection network to orm one logical network (ESS: Extended
Service Set) based on several BSS
Distribution System
Portal
802.x LAN
Access
Point
802.11 LAN
BSS2
802.11 LAN
BSS1
Access
Point
STA1
STA2
STA3
ESS
****** 802.11 - Architecture o an ad-hoc network ******
* Direct communication within a limited range
o Station (STA): terminal with access mechanisms to the wireless
medium
o Independent Basic Service Set (IBSS): group o stations using the
same radio requency
802.11 LAN
IBSS2
802.11 LAN
IBSS1
STA1
STA4
STA5
STA2
STA3
****** IEEE standard 802.11 ******
mobile terminal
access point
ixed
terminal
application
TCP
802.11 PHY
802.11 MAC
IP
802.3 MAC
802.3 PHY
application
TCP
802.3 PHY
802.3 MAC
IP
802.11 MAC
802.11 PHY
LLC
in rastructure
network
LLC
LLC
****** 802.11 - Layers and unctions ******
* PLCP Physical Layer Convergence Protocol
o clear channel assessment signal (carrier sense)
* PMD Physical Medium Dependent
o modulation, coding
* PHY Management
o channel selection,MIB
* Station Management
o coordination o all management unctions
PMD
PLCP
MAC
LLC
MAC Management
PHY Management
* MAC
o access mechanisms, ragmentation, encryption
* MAC Management
o synchronization, roaming, MIB, power management
PHY
DLC
Station Management
****** 802.11 - Physical layer (legacy) ******
* 3 versions: 2 radio (typ. 2.4 GHz), 1 IR
o data rates 1 or 2 Mbit/s
* FHSS (Frequency Hopping Spread Spectrum)
o spreading, despreading, signal strength, typ. 1 Mbit/s
o min. 2.5 requency hops/s (USA), two-level GFSK modulation
* DSSS (Direct Sequence Spread Spectrum)
o DBPSK modulation or 1 Mbit/s (Di erential Binary Phase Shi t
Keying), DQPSK or 2 Mbit/s (Di erential Quadrature PSK)
o preamble and header o a rame is always transmitted with 1 Mbit/s,
rest o transmission 1 or 2 Mbit/s
o chipping sequence: +1, -1, +1, +1, -1, +1, +1, +1, -1, -1, -1
(Barker code)
o max. radiated power 1 W (USA), 100 mW (EU), min. 1mW
* In rared
o 850-950 nm, di use light, typ. 10 m range
o carrier detection, energy detection, synchronization
o Classroom, meeting room etc
****** FHSS PHY packet ormat (legacy) ******
* Synchronization
o synch with 010101... pattern
* SFD (Start Frame Delimiter)
o 0000110010111101 start pattern
* PLW (PLCP_PDU Length Word)
o length o payload incl. 32 bit CRC o payload, PLW < 4096
* PSF (PLCP Signaling Field)
o data o payload (1 or 2 Mbit/s)
* HEC (Header Error Check)
o CRC with x16+x12+x5+1
synchronization
SFD
PLW
PSF
HEC
payload
PLCP preamble
PLCP header
80
16
12
4
16
variable
bits
****** DSSS PHY packet ormat (legacy) ******
* Synchronization
o synch., gain setting, energy detection, requency o set
compensation
* SFD (Start Frame Delimiter)
o 1111001110100000
* Signal
o data rate o the payload (0A: 1 Mbit/s DBPSK; 14: 2 Mbit/s DQPSK)
* Service
o uture use, 00: 802.11 compliant
* Length
o length o the payload
* HEC (Header Error Check)
o protection o signal, service and length, x16+x12+x5+1
synchronization
SFD
signal
service
HEC
payload
PLCP preamble
PLCP header
128
16
8
8
16
variable
bits
length
16
****** 802.11 - MAC layer I DFWMAC(Distributed oundation wireless medium
access control) ******
* Tra ic services
o Asynchronous Data Service (mandatory)
# exchange o data packets based on best-e ort
# support o broadcast and multicast
o Time-Bounded Service (optional)
# implemented using PCF (Point Coordination Function)
* Access methods
o DFWMAC-DCF CSMA/CA (mandatory)
# collision avoidance via randomized back-o mechanism
# minimum distance between consecutive packets
# ACK packet or acknowledgements (not or broadcasts)
o DFWMAC-DCF w/ RTS/CTS (optional)
# avoids hidden terminal problem
o DFWMAC- PCF (optional)
# access point polls terminals according to a list
****** 802.11 - MAC layer II ******
* Priorities
o de ined through di erent inter rame spaces

o no guaranteed, hard priorities
o SIFS (Short Inter Frame Spacing)
# highest priority, or ACK, CTS, polling response
o PIFS (PCF, Point Coordination Function IFS)
# medium priority, or time-bounded service using PCF
o DIFS (DCF, Distributed Coordination Function IFS)
# lowest priority, or asynchronous data service
t
medium busy
SIFS
PIFS
DIFS
DIFS
next rame
contention
direct access i medium is ree
DIFS
****** 802.11 - CSMA/CA access method I ******
t
medium busy
DIFS
DIFS
next rame
contention window
(randomized back-o mechanism)
* station ready to send starts sensing the medium (Carrier Sense based on
CCA, Clear Channel Assessment)
* i the medium is ree or the duration o an Inter-Frame Space (IFS), the
station can start sending (IFS depends on service type)
* i the medium is busy, the station has to wait or a ree IFS, then the
station must additionally wait a random back-o time (collision
avoidance, multiple o slot-time)
* i another station occupies the medium during the back-o time o the
station, the back-o timer stops ( airness)
slot time (20s)
direct access i medium is ree
DIFS
****** 802.11 - competing stations - simple version ******
t
busy
boe
station1
station2
station3
station4
station5
packet arrival at MAC
DIFS
boe
boe
boe
busy
elapsed backo time
bor
residual backo time
busy
medium not idle ( rame, ack etc.)
bor
bor
DIFS
boe
boe
boe
bor
DIFS
busy
busy
DIFS
boe
busy
boe
boe
bor
bor
****** 802.11 - CSMA/CA access method II ******
* Sending unicast packets
o station has to wait or DIFS be ore sending data
o receivers acknowledge at once (a ter waiting or SIFS) i the
packet was received correctly (CRC)
o automatic retransmission o data packets in case o transmission
errors
t
SIFS
DIFS
data
ACK
waiting time
other
stations
receiver
sender
data
DIFS
contention
****** 802.11 DFWMAC with RTS/CTS ******
* Sending unicast packets
o station can send RTS with reservation parameter a ter waiting or
DIFS (reservation determines amount o time the data packet needs
the medium)
o acknowledgement via CTS a ter SIFS by receiver (i ready to
receive)
o sender can now send data at once, acknowledgement via ACK
o other stations store medium reservations distributed via RTS and
CTS
t
SIFS
DIFS
data
ACK
de er access
other
stations
receiver
sender
data
DIFS
contention
RTS
CTS
SIFS
SIFS
NAV (RTS)
NAV (CTS)
****** Fragmentation ******
t
SIFS
DIFS
data
ACK1
other
stations
receiver
sender
rag1
DIFS
contention
RTS
CTS
SIFS
SIFS
NAV (RTS)
NAV (CTS)
NAV ( rag1)
NAV (ACK1)
SIFS
ACK2
rag2
SIFS
****** DFWMAC-PCF I (almost never used) ******
PIFS
stations
NAV
wireless
stations
point
coordinator
D1
U1
SIFS
NAV
SIFS
D2
U2
SIFS
SIFS
SuperFrame
t0
medium busy
t1
****** DFWMAC-PCF II ******
t
stations
NAV
wireless
stations
point
coordinator
D3
NAV
PIFS
D4
U4
SIFS
SIFS
CFend
contention
period
contention ree period
t2
t3
t4
****** 802.11 - Frame ormat ******
* Types
o control rames, management rames, data rames
* Sequence numbers
o important against duplicated rames due to lost ACKs
* Addresses
o receiver, transmitter (physical), BSS identi ier, sender (logical)
* Miscellaneous
o sending time, checksum, rame control, data
Frame
Control
Duration/
ID
Address
1
Address
2
Address
3
Sequence
Control
Address
4
Data
CRC
2
2
6
6
6
6
2
4
0-2312
bytes
Protocol
version
Type
Subtype
To
DS
More
Frag
Retry
Power
Mgmt
More
Data
WEP
2
2
4
1
From
DS
1
Order
bits
1
1
1
1
1
1
****** MAC address ormat ******
DS: Distribution System
AP: Access Point
DA: Destination Address
SA: Source Address
BSSID: Basic Service Set Identi ier
RA: Receiver Address
TA: Transmitter Address
****** Special Frames: ACK, RTS, CTS ******
* Acknowledgement
* Request To Send
* Clear To Send
Frame
Control
Duration
Receiver
Address
Transmitter
Address
CRC
2
2
6
6
4
bytes
Frame
Control
Duration
Receiver
Address
CRC
2
2
6
4
bytes
Frame
Control
Duration
Receiver
Address
CRC
2
2
6
4
bytes
ACK
RTS
CTS
****** 802.11 - MAC management ******
* Synchronization
o try to ind a LAN, try to stay within a LAN
o timer etc.
* Power management
o sleep-mode without missing a message
o periodic sleep, rame bu ering, tra ic measurements
* Association/Reassociation
o integration into a LAN
o roaming, i.e. change networks by changing access points
o scanning, i.e. active search or a network
* MIB - Management In ormation Base
o managing, read, write
****** Synchronization using a Beacon (in rastructure) ******
beacon interval
(20ms 1s)
t
medium
access
point
busy
B
busy
busy
busy
B
B
B
value o the timestamp
B
beacon rame
Beacon-Timestamp and other mgmt in o used or power and roaming
****** Synchronization using a Beacon (ad-hoc) ******
t
medium
station1
busy
B1
beacon interval
busy
busy
busy
B1
value o the timestamp
B
beacon rame
station2
B2
B2
random delay
****** Power management ******
* Idea: switch the transceiver o i not needed
* States o a station: sleep and awake
* Timing Synchronization Function (TSF)
o stations wake up at the same time
* In rastructure
o Tra ic Indication Map (TIM)
# list o unicast receivers transmitted by AP
o Delivery Tra ic Indication Map (DTIM)
# list o broadcast/multicast receivers transmitted by AP
* Ad-hoc
o Ad-hoc Tra ic Indication Map (ATIM)
# announcement o receivers by stations bu ering rames
# more complicated - no central AP
# collision o ATIMs possible (scalability?)
* APSD (Automatic Power Save Delivery)
o new method in 802.11e replacing above schemes
****** Power saving with wake-up patterns (in rastructure) ******
TIM interval
t
medium
access
point
busy
D
busy
busy
busy
T
T
D
T
TIM
D
DTIM
DTIM interval
B
B
B
broadcast/multicast
station
awake
p
PS poll
p
d
d
d
data transmission
to/ rom the station
****** Power saving with wake-up patterns (ad-hoc) ******
awake
A
transmit ATIM
D
transmit data
t
station1
B1
B1
B
beacon rame
station2
B2
B2
random delay
A
a
D
d
ATIM
window
beacon interval
a
acknowledge ATIM
d
acknowledge data
****** 802.11 - Roaming ******
* No or bad connection? Then per orm:
* Scanning
o scan the environment, i.e., listen into the medium or beacon
signals or send probes into the medium and wait or an answer
* Reassociation Request
o station sends a request to one or several AP(s)
* Reassociation Response
o success: AP has answered, station can now participate
o ailure: continue scanning
* AP accepts Reassociation Request
o signal the new station to the distribution system
o the distribution system updates its data base (i.e., location
in ormation)
o typically, the distribution system now in orms the old AP so it can
release resources
* Fast roaming 802.11r
o e.g. or vehicle-to-roadside networks
****** WLAN: IEEE 802.11b ******
* Data rate
o 1, 2, 5.5, 11 Mbit/s, depending on SNR
o User data rate max. approx. 6 Mbit/s
o 300m outdoor, 30m indoor
o Max. data rate ~10m indoor
* Frequency
o DSSS, 2.4 GHz ISM-band
* Security
o Limited, WEP insecure, SSID
* Availability
o Many products, many vendors
* Connection set-up time
o Connectionless/always on
* Quality o Service
o Typ. Best e ort, no guarantees (unless polling is used, limited
support in products)
* Manageability
o Limited (no automated key distribution, sym. Encryption)
* Special Advantages/Disadvantages
o Advantage: many installed systems, lot o experience, available
worldwide, ree ISM-band, many vendors, integrated in laptops,
simple system
o Disadvantage: heavy inter erence on ISM-band, no service
guarantees, slow relative speed only
****** IEEE 802.11b PHY rame ormats ******
synchronization
SFD
signal
service
HEC
payload
PLCP preamble
PLCP header
128
16
8
8
16
variable
bits
length
16
192 s at 1 Mbit/s DBPSK
1, 2, 5.5 or 11 Mbit/s
short synch.
SFD
signal
service
HEC
payload
PLCP preamble
(1 Mbit/s, DBPSK)
PLCP header
(2 Mbit/s, DQPSK)
56
16
8
8
16
variable
bits
length
16
96 s
2, 5.5 or 11 Mbit/s
Long PLCP PPDU ormat
Short PLCP PPDU ormat (optional)
****** Channel selection (non-overlapping) ******
2400
[MHz]
2412
2483.5
2442
2472
channel 1
channel 7
channel 13
Europe (ETSI)
US (FCC)/Canada (IC)
2400
[MHz]
2412
2483.5
2437
2462
channel 1
channel 6
channel 11
22 MHz
22 MHz
****** WLAN: IEEE 802.11a ******
* Data rate
o 6, 9, 12, 18, 24, 36, 48, 54 Mbit/s, depending on SNR
o User throughput (1500 byte packets): 5.3 (6), 18 (24), 24 (36), 32
(54)
o 6, 12, 24 Mbit/s mandatory
o 100m outdoor, 10m indoor
# E.g., 54 Mbit/s up to 5 m, 48 up to 12 m, 36 up to 25 m, 24
up to 30m, 18 up to 40 m, 12 up to 60 m
* Frequency
o Free 5.15-5.25, 5.25-5.35, 5.725-5.825 GHz ISM-band
* Security
o Limited, WEP insecure, SSID
* Availability
o Some products, some vendors
o Connectionless/always on
* Quality o Service
o Typ. best e ort, no guarantees (same as all 802.11 products)
* Manageability
o Limited (no automated key distribution, sym. Encryption)
o Advantage: its into 802.x standards, ree ISM-band, available,
simple system, uses less crowded 5 GHz band
o Disadvantage: stronger shading due to higher requency, no QoS
****** IEEE 802.11a PHY rame ormat ******
rate
service
payload
variable
bits
6 Mbit/s
PLCP preamble
signal
data
symbols
12
1
variable
reserved
length
tail
parity
tail
pad
6
16
6
1
12
1
4
variable
6, 9, 12, 18, 24, 36, 48, 54 Mbit/s
PLCP header
****** Operating channels o 802.11a in Europe ******
5150
[MHz]
5180
5350
5200
36
44
16.6 MHz
center requency
5000 + 5*channel
channel
40
48
52
56
60
64
5220
5240
5260
5280
5300
5320
5470
[MHz]
5500
5725
5520
100
108
16.6 MHz
channel
104
112
116
120
124
128
5540
5560
5580
5600
5620
5640
132
136
140
5660
5680
5700
****** Operating
5150
[MHz]
5180
5350
5200
36
44
16.6 MHz
center requency
5000 + 5*channel
=
number [MHz]
channels or 802.11a / US U-NII ******
=
number [MHz]
channel
40
48
52
56
60
64
149
153
157
161
5220
5240
5260
5280
5300
5320
5725
[MHz]
5745
5825
5765
16.6 MHz
channel
5785
5805
****** OFDM in IEEE 802.11a ******
* OFDM with 52 used subcarriers (64 in total)
o 48 data + 4 pilot
# (plus 12 virtual subcarriers)
o 312.5 kHz spacing
subcarrier
number
1
7
21
26
-26
-21
-7
-1
channel center requency
312.5 kHz
pilot
****** WLAN: IEEE 802.11 current developments (05/2008) ******
* 802.11c: Bridge Support
o De inition o MAC procedures to support bridges as extension to
802.1D
* 802.11d: Regulatory Domain Update
o Support o additional regulations related to channel selection,
hopping sequences
* 802.11e: MAC Enhancements QoS
o Enhance the current 802.11 MAC to expand support or applications
with Quality o Service requirements, and in the capabilities and
e iciency o the protocol
o De inition o a data low (connection) with parameters like rate,
burst, period supported by HCCA (HCF (Hybrid Coordinator Function)
Controlled Channel Access, optional)
o Additional energy saving mechanisms and more e icient
retransmission
o EDCA (Enhanced Distributed Channel Access): high priority tra ic

waits less or channel access
* 802.11F: Inter-Access Point Protocol (withdrawn)
o Establish an Inter-Access Point Protocol or data exchange via the
distribution system
* 802.11g: Data Rates > 20 Mbit/s at 2.4 GHz; 54 Mbit/s, OFDM
o Success ul successor o 802.11b, per ormance loss during mixed
operation with .11b
* 802.11h: Spectrum Managed 802.11a
o Extension or operation o 802.11a in Europe by mechanisms like
channel measurement or dynamic channel selection (DFS, Dynamic
Frequency Selection) and power control (TPC, Transmit Power
Control)
* 802.11i: Enhanced Security Mechanisms
o Enhance the current 802.11 MAC to provide improvements in security.
o TKIP enhances the insecure WEP, but remains compatible to older WEP
systems
o AES provides a secure encryption method and is based on new
hardware
* 802.11j: Extensions or operations in Japan
o Changes o 802.11a or operation at 5GHz in Japan using only hal
the channel width at larger range
* 802.11-2007: Current complete standard
o Comprises amendments a, b, d, e, g, h, i, j
* 802.11k: Methods or channel measurements
o Devices and access points should be able to estimate channel
quality in order to be able to choose a better access point o
channel
* 802.11m: Updates o the 802.11-2007 standard
* 802.11n: Higher data rates above 100Mbit/s
o Changes o PHY and MAC with the goal o 100Mbit/s at MAC SAP
o MIMO antennas (Multiple Input Multiple Output), up to 600Mbit/s are
currently easible
o However, still a large overhead due to protocol headers and
ine icient mechanisms
* 802.11p: Inter car communications
o Communication between cars/road side and cars/cars
o Planned or relative speeds o min. 200km/h and ranges over 1000m
o Usage o 5.850-5.925GHz band in North America
* 802.11r: Faster Handover between BSS
o Secure, ast handover o a station rom one AP to another within an
ESS
o Current mechanisms (even newer standards like 802.11i) plus
incompatible devices rom di erent vendors are massive problems
or the use o , e.g., VoIP in WLANs
o Handover should be easible within 50ms in order to support
multimedia applications e iciently
* 802.11s: Mesh Networking
o Design o a sel -con iguring Wireless Distribution System (WDS)
based on 802.11
o Support o point-to-point and broadcast communication across
several hops
* 802.11T: Per ormance evaluation o 802.11 networks
o Standardization o per ormance measurement schemes
* 802.11u: Interworking with additional external networks
* 802.11v: Network management
o Extensions o current management unctions, channel measurements
o De inition o a uni ied inter ace
* 802.11w: Securing o network control

o Classical standards like 802.11, but also 802.11i protect only data
rames, not the control rames. Thus, this standard should extend
802.11i in a way that, e.g., no control rames can be orged.
* 802.11y: Extensions or the 3650-3700 MHz band in the USA
* 802.11z: Extension to direct link setup
* Note: Not all standards will end in products, many ideas get stuck at
working group level
* In o: www.ieee802.org/11/, 802wirelessworld.com, standards.ieee.org/
getieee802/
****** Wireless LANs-Bluetooth ******
****** Bluetooth ******
* Basic idea
o Universal radio inter ace or ad-hoc wireless connectivity
o Interconnecting computer and peripherals, handheld devices, PDAs,
cell phones replacement o IrDA
o Embedded in other devices, goal: 5/device (already < 1)
o Short range (10 m), low power consumption, license- ree 2.45 GHz
ISM
o Voice and data transmission, approx. 1 Mbit/s gross data rate
One o the irst modules (Ericsson).
****** Bluetooth Application Areas ******
* Data and voice access points
o Real-time voice and data transmissions
* Cable replacement
o Eliminates need or numerous cable attachments or connection
* Ad hoc networking
o Device with Bluetooth radio can establish connection with another
when in range
****** Bluetooth ******
* History
o 1994: Ericsson (Mattison/Haartsen), MC-link project
o Renaming o the project: Bluetooth according to Harald Bltand
Gormsen [son o Gorm], King o Denmark in the 10th century
o 1998: oundation o Bluetooth SIG, www.bluetooth.org
o 1999: erection o a rune stone at Ercisson/Lund ;-)
o 2001: irst consumer products or mass market, spec. version 1.1
released
o 2005: 5 million chips/week
* Special Interest Group
o Original ounding members: Ericsson, Intel, IBM, Nokia, Toshiba
o Added promoters: 3Com, Agere (was: Lucent), Microso t, Motorola
o > 10000 members
o Common speci ication and certi ication o products
(was: )
****** History and hi-tech ******
1999:
Ericsson mobile communications AB reste denna sten till minne av Harald
Bltand, som ick ge sitt namn t en ny teknologi r trdls, mobil
kommunikation.
****** and the real rune stone ******
Located in Jelling, Denmark,
erected by King Harald Bltand
in memory o his parents.
The stone has three sides one side
showing a picture o Christ.
This could be the original colors o the stone.
Inscription:
auk tani karthi kristna (and made the Danes Christians)
Inscription:
"Harald king executes these sepulchral monuments a ter Gorm, his ather
and Thyra, his mother. The Harald who won the whole o Denmark and Norway and
turned the Danes to Christianity."
Btw: Bltand means o dark complexion
(not having a blue tooth)
****** Characteristics ******
* 2.4 GHz ISM band, 79 (23) RF channels, 1 MHz carrier spacing
o Channel 0: 2402 MHz channel 78: 2480 MHz
o G-FSK modulation, 1-100 mW transmit power
* FHSS and TDD
o Frequency hopping with 1600 hops/s
o Hopping sequence in a pseudo random ashion, determined by a master
o Time division duplex or send/receive separation
* Voice link SCO (Synchronous Connection Oriented)
o FEC ( orward error correction), no retransmission, 64 kbit/
s duplex, point-to-point, circuit switched
* Data link ACL (Asynchronous ConnectionLess)
o Asynchronous, ast acknowledge, point-to-multipoint, up to 433.9
kbit/s symmetric or 723.2/57.6 kbit/s asymmetric, packet switched
* Topology
o Overlapping piconets (stars) orming a scatternet
****** Piconet ******
* Collection o devices connected in an ad hoc ashion
* One unit acts as master and the others as slaves or the li etime o the
piconet
* Master determines hopping pattern, slaves have to synchronize
* Each piconet has a unique hopping pattern
* Participation in a piconet = synchronization to hopping sequence
* Each piconet has one master and up to 7 simultaneous slaves (> 200 could
be parked)
M=Master
S=Slave
P=Parked
SB=Standby
M
S
P
SB
S
S
P
P
SB
****** Forming a piconet ******
* All devices in a piconet hop together
o Master gives slaves its clock and device ID
# Hopping pattern: determined by device ID (48 bit, unique
worldwide)
# Phase in hopping pattern determined by clock
* Addressing
o Active Member Address (AMA, 3 bit)
o Parked Member Address (PMA, 8 bit)
SB
SB
SB
SB
SB
SB
SB
SB
SB
M
S
P
SB
S
S
P
P
SB
****** Scatternet ******

* Linking o multiple co-located piconets through the sharing o common
master or slave devices
o Devices can be slave in one piconet and master o another
* Communication between piconets
o Devices jumping back and orth between the piconets
M=Master
S=Slave
P=Parked
SB=Standby
M
S
P
SB
S
S
P
P
SB
M
S
S
P
SB
Piconets
(each with a
capacity o
720 kbit/s)
****** Piconets and Scatternets ******
* Piconet
o Basic unit o Bluetooth networking
o Master and one to seven slave devices
o Master determines channel and phase

* Scatternet
o Device in one piconet may exist as master or slave in another
piconet
o Allows many devices to share same area
o Makes e icient use o bandwidth
****** Bluetooth Standards Documents ******
* Core speci ications
o Details o various layers o Bluetooth protocol architecture
* Pro ile speci ications
o Use o Bluetooth technology to support various applications
****** Bluetooth protocol stack ******
Radio
Baseband
Link Manager
Control
Host
Controller
Inter ace
Logical Link Control and Adaptation Protocol (L2CAP)
Audio
TCS BIN
SDP
OBEX
vCal/vCard
IP
NW apps.
TCP/UDP
BNEP
RFCOMM (serial line inter ace)
AT modem
commands
telephony apps.
audio apps.
mgmnt. apps.
AT: attention sequence
OBEX: object exchange
TCS BIN: telephony control protocol speci ication binary
BNEP: Bluetooth network encapsulation protocol
SDP: service discovery protocol
RFCOMM: radio requency comm.
PPP
****** Protocol Architecture ******
* Bluetooth is a layered protocol architecture
o Core protocols
o Cable replacement and telephony control protocols
o Adopted protocols
* Core protocols
o Radio
o Baseband
o Link manager protocol (LMP)
o Logical link control and adaptation protocol (L2CAP)
o Service discovery protocol (SDP)
****** Radio Speci ication ******
* Classes o transmitters
o Class 1: Outputs 100 mW or maximum range
# Power control mandatory
# Provides greatest distance
o Class 2: Outputs 2.4 mW at maximum
# Power control optional
o Class 3: Nominal output is 1 mW

# Lowest power
****** Frequency Hopping in Bluetooth ******
* Provides resistance to inter erence and multipath e ects
* Provides a orm o multiple access among co-located devices in di erent
piconets
* Total bandwidth divided into 1MHz physical channels
* FH occurs by jumping rom one channel to another in pseudorandom sequence
* Hopping sequence shared with all devices on piconet
* Piconet access:
o Bluetooth devices use time division duplex (TDD)
o Access technique is TDMA
o FH-TDD-TDMA
****** Frequency selection during data transmission ******
S
k
625 s
k+1
k+2
k+3
k+4
k+3
k+4
k
k
k+5
k+5
k+1
k+6
k+6
k+6
M
M
M
M
M
M
M
M
M
t
t
t
S
S
S
S
S
****** Baseband ******
* Piconet/channel de inition
* Low-level packet de inition
o Access code
# Channel, device access, e.g., derived rom master
o Packet header
# 1/3-FEC, active member address (broadcast + 7 slaves), link
type, alternating bit ARQ/SEQ, checksum
access code
packet header
payload
68(72)
54
0-2745
bits
AM address
type
low
ARQN
SEQN
HEC
3
4
1
1
1
8
bits
preamble
sync.
(trailer)
4
64
(4)
****** Physical Links between Master and Slave ******
* Synchronous connection oriented (SCO)
o Allocates ixed bandwidth between point-to-point connection o
master and slave
o Master maintains link using reserved slots
o Master can support three simultaneous links
* Asynchronous connectionless (ACL)
o Point-to-multipoint link between master and all slaves
o Only single ACL link can exist
****** SCO payload types ******
payload (30)
audio (30)
audio (10)
audio (10)
HV3
HV2
HV1
DV
FEC (20)
audio (20)
FEC (10)
header (1)
payload (0-9)
2/3 FEC
CRC (2)
(bytes)
****** ACL Payload types ******
payload (0-343)
header (1/2)
payload (0-339)
CRC (2)
header (1)
payload (0-17)
2/3 FEC
header (1)
payload (0-27)
header (2)
payload (0-121)
2/3 FEC
header (2)
payload (0-183)
header (2)
payload (0-224)
2/3 FEC
header (2)
payload (0-339)
DH5
DM5
DH3
DM3
DH1
DM1
header (1)
payload (0-29)
AUX1
CRC (2)
CRC (2)
CRC (2)
CRC (2)
CRC (2)
CRC (2)
(bytes)
****** Baseband data rates ******
Payload UserSymmetric Asymmetric
Header Payload
max. Rate max. Rate [kbit/s]
Type [byte] [byte] FEC CRC [kbit/s] Forward Reverse
DM1 1 0-17 2/3 yes 108.8 108.8 108.8
DH1 1 0-27 no yes 172.8 172.8 172.8
DM3 2 0-121 2/3 yes 258.1 387.2 54.4
DH3 2 0-183 no yes 390.4 585.6 86.4
DM5 2 0-224 2/3 yes 286.7 477.8 36.3
DH5 2 0-339 no yes 433.9723.257.6
AUX1 1 0-29 no no 185.6 185.6 185.6
HV1 na 10 1/3 no 64.0
HV2 na 20 2/3 no 64.0
HV3 na 30 no no 64.0
DV 1 D 10+(0-9) D 2/3 D yes D 64.0+57.6 D
ACL
1 slot
3 slot
5 slot
SCO
Data Medium/High rate, High-quality Voice, Data and Voice
****** Baseband link types ******
* Polling-based TDD packet transmission
o 625s slots, master polls slaves
* SCO (Synchronous Connection Oriented) Voice
o Periodic single slot packet assignment, 64 kbit/s ull-duplex,
point-to-point
* ACL (Asynchronous ConnectionLess) Data
o Variable packet size (1, 3, 5 slots), asymmetric bandwidth, pointto-multipoint
MASTER
SLAVE 1
SLAVE 2
6
0
1
7
12
13
19
18
SCO
SCO
SCO
SCO
ACL
5
21
4
20
ACL
ACL
8
9
17
14
ACL
****** Robustness ******
* Slow requency hopping with hopping patterns determined by a master
o Protection rom inter erence on certain requencies
o Separation rom other piconets (FH-CDMA)
* Retransmission
o ACL only, very ast
* Forward Error Correction
o SCO and ACL
MASTER
SLAVE 1
SLAVE 2
A
C
C
H
F
G
G
B
D
E
NAK
ACK
Error in payload
(not header!)
****** Baseband states o a Bluetooth device ******
standby
inquiry
page
connected
AMA
transmit
AMA
park
PMA
hold
AMA
sni
AMA
unconnected
connecting
active
low power
Standby: do nothing
Inquire: search or other devices
Page: connect to a speci ic device
Connected: participate in a piconet
detach
Park: release AMA, get PMA
Sni : listen periodically, not each slot
Hold: stop ACL, SCO still possible, possibly participate in another piconet
****** Example: Power consumption/CSR BlueCore2 ******
* Typical Average Current Consumption1
o VDD=1.8V Temperature = 20C
o Mode
# SCO connection HV3 (1s interval Sni Mode) (Slave) 26.0 mA
# SCO connection HV3 (1s interval Sni Mode) (Master) 26.0 mA
# SCO connection HV1 (Slave) 53.0 mA
# SCO connection HV1 (Master) 53.0 mA
# ACL data trans er 115.2kbps UART (Master) 15.5 mA
# ACL data trans er 720kbps USB (Slave) 53.0 mA
# ACL data trans er 720kbps USB (Master) 53.0 mA
# ACL connection, Sni
Mode 40ms interval, 38.4kbps UART 4.0
mA
# ACL connection, Sni Mode 1.28s interval, 38.4kbps UART 0.5
mA
# Parked Slave, 1.28s beacon interval, 38.4kbps UART 0.6 mA
# Standby Mode (Connected to host, no RF activity) 47.0 A
# Deep Sleep Mode2 20.0 A
* Notes:
o 1 Current consumption is the sum o both BC212015A and the lash.
o 2 Current consumption is or the BC212015A device only.
****** Example: Bluetooth/USB adapter (2002: 50, today: some cents i
integrated) ******
****** L2CAP - Logical Link Control and Adaptation Protocol ******
* Simple data link protocol on top o baseband
* Connection oriented, connectionless, and signaling channels
* Protocol multiplexing
o RFCOMM, SDP, telephony control
* Segmentation & reassembly
o Up to 64kbyte user data, 16 bit CRC used rom baseband
* QoS low speci ication per channel
o Follows RFC 1363, speci ies delay, jitter, bursts, bandwidth
* Group abstraction
o Create/close group, add/remove member
****** L2CAP Logical Channels ******
* Connectionless
o Supports connectionless service
o Each channel is unidirectional
o Used rom master to multiple slaves
* Connection-oriented
o Supports connection-oriented service
o Each channel is bidirectional
* Signaling
o Provides or exchange o signaling messages between L2CAP entities
****** L2CAP logical channels ******
baseband
L2CAP
baseband
L2CAP
baseband
L2CAP
Slave
Slave
Master
ACL
2
d
1
d
d
1
1
d
2
1
signalling
connectionless
connection-oriented
d
d
d
****** L2CAP packet ormats ******
length
2
bytes
CID=2
2
PSM
2
payload
0-65533
length
2
bytes
CID
2
payload
0-65535
length
2
bytes
CID=1
2
One or more commands
Connectionless PDU
Connection-oriented PDU
Signalling command PDU
code
ID
length
data
1
1
2
0
****** Security ******
E3
E2
link key (128 bit)
encryption key (128 bit)
payload key
Keystream generator
Data
Data
Cipher data
Authentication key generation
(possibly permanent storage)
Encryption key generation
(temporary storage)
PIN (1-16 byte)
User input (initialization)
Pairing
Authentication
Encryption
Ciphering
E3
E2
link key (128 bit)
encryption key (128 bit)
payload key
Keystream generator
PIN (1-16 byte)
****** SDP Service Discovery Protocol ******
* Inquiry/response protocol or discovering services
o Searching or and browsing services in radio proximity
o Adapted to the highly dynamic environment
o Can be complemented by others like SLP, Jini, Salutation,
o De ines discovery only, not the usage o services
o Caching o discovered services
o Gradual discovery
* Service record ormat
o In ormation about services provided by attributes
o Attributes are composed o an 16 bit ID (name) and a value
o values may be derived rom 128 bit Universally Unique Identi iers
(UUID)
****** Additional protocols to support legacy protocols/apps. ******
***** Cable replacement protocol *****
* RFCOMM
o Emulation o a serial port (supports a large base o legacy
applications)
o Allows multiple ports over a single physical channel
***** Telephony control protocol *****
Telephony Control Protocol Speci ication (TCS)
* Call control (setup, release)
* Group management
***** Adopted protocols *****
OBEX
* Exchange o objects, IrDA replacement
WAP
* Interacting with applications on cellular phones
****** Pro iles ******
* Represent de ault solutions or a certain usage model
o Vertical slice through the protocol stack
o Basis or interoperability
* Generic Access Pro ile
* Service Discovery Application Pro ile
* Cordless Telephony Pro ile
* Intercom Pro ile

* Serial Port Pro ile
* Headset Pro ile
* Dial-up Networking Pro ile
* Fax Pro ile
* LAN Access Pro ile
* Generic Object Exchange Pro ile
* Object Push Pro ile
* File Trans er Pro ile
* Synchronization Pro ile
Additional Pro iles
Advanced Audio Distribution
PAN
Audio Video Remote Control
Basic Printing
Basic Imaging
Extended Service Discovery
Generic Audio Video Distribution
Hands Free
Hardcopy Cable Replacement
Pro iles
Protocols
Applications
****** Bluetooth versions ******
* Bluetooth 1.1
o also IEEE Standard 802.15.1-2002
o initial stable commercial standard
* Bluetooth 1.2
o also IEEE Standard 802.15.1-2005
o eSCO (extended SCO): higher, variable bitrates, retransmission
SCO
o AFH (adaptive requency hopping) to avoid inter erence
* Bluetooth 2.0 + EDR (2004, no more IEEE)
o EDR (enhanced date rate) o 3.0 Mbit/s or ACL and eSCO
o lower power consumption due to shorter duty cycle
* Bluetooth 2.1 + EDR (2007)
o better pairing support, e.g. using NFC
o improved security
* Bluetooth 3.0 + HS (2009)
o Bluetooth 2.1 + EDR + IEEE 802.11a/g = 54 Mbit/s
* Bluetooth 4.0 (2010)
o Low Energy, much aster connection setup
****** WPAN: IEEE 802.15.1 Bluetooth ******
* Data rate
o Synchronous, connection-oriented: 64 kbit/s
o Asynchronous, connectionless
# 433.9 kbit/s symmetric
# 723.2 / 57.6 kbit/s asymmetric
o POS (Personal Operating Space) up to 10 m
o with special transceivers up to 100 m
* Frequency
o Free 2.4 GHz ISM-band
* Security
o Challenge/response (SAFER+), hopping sequence
* Availability
o Integrated into many products, several vendors
o Depends on power-mode
o Max. 2.56s, avg. 0.64s
or
* Quality o Service
o Guarantees, ARQ/FEC
* Manageability
o Public/private keys needed, key management not speci ied, simple
system integration
o Advantage: already integrated into several products, available
worldwide, ree ISM-band, several vendors, simple system, simple
ad-hoc networking, peer to peer, scatternets
o Disadvantage: inter erence on ISM-band, limited range, max. 8
active devices/network, high set-up latency
****** WPAN: IEEE 802.15 uture developments 1 ******
* 802.15.2: Coexistance
o Coexistence o Wireless Personal Area Networks (802.15) and
Wireless Local Area Networks (802.11), quanti y the mutual
inter erence
* 802.15.3: High-Rate
o Standard or high-rate (20Mbit/s or greater) WPANs, while still
low-power/low-cost
o Data Rates: 11, 22, 33, 44, 55 Mbit/s
o Quality o Service isochronous protocol
o Ad hoc peer-to-peer networking
o Security
o Low power consumption
o Low cost
o Designed to meet the demanding requirements o portable consumer
imaging and multimedia applications
* Several working groups extend the 802.15.3 standard
* 802.15.3a: - withdrawn o Alternative PHY with higher data rate as extension to 802.15.3
o Applications: multimedia, picture transmission
* 802.15.3b:
o Enhanced interoperability o MAC
o Correction o errors and ambiguities in the standard
* 802.15.3c:
o Alternative PHY at 57-64 GHz
o Goal: data rates above 2 Gbit/s
* Not all these working groups really create a standard, not all standards
will be ound in products later
* 802.15.4: Low-Rate, Very Low-Power
o Low data rate solution with multi-month to multi-year battery li e
and very low complexity
o Potential applications are sensors, interactive toys, smart badges,
remote controls, and home automation
o Data rates o 20-250 kbit/s, latency down to 15 ms
o Master-Slave or Peer-to-Peer operation
o Up to 254 devices or 64516 simpler nodes
o Support or critical latency devices, such as joysticks
o CSMA/CA channel access (data centric), slotted (beacon) or
unslotted
o Automatic network establishment by the PAN coordinator
o Dynamic device addressing, lexible addressing ormat
o Fully handshaked protocol or trans er reliability
o Power management to ensure low power consumption
o 16 channels in the 2.4 GHz ISM band, 10 channels in the 915 MHz US
ISM band and one channel in the European 868 MHz band
* Basis o the ZigBee technology www.zigbee.org
****** ZigBee ******
* Relation to 802.15.4 similar to Bluetooth / 802.15.1

* Pushed by Chipcon (now TI), ember, reescale (Motorola), Honeywell,
Mitsubishi, Motorola, Philips, Samsung
* More than 260 members
o about 15 promoters, 133 participants, 111 adopters
o must be member to commercially use ZigBee spec
* ZigBee plat orms comprise
o IEEE 802.15.4 or layers 1 and 2
o ZigBee protocol stack up to the applications
* 802.15.4a:
o Alternative PHY with lower data rate as extension to 802.15.4
o Properties: precise localization (< 1m precision), extremely low
power consumption, longer range
o Two PHY alternatives
# UWB (Ultra Wideband): ultra short pulses, communication and
localization
# CSS (Chirp Spread Spectrum): communication only
* 802.15.4b, c, d:
o Extensions, corrections, and clari ications regarding 802.15.4
o Usage o new bands, more lexible security mechanisms
* 802.15.5: Mesh Networking
o Partial meshes, ull meshes
o Range extension, more robustness, longer battery live
* 802.15.6: Body Area Networks
o Low power networks e.g. or medical or entertainment use
* 802.15.7: Visible Light Communication . and many, many more!
* Not all these working groups really create a standard, not all standards
will be ound in products later
****** Some more IEEE standards or mobile communications ******
* IEEE 802.16: Broadband Wireless Access / WirelessMAN / WiMax
o Wireless distribution system, e.g., or the last mile, alternative
to DSL
o 75 Mbit/s up to 50 km LOS, up to 10 km NLOS; 2-66 GHz band
o Initial standards without roaming or mobility support
o 802.16e adds mobility support, allows or roaming at 150 km/h
* IEEE 802.20: Mobile Broadband Wireless Access (MBWA)
o Licensed bands < 3.5 GHz, optimized or IP tra ic
o Peak rate > 1 Mbit/s per user
o Di erent mobility classes up to 250 km/h and ranges up to 15 km
o Relation to 802.16e unclear
* IEEE 802.21: Media Independent Handover Interoperability
o Standardize handover between di erent 802.x and/or non 802
networks
* IEEE 802.22: Wireless Regional Area Networks (WRAN)
o Radio-based PHY/MAC or use by license-exempt devices on a noninter ering basis in spectrum that is allocated to the TV Broadcast
Service
****** RF Controllers ISM bands ******
* Data rate
o Typ. up to 115 kbit/s (serial inter ace)
o 5-100 m, depending on power (typ. 10-500 mW)
* Frequency
o Typ. 27 (EU, US), 315 (US), 418 (EU), 426 (Japan), 433 (EU), 868
(EU), 915 (US) MHz (depending on regulations)
* Security
o Some products with added processors
* Cost
o Cheap: 10-50
* Availability
o N/A
* Quality o Service
o none
* Manageability
o Very simple, same as serial inter ace
o Advantage: very low cost, large experience, high volume available
o Disadvantage: no QoS, crowded ISM bands (particularly 27 and 433
MHz), typ. no Medium Access Control, 418 MHz experiences
inter erence with TETRA
****** RFID Radio Frequency Identi ication (1) ******
* Data rate
o Transmission o ID only (e.g., 48 bit, 64kbit, 1 Mbit)
o 9.6 115 kbit/s
o Passive: up to 3 m
o Active: up to 30-100 m
o Simultaneous detection o up to, e.g., 256 tags, scanning o , e.g.,
40 tags/s
* Frequency
o 125 kHz, 13.56 MHz, 433 MHz, 2.4 GHz, 5.8 GHz and many others
* Security
o Application dependent, typ. no crypt. on RFID device
* Cost
o Very cheap tags, down to 1 (passive)
* Availability
o Depends on product/medium access scheme (typ. 2 ms per device)
* Quality o Service
o none
* Manageability
o Very simple, same as serial inter ace
o Advantage: extremely low cost, large experience, high volume
available, no power or passive RFIDs needed, large variety o
products, relative speeds up to 300 km/h, broad temp. range
o Disadvantage: no QoS, simple denial o service, crowded ISM bands,
typ. one-way (activation/ transmission o ID)
* Function
o Standard: In response to a radio interrogation signal rom a reader
(base station) the RFID tags transmit their ID
o Enhanced: additionally data can be sent to the tags, di erent
media access schemes (collision avoidance)
* Features
o No line-o sight required (compared to, e.g., laser scanners)
o RFID tags withstand di icult environmental conditions (sunlight,
cold, rost, dirt etc.)
o Products available with read/write memory, smart-card capabilities
* Categories
o Passive RFID: operating power comes rom the reader over the air
which is easible up to distances o 3 m, low price (1)
o Active RFID: battery powered, distances up to 100 m
* Applications
o Total asset visibility: tracking o goods during manu acturing,
localization o pallets, goods etc.

o Loyalty cards: customers use RFID tags or payment at, e.g., gas
stations, collection o buying patterns
o Automated toll collection: RFIDs mounted in windshields allow
commuters to drive through toll plazas without stopping
o Others: access control, animal identi ication, tracking o
hazardous material, inventory control, warehouse management, ...
* Local Positioning Systems
o GPS useless indoors or underground, problematic in cities with high
buildings
o RFID tags transmit signals, receivers estimate the tag location by
measuring the signals time o light
* Security
o Denial-o -Service attacks are always possible
# Inter erence o the wireless transmission, shielding o
transceivers
o IDs via manu acturing or one time programming
o Key exchange via, e.g., RSA possible, encryption via, e.g., AES
* Future Trends
o RTLS: Real-Time Locating System big e orts to make total asset
visibility come true
o Integration o RFID technology into the manu acturing, distribution
and logistics chain
o Creation o electronic mani ests at item or package level
(embedded inexpensive passive RFID tags)
o 3D tracking o children, patients
* Relevant Standards
o American National Standards Institute
# ANSI, www.ansi.org, www.aimglobal.org/standards/r idstds/
ANSIT6.html
o Automatic Identi ication and Data Capture Techniques
# JTC 1/SC 31, www.uc-council.com/sc31/home.htm,
www.aimglobal.org/standards/r idstds/sc31.htm
o European Radiocommunications O ice
# ERO, www.ero.dk, www.aimglobal.org/standards/r idstds/ERO.htm
o European Telecommunications Standards Institute
# ETSI, www.etsi.org, www.aimglobal.org/standards/r idstds/
ETSI.htm
o Identi ication Cards and related devices
# JTC 1/SC 17, www.sc17.com, www.aimglobal.org/standards/
r idstds/sc17.htm,
o Identi ication and communication
# ISO TC 104 / SC 4, www.autoid.org/tc104_sc4_wg2.htm,
www.aimglobal.org/standards/r idstds/TC104.htm
o Road Transport and Tra ic Telematics
# CEN TC 278, www.nni.nl, www.aimglobal.org/standards/r idstds/
CENTC278.htm
o Transport In ormation and Control Systems
# ISO/TC204, www.sae.org/technicalcommittees/gits.htm,
www.aimglobal.org/standards/r idstds/ISOTC204.htm
* ISO Standards
o ISO 15418
# MH10.8.2 Data Identi iers
# EAN.UCC Application Identi iers
o ISO 15434 - Syntax or High Capacity ADC Media
o ISO 15962 - Trans er Syntax
o ISO 18000
# Part 2, 125-135 kHz

# Part 3, 13.56 MHz
# Part 4, 2.45 GHz
# Part 5, 5.8 GHz
# Part 6, UHF (860-930 MHz, 433 MHz)
o ISO 18047 - RFID Device Con ormance Test Methods
o ISO 18046 - RF Tag and Interrogator Per ormance Test Methods
****** ISM band inter erence ******
* Many sources o inter erence
o Microwave ovens, microwave lighting
o 802.11, 802.11b, 802.11g, 802.15,
o Even analog TV transmission, surveillance
o Unlicensed metropolitan area networks
o
* Levels o inter erence
o Physical layer: inter erence acts like noise
# Spread spectrum tries to minimize this
# FEC/interleaving tries to correct
o MAC layer: algorithms not harmonized
# E.g., Bluetooth might con use 802.11
OLD
Fusion Lighting, Inc., now used by LG as Plasma Lighting System
NEW
****** 802.11 vs.(?) 802.15/Bluetooth ******
* Bluetooth may act like a rogue member o the 802.11 network
o Does not know anything about gaps, inter rame spacing etc.
* IEEE 802.15-2 discusses these problems
o Proposal: Adaptive Frequency Hopping
# a non-collaborative Coexistence Mechanism
* Real e ects? Many di erent opinions, publications, tests, ormulae,
o Results rom complete breakdown to almost no e ect
o Bluetooth (FHSS) seems more robust than 802.11b (DSSS)
t
[MHz]
2402
2480
802.11b
3 channels
(separated by installation)
ACK
DIFS
DIFS
SIFS
1000 byte
SIFS
DIFS
500 byte
ACK
DIFS
500 byte
SIFS
ACK
DIFS
500 byte
DIFS
100
byte
SIFS
ACK
DIFS
100
byte
SIFS
ACK
DIFS
100
byte
SIFS
ACK
DIFS
100
byte
SIFS
ACK
DIFS
100
byte
SIFS
ACK
802.15.1
79 channels
(separated by hopping pattern)
****** HIPERLAN (High Per ormance LAN) ******
****** ETSI - HIPERLAN ******
* ETSI standard
o European standard, c . GSM, DECT, ...
o Enhancement o local Networks and interworking with ixed networks
o integration o time-sensitive services rom the early beginning
* HIPERLAN amily
o one standard cannot satis y all requirements
# range, bandwidth, QoS support
# commercial constraints
o HIPERLAN 1 standardized since 1996
physical layer
channel access
control layer
medium access
control layer
physical layer
data link layer
HIPERLAN layers
OSI layers
network layer
higher layers
physical layer
medium access
control layer
logical link
control layer
IEEE 802.x layers
****** HIPERLAN 1 - Characteristics ******
* Data transmission
o point-to-point, point-to-multipoint, connectionless
o 23.5 Mbit/s, 1 W power, 2383 byte max. packet size
* Services
o asynchronous and time-bounded services with hierarchical priorities
o compatible with ISO MAC
* Topology
o in rastructure or ad-hoc networks
o transmission range can be larger than coverage o a single node
( orwarding integrated in mobile terminals)

* Further mechanisms
o power saving, encryption, checksums
7.33.1
****** HIPERLAN 1 - Services and protocols ******
* MAC protocol
o MAC service, compatible with ISO MAC and ISO MAC bridges
o uses HIPERLAN CAC
* CAC protocol
o provides a CAC service, uses the PHY layer, speci ies hierarchical
access mechanisms or one or several channels
* CAC service
o de inition o communication services over a shared medium
o speci ication o access priorities
o abstraction o media characteristics
* Physical protocol
o send and receive mechanisms, synchronization, FEC, modulation,
signal strength
7.34.1
****** HIPERLAN layers, services, and protocols ******
MSAP
HCSAP
MSAP
HCSAP
HM-entity
HC-entity
HM-entity
HC-entity
MAC layer
CAC layer
PHY layer
HP-entity
HP-entity
LLC layer
HMPDU
HCPDU
data bursts
MAC protocol
CAC protocol
PHY protocol
MAC service
CAC service
PHY service
MSDU
MSDU
HCSDU
HCSDU
7.35.1
****** HIPERLAN 1 - Physical layer ******
* Scope
o modulation, demodulation, bit and rame synchronization
o orward error correction mechanisms
o measurements o signal strength
o channel sensing
* Channels
o 3 mandatory and 2 optional channels (with their carrier
requencies)
o mandatory
# channel 0: 5.1764680 GHz
# channel 1: 5.1999974 GHz
# channel
o optional (not
# channel
# channel
2: 5.2235268 GHz
allowed in all countries)
3: 5.2470562 GHz
4: 5.2705856 GHz
7.36.1
****** HIPERLAN 1 - Physical layer rames ******
* Maintaining a high data-rate (23.5 Mbit/s) is power consuming problematic or mobile terminals
o packet header with low bit-rate comprising receiver in ormation
o only receiver(s) address by a packet continue receiving
* Frame structure
o LBR (Low Bit-Rate) header with 1.4 Mbit/s
o 450 bit synchronization
o minimum 1, maximum 47 rames with 496 bit each
o or higher velocities o the mobile terminal (> 1.4 m/s) the
maximum number o rames has to be reduced
* Modulation
o GMSK or high bit-rate, FSK or LBR header
LBR
synchronization
data0
data1
datam-1
. . .
7.37.1
HBR
****** HIPERLAN 1 - CAC sublayer ******
* Channel Access Control (CAC)
o assure that terminal does not access orbidden channels
o priority scheme, access with EY-NPMA
* Priorities
o 5 priority levels or QoS support
o QoS is mapped onto a priority level with the help o the packet
li etime (set by an application)
# i packet li etime = 0 it makes no sense to orward the
packet to the receiver any longer
# standard start value 500ms, maximum 16000ms
# i a terminal cannot send the packet due to its current
priority, waiting time is permanently subtracted rom
li etime
# based on packet li etime, waiting time in a sender and number
o hops to the receiver, the packet is assigned to one out o
ive priorities
# the priority o waiting packets, there ore, rises
automatically
7.38.1
****** HIPERLAN 1 - EY-NPMA I ******
prioritization
* EY-NPMA (Elimination Yield Non-preemptive Priority Multiple Access)
o 3 phases: priority resolution, contention resolution, transmission
o inding the highest priority
# every priority corresponds to a time-slot to send in the
irst phase, the higher the priority the earlier the timeslot to send
# higher priorities can not be preempted
# i an earlier time-slot or a higher priority remains empty,
stations with the next lower priority might send
# a ter this irst phase the highest current priority has been
determined
contention
transmission
transmission
synchronization
priority detection
priority assertion
t
user data
elimination burst
elimination survival
veri ivcation
yield listening
7.39.1
IYS
IPS
IPA
IES
IESV
****** HIPERLAN 1 - EY-NPMA II ******
* Several terminals can now have the same priority and wish to send
o contention phase
# Elimination Burst: all remaining terminals send a burst to
eliminate contenders (11111010100010011100000110010110, high
bit- rate)
# Elimination Survival Veri ication: contenders now sense the
channel, i the channel is ree they can continue, otherwise
they have been eliminated
# Yield Listening: contenders again listen in slots with a
nonzero probability, i the terminal senses its slot idle it
is ree to transmit at the end o the contention phase
# the important part is now to set the parameters or burst
duration and channel sensing (slot-based, exponentially
distributed)
o data transmission
# the winner can now send its data (however, a small chance o
collision remains)
# i the channel was idle or a longer time (min. or a
duration o 1700 bit) a terminal can send at once without
using EY-NPMA
o synchronization using the last data transmission
7.40.1
****** HIPERLAN 1 - DT-HCPDU/AK-HCPDU ******
1
0
1
0
1
0
1
0
0
1
HI
HDA
HDA
HDACS
BLIR = n
1
BLIRCS
LBR
0
1
2
3
4
5
6
7
bit
HBR
0
1
2
3
4
5
6
7
bit
TI
BLI = n
byte
1
PLI = m
HID
2
3 - 6
DA
7 - 12
SA
13 - 18
UD
19 - (52n-m-4)
PAD
(52n-m-3) - (52n-4)
CS
(52n-3) - 52n
1
0
1
0
1
0
1
0
0
1
HI
AID
AID
AIDCS
LBR
0
1
2
3
4
5
6
7
bit
Data HCPDU
Acknowledgement HCPDU
7.41.1
HI: HBR-part Indicator
HDA: Hashed Destination HCSAP Address
HDACS: HDA CheckSum
BLIR: Block Length Indicator
BLIRCS: BLIR CheckSum
TI: Type Indicator
BLI: Block Length Indicator
HID: HIPERLAN IDenti ier
DA: Destination Address
SA: Source Address
UD: User Data (1-2422 byte)
PAD: PADding
CS: CheckSum
AID: Acknowledgement IDenti ier
AIDS: AID CheckSum
****** HIPERLAN 1 - MAC layer ******
* Compatible to ISO MAC
* Supports time-bounded services via a priority scheme
* Packet orwarding
o support o directed (point-to-point) orwarding and broadcast
orwarding (i no path in ormation is available)
o support o QoS while orwarding
* Encryption mechanisms
o mechanisms integrated, but without key management
* Power conservation mechanisms
o mobile terminals can agree upon awake patterns (e.g., periodic
wake-ups to receive data)
o additionally, some nodes in the networks must be able to bu er
data or sleeping terminals and to orward them at the right time
(so called stores)
7.42.1
****** HIPERLAN 1 - DT-HMPDU ******
* LI: Length Indicator
* TI: Type Indicator
* RL: Residual Li etime
* PSN: Sequence Number
* DA: Destination Address
* SA: Source Address
* ADA: Alias Destination Address ASA: Alias Source Address
* UP: User Priority
* ML: MSDU Li etime
* KID: Key Identi ier
* IV: Initialization Vector
* UD: User Data, 12383 byte
* SC: Sanity Check ( or the unencrypted PDU)
n= 402422
7.43.1
0
1
2
3
4
5
6
7
bit
LI = n
byte
1 - 2
TI = 1
RL
3
4 - 5
PSN
6 - 7
DA
8 - 13
SA
14 - 19
ADA
20 - 25
ASA
26 - 31
UP
ML
ML
KID
IV
IV
UD
SC
32
33
34
35 - 37
38 - (n-2)
(n-1) - n
Data HMPDU
****** In ormation bases ******
* Route In ormation Base (RIB) - how to reach a destination
o [destination, next hop, distance]
* Neighbor In ormation Base (NIB) - status o direct neighbors
o [neighbor, status]
* Hello In ormation Base (HIB) - status o destination (via next hop)
o [destination, status, next hop]
* Alias In ormation Base (AIB) - address o nodes outside the net
o [original MSAP address, alias MSAP address]
* Source Multipoint Relay In ormation Base (SMRIB) - current MP status
o [local multipoint orwarder, multipoint relay set]
* Topology In ormation Base (TIB) - current HIPERLAN topology
o [destination, orwarder, sequence]
* Duplicate Detection In ormation Base (DDIB) - remove duplicates
o [source, sequence]
7.44.1
****** Ad-hoc networks using HIPERLAN 1 ******
neighborhood
(i.e., within radio range)
In ormation Bases (IB):
RIB: Route
NIB: Neighbor
HIB: Hello
AIB: Alias
SMRIB: Source Multipoint Relay
TIB: Topology
DDIB: Duplicate Detection
RIB
NIB
HIB
AIB
SMRIB
TIB
DDIB
RIB
NIB
HIB
AIB
SMRIB
TIB
DDIB
RIB
NIB
HIB
AIB
SMRIB
TIB
DDIB
RIB
NIB
HIB
AIB
DDIB
RIB
NIB
HIB
AIB
DDIB
RIB
NIB
HIB
AIB
DDIB
1
2
3
4
5
6
Forwarder
Forwarder
Forwarder
7.45.1
****** Overview: original HIPERLAN protocol amily ******
Check out Wireless ATM or new names!
****** Mobile Communications Chapter 9: Mobile Transport Layer ******
* Motivation, TCP-mechanisms
* Classical approaches (Indirect TCP, Snooping TCP, Mobile TCP)
* PEPs in general
* Additional optimizations (Fast retransmit/recovery, Transmission
reezing, Selective retransmission, Transaction oriented TCP)
* TCP or 2.5G/3G wireless
****** Transport Layer ******
* E.g. HTTP (used by web services) typically uses TCP
o Reliable transport between client and server required
* TCP
o Steam oriented, not transaction oriented
o Network riendly: time-out
congestion slow down transmission
* Well known TCP guesses quite o ten wrong in wireless and mobile
networks
o Packet loss due to transmission errors
o Packet loss due to change o network
* Result
o Severe per ormance degradation
Client
Server
Connection
setup
Data
transmission
Connection
release
TCP SYN
TCP SYN/ACK
TCP ACK
HTTP request
HTTP response
GPRS: 500ms!
>15 s
no data
****** Motivation I ******
* Transport protocols typically designed or
o Fixed end-systems
o Fixed, wired networks
* Research activities
o Per ormance
o Congestion control
o E icient retransmissions
* TCP congestion control
o packet loss in ixed networks typically due to (temporary) overload
situations
o router have to discard packets as soon as the bu ers are ull
o TCP recognizes congestion only indirect via missing
acknowledgements, retransmissions unwise, they would only
contribute to the congestion and make it even worse
o slow-start algorithm as reaction
****** Motivation II ******
* TCP slow-start algorithm
o sender calculates a congestion window or a receiver
o start with a congestion window size equal to one segment
o exponential increase o the congestion window up to the congestion
threshold, then linear increase
o missing acknowledgement causes the reduction o the congestion
threshold to one hal o the current congestion window
o congestion window starts again with one segment
* TCP ast retransmit/ ast recovery
o TCP sends an acknowledgement only a ter receiving a packet
o i a sender receives several acknowledgements or the same packet,
this is due to a gap in received packets at the receiver
o however, the receiver got all packets up to the gap and is actually
receiving packets
o there ore, packet loss is not due to congestion, continue with
current congestion window (do not use slow-start)
****** In luences o mobility on TCP-mechanisms ******
* TCP assumes congestion i packets are dropped
o typically wrong in wireless networks, here we o ten have packet
loss due to transmission errors
o urthermore, mobility itsel can cause packet loss, i e.g. a
mobile node roams rom one access point (e.g. oreign agent in
Mobile IP) to another while there are still packets in transit to
the wrong access point and orwarding is not possible
* The per ormance o an unchanged TCP degrades severely
o however, TCP cannot be changed undamentally due to the large base
o installation in the ixed network, TCP or mobility has to
remain compatible
o the basic TCP mechanisms keep the whole Internet together
****** Early approach: Indirect TCP I ******
* Indirect TCP or I-TCP segments the connection
o no changes to the TCP protocol or hosts connected to the wired
Internet, millions o computers use (variants o ) this protocol
o optimized TCP protocol or mobile hosts
o splitting o the TCP connection at, e.g., the oreign agent into 2
TCP connections, no real end-to-end connection any longer
o hosts in the ixed part o the net do not notice the
characteristics o the wireless part
mobile host
access point
( oreign agent)
wired Internet
wireless TCP
standard TCP
****** I-TCP socket and state migration ******
mobile host
access point2
Internet
access point1
socket migration
and state trans er
****** Indirect TCP II ******
* Advantages
o no changes in the ixed network necessary, no changes or the hosts
(TCP protocol) necessary, all current optimizations to TCP still
work
o transmission errors on the wireless link do not propagate into the
ixed network
o simple to control, mobile TCP is used only or one hop between,
e.g., a oreign agent and mobile host
o there ore, a very ast retransmission o packets is possible, the
short delay on the mobile hop is known
* Disadvantages
o loss o end-to-end semantics, an acknowledgement to a sender does
now not any longer mean that a receiver really got a packet,
oreign agents might crash
o higher latency possible due to bu ering o data within the oreign
agent and orwarding to a new oreign agent
****** Early approach: Snooping TCP I ******
* Transparent extension o TCP within the oreign agent
o bu ering o packets sent to the mobile host
o lost packets on the wireless link (both directions!) will be
retransmitted immediately by the mobile host or oreign agent,
respectively (so called local retransmission)
o the oreign agent there ore snoops the packet low and recognizes
acknowledgements in both directions, it also ilters ACKs
o changes o TCP only within the oreign agent
wired Internet
bu ering o data
end-to-end TCP connection
local retransmission
correspondent
host
oreign
agent
mobile
host
snooping o ACKs
****** Snooping TCP II ******
* Data trans er to the mobile host
o FA bu ers data until it receives ACK o the MH, FA detects packet
loss via duplicated ACKs or time-out
o ast retransmission possible, transparent or the ixed network
* Data trans er rom the mobile host
o FA detects packet loss on the wireless link via sequence numbers,
FA answers directly with a NACK to the MH
o MH can now retransmit data with only a very short delay
* Integration o the MAC layer
o MAC layer o ten has similar mechanisms to those o TCP
o thus, the MAC layer can already detect duplicated packets due to
retransmissions and discard them
* Problems
o snooping TCP does not isolate the wireless link as good as I-TCP
o snooping might be useless depending on encryption schemes
****** Early approach: Mobile TCP ******
* Special handling o lengthy and/or requent disconnections
* M-TCP splits as I-TCP does
o unmodi ied TCP ixed network to supervisory host (SH)
o optimized TCP SH to MH
* Supervisory host
o no caching, no retransmission
o monitors all packets, i disconnection detected
# set sender window size to 0
# sender automatically goes into persistent mode
o old or new SH reopen the window
* Advantages
o maintains semantics, supports disconnection, no bu er orwarding
* Disadvantages
o loss on wireless link propagated into ixed network
o adapted TCP on wireless link
****** Fast retransmit/ ast recovery ******
* Change o oreign agent o ten results in packet loss
o TCP reacts with slow-start although there is no congestion
* Forced ast retransmit
o as soon as the mobile host has registered with a new oreign agent,
the MH sends duplicated acknowledgements on purpose
o this orces the ast retransmit mode at the communication partners
o additionally, the TCP on the MH is orced to continue sending with
the actual window size and not to go into slow-start a ter
registration
* Advantage
o simple changes result in signi icant higher per ormance
* Disadvantage
o urther mix o IP and TCP, no transparent approach
****** Transmission/time-out reezing ******
* Mobile hosts can be disconnected or a longer time
o no packet exchange possible, e.g., in a tunnel, disconnection due
to overloaded cells or mux. with higher priority tra ic
o TCP disconnects a ter time-out completely
* TCP reezing
o MAC layer is o ten able to detect interruption in advance
o MAC can in orm TCP layer o upcoming loss o connection

o TCP stops sending, but does now not assume a congested link
o MAC layer signals again i reconnected
* Advantage
o scheme is independent o data
* Disadvantage
o TCP on mobile host has to be changed, mechanism depends on MAC
layer
****** Selective retransmission ******
* TCP acknowledgements are o ten cumulative
o ACK n acknowledges correct and in-sequence receipt o packets up to
n
o i single packets are missing quite o ten a whole packet sequence
beginning at the gap has to be retransmitted (go-back-n), thus
wasting bandwidth
* Selective retransmission as one solution
o RFC2018 allows or acknowledgements o single packets, not only
acknowledgements o in-sequence packet streams without gaps
o sender can now retransmit only the missing packets
* Advantage
o much higher e iciency
* Disadvantage
o more complex so tware in a receiver, more bu er needed at the
receiver
****** Transaction oriented TCP ******
* TCP phases
o connection setup, data transmission, connection release
o using 3-way-handshake needs 3 packets or setup and release,
respectively
o thus, even short messages need a minimum o 7 packets!
* Transaction oriented TCP
o RFC1644, T-TCP, describes a TCP version to avoid this overhead
o connection setup, data trans er and connection release can be
combined
o thus, only 2 or 3 packets are needed
* Advantage
o e iciency
* Disadvantage
o requires changed TCP
o mobility not longer transparent
****** Comparison o di erent approaches or a mobile TCP ******
****** TCP Improvements I ******
* Initial research work
o Indirect TCP, Snoop TCP, M-TCP, T/TCP, SACK, Transmission/time-out
reezing,
* TCP over 2.5/3G wireless networks
o Fine tuning todays TCP
o Learn to live with
# Data rates: 64 kbit/s up, 115-384 kbit/s down; asymmetry: 36, but also up to 1000 (broadcast systems), periodic
allocation/release o channels
# High latency, high jitter, packet loss
o Suggestions
# Large (initial) sending windows, large maximum trans er unit,
selective acknowledgement, explicit congestion noti ication,
time stamp, no header compression
o Widespread use
# i-mode running over FOMA
# WAP 2.0 (TCP with wireless pro ile)
* max. TCP BandWidth
* Max. Segment Size

* Round Trip Time
* loss probability
****** TCP Improvements II ******
* Per ormance enhancing proxies (PEP, RFC 3135)
o Transport layer
# Local retransmissions and acknowledgements
o Additionally on the application layer
# Content iltering, compression, picture downscaling
# E.g., Internet/WAP gateways
# Web service gateways?
o Big problem: breaks end-to-end semantics
# Disables use o IP security
# Choose between PEP and security!
* More open issues
o RFC 3150 (slow links)
# Recommends header compression, no timestamp
o RFC 3155 (links with errors)
# States that explicit congestion noti ication cannot be used
o In contrast to 2.5G/3G recommendations!
Mobile system
PEP
Comm. partner
wireless
Internet
****** Mobile Communications Chapter 10: Support or Mobility ******
* File systems
* Data bases
* WWW and Mobility
* WAP (Wireless Application Protocol), i-mode & Co.
****** Mobile, bearable multimedia equipment ******
****** File systems - Motivation ******
* Goal
o e icient and transparent access to shared iles within a mobile
environment while maintaining data consistency
* Problems
o limited resources o mobile computers (memory, CPU, ...)
o low bandwidth, variable bandwidth, temporary disconnection
o high heterogeneity o hardware and so tware components (no standard
PC architecture)
o wireless network resources and mobile computer are not very
reliable
o standard ile systems (e.g., NFS, network ile system) are very
ine icient, almost unusable
* Solutions
o replication o data (copying, cloning, caching)
o data collection in advance (hoarding, pre- etching)
****** File systems - consistency problems ******
* THE big problem o distributed, loosely coupled systems
o are all views on data the same?
o how and when should changes be propagated to what users?
* Weak consistency
o many algorithms o ering strong consistency (e.g., via atomic
updates) cannot be used in mobile environments
o invalidation o data located in caches through a server is very
problematic i the mobile computer is currently not connected to
the network
o occasional inconsistencies have to be tolerated, but con lict
resolution strategies must be applied a terwards to reach
consistency again
* Con lict detection

o content independent: version numbering, time-stamps
o content dependent: dependency graphs
****** File systems or limited connectivity I ******
* Symmetry
o Client/Server or Peer-to-Peer relations
o support in the ixed network and/or mobile computers
o one ile system or several ile systems
o one namespace or iles or several namespaces
* Transparency
o hide the mobility support, applications on mobile computers should
not notice the mobility
o user should not notice additional mechanisms needed
* Consistency model
o optimistic or pessimistic
* Caching and Pre- etching
o single iles, directories, subtrees, partitions, ...
o permanent or only at certain points in time
****** File systems or limited connectivity II ******
* Data management
o management o bu ered data and copies o data
o request or updates, validity o data
o detection o changes in data
* Con lict solving
o application speci ic or general
o errors
* Several early experimental systems exist (late 80s)
o Coda (Carnegie Mellon University), Little Work (University o
Michigan), Ficus (UCLA) etc.
* Many systems use ideas rom distributed ile systems such as, e.g., AFS
(Andrew File System)
****** File systems - Coda I ******
mobile client
* Application transparent extensions o client and server
o changes in the cache manager o a client
o applications use cache replicates o iles
o extensive, transparent collection o data in advance or possible
uture use (Hoarding)
* Consistency
o system keeps a record o changes in iles and compares iles a ter
reconnection
o i di erent users have changed the same ile a manual
reintegration o the ile into the system is necessary
o optimistic approach, coarse grained ( ile size)
cache
application
server
****** File systems - Coda II ******
* Hoarding
o user can pre-determine a ile list with priorities
o contents o the cache determined by the list and LRU strategy (Last
Recently Used)
o explicit pre- etching possible
o periodic updating
* Comparison o iles
o asynchronous, background
o system weighs speed o updating against minimization o network
tra ic
* Cache misses
o modeling o user patience: how long can a user wait or data
without an error message?

o unction o ile size and bandwidth
hoarding
write
disconnected
emulating
disconnection
disconnection
connection
strong
connection
weak
connection
* States o a client
****** File systems - Little Work ******
* Only changes in the cache manager o the client
* Connection modes and use
****** File systems - urther examples ******
* Mazer/Tardo
o ile synchronization layer between application and local ile
system
o caching o complete subdirectories rom the server
o Redirector responses to requests locally i necessary, via the
network i possible
o periodic consistency checks with bi-directional updating
* Ficus
o not a client/server approach
o optimistic approach based on replicates, detection o write
con licts, con lict resolution
o use o gossip protocols: a mobile computer does not necessarily
need to have direct connection to a server, with the help o other
mobile computers updates can be propagated through the network
* MIo-NFS (Mobile Integration o NFS)
o NFS extension, pessimistic approach, only token holder can write
o connected/loosely connected/disconnected
****** Database systems in mobile environments ******
* Request processing
o power conserving, location dependent, cost e icient
o example: ind the astest way to a hospital
* Replication management
o similar to ile systems
* Location management
o tracking o mobile users to provide replicated or location
dependent data in time at the right place (minimize access delays)
o example: with the help o the HLR (Home Location Register) in GSM a
mobile user can ind a local towing service
* Transaction processing
o mobile transactions can not necessarily rely on the same models
as transactions over ixed networks (ACID: atomicity, consistency,
isolation, durability)
o there ore models or weak transaction
****** World Wide Web and mobility ******
* Protocol (HTTP, Hypertext Trans er Protocol) and language (HTML,
Hypertext Markup Language) o the Web have not been designed or mobile
applications and mobile devices, thus creating many problems!
* Typical trans er sizes
o HTTP request: 100-350 byte
o responses avg. <10 kbyte, header 160 byte, GIF 4.1kByte, JPEG 12.8
kbyte, HTML 5.6 kbyte
o but also many large iles that cannot be ignored
* The Web is no ile system

o Web pages are not simple iles to download
o static and dynamic content, interaction with servers via orms,
content trans ormation, push technologies etc.
o many hyperlinks, automatic loading and reloading, redirecting
o a single click might have big consequences!
****** WWW example ******
***** Request to port 80: GET / HTTP/1.0 *****
***** or: GET / HTTP/1.1 *****
***** Host: www.in . u-berlin.de *****
***** Response rom server *****
***** HTTP/1.1 200 OK *****
***** Date: Wed, 30 Oct 2002 19:44:26 GMT *****
***** Server: Apache/1.3.12 (Unix) mod_perl/1.24 *****
***** Last-Modi ied: Wed, 30 Oct 2002 13:16:31 GMT *****
***** ETag: "2d8190-2322-3db dba " *****
***** Accept-Ranges: bytes *****
***** Content-Length: 8994 *****
***** Connection: close *****
***** Content-Type: text/html *****
***** <DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
*****
***** <html> *****
***** <head> *****
***** <title>FU-Berlin: Institut ür In ormatik</TITLE> *****
***** <base hre ="http://www.in . u-berlin.de"> *****
***** <link rel="stylesheet" type="text/css"
hre ="http://www.in . u-berlin.de/styles/homepage.css"> *****
*****  *****
***** </head> *****
***** <body onResize="sel .location.reload();"> *****
***** ... *****
non persistent
****** HTTP 1.0 (old) and mobility I ******
* Characteristics
o stateless, client/server, request/response
o needs a connection oriented protocol (TCP), one connection per
request (some enhancements in HTTP 1.1)
o primitive caching and security
* Problems
o designed or large bandwidth (compared to wireless access) and low
delay
o big and redundant protocol headers (readable or humans, stateless,
there ore big headers in ASCII)
o uncompressed content trans er
o using TCP
# huge overhead per request (3-way-handshake) compared with the
content, e.g., o a GET request
# slow-start problematic
o DNS lookup by client causes additional tra ic
****** HTTP 1.0 (old) and mobility II ******
* Caching
o quite o ten disabled by in ormation providers to be able to create
user pro iles, usage statistics etc.
o dynamic objects cannot be cached
# numerous counters, time, date, personalization, ...
o mobility quite o ten inhibits caches
o security problems
# how to use SSL/TLS together with proxies?

o today: many user customized pages, dynamically generated on request
via CGI, ASP, ...
* POSTing (i.e., sending to a server)
o can typically not be bu ered, very problematic i currently
disconnected
* Many unsolved problems!
****** HTML and mobile devices ******
* HTML
o designed or computers with high per ormance, color highresolution display, mouse, hard disk
o typically, web pages optimized or design, not or communication
* Mobile devices
o o ten only small, low-resolution displays, very limited input
inter aces (small touch-pads, so t-keyboards)
* Additional eatures
o animated GIF, Java AWT, Frames, ActiveX Controls, Shockwave, movie
clips, audio, ...
o many web pages assume true color, multimedia support, highresolution and many plug-ins
* Web pages ignore the heterogeneity o end-systems!
o e.g., without additional mechanisms, large high-resolution pictures
would be trans erred to a mobile phone with a low-resolution
display causing high costs
****** Approaches toward WWW or mobile devices ******
* Application gateways, enhanced servers
o simple clients, pre-calculations in the ixed network
o compression, iltering, content extraction
o automatic adaptation to network characteristics
* Examples
o picture scaling, color reduction, trans ormation o the document
ormat (e.g., PS to TXT)
o detail studies, clipping, zoom
o headline extraction, automatic abstract generation
o HDML (handheld device markup language): simple language similar to
HTML requiring a special browser
o HDTP (handheld device transport protocol): transport protocol or
HDML, developed by Unwired Planet
* Problems
o proprietary approaches, require special enhancements or browsers
o heterogeneous devices make approaches more complicated
****** Some new issues that might help mobility? ******
* Push technology
o real pushing, not a client pull needed, channels etc.
* HTTP/1.1
o client/server use the same connection or several request/response
transactions
o multiple requests at beginning o session, several responses in
same order
o enhanced caching o responses (use ul i equivalent responses!)
o semantic transparency not always achievable: disconnected,
per ormance, availability -> most up-to-date version...
o several more tags and options or controlling caching (public/
private, max-age, no-cache etc.)
o relaxing o transparency on app. request or with warning to user
o encoding/compression mechanism, integrity check, security o
proxies, authentication, authorization...
* Cookies: well..., state ul sessions, not really integrated...
****** System support or WWW in a mobile world I (some historical) ******
mobile client
browser
integrated enhancement
* Enhanced browsers
o Pre- etching, caching, o -line use
o e.g. Internet Explorer
* Additional, accompanying application
o e.g. original WebWhacker
web
server
mobile client
browser
additional application
web
server
****** System support or WWW in a mobile world II (some historical) ******
* Client Proxy
o e.g., Caubweb, TeleWeb, Weblicator, WebWhacker, WebEx, WebMirror,
...
* Network Proxy
o adaptive content trans ormation or bad connections, pre- etching,
caching
o e.g., TranSend, Digestor
mobile client
browser
network
proxy
web
server
mobile client
browser
client
proxy
web
server
****** System support or WWW in a mobile world III (some historical) ******
* Client and network proxy
o combination o bene its plus simpli ied protocols
o e.g., MobiScape, WebExpress
* Special network subsystem
o adaptive content trans ormation or bad connections, pre- etching,
caching
o e.g., Mowgli
* Additional many proprietary server extensions possible
o channels, content negotiation, ...
mobile client
browser
web
server
mobile client
browser
client
proxy
web
server
network
proxy
client
proxy
network
proxy
****** WAP - Wireless Application Protocol ******
* Goals
o deliver Internet content and enhanced services to mobile devices
and users (mobile phones, PDAs)
o independence rom wireless network standards
o open or everyone to participate, protocol speci ications will be
proposed to standardization bodies
o applications should scale well beyond current transport media and
device types and should also be applicable to uture developments
* Plat orms
o e.g., GSM (900, 1800, 1900), CDMA IS-95, TDMA IS-136, 3rd
generation systems (IMT-2000, UMTS, W-CDMA, cdma2000 1x EV-DO, )
* Forum
o was: WAP Forum, co- ounded by Ericsson, Motorola, Nokia, Unwired
Planet, urther in ormation www.wap orum.org
o now: Open Mobile Alliance www.openmobilealliance.org (Open Mobile
Architecture + WAP Forum + SyncML + )
****** WAP - scope o standardization ******
* Browser
o micro browser, similar to existing, well-known browsers in the
Internet
* Script language
o similar to Java script, adapted to the mobile environment
* WTA/WTAI
o Wireless Telephony Application (Inter ace): access to all telephone
unctions
* Content ormats
o e.g., business cards (vCard), calendar events (vCalender)
* Protocol layers
o transport layer, security layer, session layer etc.
****** WAP 1.x - re erence model and protocols ******
Bearers (GSM, CDPD, ...)
Security Layer (WTLS)
Session Layer (WSP)
Application Layer (WAE)
Transport Layer (WDP)
TCP/IP,
UDP/IP,
media
SSL/TLS
HTML, Java
HTTP
Internet
WAP
WAE comprises WML (Wireless Markup Language), WML Script, WTAI etc.
Transaction Layer (WTP)
additional services and applications
WCMP
A-SAP
S-SAP
TR-SAP
SEC-SAP
T-SAP
****** WAP - network elements ******
wireless network
ixed network
WAP
proxy
WTA
server
ilter/
WAP
proxy
web
server
ilter
PSTN
Internet
Binary WML: binary ile ormat or clients
Binary WML
Binary WML
Binary WML
HTML
HTML
HTML
WML
WML
HTML
****** WDP - Wireless Datagram Protocol ******
* Protocol o the transport layer within the WAP architecture
o uses directly transports mechanisms o di erent network
technologies
o o ers a common inter ace or higher layer protocols
o allows or transparent communication using di erent transport
technologies (GSM [SMS, CSD, USSD, GPRS, ...], IS-136, TETRA, DECT,
PHS, IS-95, ...)
* Goals o WDP
o create a worldwide interoperable transport system with the help o
WDP adapted to the di erent underlying technologies
o transmission services such as SMS, GPRS in GSM might change, new
services can replace the old ones
* Additionally, WCMP (wireless Control Message Protocol) is used or
control/error report (similar to ICMP in the TCP/IP protocol suite)
****** WDP - Service Primitives ******
T-SAP
T-SAP
T-DUnitdata.req (DA, DP, SA, SP, UD)
T-DUnitdata.ind (SA, SP, UD)
T-DUnitdata.req (DA, DP, SA, SP, UD)
T-DError.ind (EC)
****** Usage o WDP ******
GSM-SMS
GSM-CSD
WTLS
WDP &
Adaptation
SMS
Wireless Data Gateway
WTLS
WDP &
Adaptation
Tunnel
Subnetwork
SMS
Tunnel
Subnetwork
WAP
Proxy
WTLS
UDP
WTLS
UDP
IP
PPP
CSD-RF
IP
Subnetwork
IP
PPP
CSD-RF
PSTN
Circuit
Subnetwork
Interworking
Function
Internet Service Provider
Remote Access Service
PSTN
Circuit
****** WTLS - Wireless Transport Layer Security ******
* Goals
o data integrity
# prevention o changes in data
o privacy
# prevention o tapping
o authentication
# creation o authenticated relations between a mobile device
and a server
o protection against denial-o -service attacks
# protection against repetition o data and unveri ied data
* WTLS
o is based on the TLS (Transport Layer Security) protocol ( ormer
SSL, Secure Sockets Layer)
o optimized or low-bandwidth communication channels
****** Secure session, ull handshake ******
SEC-Create.req
(SA, SP, DA, DP, KES, CS, CM)
SEC-Create.ind
(SA, SP, DA, DP, KES, CS, CM)
originator
SEC-SAP
peer
SEC-SAP
SEC-Create.cn
(SNM, KR, SID, KES, CS, CM)
SEC-Create.res
(SNM, KR, SID, KES, CS, CM)
SEC-Exchange.req
SEC-Exchange.ind
SEC-Exchange.res
(CC)
SEC-Commit.req
SEC-Exchange.cn
(CC)
SEC-Commit.ind
SEC-Commit.cn
****** SEC-Unitdata - trans erring datagrams ******
SEC-Unitdata.req
(SA, SP, DA, DP, UD)

SEC-Unitdata.ind
(SA, SP, DA, DP, UD)
sender
SEC-SAP
receiver
SEC-SAP
****** WTP - Wireless Transaction Protocol ******
* Goals
o di erent transaction services, o loads applications
# application can select reliability, e iciency
o support o di erent communication scenarios
# class 0: unreliable message trans er
# class 1: reliable message trans er without result message
# class 2: reliable message trans er with exactly one reliable
result message
o supports peer-to-peer, client/server and multicast applications
o low memory requirements, suited to simple devices (< 10kbyte )
o e icient or wireless transmission
# segmentation/reassembly
# selective retransmission
# header compression
# optimized connection setup (setup with data trans er)
****** Details o WTP I ******
* Support o di erent communication scenarios
o Class 0: unreliable message trans er
# Example: push service
o Class 1: reliable request
# An invoke message is not ollowed by a result message
# Example: reliable push service
o Class 2: reliable request/response
# An invoke message is ollowed by exactly one result message
# With and without ACK
# Example: typical web browsing
* No explicit connection setup or release is available
* Services or higher layers are called events
****** Details o WTP II ******
* Used Mechanisms
o Reliability
# Unique transaction identi iers (TID)
# Acknowledgements
# Selective retransmission
# Duplicate removal
o Optional: concatenation & separation o messages
o Optional: segmentation & reassembly o messages
o Asynchronous transactions
o Transaction abort, error handling
o Optimized connection setup (includes data transmission)
****** WTP Class 0 transaction ******
TR-Invoke.req
(SA, SP, DA, DP, A, UD, C=0, H)
Invoke PDU
TR-Invoke.ind
initiator
TR-SAP
responder
TR-SAP
****** WTP Class 1 transaction, no user ack & user ack ******
TR-Invoke.req
(SA, SP, DA, DP,

Invoke PDU
TR-Invoke.ind
(SA, SP, DA, DP,
initiator
TR-SAP
responder
TR-SAP
Ack PDU
TR-Invoke.req
(SA, SP, DA, DP,
Invoke PDU
TR-Invoke.ind
(SA, SP, DA, DP,
initiator
TR-SAP
responder
TR-SAP
Ack PDU
TR-Invoke.res
(H)
TR-Invoke.cn
(H)
TR-Invoke.cn
(H)
****** WTP Class
TR-Invoke.req
(SA, SP, DA, DP,
Invoke PDU
TR-Invoke.ind
(SA, SP, DA, DP,
initiator
TR-SAP
responder
TR-SAP
Result PDU
TR-Result.req
(UD*, H)
TR-Result.ind
(UD*, H)
Ack PDU
TR-Invoke.cn
(H)
TR-Result.res
(H)
TR-Result.cn
(H)
****** WTP Class
TR-Invoke.req
(SA, SP, DA, DP,
Invoke PDU
TR-Invoke.ind
(SA, SP, DA, DP,
initiator
TR-SAP
responder
TR-SAP
Result PDU
TR-Result.ind
(UD*, H)
A, UD, C=1, H)
A, UD, C=1, H)
A, UD, C=1, H)
A, UD, C=1, H)
2 transaction, no user ack, no hold on ******

A, UD, C=2, H)
A, UD, C=2, H)
2 transaction, user ack ******

A, UD, C=2, H)
A, UD, C=2, H)
Ack PDU
TR-Invoke.res
(H)
TR-Invoke.cn
(H)
Ack PDU
TR-Result.req
(UD*, H)
TR-Result.res
(H)
TR-Result.cn
(H)
****** WTP Class 2 transaction, hold on, no user ack ******
TR-Invoke.req
Invoke PDU
TR-Invoke.ind
initiator
TR-SAP
responder
TR-SAP
Result PDU
TR-Result.req
(UD*, H)
TR-Result.ind
(UD*, H)
Ack PDU
Ack PDU
TR-Invoke.cn
(H)
TR-Result.res
(H)
TR-Result.cn
(H)
****** WSP - Wireless Session Protocol ******
* Goals
o HTTP 1.1 unctionality
# Request/reply, content type negotiation, ...
o support o client/server, transactions, push technology
o key management, authentication, Internet security services
o session management (interruption, resume,...)
* Open topics
o QoS support
o group communication
o isochronous media objects
o management
****** WSP protocols ******
WSP
Connection mode
(uses WTP)
Connectionless mode
(uses WDP or WTLS)
* Session Management (class 0, 2)
* Method Invocation (Kl. 2)
* Error Report
* Push (class 0)
* Con irmed Push (class 1)
* Session suspend/resume (class 0, 2)
* Method Invocation
* Push
(in general unreliable)
****** WSP/B session establishment ******
S-Connect.req
(SA, CA, CH, RC)
Connect PDU
S-Connect.ind
(SA, CA, CH, RC)
client
S-SAP
server
S-SAP
ConnReply PDU
S-Connect.res
(SH, NC)
S-Connect.cn
(SH, NC)
WTP Class 2
transaction
****** WSP/B session suspend/resume ******
S-Suspend.req
Suspend PDU
S-Suspend.ind
(R)
client
S-SAP
server
S-SAP
Reply PDU
S-Resume.res
WTP Class 2
transaction
S-Suspend.ind
(R)
~
~
S-Resume.req
(SA, CA)
S-Resume.ind
(SA, CA)
Resume PDU
S-Resume.cn
WTP Class 0
transaction
****** WSP/B session termination ******
Disconnect PDU
S-Disconnect.ind
(R)
client
S-SAP
server
S-SAP
S-Disconnect.ind
(R)
WTP Class 0
transaction
S-Disconnect.req
(R)
****** WSP/B method invoke ******
S-MethodInvoke.req
(CTID, M, RU)
Method PDU
S-MethodInvoke.ind
(STID, M, RU)
client
S-SAP
server
S-SAP
Reply PDU
S-MethodInvoke.res
(STID)
S-MethodInvoke.cn
(CTID)
WTP Class 2
transaction
S-MethodResult.req
(STID, S, RH, RB)
S-MethodResult.ind
(CTID, S, RH, RB)
S-MethodResult.res
(CTID)
S-MethodResult.cn
(STID)
****** WSP/B over WTP - method invocation ******
S-MethodInvoke.req
S-MethodInvoke.ind
client
S-SAP
server
S-SAP
S-MethodInvoke.res
S-MethodInvoke.cn
S-MethodResult.req
S-MethodResult.ind
S-MethodResult.res
S-MethodResult.cn
TR-Invoke.req
initiator
TR-SAP
TR-Result.ind
TR-Invoke.cn
TR-Result.res
TR-Invoke.ind
responder
TR-SAP
TR-Invoke.res
TR-Result.req
TR-Result.cn
Invoke(Method)
Result(Reply)
Ack PDU
Ack PDU
****** WSP/B over WTP - asynchronous, unordered requests ******
S-MethodInvoke_1.req
S-MethodInvoke_1.ind
client
S-SAP
server
S-SAP
S-MethodResult_1.ind
S-MethodResult_1.req
****** WSP/B - con irmend/non-con irmed push ******
S-Push.req
(PH, PB)
client
S-SAP
server
S-SAP
Con Push PDU
WTP Class 1
transaction
S-Push.ind
(PH, PB)
S-Con irmedPush.res
(CPID)
S-Con irmedPush.ind
(CPID, PH, PB)
WTP Class 0
transaction
Push PDU
S-Con irmedPush.req
(SPID, PH, PB)
client
S-SAP
server
S-SAP
S-Con irmedPush.cn
(SPID)
****** WSP/B over WDP ******
S-Unit-MethodInvoke.req
(SA, CA, TID, M, RU)
client
S-SAP
server
S-SAP
S-Unit-MethodResult.ind
(CA, SA, TID, S, RH, RB)
S-Unit-Push.ind
(CA, SA, PID, PH, PB)
S-Unit-MethodInvoke.ind
(SA, CA, TID, M, RU)
S-Unit-MethodResult.req
(CA, SA, TID, S, RH, RB)
S-Unit-Push.req
(CA, SA, PID, PH, PB)
Method PDU
Reply PDU
Push PDU
WDP Unitdata
service
****** WAE - Wireless Application Environment ******
* Goals
o network independent application environment or low-bandwidth,
wireless devices
o integrated Internet/WWW programming model with high
interoperability
* Requirements
o device and network independent, international support
o manu acturers can determine look-and- eel, user inter ace
o considerations o slow links, limited memory, low computing power,
small display, simple user inter ace (compared to desktop
computers)
* Components
o architecture: application model, browser, gateway, server
o WML: XML-Syntax, based on card stacks, variables, ...
o WMLScript: procedural, loops, conditions, ... (similar to
JavaScript)
o WTA: telephone services, such as call control, text messages, phone
book, ... (accessible rom WML/WMLScript)
o content ormats: vCard, vCalendar, Wireless Bitmap, WML, ...
****** WAE logical model ******
Origin Servers
web
server
other content
server
Gateway
Client
other
WAE
user agents
WML
user agent
WTA
user agent
encoders
&
decoders
encoded
request
request
encoded
response
with
content
response
with
content
push
content
encoded
push
content
****** Wireless Markup Language (WML) ******
* WML ollows deck and card metaphor
o WML document consists o many cards, cards are grouped to decks
o a deck is similar to an HTML page, unit o content transmission
o WML describes only intent o interaction in an abstract manner
o presentation depends on device capabilities

* Features
o text and images
o user interaction
o navigation
o context management
****** WML example I ******
***** <?xml version="1.0"?> *****
***** <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" *****
***** "http://www.wap orum.org/DTD/wml_1.1.xml"> *****
***** <wml> *****
***** <card id="card_one" title="simple example"> *****
***** <do type="accept"> *****
***** <go hre ="#card_two"/> *****
***** </do> *****
***** <p> *****
***** This is a simple irst card! *****
***** <br/> *****
***** On the next one you can choose ... *****
***** </p> *****
***** </card> *****
****** WML example II ******
***** <card id="card_two" title="Pizza selection"> *****
***** <do type="accept" label="cont"> *****
***** <go hre ="#card_three"/> *****
***** </do> *****
***** <p> *****
***** ... your avorite pizza! *****
***** <select value="Mar" name="PIZZA"> *****
***** <option value="Mar">Margherita</option> *****
***** <option value="Fun">Funghi</option> *****
***** <option value="Vul">Vulcano</option> *****
***** </select> *****
***** </p> *****
***** </card> *****
***** <card id="card_three" title="Your Pizza!"> *****
***** <p> *****
***** Your personal pizza parameter is <b>$(PIZZA)</b>! *****
***** </p> *****
***** </card> *****
***** </wml> *****
****** WMLScript ******
* Complement to WML
* Provides general scripting capabilities
* Features
o validity check o user input
# check input be ore sent to server
o access to device acilities
# hardware and so tware (phone call, address book etc.)
o local user interaction
# interaction without round-trip delay
o extensions to the device so tware
# con igure device, download new unctionality a ter deployment
****** WMLScript - example ******
***** unction pizza_test(pizza_type) { *****
***** var taste = "unknown"; *****
***** i (pizza_type = "Margherita") { *****
***** taste = "well... "; *****
***** } *****
***** else { *****
***** i (pizza_type = "Vulcano") { *****

***** taste = "quite hot"; *****
***** }; *****
***** }; *****
***** return taste; *****
***** }; *****
****** Wireless Telephony Application (WTA) ******
* Collection o telephony speci ic extensions
* Extension o basic WAE application model
o content push
# server can push content to the client
# client may now be able to handle unknown events
o handling o network events
# table indicating how to react on certain events rom the
network
o access to telephony unctions
# any application on the client may access telephony unctions
* Example
o calling a number (WML) wtai://wp/mc;07216086415
o calling a number (WMLScript) WTAPublic.makeCall
("07216086415");
****** WTA logical architecture ******
other
servers
client
repository
WTA
user agent
WAP gateway
encoders
&
decoders
other telephone networks
WTA server
WTA & WML
server
WML scripts
WML
decks
WTA
services
mobile
network
irewall
third party servers
network operator
trusted domain
device
speci ic
unctions
****** Voice box example ******
Service Indication
WTA-User-Agent
WTA-Server
Mobile network
Voice box server
Generate new deck
Display deck;
user selects
Call setup
Accept call
Voice connection
Indicate new voice message
Play requested voice message
Setup call
Accept call
Accept call
WTA-Gateway
Push URL
Display deck;
user selects
WSP Get
HTTP Get
Respond with content
WML
Binary WML
WSP Get
HTTP Get
Respond with card
or call
WML
Binary WML
Wait or call
Setup call
****** WTAI - example with WML only ******
***** <?xml version="1.0"?> *****
***** <wml> *****
***** <card id="card_one" title="Tele voting"> *****
***** <go hre ="#card_two"/> *****
***** </do> *****
***** <p> Please choose your candidate! </p> *****
***** </card> *****
***** <card id="card_two" title="Your selection"> *****
***** <go hre ="wtai://wp/mc;$dialno"/> *****
***** </do> *****
***** <p> Your selection: *****
***** <select name="dialno"> *****
***** <option value="01376685">Mickey</option> *****
***** <option value="01376686">Donald</option> *****
***** <option value="01376687">Pluto</option> *****
***** </select> *****
***** </p> *****
***** </card> *****
***** </wml> *****
****** WTAI - example with WML and WMLScript I ******
***** unction voteCall(Nr) { *****
***** var j = WTACallControl.setup(Nr,1); *****
***** i (j>=0) { *****
***** WMLBrowser.setVar("Message", "Called"); *****
***** WMLBrowser.setVar("No", Nr); *****
***** } *****
***** else { *****
***** WMLBrowser.setVar("Message", "Error!"); *****
***** WMLBrowser.setVar("No", j); *****
***** } *****
***** WMLBrowser.go("showResult"); *****
***** } *****
****** WTAI - example with WML and WMLScript II ******
***** <?xml version="1.0"?> *****
***** <wml> *****
***** <card id="card_one" title="Tele voting"> *****
***** <do type="accept"> <go hre ="#card_two"/> </do> *****
***** <p> Please choose your candidate! </p> *****
***** </card> *****
***** <card id="card_two" title="Your selection"> *****
***** <go hre ="/myscripts#voteCall($dialno)"/> </do> *****
***** <p> Your selection: *****
***** <select name="dialno"> *****
***** <option value="01376685">Mickey</option> *****
***** <option value="01376686">Donald</option> *****
***** <option value="01376687">Pluto</option> *****
***** </select> </p> *****
***** </card> *****
***** <card id="showResult" title="Result"> *****
***** <p> Status: $Message $No </p> *****
***** </card> *****
***** </wml> *****
****** WAP push architecture with proxy gateway ******
* Push Access Protocol
o Content transmission between server and PPG
o First version uses HTTP
* Push OTA (Over The Air) Protocol
o Simple, optimized
o Mapped onto WSP
Client
User Agents
Push Proxy
Gateway
Coding,
checking
Push OTA
Protocol
Push Initiator
Push
Access
Protocol
Server
application
****** Push/Pull services in WAP I ******
* Service Indication
o Service announcement using a pushed short message
o Service usage via a pull
o Service identi ication via a URI
***** <?xml version="1.0"?> *****
***** <!DOCTYPE si PUBLIC "-//WAPFORUM//DTD SI 1.0//EN" *****
***** "http://www.wap orum.org/DTD/si.dtd"> *****
***** <si> *****
***** <indication hre ="http://www.piiiizza4u.de/o er/salad.wml"
*****
***** created="2007-10-30T17:45:32Z" *****
***** si-expires="2007-10-30T17:50:31Z"> *****
***** Salad special: The 5 minute o er *****
***** </indication> *****
***** </si> *****

****** Push/Pull services in WAP II ******
* Service Loading
o short message pushed to a client containing a URI
o User agent decides whether to use the URI via a pull
o Transparent or users, always looks like a push
***** <?xml version="1.0"?> *****
***** <!DOCTYPE sl PUBLIC "-//WAPFORUM//DTD SL 1.0//EN" *****
***** "http://www.wap orum.org/DTD/sl.dtd"> *****
***** <sl *****
***** hre ="http://www.piiiizza4u.de/o er/salad.wml"> *****
***** </sl> *****
****** Examples or WAP protocol stacks (WAP 1.x) ******
WAE
WSP
WTP
UDP
IP (GPRS, ...)
WDP
non IP
(SMS, ...)
WTLS
WAE user agent
WAP standardization
outside WAP
WTP
UDP
IP (GPRS, ...)
WDP
non IP
(SMS, ...)
WTLS
UDP
IP (GPRS, ...)
WDP
non IP
(SMS, ...)
WTLS
transaction based
application
datagram based
application
typical WAP application with complete protocol stack
pure data application with/without additional security
1.
2.
3.
****** i-mode irst o all a business model! ******
* Access to Internet services in Japan provided by NTT DoCoMo
o Services
# Email, short messages, web, picture exchange, horoscope, ...
o Big success (in some countries) millions o users
# Many use i-mode as PC replacement
# For many this was the irst Internet contact
# Very simple to use, convenient
o Technology
# 9.6 kbit/s (enhancements with 28.8 kbit/s), packet oriented
(PDC-P)
# Compact HTML plus proprietary tags, special transport layer
(Stop/go, ARQ, push, connection oriented)
PDC-P
TL
HTTP(S)
cHTML + tags
mobile terminal
PDC-P
TL
mobile network
gateway
content provider
L1
L2
IP
TCP
L1
L2
IP
TCP
L1
L2
IP
TCP
L1
L2
IP
TCP
HTTP(S)
cHTML + tags
****** Email example: i-mode push with SMS ******
application
WSP
WTP
WDP
SMS
Operator sends an SMS containing a push message i a new email has arrived. I
the user wants to read the email, an HTTP get ollows with the email as
response.
Popular misconception:
WAP was a ailure, i-mode is di erent and a success wrong rom a technology
point o view, right rom a business point o view
i-mode as a business model:
* content providers get >80% o the revenue.
* independent o technology (GSM/GPRS in Europe, PDC-P in Japan but also
UMTS!)
* not success ul in e.g. Germany (stopped in 2008)
****** i-mode protocol stack based on WAP 2.0 ******
user equipment
gateway
i-mode can use WAP 2.0/Internet protocols (example: i-mode in Germany over GSM/
GPRS)
server
cHTML
HTTP
WTCP
IP
L2
L1
SSL
WTCP
IP
L2
L1
TCP
IP
L2
L1
cHTML
HTTP
SSL
TCP
IP
L2
L1
****** i-mode technical requirements ******
Functions
Descriptions
Status Requirement
WEB Access Portal Site / Internet Access
M
i-mode HTML (cHTML+tags)
E-mail
Internet e-mail and inter-terminal email
M
HTTP 1.1
Security
End-End security
O
SSL (Version 2, 3), TLS 1
Java
Java application made available
O
Compatible i-mode JAVA
Ringing tone Ringing melody download
M
SMF based
download
Image
Stand-by screen download
M
GIF (O: JPEG)
download
Voice call
noti ication Voice termination noti ied and responded during i-mode communicatio
ns
M
3GPP standard system
during imode session
Content
Speci ications depend on each operators billing
charge
Per content charge billed to user
M
system
billing
Third party
payment
Content charge collection on behal o Content Provider
M
system
collection
Reverse
Packet usage charges can be billed to third party
O
billing
system
Subscriber Hashed subscriber ID rom the operators portal to the CP transmissio
n on
The ID generation algorithm should be determined
ID
each content access
M
by each operator and has to be secret
transmission
Number o
To be de ined by operators (e.g. 500 byte, 1K
characters Number o characters (byte) per e-mail
M
byte, 10K byte)
per e-mail
Character
code set
M
Character code set supported by browser and used to develop content

To be de ined by operators
supported
User Agent Browser speci ications to be noti ied
M
HTTP 1.1
i-mode
Dedicated button
O
Hard or so t key
button
****** i-mode very irst examples I ******
****** i-mode very irst examples II ******
****** i-mode very irst examples III ******
****** WAP 2.0 (July 2001) ******
* New or developers
o XHTML
o TCP with Wireless Pro ile
o HTTP
* New applications
o Color graphics
o Animation
o Large ile download
o Location based services
o Synchronization with PIMs
o Pop-up/context sensitive menus
* Goal: integration o WWW, Internet, WAP, i-mode
****** WAP 2.0 architecture ******
Service
discovery
Security
services
Application
ramework
Protocol ramework
External services EFI
Provisioning
Navigation
Discovery
Service
Lookup
Crypto
libraries
Authenti-cation
Identi ication
PKI
Secure
transport
Secure
bearer
Session
Trans er
Transport
Bearer
Multimedia Messaging (Email)
WAE/WTA User Agent (WML, XHTMLMP)
Content ormats
Push
IPv4
IPv6
CSD
SMS
USSD
FLEX
GPRS
MPAK
...
...
Datagrams
(WDP, UDP)
Connections
(TCP with wireless pro ile)
Hypermedia trans er (WTP+WSP, HTTP)
Strea-ming
MMS
Push
OTA
Capability Negotiation
Synchronisation
Cookies
****** WAP 2.0 example protocol stacks ******
bearer
WDP
WTLS
WTP
WSP
WAE
WAP device
bearer
WDP
WTLS
WTP
WSP
IP
TCP
TLS
HTTP
IP
TCP
TLS
HTTP
WAE
Web server
WAP gateway
WAP 1.x Server/Gateway/Client
IP
TCP
TLS
HTTP
WAE
WAP device
IP
TCP
IP
TCP
IP
TCP
TLS
HTTP
WAE
Web server
WAP proxy
WAP Proxy with TLS tunneling
IP
TCP
HTTP
WAE
WAP device
IP
TCP
IP
TCP
IP
TCP
WAE
Web server
WAP proxy
WAP HTTP Proxy with pro iled TCP and HTTP
HTTP
HTTP
HTTP
IP
TCP
HTTP
WAE
WAP device
IP
IP
IP
TCP
WAE
Web server
IP router
WAP direct access
HTTP
****** Java Plat orm, Micro Edition ******
* Java-Boom expected (?)
o Desktop: over 90% standard PC architecture, Intel x86 compatible,
typically MS Windows systems
o Do really many people care about plat orm independent applications?
* BUT: Heterogeneous, small devices
o Internet appliances, cellular phones, embedded control, car radios,
...
o Technical necessities (temperature range, orm actor, power
consumption, ) and economic reasons result in di erent hardware
* Java ME (source released as: phone ME / was: J2ME)
o Provides a uni orm plat orm
o Restricted unctionality compared to standard java plat orm (JVM)
****** Applications o Java ME ******
* Example irst cellular phones
o NTT DoCoMo introduced i ppli
o Applications on PDA, mobile phone, ...
o Game download, multimedia applications, encryption, system updates
o Load additional unctionality with a push on a button (and pay or
it)!
* Embedded control
o Household devices, vehicles, surveillance systems, device control
o System update is an important actor
****** Characteristics and architecture ******
* Java Virtual Machine
o Virtual Hardware (Processor)
o KVM (K Virtual Machine)
# Min. 128 kByte, typ. 256 kByte
# Optimized or low per ormance devices

# Might be a co-processor
* Con igurations
o Subset o standard Java libraries depending technical hardware
parameters (memory, CPU)
o CLDC (Connected Limited Device Con iguration)
# Basic libraries, input/output, security describes Java
support or mobile devices
* Pro iles
o Interoperability o heterogeneous devices belonging to the same
category
o MIDP (Mobile In ormation Device Pro ile)
# De ines inter aces or GUIs, HTTP, application support, > MIDlets
Hardware
(SH4, ARM, 68k, ...)
Java Virtual Machine
(JVM, KVM)
Operating system
(EPOC, Palm, WinCE)
Con igurations
(CDC, CLDC)
Pro ile
(MIDP)
Applications
****** Hardware independent development ******
****** Summary Java ME ******
* Idea is more than WAP 1.x or i-mode
o Full applications on mobile phones, not only a browser
o Includes system updates, end-to-end encryption
* Plat orm independent via virtualization
o As long as certain common inter aces are used
o Not valid or hardware speci ic unctions
* Limited unctionality compared to JVM
o Thus, maybe an intermediate solution only until embedded systems,
mobile phones are as power ul as todays desktop systems
****** Other mobile application plat orms ******
* Microso t .NET Compact Framework
o run-time environment plus class library with ocus on mobile
devices light-weight version o .NET
o support o many programming languages (C#, Python, Ruby, C++,
Haskell, )
o typically in connection with Windows CE
* Qualcomm BREW (Binary Runtime Environment or Wireless)
o run-time environment with main ocus on games
o certi ied applications only
* Google Android
o OS + middleware + applications or mobile devices
o Java/Linux based, open source
Mobile Communications
Chapter 8: Network Protocols/Mobile IP
Motivation
Data trans er , Encapsulation
Security, IPv6, Problems
Micro mobility support
DHCP
Ad-hoc networks, Routing protocols
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.1
Motivation
or Mobile IP
Routing
based on IP destination address, network pre ix (e.g.
129.13.42) determines physical subnet
change o physical subnet implies change o IP address to
have a topological correct address (standard IP) or needs
special entries in the routing tables
Speci ic routes to end-systems?
change o all routing table entries to orward packets to the
right destination
does not scale with the number o mobile hosts and requent
changes in the location, security problems
Changing the IP-address?
adjust the host IP address depending on the current location
almost impossible to ind a mobile system, DNS updates
take to long time
TCP connections break, security problems
MC - 2008
8.2
Requirements or Mobile IPv4 (RFC 3344,

was: 3220, was: 2002 , updated by: 4721)
Transparency
mobile end-systems keep their IP address
continuation o communication a ter interruption o link
possible
point o connection to the ixed network can be changed
Compatibility
support o the same layer 2 protocols as IP
no changes to current end-systems and routers required
mobile end-systems can communicate with ixed systems
Security
authentication o all registration messages
E iciency and scalability
only little additional messages to the mobile system required
(connection typically via a low bandwidth radio link)
world-wide support o a large number o mobile systems in
the whole Internet
MC - 2008
8.3
Terminology
Mobile Node (MN)
system (node) that can change the point o connection
to the network without changing its IP address
Home Agent (HA)
system in the home network o the MN, typically a router
registers the location o the MN, tunnels IP datagrams to the COA
Foreign Agent (FA)
system in the current oreign network o the MN, typically a router
orwards the tunneled datagrams to the MN, typically also the
de ault router or the MN
Care-o Address (COA)
address o the current tunnel end-point or the MN (at FA or MN)
actual location o the MN rom an IP point o view
can be chosen, e.g., via DHCP
Correspondent Node (CN)
communication partner
MC - 2008
8.4
Example network
HA
MN
router
home network
mobile end-system
Internet
(physical home network
or the MN)
FA
oreign
network
router
(current physical network
or the MN)
CN
end-system
router
MC - 2008
8.5
Data trans er to the mobile system

HA
2
MN
home network
Internet
receiver
3
FA
1.
HA
2.
by
3.
to
Sender sends to the IP address o MN,

intercepts packet (proxy ARP)
HA tunnels packet to COA, here FA,
encapsulation
FA orwards the packet
the MN
1
CN
sender
oreign
network
MC - 2008
8.6
Data trans er
HA
rom the mobile system
1
home network
MN
sender
Internet
FA
oreign
network
1. Sender sends to the IP address
o the receiver as usual,
FA works as de ault router
CN
receiver
MC - 2008
8.7
Overview
COA
home
network
router
FA
router
HA
MN
oreign
network
Internet
CN
router
home
network
router
HA
router
FA
2.
Internet
3.
MN
4.
oreign
network
1.
CN
router
MC - 2008
8.8
Network integration
Agent Advertisement
HA and FA periodically send advertisement messages into their
physical subnets
MN listens to these messages and detects, i it is in the home or a
oreign network (standard case or home network)
MN reads a COA rom the FA advertisement messages
Registration (always limited li etime!)
MN signals COA to the HA via the FA, HA acknowledges via FA to
MN
these actions have to be secured by authentication
Advertisement
HA advertises the IP address o the MN (as or ixed systems), i.e.
standard routing in ormation
routers adjust their entries, these are stable or a longer time (HA
responsible or a MN over a longer period o time)
packets to the MN are sent to the HA,
independent o changes in COA/FA
MC - 2008
8.9
Agent advertisement
0
7 8
type
#addresses
15 16
23 24
checksum
li etime
31
code
addr. size
router address 1
pre erence level 1
router address 2
pre erence level 2
...
type = 16
type = 16
length
sequence number
length = 6 + 4 * #COAs
R B H F M G r T reserved
registration li etime
R: registration required
COA 1
B: busy, no more registrations
COA 2
H: home agent
F: oreign agent
...
M: minimal encapsulation
G: GRE encapsulation
r: =0, ignored ( ormer Van Jacobson compression)
T: FA supports reverse tunneling
reserved: =0, ignored
MC - 2008
8.10
Registration
MN r
FA
egis
requ tration
es
HA
MN re
HA
gist
requ ration
e
t
st
regi
s
requ tration
es t
n
ratio
t
s
i
reg
y
repl
n
ratio
t
s
i
reg
y
repl
stra
regi
y
repl
tion
t
t
MC - 2008
8.11
Mobile IP registration request

0
7 8
type = 1
15 16
S B DMG r T x
home address
home agent
COA
23 24
li etime
31
identi ication
extensions . . .
S: simultaneous bindings
B: broadcast datagrams
D: decapsulation by MN
M mininal encapsulation
G: GRE encapsulation
r: =0, ignored
T: reverse tunneling requested
x: =0, ignored
MC - 2008
8.12
Mobile IP registration reply

0
7 8
type = 3
15 16
code
home address
home agent
31
li etime
identi ication
Example codes:
extensions . . .
registration success ul
0 registration accepted
1 registration accepted, but simultaneous mobility bindings unsupported
registration denied by FA
65 administratively prohibited
66 insu icient resources
67 mobile node ailed authentication
68 home agent ailed authentication
69 requested Li etime too long
registration denied by HA
129 administratively prohibited
131 mobile node ailed authentication
133 registration Identi ication mismatch
135 too many simultaneous mobility bindings
MC - 2008
8.13
Encapsulation
original IP header
new IP header
outer header
original data
new data
inner header
original data
MC - 2008
8.14
Encapsulation I
Encapsulation o one packet into another as payload
e.g. IPv6 in IPv4 (6Bone), Multicast in Unicast (Mbone)
here: e.g. IP-in-IP-encapsulation, minimal encapsulation or GRE (Generic
Record Encapsulation)
IP-in-IP-encapsulation (mandatory, RFC 2003)
tunnel between HA and COA
ver.
IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
IP-in-IP
IP checksum
IP address o HA
Care-o address COA
ver. IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
lay. 4 prot.
IP checksum
IP address o CN
IP address o MN
TCP/UDP/ ... payload
MC - 2008
8.15
Encapsulation II
Minimal encapsulation (optional)
avoids repetition o identical ields
e.g. TTL, IHL, version, DS (RFC 2474, old: TOS)
only applicable or non ragmented packets, no space le t or
ragment identi ication
ver.
IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
min. encap.
IP checksum
IP address o HA
care-o address COA
lay. 4 protoc. S reserved
IP checksum
IP address o MN
original sender IP address (i
S=1)

MC - 2008
8.16
Generic Routing Encapsulation

outer header
GRE
header
new header
RFC 1701
IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
GRE
IP checksum
IP address o HA
Care-o address COA
C R K S s rec.
rsv.
ver.
protocol
checksum (optional)
o set (optional)
key (optional)
sequence number (optional)
routing (optional)
ver.
IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
lay. 4 prot.
IP checksum
IP address o CN
IP address o MN
original
header
original data
original
header
original data
new data
ver.
RFC 2784 (updated by 2890)
C
reserved0
ver.
checksum (optional)
MC - 2008
protocol
reserved1 (=0)
8.17
Optimization o packet orwarding

Problem: Triangular Routing
sender sends all packets via HA to MN
higher latency and network load
Solutions
sender learns the current location o MN

direct tunneling to this location
HA in orms a sender about the location o MN
big security problems!
Change o FA
packets on-the- ly during the change can be lost
new FA in orms old FA to avoid packet loss, old FA now
orwards remaining packets to new FA
this in ormation also enables the old FA to release resources
or the MN
MC - 2008
8.18
Change o
CN
oreign agent
HA
Data
Update
FAold
MN
FAnew
Data
Data
ACK
Data
Data
Update
ACK
Data
Data
Warning
MN changes
location
Registration
Data
Request
Update
ACK
Data
Data
MC - 2008
t
8.19
Reverse tunneling (RFC 3024, was:

2344)
HA
2
MN
home network
sender
1
Internet
FA
3
CN
receiver
oreign
network
1. MN sends to FA
2. FA tunnels packets to HA
by encapsulation
3. HA orwards the packet to the
receiver (standard case)
MC - 2008
8.20
Mobile IP with reverse tunneling

Router accept o ten only topological correct addresses
( irewall!)
a packet rom the MN encapsulated by the FA is now topological
correct
urthermore multicast and TTL problems solved (TTL in the home
network correct, but MN is to ar away rom the receiver)
Reverse tunneling does not solve
problems with irewalls, the reverse tunnel can be abused to
circumvent security mechanisms (tunnel hijacking)
optimization o data paths, i.e. packets will be orwarded through
the tunnel via the HA to a sender (double triangular routing)
The standard is backwards compatible
the extensions can be implemented easily and cooperate with
current implementations without these extensions
Agent Advertisements can carry requests or reverse tunneling
MC - 2008
8.21
Mobile IP and IPv6 (RFC 3775)

Mobile IP was developed or IPv4, but IPv6 simpli ies the
protocols
security is integrated and not an add-on, authentication o
registration is included
COA can be assigned via auto-con iguration (DHCPv6 is one
candidate), every node has address auto-con iguration
no need or a separate FA, all routers per orm router
advertisement which can be used instead o the special
agent advertisement; addresses are always co-located
MN can signal a sender directly the COA, sending via HA not
needed in this case (automatic path optimization)
so t hand-over, i.e. without packet loss, between two
subnets is supported
MN sends the new COA to its old router
the old router encapsulates all incoming packets or the MN and
orwards them to the new COA
authentication is always granted
MC - 2008
8.22
Problems with mobile IP

Security
authentication with FA problematic, or the FA typically
belongs to another organization
no protocol or key management and key distribution has
been standardized in the Internet
patent and export restrictions
Firewalls
typically mobile IP cannot be used together with irewalls,
special set-ups are needed (such as reverse tunneling)
QoS
many new reservations in case o RSVP
tunneling makes it hard to give a low o
treatment needed or the QoS
Security, irewalls, QoS etc. are topics o
discussions
MC - 2008
8.23
packets a special
research and
IP Micro-mobility support
Micro-mobility support:
E icient local handover inside a oreign domain
without involving a home agent
Reduces control tra ic on backbone
Especially needed in case o route optimization
Example approaches (research, not products):

Cellular IP
HAWAII
Hierarchical Mobile IP (HMIP)
Important criteria:
Security E iciency, Scalability, Transparency, Manageability
MC - 2008
8.24
DHCP: Dynamic Host Con iguration

Protocol
Application
simpli ication o installation and maintenance o networked
computers
supplies systems with all necessary in ormation, such as IP
address, DNS server address, domain name, subnet mask,
de ault router etc.
enables automatic integration o systems into an Intranet or
the Internet, can be used to acquire a COA or Mobile IP
Client/Server-Model
the client sends via a MAC broadcast a request to the DHCP
DHCPDISCOVER
server (might be via a DHCP relay)
DHCPDISCOVER
server
client
client
relay
MC - 2008
8.25
DHCP - protocol mechanisms

client
initialization
server
(not selected)
determine the
con iguration
DHCPDISCOVER
server
(selected)
DHCPDISCOVER
determine the
con iguration
DHCPOFFER
DHCPOFFER
collection o replies
time
selection o con iguration
DHCPREQUEST
(reject)
DHCPREQUEST
(options)
con irmation o
con iguration
DHCPACK
initialization completed
release
DHCPRELEASE
MC - 2008
delete context
8.26
DHCP characteristics
Server
several servers can be con igured or DHCP, coordination not
yet standardized (i.e., manual con iguration)
Renewal o con igurations
IP addresses have to be requested periodically, simpli ied
protocol
Options
available or routers, subnet mask, NTP (network time
protocol) timeserver, SLP (service location protocol)
directory, DNS (domain name system)
MC - 2008
8.27
Mobile ad hoc networks

Standard Mobile IP needs an in rastructure
Home Agent/Foreign Agent in the ixed network
DNS, routing etc. are not designed or mobility
Sometimes there is no in rastructure!
remote areas, ad-hoc meetings, disaster areas
cost can also be an argument against an in rastructure!
Main topic: routing
no de ault router available
every node should be able to
orward
A
B
C
MC - 2008
8.28
Solution: Wireless ad-hoc networks

Network without in rastructure
Use components o participants or networking
Examples
Single-hop: All partners max. one hop apart
Bluetooth piconet, PDAs in a room,
gaming devices
Multi-hop: Cover larger distances,
circumvent obstacles
Bluetooth scatternet, TETRA police network,
car-to-car networks
Internet: MANET (Mobile Ad-hoc Networking) group
MC - 2008
8.29
Manet: Mobile Ad-hoc Networking

Mobile
Router
Manet
Mobile
Devices
Mobile IP,
DHCP
Fixed
Network
Router
Endsystem
MC - 2008
8.30
Problem No. 1: Routing

Highly dynamic network topology
Device mobility plus varying channel quality
Separation and merging o networks possible
Asymmetric connections possible
N7
N6
N7
N1
N1
N2
N4
N3
N2
N3
N4
N5
time = t1
N6
N5
time = t2
good link
weak link
MC - 2008
8.31
Traditional routing algorithms

Distance Vector
periodic exchange o messages with all physical neighbors
that contain in ormation about who can be reached at what
distance
selection o the shortest path i several paths available
Link State
periodic noti ication o all routers about the current state o
all physical links
router get a complete picture o the network
Example
ARPA packet radio network (1973), DV-Routing

every 7.5s exchange o routing tables including link quality
updating o tables also by reception o packets
routing problems solved with limited looding
MC - 2008
8.32
Routing in ad-hoc networks

THE big topic in many research projects
Far more than 50 di erent proposals exist
The most simplest one: Flooding!
Reasons
Classical approaches rom ixed networks ail
Very slow convergence, large overhead
High dynamicity, low bandwidth, low computing power
Metrics or routing
Minimal
Number o nodes, loss rate, delay, congestion, inter erence
Maximal
Stability o the logical network, battery run-time, time o
connectivity
MC - 2008
8.33
Problems o traditional routing

algorithms
Dynamic o the topology
requent changes o connections, connection quality,
participants
Limited per ormance o mobile systems
periodic updates o routing tables need energy without
contributing to the transmission o user data, sleep modes
di icult to realize
limited bandwidth o the system is reduced even more due
to the exchange o routing in ormation
links can be asymmetric, i.e., they can have a direction
dependent transmission quality
MC - 2008
8.34
DSDV (Destination Sequenced

Distance Vector, historical)
Early work
on demand version: AODV
Expansion o distance vector routing

Sequence numbers or all routing updates
assures in-order execution o all updates
avoids loops and inconsistencies
Decrease o update requency

store time between irst and best announcement o a path
inhibit update i it seems to be unstable (based on the stored
time values)
MC - 2008
8.35
Dynamic source routing I

Split routing into discovering a path and maintaining a
path
Discover a path
only i a path or sending packets to a certain destination is
needed and no path is currently available
Maintaining a path
only while the path is in use one has to make sure that it
can be used continuously
No periodic updates needed!
MC - 2008
8.36
Dynamic source routing II

Path discovery
broadcast a packet with destination address and unique ID
i a station receives a broadcast packet
i the station is the receiver (i.e., has the correct destination address)
then return the packet to the sender (path was collected in the packet)
i the packet has already been received earlier (identi ied via ID) then
discard the packet
otherwise, append own address and broadcast packet
sender receives packet with the current path (address list)
Optimizations
limit broadcasting i maximum diameter o the network is known
caching o address lists (i.e. paths) with help o passing packets
stations can use the cached in ormation or path discovery (own paths
or paths or other hosts)
MC - 2008
8.37
DSR: Route Discovery

Sending rom C to O
P
C
B
R
Q
G
I
E
M
K
A
O
H
L
D
F
N
J
MC - 2008
8.38

Broadcast
P
R
[O,C,4711]
C
B
Q
G
[O,C,4711]
I
E
M
K
A
O
H
L
D
F
N
J
MC - 2008
8.39

P
R
[O,C/G,4711]
C
B
[O,C/G,4711]
G
[O,C/B,4711]
Q
I
E
M
K
A
[O,C/E,4711]
H
L
D
F
O
N
J
MC - 2008
8.40

P
C
B
R
Q
G
[O,C/G/I,4711]
I
E
M
K
A
H
[O,C/B/A,4711]
O
[O,C/E/H,4711]
L
D
F
N
J
[O,C/B/D,4711]
(alternatively: [O,C/E/D,4711])
MC - 2008
8.41

P
C
B
R
Q
G
[O,C/G/I/K,4711]
I
E
M
K
A
O
H
L
D
F
[O,C/B/D/F,4711]
N
J
[O,C/E/H/J,4711]
MC - 2008
8.42

P
C
B
R
Q
G
[O,C/G/I/K/M,4711]
I
E
M
K
A
O
H
L
D
F
N
J
[O,C/E/H/J/L,4711]
(alternatively: [O,C/G/I/K/L,4711])
MC - 2008
8.43

P
C
B
R
Q
G
I
E
M
K
A
O
H
L
D
F
N
J
[O,C/E/H/J/L/N,4711]
MC - 2008
8.44

P
C
B
R
Q
G
Path: M, K, I, G
I
E
M
K
A
O
H
L
D
F
N
J
MC - 2008
8.45
Dynamic Source Routing III

Maintaining paths
a ter sending a packet
wait or a layer 2 acknowledgement (i applicable)
listen into the medium to detect i other stations orward the
packet (i possible)
request an explicit acknowledgement
i a station encounters problems it can in orm the sender o
a packet or look-up a new path locally
MC - 2008
8.46
Inter erence-based routing

Routing based on assumptions about inter erence between
signals
N1
N2
R1
S1
N3
N4
N5
S2
neighbors
(i.e. within radio range)
N7
N6
N8
R2
N9
MC - 2008
8.47
Examples
routing
or inter erence based
Least Inter erence Routing (LIR)

calculate the cost o a path based on the number o
that can receive a transmission
Max-Min Residual Capacity Routing (MMRCR)
calculate the cost o a path based on a probability
success ul transmissions and inter erence
stations
unction o
Least Resistance Routing (LRR)

calculate the cost o a path based on inter erence, jamming
and other transmissions
LIR is very simple to implement, only in ormation
direct neighbors is necessary
MC - 2008
8.48
rom
A plethora o ad hoc routing protocols

Flat
proactive
FSLS Fuzzy Sighted Link State
FSR Fisheye State Routing
OLSR Optimized Link State Routing Protocol (RFC 3626)
TBRPF Topology Broadcast Based on Reverse Path Forwarding
reactive
AODV Ad hoc On demand Distance Vector (RFC 3561)
DSR Dynamic Source Routing (RFC 4728)
DYMO Dynamic MANET On-demand
Two promising
candidates:
OLSRv2 and
DYMO
Hierarchical
CGSR Clusterhead-Gateway Switch Routing

HSR Hierarchical State Routing
LANMAR Landmark Ad Hoc Routing
ZRP Zone Routing Protocol
DREAM Distance Routing E ect Algorithm or Mobility

GeoCast Geographic Addressing and Routing
GPSR Greedy Perimeter Stateless Routing
LAR Location-Aided Routing
Geographic position assisted
MC - 2008
8.49
Further di iculties and research areas

Auto-Con iguration
Assignment o addresses, unction, pro ile, program,
Service discovery
Discovery o services and service providers
Multicast
Transmission to a selected group o receivers
Quality-o -Service
Maintenance o a certain transmission quality
Power control
Minimizing inter erence, energy conservation mechanisms
Security
Data integrity, protection
rom attacks (e.g. Denial o Service)
Scalability
10 nodes? 100 nodes? 1000 nodes? 10000 nodes?
Integration with ixed networks
MC - 2008
8.50
Clustering o ad-hoc networks

Internet
Cluster head
Base station
Cluster
Super cluster
MC - 2008
8.51

Total

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Total

Uploaded by

Copyright:

Available Formats

****** Mobile Communications Introduction ******

****** Computers for the next decades? ******

o crisis, war, ...

****** Mobile devices ******

* Many people in history used light for communication

* 1996 HiperLAN (High Performance Radio Local Area Network)

1994: DCS 1800

****** Simple reference model used here ******

* Signals - electric or electromagnetic representations of data

o Quarter-wave vertical antenna (or Marconi antenna)

o detection of the signal possible

o signal paths change

* Mobile stations communicate only via the base station

o signal strength decreases proportional to the square o the

****** FDD/FDMA - general scheme, example GSM ******

Foundation Wireless MAC)

****** CDMA on signal level I ******

o high audio quality and reliability or wireless, uninterrupted

o Emergency number common number throughout Europe (112); mandatory

****** GSM: overview ******

# terminal adaptation, hides radio speci ic characteristics

the network subsystem

o Enhanced ull rate

***** In ormation Field: Carries the Layer III payload *****

***** Reason *****

o Responsible or delivery and routing o data packets between the

****** Mobility Management ******

# necessary or a wireless connection

resources at the basestation and mobile terminal

****** IMT-2000 amily ******

FBI: Feedback In ormation

o Controlled by the RNC and CN

1945 Arthur C. Clarke publishes an essay about Extra Terrestrial Relays

elevation o the satellite

* global radio coverage possible

* FIC (Fast In ormation Channel)

requirements or transmission quality and bit rates

users pulling a plug...

* Basic Service Set (BSS)

o de ined through di erent inter rame spaces

channels or 802.11a / US U-NII ******

o EDCA (Enhanced Distributed Channel Access): high priority tra ic

* 802.11w: Securing o network control

****** Scatternet ******

o Master determines channel and phase

o Class 3: Nominal output is 1 mW

* Intercom Pro ile

* Relation to 802.15.4 similar to Bluetooth / 802.15.1

localization o pallets, goods etc.

# Part 2, 125-135 kHz

( orwarding integrated in mobile terminals)

o MAC can in orm TCP layer o upcoming loss o connection

* Max. Segment Size

* Con lict detection

without an error message?

* The Web is no ile system

# how to use SSL/TLS together with proxies?

(SA, SP, DA, DP, UD)

(SA, SP, DA, DP,

2 transaction, no user ack, no hold on ******

2 transaction, user ack ******

o presentation depends on device capabilities

***** i (pizza_type = &quot;Vulcano&quot;) { *****

***** </si> *****

Mobile Communications Introduction

Computers for the next decades?

Mobile devices

Simple reference model used here

FDD/FDMA - general scheme, example GSM

CDMA on signal level I

GSM: overview

* In ormation Field: Carries the Layer III payload *

* Reason *

Mobility Management

IMT-2000 amily

Scatternet

* i (pizza_type = "Vulcano") { *

* </si> *