Professional Documents
Culture Documents
300 THz
visible light
VLF
LF
MF
HF
VHF
UHF
SHF
EHF
infrared
UV
optical transmission
coax cable
twisted pair
****** Frequencies for mobile communication ******
* VHF-/UHF-ranges for mobile radio
o simple, small antenna for cars
o deterministic propagation characteristics, reliable connections
* SHF and higher for directed radio links, satellite communication
o small antenna, beam forming
o large bandwidth available
* Wireless LANs use frequencies in UHF to SHF range
o some systems planned up to EHF
o limitations due to absorption by water and oxygen molecules
(resonance frequencies)
# weather dependent fading, signal loss caused by heavy
rainfall etc.
****** Frequencies and regulations ******
* ITU-R holds auctions for new frequencies, manages frequency bands
worldwide (WRC, World Radio Conferences)
Examples
Europe
USA
Japan
GSM 880-915, 925- AMPS, TDMA, CDMA,
PDC, FOMA 810-888,
960, 1710-1785,
GSM 824-849, 869-894 893-958
Cellular phones 1805-1880
TDMA, CDMA, GSM,
PDC 1429-1453, 1477UMTS 1920-1980,
UMTS 1850-1910,
1501
2110-2170
1930-1990
FOMA 1920-1980, 21102170
CT1+ 885-887, 930- PACS 1850-1910,
Cordless phones 932
1930-1990
PHS 1895-1918
CT2 864-868
PACS-UB 1910-1930
JCT 245-380
DECT 1880-1900
Wireless LANs
802.11b/g 2412-2472 802.11b/g 2412-2462 802.11b 2412-2484
802.11g 2412-2472
Other RF systems 27, 128, 418, 433, 315, 915
426, 868
868
****** Signals I ******
* physical representation of data
* Analog signal - signal intensity varies in a smooth fashion over time
o No breaks or discontinuities in the signal
* Digital signal - signal intensity maintains a constant level for some
period of time and then changes to another constant level
* Periodic signal - analog or digital signal pattern that repeats over time
o s(t +T) = s(t) where T is the period of the signal
Aperiodic signal - analog or digital signal pattern that doesn't repeat over
time
****** Signals I ******
* signal parameters of periodic signals: period T, frequency f=1/T,
amplitude A, phase shift
o sine wave as special periodic signal for a carrier: s(t) = At sin(2
ft t + t)
* Peak amplitude (A) - maximum value or strength of the signal over time
(measured in volts)
* Frequency (f)
o Rate, in cycles per second, or Hertz (Hz) at which the signal
repeats
* Period (T) - amount of time it takes for one repetition of the signal
o T = 1/f
* Phase ( ) - measure of the relative position in time within a single
period of a signal
****** Fourier representation of periodic signals ******
1
0
1
0
t
t
ideal periodic signal
real composition
(based on harmonics)
****** Signals II ******
* Different representations of signals
o amplitude (amplitude domain)
o frequency spectrum (frequency domain)
o phase state diagram (amplitude M and phase
in polar coordinates)
* Composed signals transferred into frequency domain using Fourier
transformation
* Digital signals need
o infinite frequencies for perfect transmission
o modulation with a carrier frequency for transmission (analog
signal!)
f [Hz]
A [V]
I= M cos
Q = M sin
A [V]
t[s]
****** Antenna ******
* An antenna is an electrical conductor or system of conductors
o Transmission - radiates electromagnetic energy into space
o Reception - collects electromagnetic energy from space
* In two-way communication, the same antenna can be used for transmission
and reception
* Radiation and reception of electromagnetic waves, coupling of wires to
space for radio transmission
****** Radiation Patterns ******
* Radiation pattern
o Graphical representation of radiation properties of an antenna
o Depicted as two-dimensional cross section
* Beam width (or half-power beam width)
o Measure of directivity of antenna
* Reception pattern
o Receiving antennas equivalent to radiation pattern
****** Types of Antennas ******
* Isotropic antenna (idealized)
o Radiates power equally in all directions
* Dipole antennas
o Half-wave dipole antenna (or Hertz antenna)
z
* Often used for microwave connections or base stations for mobile phones
(e.g., radio coverage of a valley)
directed
antenna
sectorized
antenna
****** Antennas: diversity ******
* Grouping of 2 or more antennas-smart antennas
o multi-element antenna arrays
* Antenna diversity
o switched diversity, selection diversity
# receiver chooses antenna with largest output
o diversity combining
# combine output power to produce gain
# cophasing needed to avoid cancellation
+
/4
/2
/4
ground plane
/2
/2
+
/2
****** MIMO ******
* Multiple-Input Multiple-Output
o Use of several antennas at receiver and transmitter
o Increased data rates and transmission range without additional
transmit power or bandwidth via higher spectral efficiency, higher
link robustness, reduced fading
* Examples
o IEEE 802.11n, LTE, HSPA+,
* Functions
o Beamforming: emit the same signal from all antennas to maximize
signal power at receiver antenna
o Spatial multiplexing: split high-rate signal into multiple lower
rate streams and transmit over different antennas
o Diversity coding: transmit single stream over different antennas
with (near) orthogonal codes
sender
receiver
t1
t2
t3
Time of flight
t2=t1+d2
t3=t1+d3
1
2
3
Sending time
1: t0
2: t0-d2
3: t0-d3
****** Signal propagation ranges ******
* Transmission range
o communication possible
o low error rate
* Detection range
* Disadvantages
o waste of bandwidth if the traffic is distributed unevenly
o inflexible
k2
k3
k4
k5
k6
k1
f
t
c
****** Time multiplex ******
* Allows access to entire frequency bandwidth but for a limited amount of
time
* All senders use same frequency in at different time
* If two transmissions overlap known as co-channel interference
* Precise clock synchronisation required
****** Time multiplex ******
f
t
c
k2
k3
k4
k5
k6
k1
* A channel gets the whole spectrum for a certain amount of time
* Advantages
o only one carrier in the medium at any time
o throughput high even for many users
* Disadvantages
o precise synchronization necessary
****** Time and frequency multiplex ******
* By allowing a channel to use a certain frequency for a certain period of
time more efficient use of resource is achieved
* More robust against interference and tapping
* This is the scheme used by GSM between the handset and base station
* Requires coordination between the different senders
* Two senders will interfere if they select the same frequency
***** To avoid this the senders hop between frequencies: *****
if the hop is fast enough the period of interference may be so small that if
the coding of the data signal is sufficient to allow the receiver to recover
the data the interference is deemed acceptable
****** Time and frequency multiplex ******
f
* Combination of both methods
* A channel gets a certain frequency band for a certain amount of time
* Example: GSM, Bluetooth
* Advantages
o better protection against tapping
o protection against frequency selective interference
* but: precise coordination required
t
c
k2
k3
k4
k5
k6
k1
****** Code multiplex ******
* Each channel has a unique code
* All channels use the same spectrum at the same time
* Implemented using spread spectrum technology
* Advantages
o bandwidth efficient
o no coordination and synchronization necessary
o good protection against interference and tapping
* Disadvantages
o varying user data rates
o more complex signal regeneration
k2
k3
k4
k5
k6
k1
f
t
c
****** Code multiplex ******
* Highly complex scheme
* Receiver has to know the code & be able to separate out other traffic
on different codes which appear as background noise
* Receiver & transmitter must be synchronised to provide correct
decoding
* All signals must reach the receiver with relatively equal strength or the
receiver will not be able to distinguish between them
****** Modulation ******
* Digital modulation
o digital data is translated into an analog signal (baseband)
o ASK, FSK, PSK - main focus in this chapter
o differences in spectral efficiency, power efficiency, robustness
* Analog modulation
o shifts center frequency of baseband signal up to the radio carrier
* Motivation
o smaller antennas (e.g., /4)
o Frequency Division Multiplexing
o medium characteristics
* Basic schemes
o Amplitude Modulation (AM)
o Frequency Modulation (FM)
o Phase Modulation (PM)
****** Modulation and demodulation ******
synchronization
decision
digital
data
analog
demodulation
radio
carrier
analog
baseband
signal
101101001
radio receiver
digital
modulation
digital
data
analog
modulation
radio
carrier
analog
baseband
signal
101101001
radio transmitter
****** Digital modulation ******
* Modulation of digital signals known as Shift Keying
* Amplitude Shift Keying (ASK):
o very simple
o low bandwidth requirements
o very susceptible to interference
* Frequency Shift Keying (FSK):
o needs larger bandwidth
* Phase Shift Keying (PSK):
o more complex
o robust against interference
1
0
1
t
1
0
1
t
1
0
1
t
****** Advanced Frequency Shift Keying ******
* bandwidth needed for FSK depends on the distance between the carrier
frequencies
MSK (Minimum Shift
* special pre-computation avoids sudden phase shifts
Keying)
o bit separated into even and odd bits, the duration of each bit is
doubled
o depending on the bit values (even, odd) the higher or lower
frequency, original or inverted is chosen
o the frequency of one carrier is twice the frequency of the other
o Equivalent to offset QPSK
* even higher bandwidth efficiency using a Gaussian low-pass filter
GMSK
(Gaussian MSK), used in GSM
****** Example of MSK ******
data
even bits
odd bits
1
1
1
1
0
0
0
t
low frequency
high frequency
MSK
signal
bit
even 0 1 0 1
odd 0 0 1 1
signal h n n h value - - + +
h: high frequency
n: low frequency
+: original signal
-: inverted signal
No phase shifts!
****** Advanced Phase Shift Keying ******
* BPSK (Binary Phase Shift Keying):
o bit value 0: sine wave
o bit value 1: inverted sine wave
o very simple PSK
o low spectral efficiency
o robust, used e.g. in satellite systems
* QPSK (Quadrature Phase Shift Keying):
o 2 bits coded as one symbol
o symbol determines shift of sine wave
o needs less bandwidth compared to BPSK
o more complex
* Often also transmission of relative, not absolute phase shift: DQPSK Differential QPSK (IS-136, PHS)
11
10
00
01
Q
I
0
1
Q
I
11
01
10
00
A
t
****** Quadrature Amplitude Modulation ******
* Quadrature Amplitude Modulation (QAM)
o combines amplitude and phase modulation
o it is possible to code n bits using one symbol
o 2n discrete levels, n=2 identical to QPSK
* Bit error rate increases with n, but less errors compared to comparable
PSK schemes
o Example: 16-QAM (4 bits = 1 symbol)
o Symbols 0011 and 0001 have the same phase , but di erent
amplitude a. 0000 and 1000 have di erent phase, but same
amplitude.
0000
0001
0011
1000
Q
I
0010
a
****** Hierarchical Modulation ******
* DVB-T modulates two separate data streams onto a single DVB-T stream
* High Priority (HP) embedded within a Low Priority (LP) stream
* Multi carrier system, about 2000 or 8000 carriers
* QPSK, 16 QAM, 64QAM
* Example: 64QAM
o good reception: resolve the entire 64QAM constellation
o poor reception, mobile reception: resolve only QPSK portion
o 6 bit per QAM symbol, 2 most signi icant determine QPSK
o HP service coded in QPSK (2 bit), LP uses remaining 4 bit
Q
I
00
10
000010
010101
****** Spread spectrum technology ******
* Problem o radio transmission: requency dependent ading can wipe out
narrow band signals or duration o the inter erence
* Solution: spread the narrow band signal into a broad band signal using a
special code
o protection against narrow band inter erence
* Side e ects:
o coexistence o several signals without dynamic coordination
o tap-proo
* Alternatives: Direct Sequence, Frequency Hopping
detection at
receiver
inter erence
spread signal
signal
spread
inter erence
power
power
****** E ects o spreading and inter erence-(bandpass
dP/d
i)
dP/d
ii)
sender
dP/d
iii)
dP/d
iv)
receiver
v)
user signal
broadband inter erence
narrowband inter erence
ilter) ******
dP/d
****** Spreading and requency selective ading ******
requency
channel quality
1
2
3
4
5
6
narrow band signal
guard space
2
2
2
2
2
requency
channel quality
1
spread spectrum
narrowband channels
spread spectrum channels
****** DSSS (Direct Sequence Spread Spectrum) I(3G) ******
* XOR o the signal with pseudo-random number (chipping sequence)
o many chips per bit (e.g., 128) result in higher bandwidth o the
signal
* Advantages
o reduces requency selective ading
o in cellular networks
# base stations can use the same requency range
# several base stations can detect and recover the signal
# so t handover
* Disadvantages
o precise power control necessary
user data
chipping
sequence
resulting
signal
0
1
0
1
1
0
1
0
1
0
1
0
0
1
1
1
XOR
0
1
1
0
0
1
0
1
1
0
1
0
0
1
=
tb
tc
tb: bit period
tc: chip period
****** DSSS (Direct Sequence Spread Spectrum) II ******
X
user data
chipping
sequence
modulator
radio
carrier
spread
spectrum
signal
transmit
signal
transmitter
demodulator
received
signal
radio
carrier
X
chipping
sequence
lowpass
iltered
signal
receiver
integrator
products
decision
data
sampled
sums
correlator
****** FHSS (Frequency Hopping Spread Spectrum) I(Bluetooth) ******
* Discrete changes o carrier requency
o sequence o requency changes determined via pseudo random number
sequence
* Two versions
o Fast Hopping: several requencies per user bit
o Slow Hopping: several user bits per requency
* Advantages
o requency selective ading and inter erence limited to short period
o simple implementation
o uses only small portion o spectrum at any time
* Disadvantages
o not as robust as DSSS
o simpler to detect
****** FHSS (Frequency Hopping Spread Spectrum) II ******
user data
slow
hopping
(3 bits/hop)
ast
hopping
(3 hops/bit)
0
1
tb
0
1
1
t
1
2
3
t
td
1
2
3
t
td
tb: bit period td: dwell time(time spend on a channel with certain
****** FHSS (Frequency Hopping Spread Spectrum) III ******
modulator
user data
hopping
sequence
modulator
narrowband
signal
spread
transmit
signal
transmitter
received
signal
receiver
demodulator
data
requency
synthesizer
hopping
sequence
demodulator
requency
synthesizer
narrowband
signal
****** Cellular System ******
* Implements space division multiplex
o base station covers a certain transmission area (cell)
requency )
6
7
3
2
4
5
1
3
5
6
7
2
2
1
1
1
2
3
2
3
2
3
h1
h2
h3
g1
g2
g3
h1
h2
h3
g1
g2
g3
g1
g2
g3
3 cell cluster
7 cell cluster
3 cell cluster
with 3 sector antennas
****** Cell breathing ******
* CDM systems: cell size depends on current load
* Additional tra ic appears as noise to other users
* I the noise level is too high users drop out o cells
****** Mobile Communications Chapter 3 : Media Access ******
* Motivation
* SDMA, FDMA, TDMA
* Aloha, reservation schemes
* Collision avoidance, MACA
* Polling
* CDMA, SAMA
* Comparison
****** Motivation ******
* Can we apply media access methods rom ixed networks?
* Example CSMA/CD
o Carrier Sense Multiple Access with Collision Detection
o send as soon as the medium is ree, listen into the medium i
collision occurs (legacy method in IEEE 802.3)
* Problems in wireless networks
t
t
****** DAMA - Demand Assigned Multiple Access ******
* Channel e iciency only 18% or Aloha, 36% or Slotted Aloha (assuming
Poisson distribution or packet arrival and packet length)
* Reservation can increase e iciency to 80%
o a sender reserves a uture time-slot
o sending within this reserved time-slot is possible without
collision
o reservation also causes higher delays
o typical scheme or satellite links
* Examples or reservation algorithms:
o Explicit Reservation according to Roberts (Reservation-ALOHA)
o Implicit Reservation (PRMA)
o Reservation-TDMA
****** Access method DAMA: Explicit Reservation ******
* Explicit Reservation (Reservation Aloha):
o two modes:
# ALOHA mode or reservation: competition or small reservation
slots, collisions possible
# reserved mode or data transmission within success ul
reserved slots (no collisions possible)
o it is important or all stations to keep the reservation list
consistent at any point in time and, there ore, all stations have
to synchronize rom time to time
Aloha
reserved
Aloha
reserved
Aloha
reserved
Aloha
collision
t
****** Access method DAMA: PRMA ******
* Implicit reservation (PRMA - Packet Reservation MA):
o a certain number o slots orm a rame, rames are repeated
o stations compete or empty slots according to the slotted aloha
principle
o once a station reserves a slot success ully, this slot is
automatically assigned to this station in all ollowing rames as
long as the station has data to send
o competition or this slots starts again as soon as the slot was
empty in the last rame
rame1
rame2
rame3
rame4
rame5
1
2
3
4
5
6
7
8
time-slot
collision at reservation attempts
A
C
D
A
B
A
F
A
C
A
B
A
A
B
A
F
A
B
A
F
D
A
C
E
E
B
A
F
D
t
ACDABA-F
ACDABA-F
AC-ABAFA---BAFD
ACEEBAFD
reservation
****** Access method DAMA: Reservation-TDMA ******
* Reservation Time Division Multiple Access
o every rame consists o N mini-slots and x data-slots
o every station has its own mini-slot and can reserve up to k dataslots using this mini-slot (i.e. x = N * k).
o other stations can send data in unused data-slots according to a
round-robin sending scheme (best-e ort tra ic)
N mini-slots
N * k data-slots
reservations or data-slots
other stations can use ree data-slots
based on a round-robin scheme
e.g. N=6, k=2
****** MACA - collision avoidance ******
* MACA (Multiple Access with Collision Avoidance) uses short signaling
packets or collision avoidance
o RTS (request to send): a sender request the right to send rom a
receiver with a short RTS packet be ore it sends a data packet
o CTS (clear to send): the receiver grants the right to send as soon
as it is ready to receive
* Signaling packets contain
o sender address
o receiver address
o packet size
* Variants o this method can be ound in IEEE802.11 as DFWMAC (Distributed
collision with the help o CDMA or FDMA (the random number can be
seen as dynamic address)
o the base station now chooses one address or polling rom the list
o all random numbers (collision i two terminals choose the same
address)
o the base station acknowledges correct packets and continues polling
the next terminal
o this cycle starts again a ter polling all terminals o the list
****** ISMA (Inhibit Sense Multiple Access) ******
* Current state o the medium is signaled via a busy tone
o the base station signals on the downlink (base station to
terminals) i the medium is ree or not
o terminals must not send i the medium is busy
o terminals can access the medium as soon as the busy tone stops
o the base station signals collisions and success ul transmissions
via the busy tone and acknowledgements, respectively (media access
is not coordinated within this approach)
o mechanism used, e.g., or CDPD (USA, integrated into AMPS)
****** Mobile Communications Chapter 3 : Media Access ******
* Motivation
* SDMA, FDMA, TDMA
* Aloha, reservation schemes
* Collision avoidance, MACA
* Polling
* CDMA, SAMA
* Comparison
****** Access method CDMA ******
* CDMA (Code Division Multiple Access)
o all terminals send on the same requency probably at the same time
and can use the whole bandwidth o the transmission channel
o each sender has a unique random number, the sender XORs the signal
with this random number
o the receiver can tune into this signal i it knows the pseudo
random number, tuning is done via a correlation unction
* Disadvantages:
o higher complexity o a receiver (receiver cannot just listen into
the medium and start receiving i there is a signal)
o all signals should have the same strength at a receiver
* Advantages:
o all terminals can use the same requency, no planning needed
o huge code space (e.g. 232) compared to requency space
o inter erences (e.g. white noise) is not coded
o orward error correction and encryption can be easily integrated
****** CDMA in theory ******
* Sender A
o sends Ad = 1, key Ak = 010011 (assign: 0= -1, 1= +1)
o sending signal As = Ad * Ak = (-1, +1, -1, -1, +1, +1)
* Sender B
o sends Bd = 0, key Bk = 110101 (assign: 0= -1, 1= +1)
o sending signal Bs = Bd * Bk = (-1, -1, +1, -1, +1, -1)
* Both signals superimpose in space
o inter erence neglected (noise etc.)
o As + Bs = (-2, 0, 0, -2, +2, 0)
* Receiver wants to receive signal rom sender A
o apply key Ak bitwise (inner product) [Ae= (As + Bs )* Ak ]
# Ae = (-2, 0, 0, -2, +2, 0)
Ak = 2 + 0 + 0 + 2 + 2 + 0 = 6
# result greater than 0, there ore, original bit was 1
o receiving B [Be= (As + Bs )* Bk ]
# Be = (-2, 0, 0, -2, +2, 0)
Bk = -2 + 0 + 0 - 2 - 2 + 0 = 6, i.e. 0
1
0
0
0
0
0
1
1
0
1
0
1
0
0
0
0
1
0
1
1
1
1
1
1
0
0
1
1
0
1
0
0
0
0
1
0
1
1
1
Bd
Bk
Bs
As
****** CDMA on signal level III ******
Ak
(As + Bs) * Ak
integrator
output
comparator
output
As + Bs
data A
1
0
1
1
0
1
Ad
****** CDMA on signal level IV ******
integrator
output
comparator
output
Bk
(As + Bs) * Bk
As + Bs
data B
1
0
0
1
0
0
Bd
****** CDMA on signal level V ******
comparator
output
wrong
key K
integrator
output
(As + Bs) * K
As + Bs
(0)
(0)
?
****** SAMA - Spread Aloha Multiple Access ******
* Aloha has only a very low e iciency, CDMA needs complex receivers to be
able to receive di erent senders with individual codes at the same time
* Idea: use spread spectrum with only one single code (chipping sequence)
or spreading or all senders accessing according to aloha
1
sender A
0
sender B
0
1
t
narrow band
send or a
shorter period
with higher power
spread the signal e.g. using the chipping sequence 110101 (CDMA without CD)
Problem: ind a chipping sequence with good characteristics
1
1
collision
****** Comparison SDMA/TDMA/FDMA/CDMA ******
****** Mobile Communications Chapter 4: Wireless Telecommunication Systems
******
* Market
* GSM
* DECT
* TETRA
* UMTS/IMT-2000
****** Mobile phone subscribers worldwide ******
year
Subscribers [million]
0
200
400
600
800
1000
1200
1400
1600
1996
1997
1998
1999
2000
2001
2002
2003
2004
approx. 1.7 bn
GSM total
TDMA total
CDMA total
PDC total
Analogue total
W-CDMA
Total wireless
Prediction (1998)
2008:
>3.3 bn!
****** Development o mobile telecommunication systems ******
1G
2G
3G
2.5G
IS-95
cdmaOne
IS-136
TDMA
D-AMPS
GSM
PDC
GPRS
IMT-DS
UTRA FDD / W-CDMA
EDGE
IMT-TC
UTRA TDD / TD-CDMA
cdma2000 1X
1X EV-DV
(3X)
AMPS
NMT
IMT-SC
IS-136HS
UWC-136
IMT-TC
TD-SCDMA
CT0/1
CT2
IMT-FT
DECT
CDMA
TDMA
FDMA
IMT-MC
cdma2000 1X EV-DO
HSPA
****** Some statistics ******
* 16th April 2008: The GSMA, the global trade group or the mobile
industry, today announced that total connections to GSM mobile
communications networks have now passed the 3 Billion mark globally. The
third billion landmark has been reached just our years a ter the GSM
industry surpassed its irst billion, and just two years rom the second
billionth connection. The 3 Billion landmark has been surpassed just 17
years a ter the irst GSM network launch in 1991. Today more than 700
mobile operators across 218 countries and territories o the world are
adding new connections at the rate o 15 per second, or 1.3 million per
day.
* The worlds biggest GSM markets today are China (509 million), which is
growing at a rate o more than 7 million new connections a month and
accounts or 14% o the third billion growth; India (193 million),
growing at 6 million per month accounts or 12% o the third billion
growth, Russia (178 million) and Brazil (93 million) which both
contributed 4% o the third billion growth.
****** How does it work? ******
* How can the system locate a user?
* Why dont all phones ring at the same time?
* What happens i two users talk simultaneously?
* Why dont I get the bill rom my neighbor?
* Why can an Australian use her phone in Berlin?
* Why cant I simply overhear the neighbors communication?
* How secure is the mobile phone system?
* What are the key components o the mobile phone network?
****** GSM: Overview ******
* GSM
o ormerly: Groupe Spciale Mobile ( ounded 1982)
o now: Global System or Mobile Communication
o Pan-European standard (ETSI, European Telecommunications
Standardisation Institute)
o simultaneous introduction o essential services in three phases
(1991, 1994, 1996) by the European telecommunication
administrations (Germany: D1 and D2)
seamless roaming within
Europe possible
* Today many providers all over the world use GSM (218 countries in Asia,
A rica, Europe, Australia, America)
o more than 3 billion subscribers in more than 700 networks
o more than 75% o all digital mobile phones use GSM
o over 200 million SMS per month in Germany, > 550 billion/year
worldwide (> 10% o the revenues or many operators) [be aware:
these are only rough numbers]
****** Per ormance characteristics o GSM (wrt. analog sys.) ******
* Communication
o mobile, wireless communication; support or voice and data services
* Total mobility
o international access, chip-card enables use o access points o
di erent providers
* Worldwide connectivity
o one number, the network handles localization
* High capacity
o better requency e iciency, smaller cells, more customers per cell
* High transmission quality
MSC
MSC
ixed partner networks
IWF
ISDN PSTN
PSPDN CSPDN
SS7
EIR
HLR
VLR
ISDN PSTN
****** System architecture: radio subsystem ******
* Components
o MS (Mobile Station)
o BSS (Base Station Subsystem): consisting o
# BTS (Base Transceiver Station): sender and receiver
# BSC (Base Station Controller): controlling several
transceivers
* Inter aces
o Um : radio inter ace
o Abis : standardized, open inter ace with 16 kbit/s user channels
o A: standardized, open inter ace with 64 kbit/s user channels
Um
Abis
A
BSS
radio subsystem
network and switching subsystem
MS
MS
BTS
BSC
MSC
BTS
BTS
BSC
BTS
MSC
****** System architecture: network and switching subsystem ******
* Components
o MSC (Mobile Services Switching Center):
o IWF (Interworking Functions)
o ISDN (Integrated Services Digital Network)
o PSTN (Public Switched Telephone Network)
o PSPDN (Packet Switched Public Data Net.)
o CSPDN (Circuit Switched Public Data Net.)
* Databases
o HLR (Home Location Register)
o VLR (Visitor Location Register)
o EIR (Equipment Identity Register)
network subsystem
MSC
MSC
ixed partner networks
IWF
ISDN PSTN
PSPDN CSPDN
SS7
EIR
HLR
VLR
ISDN PSTN
****** Radio subsystem ******
* The Radio Subsystem (RSS) comprises the cellular mobile network up to the
switching centers
* Components
o Base Station Subsystem (BSS):
# Base Transceiver Station (BTS): radio components including
sender, receiver, antenna - i directed antennas are used one
BTS can cover several cells
# Base Station Controller (BSC): switching between BTSs,
controlling BTSs, managing o network resources, mapping o
radio channels (Um) onto terrestrial channels (A inter ace)
# BSS = BSC + sum(BTS) + interconnection
o Mobile Stations (MS)
****** GSM: cellular network ******
possible radio coverage o the cell
idealized shape o the cell
cell
segmentation o the area into cells
* use o several carrier requencies
* not the same requency in adjoining cells
* cell sizes vary rom some 100 m up to 35 km depending on user density,
geography, transceiver power etc.
* hexagonal shape o cells is idealized (cells overlap, shapes depend on
geography)
* i a mobile user changes cells handover o the connection to the neighbor
cell
****** GSM requency bands (examples) ******
Type
Channels
Uplink [MHz] Downlink [MHz]
GSM 850 128-251
824-849
869-894
GSM 900 0-124, 955-1023 876-915
921-960
classical 124 channels
890-915
935-960
extended +49 channels
880-915
925-960
GSM 1800 512-885
1710-1785
1805-1880
GSM 1900 512-810
1850-1910
1930-1990
GSM-R
955-1024, 0-124 876-915
921-960
exclusive 69 channels
876-880
921-925
* Additionally: GSM 400 (also named GSM 450 or GSM 480 at 450-458/460-468
or 479-486/489-496 MHz)
* Please note: requency ranges may vary depending on the country!
* Channels at the lower/upper edge o a requency band are typically not
used
****** Example coverage o GSM networks (www.gsmworld.com) ******
T-Mobile (GSM-900/1800) Germany
O2 (GSM-1800) Germany
AT&T (GSM-850/1900) USA
Vodacom (GSM-900) South A rica
****** Base Transceiver Station and Base Station Controller ******
* Tasks o a BSS are distributed over BSC and BTS
* BTS comprises radio speci ic unctions
* BSC is the switching center or radio channels
****** Mobile station ******
* Terminal or the use o GSM services
* A mobile station (MS) comprises several unctional groups
o MT (Mobile Terminal):
# o ers common unctions used by all services the MS o ers
# corresponds to the network termination (NT) o an ISDN access
# end-point o the radio inter ace (Um)
o TA (Terminal Adapter):
24
25
...
super rame
0
1
24
25
...
0
1
2
48
49
50
...
0
1
6
7
...
multi rame
rame
burst
slot
577 s
4.615 ms
120 ms
235.4 ms
6.12 s
3 h 28 min 53.76 s
****** GSM Protocol Architecture ******
****** GSM Protocol Stack ******
* Layer 1: Physical Layer
# Radio Transmission
* Layer 2: Data Link Layer (DLL)
# provides error- ree transmission between adjacent entities,
based on the ISDNs LAPD protocol or the Um and Abis
inter aces, and on SS7s Message Trans er Protocol (MTP) or
the other Layer inter aces
* Layer 3: Networking or Messaging Layer
# Responsible or the communication o network resources,
mobility, code ormat and call-related management messages
between various network entities
* The trans er o signalling in ormation in GSM ollows the layered OSI
model
****** GSM protocol layers or signaling ******
CM
MM
RR
MM
LAPDm
radio
LAPDm
radio
LAPD
PCM
RR
BTSM
CM
LAPD
PCM
RR
BTSM
16/64 kbit/s
Um
Abis
A
SS7
PCM
SS7
PCM
64 kbit/s /
2.048 Mbit/s
MS
BTS
BSC
MSC
BSSAP
BSSAP
****** GSM Protocol Architecture ******
****** Overview o Inter aces ******
* Um
# Radio inter ace between MS and BTS
# each physical channel supports a number o logical channels
* Abis
# between BTS and BSC
# primary unctions: tra ic channel transmission, terrestrial
channel management, and radio channel management
* A
# between BSC and MSC
# primary unctions: message trans er between di erent BSCs to
the MSC
****** Layer I: Physical Layer ******
Radio transmission orms this Layer
****** Layer I: Physical Layer ******
* SDMA,TDMA and FDMA
* Bursting and raming
* Modulation Techniques Gaussian Minimum Shi t Keying (GMSK)
* Channel Coding
* Interleaving-to distribute burst error
* Error detection, correction and blocking the data not correctable
* Power control methodology to minimize the co-channel inter erence
* Time synchronization approaches
****** GSM Physical Layer (MS Side) ******
Speech in GSM is digitally coded at a rate o 13 kbps
456 bits every 20 ms
260 bits every 20 ms
8 57 bits block
GMSK
Convolutional Encoder
184 bits ( 20 ms)
****** GSM Speech Transmission ******
****** GSM Normal Burst Formatting ******
****** GSM Frame Hierarchy ******
****** Logical Channels in GSM ******
Two major classes o logical channels
* Tra ic Channels (TCHs)
o Full-rate tra ic channel (TCH/F)
o Hal -rate tra ic channel (TCH/H)
- Supplementary Services(CCCH-SADCCH)
- Short Message Service (SADCCH)
Call Control (CC) sub layer
- manages call routing, establishment, maintenance, and release, and is closely
related to ISDN call control.
****** Connection Management (CM) ******
***** Supplementary Services sub layer *****
***** - manages the implementation o the various supplementary services (Call
Forwarding/waiting/hold ), and also allows users to access and modi y their
service subscription. Short Message Service sub layer *****
***** - handles the routing and delivery o short messages, both rom and to
the mobile subscriber. *****
****** Mobile Terminated Call ******
PSTN
calling
station
GMSC
HLR
VLR
BSS
BSS
BSS
MSC
MS
1
2
3
4
5
6
7
8
9
10
11
12
13
16
10
10
11
11
11
14
15
17
* 1: calling a GSM subscriber
* 2: orwarding call to GMSC
* 3: signal call setup to HLR
* 4, 5: request MSRN rom VLR
* 6: orward responsible MSC to GMSC
* 7: orward call to
* current MSC
* 8, 9: get current status o MS
* 10, 11: paging o MS
* 12, 13: MS answers
* 14, 15: security checks
* 16, 17: set up connection
****** Mobile Originated Call ******
* 1, 2: connection request
* 3, 4: security check
* 5-8: check resources ( ree circuit)
* 9-10: set up call
PSTN
GMSC
VLR
BSS
MSC
MS
1
2
6
5
3
4
9
10
7
8
****** MTC/MOC ******
BTS
MS
paging request
channel request
immediate assignment
paging response
authentication request
authentication response
ciphering command
ciphering complete
setup
call con irmed
assignment command
assignment complete
alerting
connect
connect acknowledge
data/speech exchange
BTS
MS
channel request
immediate assignment
service request
authentication request
authentication response
ciphering command
ciphering complete
setup
call con irmed
assignment command
assignment complete
alerting
connect
connect acknowledge
data/speech exchange
MTC
MOC
****** Handover ******
***** Mechanism to hand over the control o a mobile device to the neighbouring
cell *****
HO command
HO command
HO complete
HO complete
clear command
clear command
clear complete
clear complete
****** Security in GSM ******
* Security services
o access control/authentication
# user
SIM (Subscriber Identity Module): secret PIN (personal
identi ication number)
# SIM
network: challenge response method
o con identiality
# voice and signaling encrypted on the wireless link (a ter
success ul authentication)
o anonymity
# temporary identity TMSI (Temporary Mobile Subscriber
Identity)
# newly assigned at each new location update (LUP)
# encrypted transmission
* 3 algorithms speci ied in GSM
o A3 or authentication (secret, open inter ace)(SIM&AuC)
o A5 or encryption (standardized)(Device)
o A8 or key generation (secret, open inter ace)(SIM&AuC)
secret:
* A3 and A8 available via the Internet
* network providers can use stronger mechanisms
****** Authentication ******
* Access control AC generates a random number RANDas challenge, and the SIM
within the MS answers with SRES(signed response) as response.
* The AuC per orms the basic generation o random values RAND, signed
responses SRES, and cipher keys Kc or each IMSI, and then orwards this
in ormation to the HLR
* The current VLR requests the appropriate values or RAND, SRES, and Kc
rom the HLR.
* The VLR sends the random value RAND to the SIM.
* Network and subscriber module, per orm the same operation with RAND and
the key Ki, called A3.
* The MS sends back the SRES generated by the SIM.
* The VLR can now compare both values.I they are the same, the VLR accepts
the subscriber, otherwise the subscriber is rejected
****** GSM - authentication ******
A3
RAND
Ki
128 bit
128 bit
SRES* 32 bit
A3
RAND
Ki
128 bit
128 bit
SRES 32 bit
SRES* =? SRES
SRES
RAND
SRES
32 bit
mobile network
SIM
AC
MSC
SIM
Ki: individual subscriber authentication key SRES: signed response
****** Encryption ******
* A ter authentication, MS and BSS can start using encryption by applying
the cipher key Kc .
* Kc is generated using the individual key Ki and a random value by
applying the algorithm A8.
* The SIM in the MS and the network both calculate the same Kc based on the
random value RAND.
* MS and BTS can now encrypt and decrypt data using the algorithm A5 and
the cipher key Kc.
****** GSM - key generation and encryption ******
A8
RAND
Ki
128 bit
128 bit
Kc
64 bit
A8
RAND
Ki
128 bit
128 bit
SRES
RAND
encrypted data
mobile network (BTS)
MS with SIM
AC
BSS
SIM
A5
Kc
64 bit
A5
MS
data
data
cipher
key
****** Authentication and Encryption Scheme ******
A3
Mobile Station
Radio Link
GSM Operator
A8
A5
A3
A8
A5
Ki
Ki
Challenge RAND
Kc
Kc
mi
Encrypted Data
mi
SIM
Signed response (SRES)
SRES
SRES
Fn
Fn
Authentication: are SRES values equal?
****** GPRS and DECT ******
****** Data services in GSM I ******
* Data transmission standardized with only 9.6 kbit/s
o advanced coding allows 14.4 kbit/s
o not enough or Internet and multimedia applications
* HSCSD (High-Speed Circuit Switched Data)
o mainly so tware update
o bundling o several time-slots to get higher AIUR (Air Inter ace
User Rate, e.g., 57.6 kbit/s using 4 slots @ 14.4)
o advantage: ready to use, constant quality, simple-(video)
o disadvantage: channels blocked or voice transmission (calldrop)
****** GPRS ******
* General Packet Radio Service
o General -> not restricted to GSM use Packet Radio -> enables packet
mode communication over air
o packet switching
o using ree slots only i data packets ready to send (e.g., 50 kbit/
s using 4 slots temporarily)
o standardization 1998, introduction 2001
o advantage: more lexible
o disadvantage: more investment needed (new hardware)
* Requires many new network elements into NSS
* Provides connections to external packet data networks (Internet, X.25)
* Main bene its
o Resources are reserved only when needed and charged accordingly
o Connection setup times are reduced
o Enables new service opportunities
****** GPRS characteristics ******
***** GPRS uses packet switched resource allocation *****
o resources allocated only when data is to be sent/received
***** Flexible channel allocation *****
one to eight time slots
available resources shared by active users
up and down link channels reserved separately
GPRS and circuit switched GSM services can use same time slots alternatively
****** Applications ******
o Standard data network protocol based
# IP based applications
# WWW, FTP, Telnet, ...
# Any conventional TCP/IP based applications
# X.25 based applications
# Packet Assembly/Disassembly (PAD) type approach
o GPRS speci ic protocol based
# Point-to-point applications
# Toll road system, UIC train control system
# Point-to-multipoint applications
# Weather in o, road tra ic in o, news, leet management
o SMS delivery (GPRS as a bearer or SMS)
****** GPRS ******
Gb
Gn
L1/L2
L1/L2
MS
BSS
SGSN
GGSN
UDP/TCP
Gi
SNDCP
RLC
BSSGP
IP
IP
LLC
UDP/TCP
SNDCP
GTP
SNDCP sub-n/w dependent convergence protocol
GTP-GPRS tunnelling protocol BSSGP-Base Station Subsystem GPRS protocol
LLC-logical link control RLC-Radio link control
GTP-GPRS Tunnelling Protocol
****** GPRS protocol architecture ******
* IP and X.25 are the packet- ormatting protocols or the transmission and
reception o packetized data
* MAC,LLC and IP-Internet services
* RLC-Voice data link
* SNDCP-Multiple way o connecting n/w and data link layer through IP/X.25.
* GTP-Use TCP and UDP to transmit and receive data and in ormation.
****** DECT ******
* DECT (Digital European Cordless Telephone) standardized by ETSI (ETS
300.175-x) or cordless telephones
* standard describes air inter ace between base-station and mobile phone
* DECT has been renamed or international marketing reasons into Digital
Enhanced Cordless Telecommunication
* Characteristics
o requency: 1880-1990 MHz
o channels: 120 ull duplex
o duplex mechanism: TDD (Time Division Duplex) with 10 ms rame
length
o multplexing scheme: FDMA with 10 carrier requencies, TDMA with 2x
12 slots
o modulation: digital, Gauian Minimum Shi t Key (GMSK)
o power: 10 mW average (max. 250 mW)
o range: approx. 50 m in buildings, 300 m open space
****** DECT system architecture re erence model ******
global
network
local
network
local
network
FT
FT
PT
PA
PT
PA
VDB
HDB
D1
D2
D3
D4
FT-Fixed Radio Transmission PT-portable Radio Transmission PA-Portable
Application
****** DECT re erence model ******
physical layer
medium access control
data link
control
data link
control
network
layer
OSI layer 1
OSI layer 2
OSI layer 3
U-Plane
C-Plane
signaling,
interworking
application
processes
* close to the OSI re erence model
* management plane over all layers
* several services in C(ontrol)- and U(ser)-plane
management
****** DECT layers I ******
* Physical layer
o modulation/demodulation
o generation o the physical channel structure with a guaranteed
throughput
o controlling o radio transmission
# channel assignment on request o the MAC layer
# detection o incoming signals
# sender/receiver synchronization
# collecting status in ormation or the management plane
* MAC layer
o maintaining basic services, activating/deactivating physical
channels
o multiplexing o logical channels
# e.g., C: signaling, I: user data, P: paging, Q: broadcast
o segmentation/reassembly
o error control/error correction
****** DECT time multiplex rame ******
slot
sync
A ield
DATA
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
B ield
D ield
1 rame = 10 ms
12 down slots
12 up slots
0
419
0
31
0
387
0
63
0
319
protected
mode
unprotected
mode
simplex bearer
25.6 kbit/s
32 kbit/s
420 bit + 52 s guard time (60 bit)
in 0.4167 ms
guard
X ield
0
3
A: network control
B: user data
X: transmission quality
****** DECT layers II ******
* Data link control layer
o creation and keeping up reliable connections between the mobile
terminal and basestation
o two DLC protocols or the control plane (C-Plane)
# connectionless broadcast service: paging unctionality
# Lc+LAPC protocol: in-call signaling (similar to LAPD within
ISDN), adapted to the underlying MAC service
o several services speci ied or the user plane (U-Plane)
# null-service: o ers unmodi ied MAC services
# rame relay: simple packet transmission
# rame switching: time-bounded packet transmission
# error correcting transmission: uses FEC, or delay critical,
time-bounded services
# bandwidth adaptive transmission
# Escape service: or urther enhancements o the standard
****** DECT layers III ******
* Network layer
o similar to ISDN (Q.931) and GSM (04.08)
o o ers services to request, check, reserve, control, and release
resources at the basestation and mobile terminal
o resources
PA
PT
PA
VDB
HDB
D1
D2
D3
D4
****** DECT re erence model ******
physical layer
medium access control
data link
control
data link
control
network
layer
OSI layer 1
OSI layer 2
OSI layer 3
U-Plane
C-Plane
signaling,
interworking
application
processes
* close to the OSI re erence model
* management plane over all layers
* several services in C(ontrol)- and U(ser)-plane
management
****** DECT layers I ******
* Physical layer
o modulation/demodulation
o generation o the physical channel structure with a guaranteed
throughput
o controlling o radio transmission
# channel assignment on request o the MAC layer
# detection o incoming signals
# sender/receiver synchronization
# collecting status in ormation or the management plane
* MAC layer
o maintaining basic services, activating/deactivating physical
channels
o multiplexing o logical channels
# e.g., C: signaling, I: user data, P: paging, Q: broadcast
o segmentation/reassembly
o error control/error correction
****** DECT time multiplex rame ******
slot
sync
A ield
DATA
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
DATA
64
C
16
B ield
D ield
1 rame = 10 ms
12 down slots
12 up slots
0
419
0
31
0
387
0
63
0
319
protected
mode
unprotected
mode
simplex bearer
25.6 kbit/s
32 kbit/s
420 bit + 52 s guard time (60 bit)
in 0.4167 ms
guard
X ield
0
3
A: network control
B: user data
X: transmission quality
****** DECT layers II ******
* Data link control layer
o creation and keeping up reliable connections between the mobile
terminal and basestation
o two DLC protocols or the control plane (C-Plane)
# connectionless broadcast service: paging unctionality
# Lc+LAPC protocol: in-call signaling (similar to LAPD within
ISDN), adapted to the underlying MAC service
o several services speci ied or the user plane (U-Plane)
# null-service: o ers unmodi ied MAC services
# rame relay: simple packet transmission
# rame switching: time-bounded packet transmission
# error correcting transmission: uses FEC, or delay critical,
time-bounded services
# bandwidth adaptive transmission
# Escape service: or urther enhancements o the standard
****** DECT layers III ******
* Network layer
o similar to ISDN (Q.931) and GSM (04.08)
o o ers services to request, check, reserve, control, and release
DMO
ISI
PEI
AI
AI: Air Inter ace
BS: Base Station
DMO: Direct Mode Operation
ISI: Inter-System Inter ace
NMS: Network Management
System
PEI: Peripheral Equipment
Inter ace
****** TETRA Direct Mode I ******
* Direct Mode enables ad-hoc operation and is one o the most important
di erences to pure in rastructure-based networks such as GSM, cdma2000
or UMTS.
Individual Call
Group Call
Dual Watch alternating participation in
In rastructure and ad-hoc
network
Managed Direct Mode
network
Authorizing
mobile station
****** TETRA Direct Mode II ******
* An additional repeater may increase the transmission range (e.g. police
car)
Direct Mode with Gateway
network
Direct Mode with Repeater
Direct Mode with Repeater/Gateway
network
Managed Repeater/Gateway
network
Authorizing
Repeater
****** TETRA Technology ******
* Services
o Voice+Data (V+D) and Packet Data Optimized (PDO)
o Short data service (SDS)
* Frequencies
o Duplex: FDD, Modulation: DQPSK
o Europe (in MHz, not all available yet)
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 450-460 UL
/ 460-470 DL; 870-876 UL / 915-921 DL
o Other countries
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 806-821 UL
/ 851-866 DL
****** TDMA structure o the voice+data system ******
0
1
2
57
58
59
...
hyper rame
0
1
2
15
16
17
...
multi rame
0
1
2
3
0 slot 509
rame
14.17 ms
56.67 ms
1.02 s
61.2 s
CF
Control Frame
****** TETRA Data Rates ******
* In rastructure mode, V+D in kbit/s
* No. o time slots 1 2 3 4
* No protection 7.2 14.4 21.6 28.8
* Low protection 4.8 9.6 14.4 19.2
* High protection 2.4 4.8 7.2 9.6
* TETRA Release 2 Supporting higher data rates
o TEDS (TETRA Enhanced Data Service)
o up to 100 kbit/s
o backward compatibility
****** Mobile Communications Chapter 4: Wireless Telecommunication Systems
******
* TETRA
****** TETRA - Terrestrial Trunked Radio ******
* Trunked radio systems
o many di erent radio carriers
o assign single carrier or a short period to one user/group o users
o taxi service, leet management, rescue teams
o inter aces to public networks, voice and data services
o very reliable, ast call setup, local operation
* TETRA - ETSI standard
o ormerly: Trans European Trunked Radio
o point-to-point and point-to-multipoint
o encryption (end-to-end, air inter ace), authentication o devices,
users and networks
o group call, broadcast, sub-second group-call setup
o ad-hoc (direct mode), relay and in rastructure networks
o call queuing with pre-emptive priorities
****** TETRA Contracts by Sector (percentage) ******
Used in over 70 countries, more than 20 device manu acturers
****** TETRA Network Architecture ******
TETRA in rastructure
BS
BS
switch
switch
switch
NMS
BS
other TETRA networks
PSTN, ISDN,
Internet, PDN
DMO
ISI
PEI
AI
AI: Air Inter ace
BS: Base Station
DMO: Direct Mode Operation
ISI: Inter-System Inter ace
NMS: Network Management
System
PEI: Peripheral Equipment
Inter ace
****** TETRA Direct Mode I ******
* Direct Mode enables ad-hoc operation and is one o the most important
di erences to pure in rastructure-based networks such as GSM, cdma2000
or UMTS.
Individual Call
Group Call
Dual Watch alternating participation in
In rastructure and ad-hoc
network
Managed Direct Mode
network
Authorizing
mobile station
****** TETRA Direct Mode II ******
* An additional repeater may increase the transmission range (e.g. police
car)
Direct Mode with Gateway
network
Direct Mode with Repeater
Direct Mode with Repeater/Gateway
network
Managed Repeater/Gateway
network
Authorizing
Repeater
****** TETRA Technology ******
* Services
o Voice+Data (V+D) and Packet Data Optimized (PDO)
o Short data service (SDS)
* Frequencies
o Duplex: FDD, Modulation: DQPSK
o Europe (in MHz, not all available yet)
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 450-460 UL
/ 460-470 DL; 870-876 UL / 915-921 DL
o Other countries
# 380-390 UL / 390-400 DL; 410-420 UL / 420-430 DL, 806-821 UL
/ 851-866 DL
****** TDMA structure o the voice+data system ******
0
1
2
57
58
59
...
hyper rame
0
1
2
15
16
17
...
multi rame
0
1
2
3
0 slot 509
rame
14.17 ms
56.67 ms
1.02 s
61.2 s
CF
Control Frame
****** TETRA Data Rates ******
* In rastructure mode, V+D in kbit/s
* No. o time slots 1 2 3 4
* No protection 7.2 14.4 21.6 28.8
* Low protection 4.8 9.6 14.4 19.2
* High protection 2.4 4.8 7.2 9.6
* TETRA Release 2 Supporting higher data rates
o TEDS (TETRA Enhanced Data Service)
o up to 100 kbit/s
o backward compatibility
****** Mobile Communications Chapter 4: Wireless Telecommunication Systems
******
* UMTS/IMT-2000
****** UMTS and IMT-2000 ******
* Proposals or IMT-2000 (International Mobile Telecommunications)
o UWC-136, cdma2000, WP-CDMA
o UMTS (Universal Mobile Telecommunications System) rom ETSI
* UMTS
o UTRA (was: UMTS, now: Universal Terrestrial Radio Access)
o enhancements o GSM
# EDGE (Enhanced Data rates or GSM Evolution): GSM up to 384
kbit/s
# CAMEL (Customized Application or Mobile Enhanced Logic)
# VHE (virtual Home Environment)
o its into GMM (Global Multimedia Mobility) initiative rom ETSI
o requirements
# min. 144 kbit/s rural (goal: 384 kbit/s)
# min. 384 kbit/s suburban (goal: 512 kbit/s)
# up to 2 Mbit/s urban
****** Frequencies or IMT-2000 ******
IMT-2000
1850
1900
1950
2000
2050
2100
2150
2200
MHz
MSS
ITU allocation
(WRC 1992)
IMT-2000
MSS
Europe
China
Japan
North
America
UTRA
FDD
UTRA
FDD
T
D
D
T
D
D
MSS
MSS
DE
CT
GSM
1800
1850
1900
1950
2000
2050
2100
2150
2200
MHz
IMT-2000
MSS
IMT-2000
MSS
GSM
1800
cdma2000
W-CDMA
MSS
MSS
MSS
MSS
cdma2000
W-CDMA
PHS
PCS
rsv.
Phase 1
Ph1
3.x.y
1992
****** Licensing Example: UMTS in Germany, 18. August 2000 ******
* UTRA-FDD:
o Uplink 1920-1980 MHz
o Downlink 2110-2170 MHz
o duplex spacing 190 MHz
o 12 channels, each 5 MHz
* UTRA-TDD:
o 1900-1920 MHz,
o 2010-2025 MHz;
o 5 MHz channels
* Coverage o the population
o 25% until 12/2003
o 50% until 12/2005
Sum: 50.81 billion
****** UMTS architecture ******
UTRAN
UE
CN
Iu
Uu
* UE (User Equipment)
* UTRAN (UTRA Network)
o Cell level mobility
o Radio Network Subsystem (RNS)
o Encapsulation o all radio speci ic tasks
* CN (Core Network)
o Inter system handover
o gateways to other networks ( ixed or wireless)
o Location management i there is no dedicated connection between UE
and UTRAN
****** UMTS domains and inter aces I ******
* User Equipment Domain
o Assigned to a single user in order to access UMTS services
* In rastructure Domain
o Shared among all users
o O ers UMTS services to all accepted users
USIM
Domain
Mobile Equipment
Domain
Access
Network
Domain
Serving
Network
Domain
Transit
Network
Domain
Home
Network
Domain
Cu
Uu
Iu
User Equipment Domain
Zu
Yu
Core Network Domain
In rastructure Domain
****** UMTS domains and inter aces II ******
***** User Equipment Domain *****
* Universal Subscriber Identity Module (USIM)
o Functions or encryption and authentication o users
o Located on a SIM inserted into a mobile device
* Mobile Equipment Domain
o Functions or radio transmission
o User inter ace or establishing/maintaining end-to-end connections
***** In rastructure Domain *****
Access Network Domain
* Access network dependent unctions and RAN
Core Network Domain
* Access network independent unctions
* Serving Network Domain
o Network currently responsible or communication
* Home Network Domain
o Location and access network independent unctions
****** DS-CDMA Spreading and scrambling o user data ******
* Constant chipping rate o 3.84 Mchip/s
* Di erent user data rates supported via di erent spreading actors
o higher data rate: less chips per bit and vice versa
* User separation via unique, quasi orthogonal scrambling codes
o users are not separated via orthogonal spreading codes
o much simpler management o codes: each station can use the same
orthogonal spreading codes
o precise synchronization not necessary as the scrambling codes stay
quasi-orthogonal
data1
data2
data3
scrambling
code1
spr.
code3
spr.
code2
spr.
code1
data4
data5
scrambling
code2
spr.
code4
spr.
code1
sender1
sender2
****** orthogonal variable spreading actor(OSVF) coding ******
1
1,1
1,-1
1,1,1,1
1,1,-1,-1
X
X,X
X,-X
1,-1,1,-1
1,-1,-1,1
1,-1,-1,1,1,-1,-1,1
1,-1,-1,1,-1,1,1,-1
1,-1,1,-1,1,-1,1,-1
1,-1,1,-1,-1,1,-1,1
1,1,-1,-1,1,1,-1,-1
1,1,-1,-1,-1,-1,1,1
1,1,1,1,1,1,1,1
1,1,1,1,-1,-1,-1,-1
SF=1
SF=2
SF=4
SF=8
SF=n
SF=2n
...
...
...
...
****** UMTS FDD rame structure ******
W-CDMA
* 1920-1980 MHz uplink
* 2110-2170 MHz downlink
* chipping rate: 3.840 Mchip/s
* so t handover
* QPSK
* complex power control (1500 power control cycles/s)
* spreading: UL: 4-256; DL:4-512
0
1
2
12
13
14
...
Radio rame
Pilot
FBI
TPC
Time slot
666.7 s
10 ms
Data
Data1
uplink DPDCH
uplink DPCCH
downlink DPCH
TPC
TFCI
Pilot
666.7 s
666.7 s
DPCCH
DPDCH
2560 chips, 10 bits
2560 chips, 10*2k bits (k = 0...6)
TFCI
2560 chips, 10*2k bits (k = 0...7)
Data2
DPDCH
DPCCH
Iub
Node B
RNS
Iur
Node B
UE2
UE3
Iu
****** UTRAN unctions ******
* Admission control
* Congestion control
* System in ormation broadcasting
* Radio channel encryption
* Handover
* SRNS moving
* Radio network con iguration
* Channel quality measurements
* Macro diversity
* Radio carrier control
* Radio resource control
* Data transmission over the radio inter ace
* Outer loop power control (FDD and TDD)
* Channel coding
* Access control
****** Core network: protocols ******
MSC
RNS
SGSN
GGSN
GMSC
HLR
VLR
RNS
Layer 1: PDH, SDH, SONET
Layer 2: ATM
Layer 3: IP
GPRS backbone (IP)
SS 7
GSM-CS
backbone
PSTN/
ISDN
PDN (X.25),
Internet (IP)
UTRAN
CN
****** Core network: architecture ******
BTS
Node B
BSC
Abis
BTS
BSS
MSC
Node B
Node B
RNC
Iub
Node B
RNS
Node B
SGSN
GGSN
GMSC
HLR
VLR
IuPS
IuCS
Iu
CN
EIR
Gn
Gi
PSTN
AuC
GR
****** Core network ******
* The Core Network (CN) and thus the Inter ace Iu, too, are separated into
two logical domains:
* Circuit Switched Domain (CSD)
o Circuit switched service incl. signaling
o Resource reservation at connection setup
o GSM components (MSC, GMSC, VLR)
o IuCS
* Packet Switched Domain (PSD)
o GPRS components (SGSN, GGSN)
o IuPS
* Release 99 uses the GSM/GPRS network and adds a new radio access!
o Helps to save a lot o money
o Much aster deployment
o Not as lexible as newer releases (5, 6)
****** UMTS protocol stacks (user plane) ******
apps. &
protocols
MAC
radio
MAC
radio
RLC
SAR
Uu
IuCS
UE
UTRAN
3G
MSC
RLC
AAL2
ATM
AAL2
ATM
SAR
apps. &
protocols
MAC
radio
MAC
radio
PDCP
GTP
Uu
IuPS
UE
UTRAN
3G
SGSN
RLC
AAL5
ATM
AAL5
ATM
UDP/IP
PDCP
RLC
UDP/IP
UDP/IP
Gn
GTP
GTP
L2
L1
UDP/IP
L2
L1
GTP
3G
GGSN
IP, PPP,
IP, PPP,
IP tunnel
Circuit
switched
Packet
switched
****** Support o mobility: macro diversity ******
* Multicasting o data via several physical channels
o Enables so t handover
o FDD mode only
* Uplink
o simultaneous reception o UE data at several Node Bs
o Reconstruction o data at Node B, SRNC or DRNC
* Downlink
o Simultaneous transmission o data via di erent cells
o Di erent spreading codes in di erent cells
CN
Node B
RNC
Node B
UE
****** Support o mobility: handover ******
* From and to other systems (e.g., UMTS to GSM)
o This is a must as UMTS coverage will be poor in the beginning
* RNS controlling the connection is called SRNS (Serving RNS)
* RNS o ering additional resources (e.g., or so t handover) is called
Dri t RNS (DRNS)
* End-to-end connections between UE and CN only via Iu at the SRNS
o Change o SRNS requires change o Iu
o Initiated by the SRNS
Voice
SMS successor, E-Mail
Packet switched
14.4 kbit/s
Simple Messaging
Circuit switched
14.4 kbit/s
Switched Data
asymmetrical, MM, downloads
Circuit switched
384 kbit/s
Medium MM
Low coverage, max. 6 km/h
Packet switched
2 Mbit/s
High MM
Bidirectional, video telephone
Circuit switched
128 kbit/s
High Interactive MM
Transport mode
Bandwidth
Service Pro ile
****** Example 3G Networks: Japan ******
FOMA (Freedom O Mobile multimedia
Access) in Japan
Examples or FOMA phones
****** Example 3G networks: Australia ******
cdma2000 1xEV-DO in Melbourne/Australia
Examples or 1xEV-DO devices
****** Isle o Man Start o UMTS in Europe as Test ******
****** UMTS in Monaco ******
****** UMTS in Europe ******
Voda one/Germany
Orange/UK
****** Some current enhancements ******
* GSM
o EMS/MMS
# EMS: 760 characters possible by chaining SMS, animated icons,
ring tones, was soon replaced by MMS (or simply skipped)
# MMS: transmission o images, video clips, audio
# see WAP 2.0 / chapter 10
o EDGE (Enhanced Data Rates or Global [was: GSM] Evolution)
# 8-PSK instead o GMSK, up to 384 kbit/s
# new modulation and coding schemes or GPRS
EGPRS
# MCS-1 to MCS-4 uses GMSK at rates 8.8/11.2/14.8/17.6
kbit/s
# MCS-5 to MCS-9 uses 8-PSK at rates 22.4/29.6/44.8/54.4/
59.2 kbit/s
* UMTS
o HSDPA (High-Speed Downlink Packet Access)
# initially up to 10 Mbit/s or the downlink, later > 20 Mbit/
s using MIMO- (Multiple Input Multiple Output-) antennas
# can use 16-QAM instead o QPSK (ideally > 13 Mbit/s)
# user rates e.g. 3.6 or 7.2 Mbit/s
o HSUPA (High-Speed Uplink Packet Access)
# initially up to 5 Mbit/s or the uplink
# user rates e.g. 1.45 Mbit/s
****** Satellite Systems ******
****** History o satellite communication ******
*
*
*
*
*
20
16
12
8
4
radius
satellite
period [h]
velocity [ x1000 km/h]
synchronous distance
35,786 km
****** Basics ******
* elliptical or circular orbits
* complete rotation time depends on distance satellite-earth
* inclination: angle between orbit and equator
* elevation: angle between satellite and horizon
* LOS (Line o Sight) to the satellite necessary or connection
*****
high elevation needed, less absorption due to e.g. buildings *****
Uplink: connection base station - satellite
Downlink: connection satellite - base station
typically separated requencies or uplink and downlink
* transponder used or sending/receiving and shi ting o requencies
* transparent transponder: only shi t o requencies
* regenerative transponder: additionally signal regeneration
****** Inclination ******
inclination d
d
satellite orbit
perigee
plane o satellite orbit
equatorial plane
****** Elevation ******
Elevation:
angle e between center o satellite beam
and sur ace
e
minimal elevation:
elevation needed at least
to communicate with the satellite
ootprint
****** Link budget o satellites ******
* Parameters like attenuation or received power determined by our
parameters:
* sending power
* gain o sending antenna
* distance between sender and receiver
* gain o receiving antenna
* Problems
* varying strength o received signal due to multipath propagation
* interruptions due to shadowing o signal (no LOS)
* Possible solutions
* Link Margin to eliminate variations in signal strength
* satellite diversity (usage o several visible satellites at the same
time) helps to use less sending power
L: Loss
: carrier requency
r: distance
c: speed o light
****** Atmospheric attenuation ******
Example: satellite systems at 4-6 GHz
the satellites
o Intra satellite handover
# handover rom one spot beam to another
# mobile station still in the ootprint o the satellite, but
in another cell
o Inter satellite handover
# handover rom one satellite to another satellite
# mobile station leaves the ootprint o one satellite
o Gateway handover
# Handover rom one gateway to another
# mobile station still in the ootprint o a satellite, but
gateway leaves the ootprint
o Inter system handover
# Handover rom the satellite network to a terrestrial cellular
network
# mobile station can reach a terrestrial network again which
might be cheaper, has a lower latency etc.
****** Overview o LEO/MEO systems ******
****** Broadcast Systems ******
****** Unidirectional distribution systems ******
* Asymmetric communication environments
o bandwidth limitations o the transmission medium
o depends on applications, type o in ormation
o examples
# wireless networks with base station and mobile terminals
# client-server environments (diskless terminal)
# cable TV with set-top box
# in ormation services (pager, SMS)
* Special case: unidirectional distribution systems
o high bandwidth rom server to client (downstream), but no bandwidth
vice versa (upstream)
o problems o unidirectional broadcast systems
# a sender can optimize transmitted in ormation only or one
group o users/terminals
# unctions needed to individualize personal requirements/
applications
****** Unidirectional distribution ******
service provider
service user
sender
receiver
receiver
receiver
.
.
.
unidirectional
distribution
medium
A
A
A
A
A
A
A
B
B
B
B
optimized or expected
access pattern
o all users
individual access
pattern o one user
****** Structuring transmissions - broadcast disks ******
* Sender
o cyclic repetition o data blocks
o di erent patterns possible (optimization possible only i the
content is known)
* Receiver
o use o caching
# cost-based strategy: what are the costs or a user (waiting
time) i a data block has been requested but is currently not
cached
# application and cache have to know content o data blocks and
access patterns o user to optimize
A
B
C
A
B
C
lat disk
A
A
B
C
A
A
skewed disk
A
B
A
C
A
B
multi-disk
****** DAB: Digital Audio Broadcasting ******
* Media access
o COFDM (Coded Orthogonal Frequency Division Multiplex)
o SFN (Single Frequency Network)
o 192 to 1536 subcarriers within a 1.5 MHz requency band
* Frequencies
o irst phase: one out o 32 requency blocks or terrestrial TV
channels 5 to 12 (174 - 230 MHz, 5A - 12D)
o second phase: one out o 9 requency blocks in the L-band (14521467.5 MHz, LA - LI)
* Sending power: 6.1 kW (VHF, 120 km) or 4 kW (L-band, 30 km)
* Date-rates: 2.304 Mbit/s (net 1.2 to 1.536 Mbit/s)
* Modulation: Di erential 4-phase modulation (D-QPSK)
* Audio channels per requency block: typ. 6, max. 192 kbit/s
* Digital services: 0.6 - 16 kbit/s (PAD), 24 kbit/s (NPAD)
****** DAB transport mechanisms ******
* MSC (Main Service Channel)
o carries all user data (audio, multimedia, ...)
o consists o CIF (Common Interleaved Frames)
o each CIF 55296 bit, every 24 ms (depends on transmission mode)
o CIF contains CU (Capacity Units), 64 bit each
Encoder
Channel
Coder
DAB Signal
Service
In ormation
FIC
Multiplex
In ormation
Data
Services
Audio
Services
Radio Frequency
FIC: Fast In ormation Channel
MSC: Main Service Channel
OFDM: Orthogonal Frequency Division Multiplexing
1.5 MHz
carriers
****** DAB receiver ******
Packet
Demux
Audio
Decoder
Channel
Decoder
Independent
Data
Service
Audio
Service
Controller
Tuner
OFDM
Demodulator
User Inter ace
FIC
Control Bus
(partial)
MSC
****** Audio coding ******
* Goal
o audio transmission almost with CD quality
o robust against multipath propagation
o minimal distortion o audio signals during signal ading
* Mechanisms
o ully digital audio signals (PCM, 16 Bit, 48 kHz, stereo)
o MPEG compression o audio signals, compression ratio 1:10
o redundancy bits or error detection and correction
o burst errors typical or radio transmissions, there ore signal
interleaving - receivers can now correct single bit errors
resulting rom inter erence
o low symbol-rate, many symbols
# transmission o digital data using long symbol sequences,
separated by guard spaces
# delayed symbols, e.g., re lection, still remain within the
guard space
****** Bit rate management ******
* a DAB ensemble combines audio programs and data services with di erent
Audio 7
96 kbit/s
PAD
DAB - Multiplex - recon igured
Audio 8
96 kbit/s
PAD
D10
D11
PAD-Program Associated Data
AUDIO PGM-6
DATA SERVICE-9/11
****** Multimedia Object Trans er Protocol (MOT) ******
* Problem
o broad range o receiver capabilities audio-only devices with
single/multiple line text display, additional color graphic
display, PC adapters etc.
o di erent types o receivers should at least be able to recognize
all kinds o program associated and program independent data and
process some o it
* Solution
o common standard or data transmission: MOT
o important or MOT is the support o data ormats used in other
multimedia systems (e.g., online services, Internet, CD-ROM)
o DAB can there ore transmit HTML documents rom the WWW with very
little additional e ort
****** MOT structure ******
* MOT ormats
o MHEG, Java, JPEG, ASCII, MPEG, HTML, HTTP, BMP, GIF, ...
* Header core
o size o header and body, content type
* Header extension
o handling in ormation, e.g., repetition distance, segmentation,
priority
o in ormation supports caching mechanisms
* Body
o arbitrary data
* DAB allows or many repetition schemes
o objects, segments, headers
header
core
header
extension
body
7 byte
****** Digital Video Broadcasting ******
* 1991 oundation o the ELG (European Launching Group) goal: development
o digital television in Europe
* 1993 renaming into DVB (Digital Video Broadcasting) goal: introduction o
digital television based on
o satellite transmission
o cable network technology
o later also terrestrial transmission
SDTV
EDTV
HDTV
Multimedia PC
B-ISDN, ADSL,etc.
DVD, etc.
Terrestrial
Receiver
Cable
Multipoint
Distribution
System
Satellites
DVB
Digital Video
Broadcasting
Integrated
Receiver-Decoder
DVB-S
DVB-C
DVB-T
****** DVB Container ******
* DVB transmits MPEG-2 container
o high lexibility or the transmission o digital data
o no restrictions regarding the type o in ormation
o DVB Service In ormation speci ies the content o a container
# NIT (Network In ormation Table): lists the services o a
provider, contains additional in ormation or set-top boxes
# SDT (Service Description Table): list o names and parameters
or each service within a MPEG multiplex channel
# EIT (Event In ormation Table): status in ormation about the
current transmission, additional in ormation or set-top
boxes
# TDT (Time and Date Table): Update in ormation or set-top
boxes
multimedia
data broadcasting
MPEG-2/DVB
container
single channel
high de inition television
MPEG-2/DVB
container
HDTV
multiple channels
standard de inition
MPEG-2/DVB
container
SDTV
multiple channels
enhanced de inition
MPEG-2/DVB
container
EDTV
****** Example: high-speed Internet access ******
* Asymmetric data exchange
o downlink: DVB receiver, data rate per user 6-38 Mbit/s
o return channel rom user to service provider: e.g., modem with 33
kbit/s, ISDN with 64 kbit/s, DSL with several 100 kbit/s etc.
DVB-S adapter
PC
Internet
TCP/IP
leased line
service provider
in ormation provider
satellite provider
satellite receiver
DVB/MPEG2 multiplex simultaneous to digital TV
****** DVB worldwide ******
****** Convergence o broadcasting and mobile comm. ******
* De inition o interaction channels
* Interacting/controlling broadcast via GSM, UMTS, DECT, PSTN,
* Example: mobile Internet services using IP over GSM/GPRS or UMTS as
interaction channel or DAB/DVB
mobile
terminal
DVB-T, DAB
(TV plus IP data)
GSM/GPRS,
UMTS
(IP data)
MUX
Internet
TV broadcaster
ISP
mobile operator
TV
data
broadcast
interaction
channels
****** Comparison o UMTS, DAB and DVB ******
****** Introduction to Wireless LANs IEEE 802.11 ******
****** Mobile Communication Technology according to IEEE (examples) ******
Local wireless networks
WLAN 802.11
802.11a
802.11b
802.11i/e//n//z
802.11g
WiFi
802.11h
Personal wireless nw
WPAN 802.15
802.15.4
802.15.1
802.15.2
Bluetooth
802.15.4a/b/c/d/e
ZigBee
802.15.3
Wireless distribution networks
WMAN 802.16 (Broadband Wireless Access)
[802.20 (Mobile Broadband Wireless Access)]
802.16e (addition to .16 or mobile devices)
+ Mobility
WiMAX
802.15.3b/c
802.15.5, .6 (WBAN)
****** Characteristics o wireless LANs ******
* Advantages
o very lexible within the reception area
o Ad-hoc networks without previous planning possible
o (almost) no wiring di iculties (e.g. historic buildings,
irewalls)
o more robust against disasters like, e.g., earthquakes, ire - or
in rastructure
network
LLC
LLC
****** 802.11 - Layers and unctions ******
* PLCP Physical Layer Convergence Protocol
o clear channel assessment signal (carrier sense)
* PMD Physical Medium Dependent
o modulation, coding
* PHY Management
o channel selection,MIB
* Station Management
o coordination o all management unctions
PMD
PLCP
MAC
LLC
MAC Management
PHY Management
* MAC
o access mechanisms, ragmentation, encryption
* MAC Management
o synchronization, roaming, MIB, power management
PHY
DLC
Station Management
****** 802.11 - Physical layer (legacy) ******
* 3 versions: 2 radio (typ. 2.4 GHz), 1 IR
o data rates 1 or 2 Mbit/s
* FHSS (Frequency Hopping Spread Spectrum)
o spreading, despreading, signal strength, typ. 1 Mbit/s
o min. 2.5 requency hops/s (USA), two-level GFSK modulation
* DSSS (Direct Sequence Spread Spectrum)
o DBPSK modulation or 1 Mbit/s (Di erential Binary Phase Shi t
Keying), DQPSK or 2 Mbit/s (Di erential Quadrature PSK)
o preamble and header o a rame is always transmitted with 1 Mbit/s,
rest o transmission 1 or 2 Mbit/s
o chipping sequence: +1, -1, +1, +1, -1, +1, +1, +1, -1, -1, -1
(Barker code)
o max. radiated power 1 W (USA), 100 mW (EU), min. 1mW
* In rared
o 850-950 nm, di use light, typ. 10 m range
o carrier detection, energy detection, synchronization
o Classroom, meeting room etc
****** FHSS PHY packet ormat (legacy) ******
* Synchronization
o synch with 010101... pattern
* SFD (Start Frame Delimiter)
o 0000110010111101 start pattern
* PLW (PLCP_PDU Length Word)
o length o payload incl. 32 bit CRC o payload, PLW < 4096
* PSF (PLCP Signaling Field)
o data o payload (1 or 2 Mbit/s)
* HEC (Header Error Check)
o CRC with x16+x12+x5+1
synchronization
SFD
PLW
PSF
HEC
payload
PLCP preamble
PLCP header
80
16
12
4
16
variable
bits
****** DSSS PHY packet ormat (legacy) ******
* Synchronization
o synch., gain setting, energy detection, requency o set
compensation
* SFD (Start Frame Delimiter)
o 1111001110100000
* Signal
o data rate o the payload (0A: 1 Mbit/s DBPSK; 14: 2 Mbit/s DQPSK)
* Service
o uture use, 00: 802.11 compliant
* Length
o length o the payload
* HEC (Header Error Check)
o protection o signal, service and length, x16+x12+x5+1
synchronization
SFD
signal
service
HEC
payload
PLCP preamble
PLCP header
128
16
8
8
16
variable
bits
length
16
****** 802.11 - MAC layer I DFWMAC(Distributed oundation wireless medium
access control) ******
* Tra ic services
o Asynchronous Data Service (mandatory)
# exchange o data packets based on best-e ort
# support o broadcast and multicast
o Time-Bounded Service (optional)
# implemented using PCF (Point Coordination Function)
* Access methods
o DFWMAC-DCF CSMA/CA (mandatory)
# collision avoidance via randomized back-o mechanism
# minimum distance between consecutive packets
# ACK packet or acknowledgements (not or broadcasts)
o DFWMAC-DCF w/ RTS/CTS (optional)
# avoids hidden terminal problem
o DFWMAC- PCF (optional)
# access point polls terminals according to a list
****** 802.11 - MAC layer II ******
* Priorities
boe
boe
bor
DIFS
busy
busy
DIFS
boe
busy
boe
boe
bor
bor
****** 802.11 - CSMA/CA access method II ******
* Sending unicast packets
o station has to wait or DIFS be ore sending data
o receivers acknowledge at once (a ter waiting or SIFS) i the
packet was received correctly (CRC)
o automatic retransmission o data packets in case o transmission
errors
t
SIFS
DIFS
data
ACK
waiting time
other
stations
receiver
sender
data
DIFS
contention
****** 802.11 DFWMAC with RTS/CTS ******
* Sending unicast packets
o station can send RTS with reservation parameter a ter waiting or
DIFS (reservation determines amount o time the data packet needs
the medium)
o acknowledgement via CTS a ter SIFS by receiver (i ready to
receive)
o sender can now send data at once, acknowledgement via ACK
o other stations store medium reservations distributed via RTS and
CTS
t
SIFS
DIFS
data
ACK
de er access
other
stations
receiver
sender
data
DIFS
contention
RTS
CTS
SIFS
SIFS
NAV (RTS)
NAV (CTS)
****** Fragmentation ******
t
SIFS
DIFS
data
ACK1
other
stations
receiver
sender
rag1
DIFS
contention
RTS
CTS
SIFS
SIFS
NAV (RTS)
NAV (CTS)
NAV ( rag1)
NAV (ACK1)
SIFS
ACK2
rag2
SIFS
****** DFWMAC-PCF I (almost never used) ******
PIFS
stations
NAV
wireless
stations
point
coordinator
D1
U1
SIFS
NAV
SIFS
D2
U2
SIFS
SIFS
SuperFrame
t0
medium busy
t1
****** DFWMAC-PCF II ******
t
stations
NAV
wireless
stations
point
coordinator
D3
NAV
PIFS
D4
U4
SIFS
SIFS
CFend
contention
period
contention ree period
t2
t3
t4
****** 802.11 - Frame ormat ******
* Types
o control rames, management rames, data rames
* Sequence numbers
o important against duplicated rames due to lost ACKs
* Addresses
o receiver, transmitter (physical), BSS identi ier, sender (logical)
* Miscellaneous
o sending time, checksum, rame control, data
Frame
Control
Duration/
ID
Address
1
Address
2
Address
3
Sequence
Control
Address
4
Data
CRC
2
2
6
6
6
6
2
4
0-2312
bytes
Protocol
version
Type
Subtype
To
DS
More
Frag
Retry
Power
Mgmt
More
Data
WEP
2
2
4
1
From
DS
1
Order
bits
1
1
1
1
1
1
****** MAC address ormat ******
DS: Distribution System
AP: Access Point
DA: Destination Address
SA: Source Address
BSSID: Basic Service Set Identi ier
RA: Receiver Address
TA: Transmitter Address
****** Special Frames: ACK, RTS, CTS ******
* Acknowledgement
* Request To Send
* Clear To Send
Frame
Control
Duration
Receiver
Address
Transmitter
Address
CRC
2
2
6
6
4
bytes
Frame
Control
Duration
Receiver
Address
CRC
2
2
6
4
bytes
Frame
Control
Duration
Receiver
Address
CRC
2
2
6
4
bytes
ACK
RTS
CTS
****** 802.11 - MAC management ******
* Synchronization
o try to ind a LAN, try to stay within a LAN
o timer etc.
* Power management
o sleep-mode without missing a message
o periodic sleep, rame bu ering, tra ic measurements
* Association/Reassociation
o integration into a LAN
o roaming, i.e. change networks by changing access points
o scanning, i.e. active search or a network
* MIB - Management In ormation Base
o managing, read, write
****** Synchronization using a Beacon (in rastructure) ******
beacon interval
(20ms 1s)
t
medium
access
point
busy
B
busy
busy
busy
B
B
B
value o the timestamp
B
beacon rame
Beacon-Timestamp and other mgmt in o used or power and roaming
****** Synchronization using a Beacon (ad-hoc) ******
t
medium
station1
busy
B1
beacon interval
busy
busy
busy
B1
value o the timestamp
B
beacon rame
station2
B2
B2
random delay
****** Power management ******
* Idea: switch the transceiver o i not needed
* States o a station: sleep and awake
* Timing Synchronization Function (TSF)
o stations wake up at the same time
* In rastructure
o Tra ic Indication Map (TIM)
# list o unicast receivers transmitted by AP
o Delivery Tra ic Indication Map (DTIM)
# list o broadcast/multicast receivers transmitted by AP
* Ad-hoc
o Ad-hoc Tra ic Indication Map (ATIM)
# announcement o receivers by stations bu ering rames
# more complicated - no central AP
# collision o ATIMs possible (scalability?)
* APSD (Automatic Power Save Delivery)
o new method in 802.11e replacing above schemes
****** Power saving with wake-up patterns (in rastructure) ******
TIM interval
t
medium
access
point
busy
D
busy
busy
busy
T
T
D
T
TIM
D
DTIM
DTIM interval
B
B
B
broadcast/multicast
station
awake
p
PS poll
p
d
d
d
data transmission
to/ rom the station
****** Power saving with wake-up patterns (ad-hoc) ******
awake
A
transmit ATIM
D
transmit data
t
station1
B1
B1
B
beacon rame
station2
B2
B2
random delay
A
a
D
d
ATIM
window
beacon interval
a
acknowledge ATIM
d
acknowledge data
****** 802.11 - Roaming ******
* No or bad connection? Then per orm:
* Scanning
o scan the environment, i.e., listen into the medium or beacon
signals or send probes into the medium and wait or an answer
* Reassociation Request
o station sends a request to one or several AP(s)
* Reassociation Response
o success: AP has answered, station can now participate
o ailure: continue scanning
* AP accepts Reassociation Request
o signal the new station to the distribution system
o the distribution system updates its data base (i.e., location
in ormation)
o typically, the distribution system now in orms the old AP so it can
release resources
* Fast roaming 802.11r
o e.g. or vehicle-to-roadside networks
****** WLAN: IEEE 802.11b ******
* Data rate
o 1, 2, 5.5, 11 Mbit/s, depending on SNR
o User data rate max. approx. 6 Mbit/s
* Transmission range
o 300m outdoor, 30m indoor
o Max. data rate ~10m indoor
* Frequency
o DSSS, 2.4 GHz ISM-band
* Security
o Limited, WEP insecure, SSID
* Availability
o Many products, many vendors
* Connection set-up time
o Connectionless/always on
* Quality o Service
o Typ. Best e ort, no guarantees (unless polling is used, limited
support in products)
* Manageability
o Limited (no automated key distribution, sym. Encryption)
* Special Advantages/Disadvantages
o Advantage: many installed systems, lot o experience, available
worldwide, ree ISM-band, many vendors, integrated in laptops,
simple system
o Disadvantage: heavy inter erence on ISM-band, no service
guarantees, slow relative speed only
****** IEEE 802.11b PHY rame ormats ******
synchronization
SFD
signal
service
HEC
payload
PLCP preamble
PLCP header
128
16
8
8
16
variable
bits
length
16
192 s at 1 Mbit/s DBPSK
1, 2, 5.5 or 11 Mbit/s
short synch.
SFD
signal
service
HEC
payload
PLCP preamble
(1 Mbit/s, DBPSK)
PLCP header
(2 Mbit/s, DQPSK)
56
16
8
8
16
variable
bits
length
16
96 s
2, 5.5 or 11 Mbit/s
Long PLCP PPDU ormat
Short PLCP PPDU ormat (optional)
****** Channel selection (non-overlapping) ******
2400
[MHz]
2412
2483.5
2442
2472
channel 1
channel 7
channel 13
Europe (ETSI)
US (FCC)/Canada (IC)
2400
[MHz]
2412
2483.5
2437
2462
channel 1
channel 6
channel 11
22 MHz
22 MHz
****** WLAN: IEEE 802.11a ******
* Data rate
o 6, 9, 12, 18, 24, 36, 48, 54 Mbit/s, depending on SNR
o User throughput (1500 byte packets): 5.3 (6), 18 (24), 24 (36), 32
(54)
o 6, 12, 24 Mbit/s mandatory
* Transmission range
o 100m outdoor, 10m indoor
# E.g., 54 Mbit/s up to 5 m, 48 up to 12 m, 36 up to 25 m, 24
up to 30m, 18 up to 40 m, 12 up to 60 m
* Frequency
o Free 5.15-5.25, 5.25-5.35, 5.725-5.825 GHz ISM-band
* Security
o Limited, WEP insecure, SSID
* Availability
o Some products, some vendors
* Connection set-up time
o Connectionless/always on
* Quality o Service
o Typ. best e ort, no guarantees (same as all 802.11 products)
* Manageability
o Limited (no automated key distribution, sym. Encryption)
* Special Advantages/Disadvantages
o Advantage: its into 802.x standards, ree ISM-band, available,
simple system, uses less crowded 5 GHz band
o Disadvantage: stronger shading due to higher requency, no QoS
****** IEEE 802.11a PHY rame ormat ******
rate
service
payload
variable
bits
6 Mbit/s
PLCP preamble
signal
data
symbols
12
1
variable
reserved
length
tail
parity
tail
pad
6
16
6
1
12
1
4
variable
6, 9, 12, 18, 24, 36, 48, 54 Mbit/s
PLCP header
****** Operating channels o 802.11a in Europe ******
5150
[MHz]
5180
5350
5200
36
44
16.6 MHz
center requency
5000 + 5*channel
channel
40
48
52
56
60
64
5220
5240
5260
5280
5300
5320
5470
[MHz]
5500
5725
5520
100
108
16.6 MHz
channel
104
112
116
120
124
128
5540
5560
5580
5600
5620
5640
132
136
140
5660
5680
5700
****** Operating
5150
[MHz]
5180
5350
5200
36
44
16.6 MHz
center requency
5000 + 5*channel
=
number [MHz]
=
number [MHz]
channel
40
48
52
56
60
64
149
153
157
161
5220
5240
5260
5280
5300
5320
5725
[MHz]
5745
5825
5765
16.6 MHz
channel
5785
5805
****** OFDM in IEEE 802.11a ******
* OFDM with 52 used subcarriers (64 in total)
o 48 data + 4 pilot
# (plus 12 virtual subcarriers)
o 312.5 kHz spacing
subcarrier
number
1
7
21
26
-26
-21
-7
-1
channel center requency
312.5 kHz
pilot
****** WLAN: IEEE 802.11 current developments (05/2008) ******
* 802.11c: Bridge Support
o De inition o MAC procedures to support bridges as extension to
802.1D
* 802.11d: Regulatory Domain Update
o Support o additional regulations related to channel selection,
hopping sequences
* 802.11e: MAC Enhancements QoS
o Enhance the current 802.11 MAC to expand support or applications
with Quality o Service requirements, and in the capabilities and
e iciency o the protocol
o De inition o a data low (connection) with parameters like rate,
burst, period supported by HCCA (HCF (Hybrid Coordinator Function)
Controlled Channel Access, optional)
o Additional energy saving mechanisms and more e icient
retransmission
"Harald king executes these sepulchral monuments a ter Gorm, his ather
and Thyra, his mother. The Harald who won the whole o Denmark and Norway and
turned the Danes to Christianity."
Btw: Bltand means o dark complexion
(not having a blue tooth)
****** Characteristics ******
* 2.4 GHz ISM band, 79 (23) RF channels, 1 MHz carrier spacing
o Channel 0: 2402 MHz channel 78: 2480 MHz
o G-FSK modulation, 1-100 mW transmit power
* FHSS and TDD
o Frequency hopping with 1600 hops/s
o Hopping sequence in a pseudo random ashion, determined by a master
o Time division duplex or send/receive separation
* Voice link SCO (Synchronous Connection Oriented)
o FEC ( orward error correction), no retransmission, 64 kbit/
s duplex, point-to-point, circuit switched
* Data link ACL (Asynchronous ConnectionLess)
o Asynchronous, ast acknowledge, point-to-multipoint, up to 433.9
kbit/s symmetric or 723.2/57.6 kbit/s asymmetric, packet switched
* Topology
o Overlapping piconets (stars) orming a scatternet
****** Piconet ******
* Collection o devices connected in an ad hoc ashion
* One unit acts as master and the others as slaves or the li etime o the
piconet
* Master determines hopping pattern, slaves have to synchronize
* Each piconet has a unique hopping pattern
* Participation in a piconet = synchronization to hopping sequence
* Each piconet has one master and up to 7 simultaneous slaves (> 200 could
be parked)
M=Master
S=Slave
P=Parked
SB=Standby
M
S
P
SB
S
S
P
P
SB
****** Forming a piconet ******
* All devices in a piconet hop together
o Master gives slaves its clock and device ID
# Hopping pattern: determined by device ID (48 bit, unique
worldwide)
# Phase in hopping pattern determined by clock
* Addressing
o Active Member Address (AMA, 3 bit)
o Parked Member Address (PMA, 8 bit)
SB
SB
SB
SB
SB
SB
SB
SB
SB
M
S
P
SB
S
S
P
P
SB
54
0-2745
bits
AM address
type
low
ARQN
SEQN
HEC
3
4
1
1
1
8
bits
preamble
sync.
(trailer)
4
64
(4)
****** Physical Links between Master and Slave ******
* Synchronous connection oriented (SCO)
o Allocates ixed bandwidth between point-to-point connection o
master and slave
o Master maintains link using reserved slots
o Master can support three simultaneous links
* Asynchronous connectionless (ACL)
o Point-to-multipoint link between master and all slaves
o Only single ACL link can exist
****** SCO payload types ******
payload (30)
audio (30)
audio (10)
audio (10)
HV3
HV2
HV1
DV
FEC (20)
audio (20)
FEC (10)
header (1)
payload (0-9)
2/3 FEC
CRC (2)
(bytes)
****** ACL Payload types ******
payload (0-343)
header (1/2)
payload (0-339)
CRC (2)
header (1)
payload (0-17)
2/3 FEC
header (1)
payload (0-27)
header (2)
payload (0-121)
2/3 FEC
header (2)
payload (0-183)
header (2)
payload (0-224)
2/3 FEC
header (2)
payload (0-339)
DH5
DM5
DH3
DM3
DH1
DM1
header (1)
payload (0-29)
AUX1
CRC (2)
CRC (2)
CRC (2)
CRC (2)
CRC (2)
CRC (2)
(bytes)
****** Baseband data rates ******
Payload UserSymmetric Asymmetric
Header Payload
max. Rate max. Rate [kbit/s]
Type [byte] [byte] FEC CRC [kbit/s] Forward Reverse
DM1 1 0-17 2/3 yes 108.8 108.8 108.8
DH1 1 0-27 no yes 172.8 172.8 172.8
DM3 2 0-121 2/3 yes 258.1 387.2 54.4
DH3 2 0-183 no yes 390.4 585.6 86.4
DM5 2 0-224 2/3 yes 286.7 477.8 36.3
DH5 2 0-339 no yes 433.9723.257.6
AUX1 1 0-29 no no 185.6 185.6 185.6
HV1 na 10 1/3 no 64.0
HV2 na 20 2/3 no 64.0
HV3 na 30 no no 64.0
DV 1 D 10+(0-9) D 2/3 D yes D 64.0+57.6 D
ACL
1 slot
3 slot
5 slot
SCO
Data Medium/High rate, High-quality Voice, Data and Voice
****** Baseband link types ******
* Polling-based TDD packet transmission
o 625s slots, master polls slaves
* SCO (Synchronous Connection Oriented) Voice
o Periodic single slot packet assignment, 64 kbit/s ull-duplex,
point-to-point
* ACL (Asynchronous ConnectionLess) Data
o Variable packet size (1, 3, 5 slots), asymmetric bandwidth, pointto-multipoint
MASTER
SLAVE 1
SLAVE 2
6
0
1
7
12
13
19
18
SCO
SCO
SCO
SCO
ACL
5
21
4
20
ACL
ACL
8
9
17
14
ACL
****** Robustness ******
* Slow requency hopping with hopping patterns determined by a master
o Protection rom inter erence on certain requencies
o Separation rom other piconets (FH-CDMA)
* Retransmission
o ACL only, very ast
* Forward Error Correction
o SCO and ACL
MASTER
SLAVE 1
SLAVE 2
A
C
C
H
F
G
G
B
D
E
NAK
ACK
Error in payload
(not header!)
****** Baseband states o a Bluetooth device ******
standby
inquiry
page
connected
AMA
transmit
AMA
park
PMA
hold
AMA
sni
AMA
unconnected
connecting
active
low power
Standby: do nothing
Inquire: search or other devices
Page: connect to a speci ic device
Connected: participate in a piconet
detach
Park: release AMA, get PMA
Sni : listen periodically, not each slot
Hold: stop ACL, SCO still possible, possibly participate in another piconet
****** Example: Power consumption/CSR BlueCore2 ******
* Typical Average Current Consumption1
o VDD=1.8V Temperature = 20C
o Mode
# SCO connection HV3 (1s interval Sni Mode) (Slave) 26.0 mA
# SCO connection HV3 (1s interval Sni Mode) (Master) 26.0 mA
# SCO connection HV1 (Slave) 53.0 mA
# SCO connection HV1 (Master) 53.0 mA
# ACL data trans er 115.2kbps UART (Master) 15.5 mA
# ACL data trans er 720kbps USB (Slave) 53.0 mA
# ACL data trans er 720kbps USB (Master) 53.0 mA
# ACL connection, Sni
Mode 40ms interval, 38.4kbps UART 4.0
mA
# ACL connection, Sni Mode 1.28s interval, 38.4kbps UART 0.5
mA
# Parked Slave, 1.28s beacon interval, 38.4kbps UART 0.6 mA
# Standby Mode (Connected to host, no RF activity) 47.0 A
# Deep Sleep Mode2 20.0 A
* Notes:
o 1 Current consumption is the sum o both BC212015A and the lash.
o 2 Current consumption is or the BC212015A device only.
****** Example: Bluetooth/USB adapter (2002: 50, today: some cents i
integrated) ******
****** L2CAP - Logical Link Control and Adaptation Protocol ******
* Simple data link protocol on top o baseband
* Connection oriented, connectionless, and signaling channels
* Protocol multiplexing
o RFCOMM, SDP, telephony control
* Segmentation & reassembly
o Up to 64kbyte user data, 16 bit CRC used rom baseband
* QoS low speci ication per channel
o Follows RFC 1363, speci ies delay, jitter, bursts, bandwidth
* Group abstraction
o Create/close group, add/remove member
****** L2CAP Logical Channels ******
* Connectionless
o Supports connectionless service
o Each channel is unidirectional
o Used rom master to multiple slaves
* Connection-oriented
o Supports connection-oriented service
o Each channel is bidirectional
* Signaling
o Provides or exchange o signaling messages between L2CAP entities
****** L2CAP logical channels ******
baseband
L2CAP
baseband
L2CAP
baseband
L2CAP
Slave
Slave
Master
ACL
2
d
1
d
d
1
1
d
2
1
signalling
connectionless
connection-oriented
d
d
d
****** L2CAP packet ormats ******
length
2
bytes
CID=2
2
PSM
2
payload
0-65533
length
2
bytes
CID
2
payload
0-65535
length
2
bytes
CID=1
2
One or more commands
Connectionless PDU
Connection-oriented PDU
Signalling command PDU
code
ID
length
data
1
1
2
0
****** Security ******
E3
E2
link key (128 bit)
encryption key (128 bit)
payload key
Keystream generator
Data
Data
Cipher data
Authentication key generation
(possibly permanent storage)
Encryption key generation
(temporary storage)
PIN (1-16 byte)
User input (initialization)
Pairing
Authentication
Encryption
Ciphering
E3
E2
link key (128 bit)
encryption key (128 bit)
payload key
Keystream generator
PIN (1-16 byte)
****** SDP Service Discovery Protocol ******
* Inquiry/response protocol or discovering services
o Searching or and browsing services in radio proximity
o Adapted to the highly dynamic environment
o Can be complemented by others like SLP, Jini, Salutation,
o De ines discovery only, not the usage o services
o Caching o discovered services
o Gradual discovery
* Service record ormat
o In ormation about services provided by attributes
o Attributes are composed o an 16 bit ID (name) and a value
o values may be derived rom 128 bit Universally Unique Identi iers
(UUID)
****** Additional protocols to support legacy protocols/apps. ******
***** Cable replacement protocol *****
* RFCOMM
o Emulation o a serial port (supports a large base o legacy
applications)
o Allows multiple ports over a single physical channel
***** Telephony control protocol *****
Telephony Control Protocol Speci ication (TCS)
* Call control (setup, release)
* Group management
***** Adopted protocols *****
OBEX
* Exchange o objects, IrDA replacement
WAP
* Interacting with applications on cellular phones
****** Pro iles ******
* Represent de ault solutions or a certain usage model
o Vertical slice through the protocol stack
o Basis or interoperability
* Generic Access Pro ile
* Service Discovery Application Pro ile
* Cordless Telephony Pro ile
or
* Quality o Service
o Guarantees, ARQ/FEC
* Manageability
o Public/private keys needed, key management not speci ied, simple
system integration
* Special Advantages/Disadvantages
o Advantage: already integrated into several products, available
worldwide, ree ISM-band, several vendors, simple system, simple
ad-hoc networking, peer to peer, scatternets
o Disadvantage: inter erence on ISM-band, limited range, max. 8
active devices/network, high set-up latency
****** WPAN: IEEE 802.15 uture developments 1 ******
* 802.15.2: Coexistance
o Coexistence o Wireless Personal Area Networks (802.15) and
Wireless Local Area Networks (802.11), quanti y the mutual
inter erence
* 802.15.3: High-Rate
o Standard or high-rate (20Mbit/s or greater) WPANs, while still
low-power/low-cost
o Data Rates: 11, 22, 33, 44, 55 Mbit/s
o Quality o Service isochronous protocol
o Ad hoc peer-to-peer networking
o Security
o Low power consumption
o Low cost
o Designed to meet the demanding requirements o portable consumer
imaging and multimedia applications
****** WPAN: IEEE 802.15 uture developments 2 ******
* Several working groups extend the 802.15.3 standard
* 802.15.3a: - withdrawn o Alternative PHY with higher data rate as extension to 802.15.3
o Applications: multimedia, picture transmission
* 802.15.3b:
o Enhanced interoperability o MAC
o Correction o errors and ambiguities in the standard
* 802.15.3c:
o Alternative PHY at 57-64 GHz
o Goal: data rates above 2 Gbit/s
* Not all these working groups really create a standard, not all standards
will be ound in products later
****** WPAN: IEEE 802.15 uture developments 3 ******
* 802.15.4: Low-Rate, Very Low-Power
o Low data rate solution with multi-month to multi-year battery li e
and very low complexity
o Potential applications are sensors, interactive toys, smart badges,
remote controls, and home automation
o Data rates o 20-250 kbit/s, latency down to 15 ms
o Master-Slave or Peer-to-Peer operation
o Up to 254 devices or 64516 simpler nodes
o Support or critical latency devices, such as joysticks
o CSMA/CA channel access (data centric), slotted (beacon) or
unslotted
o Automatic network establishment by the PAN coordinator
o Dynamic device addressing, lexible addressing ormat
o Fully handshaked protocol or trans er reliability
o Power management to ensure low power consumption
o 16 channels in the 2.4 GHz ISM band, 10 channels in the 915 MHz US
ISM band and one channel in the European 868 MHz band
* Basis o the ZigBee technology www.zigbee.org
****** ZigBee ******
* Availability
o Many products, many vendors
* Connection set-up time
o N/A
* Quality o Service
o none
* Manageability
o Very simple, same as serial inter ace
* Special Advantages/Disadvantages
o Advantage: very low cost, large experience, high volume available
o Disadvantage: no QoS, crowded ISM bands (particularly 27 and 433
MHz), typ. no Medium Access Control, 418 MHz experiences
inter erence with TETRA
****** RFID Radio Frequency Identi ication (1) ******
* Data rate
o Transmission o ID only (e.g., 48 bit, 64kbit, 1 Mbit)
o 9.6 115 kbit/s
* Transmission range
o Passive: up to 3 m
o Active: up to 30-100 m
o Simultaneous detection o up to, e.g., 256 tags, scanning o , e.g.,
40 tags/s
* Frequency
o 125 kHz, 13.56 MHz, 433 MHz, 2.4 GHz, 5.8 GHz and many others
* Security
o Application dependent, typ. no crypt. on RFID device
* Cost
o Very cheap tags, down to 1 (passive)
* Availability
o Many products, many vendors
* Connection set-up time
o Depends on product/medium access scheme (typ. 2 ms per device)
* Quality o Service
o none
* Manageability
o Very simple, same as serial inter ace
* Special Advantages/Disadvantages
o Advantage: extremely low cost, large experience, high volume
available, no power or passive RFIDs needed, large variety o
products, relative speeds up to 300 km/h, broad temp. range
o Disadvantage: no QoS, simple denial o service, crowded ISM bands,
typ. one-way (activation/ transmission o ID)
****** RFID Radio Frequency Identi ication (2) ******
* Function
o Standard: In response to a radio interrogation signal rom a reader
(base station) the RFID tags transmit their ID
o Enhanced: additionally data can be sent to the tags, di erent
media access schemes (collision avoidance)
* Features
o No line-o sight required (compared to, e.g., laser scanners)
o RFID tags withstand di icult environmental conditions (sunlight,
cold, rost, dirt etc.)
o Products available with read/write memory, smart-card capabilities
* Categories
o Passive RFID: operating power comes rom the reader over the air
which is easible up to distances o 3 m, low price (1)
o Active RFID: battery powered, distances up to 100 m
****** RFID Radio Frequency Identi ication (3) ******
* Applications
o Total asset visibility: tracking o goods during manu acturing,
100
byte
SIFS
ACK
DIFS
100
byte
SIFS
ACK
DIFS
100
byte
SIFS
ACK
DIFS
100
byte
SIFS
ACK
802.15.1
79 channels
(separated by hopping pattern)
****** HIPERLAN (High Per ormance LAN) ******
****** ETSI - HIPERLAN ******
* ETSI standard
o European standard, c . GSM, DECT, ...
o Enhancement o local Networks and interworking with ixed networks
o integration o time-sensitive services rom the early beginning
* HIPERLAN amily
o one standard cannot satis y all requirements
# range, bandwidth, QoS support
# commercial constraints
o HIPERLAN 1 standardized since 1996
physical layer
channel access
control layer
medium access
control layer
physical layer
data link layer
HIPERLAN layers
OSI layers
network layer
higher layers
physical layer
medium access
control layer
logical link
control layer
IEEE 802.x layers
****** HIPERLAN 1 - Characteristics ******
* Data transmission
o point-to-point, point-to-multipoint, connectionless
o 23.5 Mbit/s, 1 W power, 2383 byte max. packet size
* Services
o asynchronous and time-bounded services with hierarchical priorities
o compatible with ISO MAC
* Topology
o in rastructure or ad-hoc networks
o transmission range can be larger than coverage o a single node
# channel
o optional (not
# channel
# channel
2: 5.2235268 GHz
allowed in all countries)
3: 5.2470562 GHz
4: 5.2705856 GHz
7.36.1
****** HIPERLAN 1 - Physical layer rames ******
* Maintaining a high data-rate (23.5 Mbit/s) is power consuming problematic or mobile terminals
o packet header with low bit-rate comprising receiver in ormation
o only receiver(s) address by a packet continue receiving
* Frame structure
o LBR (Low Bit-Rate) header with 1.4 Mbit/s
o 450 bit synchronization
o minimum 1, maximum 47 rames with 496 bit each
o or higher velocities o the mobile terminal (> 1.4 m/s) the
maximum number o rames has to be reduced
* Modulation
o GMSK or high bit-rate, FSK or LBR header
LBR
synchronization
data0
data1
datam-1
. . .
7.37.1
HBR
****** HIPERLAN 1 - CAC sublayer ******
* Channel Access Control (CAC)
o assure that terminal does not access orbidden channels
o priority scheme, access with EY-NPMA
* Priorities
o 5 priority levels or QoS support
o QoS is mapped onto a priority level with the help o the packet
li etime (set by an application)
# i packet li etime = 0 it makes no sense to orward the
packet to the receiver any longer
# standard start value 500ms, maximum 16000ms
# i a terminal cannot send the packet due to its current
priority, waiting time is permanently subtracted rom
li etime
# based on packet li etime, waiting time in a sender and number
o hops to the receiver, the packet is assigned to one out o
ive priorities
# the priority o waiting packets, there ore, rises
automatically
7.38.1
****** HIPERLAN 1 - EY-NPMA I ******
prioritization
* EY-NPMA (Elimination Yield Non-preemptive Priority Multiple Access)
o 3 phases: priority resolution, contention resolution, transmission
o inding the highest priority
# every priority corresponds to a time-slot to send in the
irst phase, the higher the priority the earlier the timeslot to send
# higher priorities can not be preempted
# i an earlier time-slot or a higher priority remains empty,
stations with the next lower priority might send
# a ter this irst phase the highest current priority has been
determined
contention
transmission
transmission
synchronization
priority detection
priority assertion
t
user data
elimination burst
elimination survival
veri ivcation
yield listening
7.39.1
IYS
IPS
IPA
IES
IESV
****** HIPERLAN 1 - EY-NPMA II ******
* Several terminals can now have the same priority and wish to send
o contention phase
# Elimination Burst: all remaining terminals send a burst to
eliminate contenders (11111010100010011100000110010110, high
bit- rate)
# Elimination Survival Veri ication: contenders now sense the
channel, i the channel is ree they can continue, otherwise
they have been eliminated
# Yield Listening: contenders again listen in slots with a
nonzero probability, i the terminal senses its slot idle it
is ree to transmit at the end o the contention phase
# the important part is now to set the parameters or burst
duration and channel sensing (slot-based, exponentially
distributed)
o data transmission
# the winner can now send its data (however, a small chance o
collision remains)
# i the channel was idle or a longer time (min. or a
duration o 1700 bit) a terminal can send at once without
using EY-NPMA
o synchronization using the last data transmission
7.40.1
****** HIPERLAN 1 - DT-HCPDU/AK-HCPDU ******
1
0
1
0
1
0
1
0
0
1
HI
HDA
HDA
HDACS
BLIR = n
1
BLIRCS
LBR
0
1
2
3
4
5
6
7
bit
HBR
0
1
2
3
4
5
6
7
bit
TI
BLI = n
byte
1
PLI = m
HID
2
3 - 6
DA
7 - 12
SA
13 - 18
UD
19 - (52n-m-4)
PAD
(52n-m-3) - (52n-4)
CS
(52n-3) - 52n
1
0
1
0
1
0
1
0
0
1
HI
AID
AID
AIDCS
LBR
0
1
2
3
4
5
6
7
bit
Data HCPDU
Acknowledgement HCPDU
7.41.1
HI: HBR-part Indicator
HDA: Hashed Destination HCSAP Address
HDACS: HDA CheckSum
BLIR: Block Length Indicator
BLIRCS: BLIR CheckSum
TI: Type Indicator
BLI: Block Length Indicator
HID: HIPERLAN IDenti ier
DA: Destination Address
SA: Source Address
UD: User Data (1-2422 byte)
PAD: PADding
CS: CheckSum
AID: Acknowledgement IDenti ier
AIDS: AID CheckSum
****** HIPERLAN 1 - MAC layer ******
* Compatible to ISO MAC
* Supports time-bounded services via a priority scheme
* Packet orwarding
o support o directed (point-to-point) orwarding and broadcast
orwarding (i no path in ormation is available)
o support o QoS while orwarding
* Encryption mechanisms
o mechanisms integrated, but without key management
* Power conservation mechanisms
o mobile terminals can agree upon awake patterns (e.g., periodic
wake-ups to receive data)
o additionally, some nodes in the networks must be able to bu er
data or sleeping terminals and to orward them at the right time
(so called stores)
7.42.1
****** HIPERLAN 1 - DT-HMPDU ******
* LI: Length Indicator
* TI: Type Indicator
* RL: Residual Li etime
* PSN: Sequence Number
* DA: Destination Address
* SA: Source Address
* ADA: Alias Destination Address ASA: Alias Source Address
* UP: User Priority
* ML: MSDU Li etime
* KID: Key Identi ier
* IV: Initialization Vector
* UD: User Data, 12383 byte
* SC: Sanity Check ( or the unencrypted PDU)
n= 402422
7.43.1
0
1
2
3
4
5
6
7
bit
LI = n
byte
1 - 2
TI = 1
RL
3
4 - 5
PSN
6 - 7
DA
8 - 13
SA
14 - 19
ADA
20 - 25
ASA
26 - 31
UP
ML
ML
KID
IV
IV
UD
SC
32
33
34
35 - 37
38 - (n-2)
(n-1) - n
Data HMPDU
****** In ormation bases ******
* Route In ormation Base (RIB) - how to reach a destination
o [destination, next hop, distance]
* Neighbor In ormation Base (NIB) - status o direct neighbors
o [neighbor, status]
* Hello In ormation Base (HIB) - status o destination (via next hop)
o [destination, status, next hop]
* Alias In ormation Base (AIB) - address o nodes outside the net
o [original MSAP address, alias MSAP address]
* Source Multipoint Relay In ormation Base (SMRIB) - current MP status
o [local multipoint orwarder, multipoint relay set]
* Topology In ormation Base (TIB) - current HIPERLAN topology
o [destination, orwarder, sequence]
* Duplicate Detection In ormation Base (DDIB) - remove duplicates
o [source, sequence]
7.44.1
****** Ad-hoc networks using HIPERLAN 1 ******
neighborhood
(i.e., within radio range)
In ormation Bases (IB):
RIB: Route
NIB: Neighbor
HIB: Hello
AIB: Alias
SMRIB: Source Multipoint Relay
TIB: Topology
DDIB: Duplicate Detection
RIB
NIB
HIB
AIB
SMRIB
TIB
DDIB
RIB
NIB
HIB
AIB
SMRIB
TIB
DDIB
RIB
NIB
HIB
AIB
SMRIB
TIB
DDIB
RIB
NIB
HIB
AIB
DDIB
RIB
NIB
HIB
AIB
DDIB
RIB
NIB
HIB
AIB
DDIB
1
2
3
4
5
6
Forwarder
Forwarder
Forwarder
7.45.1
****** Overview: original HIPERLAN protocol amily ******
Check out Wireless ATM or new names!
****** Mobile Communications Chapter 9: Mobile Transport Layer ******
* Motivation, TCP-mechanisms
* Classical approaches (Indirect TCP, Snooping TCP, Mobile TCP)
* PEPs in general
* Additional optimizations (Fast retransmit/recovery, Transmission
reezing, Selective retransmission, Transaction oriented TCP)
* TCP or 2.5G/3G wireless
****** Transport Layer ******
* E.g. HTTP (used by web services) typically uses TCP
o Reliable transport between client and server required
* TCP
o Steam oriented, not transaction oriented
o Network riendly: time-out
congestion slow down transmission
* Well known TCP guesses quite o ten wrong in wireless and mobile
networks
o Packet loss due to transmission errors
o Packet loss due to change o network
* Result
o Severe per ormance degradation
Client
Server
Connection
setup
Data
transmission
Connection
release
TCP SYN
TCP SYN/ACK
TCP ACK
HTTP request
HTTP response
GPRS: 500ms!
>15 s
no data
****** Motivation I ******
* Transport protocols typically designed or
o Fixed end-systems
o Fixed, wired networks
* Research activities
o Per ormance
o Congestion control
o E icient retransmissions
* TCP congestion control
o packet loss in ixed networks typically due to (temporary) overload
situations
o router have to discard packets as soon as the bu ers are ull
o TCP recognizes congestion only indirect via missing
acknowledgements, retransmissions unwise, they would only
contribute to the congestion and make it even worse
o slow-start algorithm as reaction
****** Motivation II ******
* TCP slow-start algorithm
o sender calculates a congestion window or a receiver
o start with a congestion window size equal to one segment
o exponential increase o the congestion window up to the congestion
threshold, then linear increase
o missing acknowledgement causes the reduction o the congestion
threshold to one hal o the current congestion window
o congestion window starts again with one segment
* TCP ast retransmit/ ast recovery
o TCP sends an acknowledgement only a ter receiving a packet
o i a sender receives several acknowledgements or the same packet,
this is due to a gap in received packets at the receiver
o however, the receiver got all packets up to the gap and is actually
receiving packets
o there ore, packet loss is not due to congestion, continue with
current congestion window (do not use slow-start)
****** In luences o mobility on TCP-mechanisms ******
* TCP assumes congestion i packets are dropped
o typically wrong in wireless networks, here we o ten have packet
loss due to transmission errors
o urthermore, mobility itsel can cause packet loss, i e.g. a
mobile node roams rom one access point (e.g. oreign agent in
Mobile IP) to another while there are still packets in transit to
the wrong access point and orwarding is not possible
* The per ormance o an unchanged TCP degrades severely
o however, TCP cannot be changed undamentally due to the large base
o installation in the ixed network, TCP or mobility has to
remain compatible
o the basic TCP mechanisms keep the whole Internet together
****** Early approach: Indirect TCP I ******
* Indirect TCP or I-TCP segments the connection
o no changes to the TCP protocol or hosts connected to the wired
Internet, millions o computers use (variants o ) this protocol
o optimized TCP protocol or mobile hosts
o splitting o the TCP connection at, e.g., the oreign agent into 2
TCP connections, no real end-to-end connection any longer
o hosts in the ixed part o the net do not notice the
characteristics o the wireless part
mobile host
access point
( oreign agent)
wired Internet
wireless TCP
standard TCP
****** I-TCP socket and state migration ******
mobile host
access point2
Internet
access point1
socket migration
and state trans er
****** Indirect TCP II ******
* Advantages
o no changes in the ixed network necessary, no changes or the hosts
(TCP protocol) necessary, all current optimizations to TCP still
work
o transmission errors on the wireless link do not propagate into the
ixed network
o simple to control, mobile TCP is used only or one hop between,
e.g., a oreign agent and mobile host
o there ore, a very ast retransmission o packets is possible, the
short delay on the mobile hop is known
* Disadvantages
o loss o end-to-end semantics, an acknowledgement to a sender does
now not any longer mean that a receiver really got a packet,
oreign agents might crash
o higher latency possible due to bu ering o data within the oreign
agent and orwarding to a new oreign agent
****** Early approach: Snooping TCP I ******
* Transparent extension o TCP within the oreign agent
o bu ering o packets sent to the mobile host
o lost packets on the wireless link (both directions!) will be
retransmitted immediately by the mobile host or oreign agent,
respectively (so called local retransmission)
o the oreign agent there ore snoops the packet low and recognizes
acknowledgements in both directions, it also ilters ACKs
o changes o TCP only within the oreign agent
wired Internet
bu ering o data
end-to-end TCP connection
local retransmission
correspondent
host
oreign
agent
mobile
host
snooping o ACKs
****** Snooping TCP II ******
* Data trans er to the mobile host
o FA bu ers data until it receives ACK o the MH, FA detects packet
loss via duplicated ACKs or time-out
o ast retransmission possible, transparent or the ixed network
* Data trans er rom the mobile host
o FA detects packet loss on the wireless link via sequence numbers,
FA answers directly with a NACK to the MH
o MH can now retransmit data with only a very short delay
* Integration o the MAC layer
o MAC layer o ten has similar mechanisms to those o TCP
o thus, the MAC layer can already detect duplicated packets due to
retransmissions and discard them
* Problems
o snooping TCP does not isolate the wireless link as good as I-TCP
o snooping might be useless depending on encryption schemes
****** Early approach: Mobile TCP ******
* Special handling o lengthy and/or requent disconnections
* M-TCP splits as I-TCP does
o unmodi ied TCP ixed network to supervisory host (SH)
o optimized TCP SH to MH
* Supervisory host
o no caching, no retransmission
o monitors all packets, i disconnection detected
# set sender window size to 0
# sender automatically goes into persistent mode
o old or new SH reopen the window
* Advantages
o maintains semantics, supports disconnection, no bu er orwarding
* Disadvantages
o loss on wireless link propagated into ixed network
o adapted TCP on wireless link
****** Fast retransmit/ ast recovery ******
* Change o oreign agent o ten results in packet loss
o TCP reacts with slow-start although there is no congestion
* Forced ast retransmit
o as soon as the mobile host has registered with a new oreign agent,
the MH sends duplicated acknowledgements on purpose
o this orces the ast retransmit mode at the communication partners
o additionally, the TCP on the MH is orced to continue sending with
the actual window size and not to go into slow-start a ter
registration
* Advantage
o simple changes result in signi icant higher per ormance
* Disadvantage
o urther mix o IP and TCP, no transparent approach
****** Transmission/time-out reezing ******
* Mobile hosts can be disconnected or a longer time
o no packet exchange possible, e.g., in a tunnel, disconnection due
to overloaded cells or mux. with higher priority tra ic
o TCP disconnects a ter time-out completely
* TCP reezing
o MAC layer is o ten able to detect interruption in advance
browser
integrated enhancement
* Enhanced browsers
o Pre- etching, caching, o -line use
o e.g. Internet Explorer
* Additional, accompanying application
o Pre- etching, caching, o -line use
o e.g. original WebWhacker
web
server
mobile client
browser
additional application
web
server
****** System support or WWW in a mobile world II (some historical) ******
* Client Proxy
o Pre- etching, caching, o -line use
o e.g., Caubweb, TeleWeb, Weblicator, WebWhacker, WebEx, WebMirror,
...
* Network Proxy
o adaptive content trans ormation or bad connections, pre- etching,
caching
o e.g., TranSend, Digestor
mobile client
browser
network
proxy
web
server
mobile client
browser
client
proxy
web
server
****** System support or WWW in a mobile world III (some historical) ******
* Client and network proxy
o combination o bene its plus simpli ied protocols
o e.g., MobiScape, WebExpress
* Special network subsystem
o adaptive content trans ormation or bad connections, pre- etching,
caching
o e.g., Mowgli
* Additional many proprietary server extensions possible
o channels, content negotiation, ...
mobile client
browser
web
server
mobile client
browser
client
proxy
web
server
network
proxy
client
proxy
network
proxy
****** WAP - Wireless Application Protocol ******
* Goals
o deliver Internet content and enhanced services to mobile devices
and users (mobile phones, PDAs)
o independence rom wireless network standards
o open or everyone to participate, protocol speci ications will be
proposed to standardization bodies
o applications should scale well beyond current transport media and
device types and should also be applicable to uture developments
* Plat orms
o e.g., GSM (900, 1800, 1900), CDMA IS-95, TDMA IS-136, 3rd
generation systems (IMT-2000, UMTS, W-CDMA, cdma2000 1x EV-DO, )
* Forum
o was: WAP Forum, co- ounded by Ericsson, Motorola, Nokia, Unwired
Planet, urther in ormation www.wap orum.org
o now: Open Mobile Alliance www.openmobilealliance.org (Open Mobile
Architecture + WAP Forum + SyncML + )
****** WAP - scope o standardization ******
* Browser
o micro browser, similar to existing, well-known browsers in the
Internet
* Script language
o similar to Java script, adapted to the mobile environment
* WTA/WTAI
o Wireless Telephony Application (Inter ace): access to all telephone
unctions
* Content ormats
o e.g., business cards (vCard), calendar events (vCalender)
* Protocol layers
o transport layer, security layer, session layer etc.
****** WAP 1.x - re erence model and protocols ******
Bearers (GSM, CDPD, ...)
Security Layer (WTLS)
Session Layer (WSP)
Application Layer (WAE)
Transport Layer (WDP)
TCP/IP,
UDP/IP,
media
SSL/TLS
HTML, Java
HTTP
Internet
WAP
WAE comprises WML (Wireless Markup Language), WML Script, WTAI etc.
Transaction Layer (WTP)
additional services and applications
WCMP
A-SAP
S-SAP
TR-SAP
SEC-SAP
T-SAP
****** WAP - network elements ******
wireless network
ixed network
WAP
proxy
WTA
server
ilter/
WAP
proxy
web
server
ilter
PSTN
Internet
Binary WML: binary ile ormat or clients
Binary WML
Binary WML
Binary WML
HTML
HTML
HTML
WML
WML
HTML
****** WDP - Wireless Datagram Protocol ******
* Protocol o the transport layer within the WAP architecture
o uses directly transports mechanisms o di erent network
technologies
o o ers a common inter ace or higher layer protocols
o allows or transparent communication using di erent transport
technologies (GSM [SMS, CSD, USSD, GPRS, ...], IS-136, TETRA, DECT,
PHS, IS-95, ...)
* Goals o WDP
o create a worldwide interoperable transport system with the help o
WDP adapted to the di erent underlying technologies
o transmission services such as SMS, GPRS in GSM might change, new
services can replace the old ones
* Additionally, WCMP (wireless Control Message Protocol) is used or
control/error report (similar to ICMP in the TCP/IP protocol suite)
****** WDP - Service Primitives ******
T-SAP
T-SAP
T-DUnitdata.req (DA, DP, SA, SP, UD)
T-DUnitdata.ind (SA, SP, UD)
T-DUnitdata.req (DA, DP, SA, SP, UD)
T-DError.ind (EC)
****** Usage o WDP ******
GSM-SMS
GSM-CSD
WTLS
WDP &
Adaptation
SMS
Wireless Data Gateway
WTLS
WDP &
Adaptation
Tunnel
Subnetwork
SMS
Tunnel
Subnetwork
WAP
Proxy
WTLS
UDP
WTLS
UDP
IP
PPP
CSD-RF
IP
Subnetwork
IP
PPP
CSD-RF
PSTN
Circuit
Subnetwork
Interworking
Function
Internet Service Provider
Remote Access Service
PSTN
Circuit
****** WTLS - Wireless Transport Layer Security ******
* Goals
o data integrity
# prevention o changes in data
o privacy
# prevention o tapping
o authentication
# creation o authenticated relations between a mobile device
and a server
o protection against denial-o -service attacks
# protection against repetition o data and unveri ied data
* WTLS
o is based on the TLS (Transport Layer Security) protocol ( ormer
SSL, Secure Sockets Layer)
o optimized or low-bandwidth communication channels
****** Secure session, ull handshake ******
SEC-Create.req
(SA, SP, DA, DP, KES, CS, CM)
SEC-Create.ind
(SA, SP, DA, DP, KES, CS, CM)
originator
SEC-SAP
peer
SEC-SAP
SEC-Create.cn
(SNM, KR, SID, KES, CS, CM)
SEC-Create.res
(SNM, KR, SID, KES, CS, CM)
SEC-Exchange.req
SEC-Exchange.ind
SEC-Exchange.res
(CC)
SEC-Commit.req
SEC-Exchange.cn
(CC)
SEC-Commit.ind
SEC-Commit.cn
****** SEC-Unitdata - trans erring datagrams ******
SEC-Unitdata.req
A, UD, C=1, H)
A, UD, C=1, H)
A, UD, C=1, H)
A, UD, C=1, H)
Ack PDU
TR-Invoke.res
(H)
TR-Invoke.cn
(H)
Ack PDU
TR-Result.req
(UD*, H)
TR-Result.res
(H)
TR-Result.cn
(H)
****** WTP Class 2 transaction, hold on, no user ack ******
TR-Invoke.req
(SA, SP, DA, DP, A, UD, C=2, H)
Invoke PDU
TR-Invoke.ind
(SA, SP, DA, DP, A, UD, C=2, H)
initiator
TR-SAP
responder
TR-SAP
Result PDU
TR-Result.req
(UD*, H)
TR-Result.ind
(UD*, H)
Ack PDU
Ack PDU
TR-Invoke.cn
(H)
TR-Result.res
(H)
TR-Result.cn
(H)
****** WSP - Wireless Session Protocol ******
* Goals
o HTTP 1.1 unctionality
# Request/reply, content type negotiation, ...
o support o client/server, transactions, push technology
o key management, authentication, Internet security services
o session management (interruption, resume,...)
* Open topics
o QoS support
o group communication
o isochronous media objects
o management
****** WSP protocols ******
WSP
Connection mode
(uses WTP)
Connectionless mode
(uses WDP or WTLS)
* Session Management (class 0, 2)
* Method Invocation (Kl. 2)
* Error Report
* Push (class 0)
* Con irmed Push (class 1)
* Session suspend/resume (class 0, 2)
* Method Invocation
* Push
(in general unreliable)
****** WSP/B session establishment ******
S-Connect.req
(SA, CA, CH, RC)
Connect PDU
S-Connect.ind
(SA, CA, CH, RC)
client
S-SAP
server
S-SAP
ConnReply PDU
S-Connect.res
(SH, NC)
S-Connect.cn
(SH, NC)
WTP Class 2
transaction
****** WSP/B session suspend/resume ******
S-Suspend.req
Suspend PDU
S-Suspend.ind
(R)
client
S-SAP
server
S-SAP
Reply PDU
S-Resume.res
WTP Class 2
transaction
S-Suspend.ind
(R)
~
~
S-Resume.req
(SA, CA)
S-Resume.ind
(SA, CA)
Resume PDU
S-Resume.cn
WTP Class 0
transaction
****** WSP/B session termination ******
Disconnect PDU
S-Disconnect.ind
(R)
client
S-SAP
server
S-SAP
S-Disconnect.ind
(R)
WTP Class 0
transaction
S-Disconnect.req
(R)
****** WSP/B method invoke ******
S-MethodInvoke.req
(CTID, M, RU)
Method PDU
S-MethodInvoke.ind
(STID, M, RU)
client
S-SAP
server
S-SAP
Reply PDU
S-MethodInvoke.res
(STID)
S-MethodInvoke.cn
(CTID)
WTP Class 2
transaction
S-MethodResult.req
(STID, S, RH, RB)
S-MethodResult.ind
(CTID, S, RH, RB)
S-MethodResult.res
(CTID)
S-MethodResult.cn
(STID)
****** WSP/B over WTP - method invocation ******
S-MethodInvoke.req
S-MethodInvoke.ind
client
S-SAP
server
S-SAP
S-MethodInvoke.res
S-MethodInvoke.cn
S-MethodResult.req
S-MethodResult.ind
S-MethodResult.res
S-MethodResult.cn
TR-Invoke.req
initiator
TR-SAP
TR-Result.ind
TR-Invoke.cn
TR-Result.res
TR-Invoke.ind
responder
TR-SAP
TR-Invoke.res
TR-Result.req
TR-Result.cn
Invoke(Method)
Result(Reply)
Ack PDU
Ack PDU
****** WSP/B over WTP - asynchronous, unordered requests ******
S-MethodInvoke_1.req
S-MethodInvoke_1.ind
client
S-SAP
server
S-SAP
S-MethodInvoke_2.req
S-MethodInvoke_3.req
S-MethodResult_1.ind
S-MethodInvoke_4.req
S-MethodResult_3.ind
S-MethodResult_4.ind
S-MethodResult_2.ind
S-MethodInvoke_3.ind
S-MethodInvoke_2.ind
S-MethodResult_1.req
S-MethodResult_2.req
S-MethodResult_3.req
S-MethodResult_4.req
S-MethodInvoke_4.ind
****** WSP/B - con irmend/non-con irmed push ******
S-Push.req
(PH, PB)
client
S-SAP
server
S-SAP
Con Push PDU
WTP Class 1
transaction
S-Push.ind
(PH, PB)
S-Con irmedPush.res
(CPID)
S-Con irmedPush.ind
(CPID, PH, PB)
WTP Class 0
transaction
Push PDU
S-Con irmedPush.req
(SPID, PH, PB)
client
S-SAP
server
S-SAP
S-Con irmedPush.cn
(SPID)
****** WSP/B over WDP ******
S-Unit-MethodInvoke.req
(SA, CA, TID, M, RU)
client
S-SAP
server
S-SAP
S-Unit-MethodResult.ind
(CA, SA, TID, S, RH, RB)
S-Unit-Push.ind
(CA, SA, PID, PH, PB)
S-Unit-MethodInvoke.ind
(SA, CA, TID, M, RU)
S-Unit-MethodResult.req
(CA, SA, TID, S, RH, RB)
S-Unit-Push.req
(CA, SA, PID, PH, PB)
Method PDU
Reply PDU
Push PDU
WDP Unitdata
service
****** WAE - Wireless Application Environment ******
* Goals
o network independent application environment or low-bandwidth,
wireless devices
o integrated Internet/WWW programming model with high
interoperability
* Requirements
o device and network independent, international support
o manu acturers can determine look-and- eel, user inter ace
o considerations o slow links, limited memory, low computing power,
small display, simple user inter ace (compared to desktop
computers)
* Components
o architecture: application model, browser, gateway, server
o WML: XML-Syntax, based on card stacks, variables, ...
o WMLScript: procedural, loops, conditions, ... (similar to
JavaScript)
o WTA: telephone services, such as call control, text messages, phone
book, ... (accessible rom WML/WMLScript)
o content ormats: vCard, vCalendar, Wireless Bitmap, WML, ...
****** WAE logical model ******
Origin Servers
web
server
other content
server
Gateway
Client
other
WAE
user agents
WML
user agent
WTA
user agent
encoders
&
decoders
encoded
request
request
encoded
response
with
content
response
with
content
push
content
encoded
push
content
****** Wireless Markup Language (WML) ******
* WML ollows deck and card metaphor
o WML document consists o many cards, cards are grouped to decks
o a deck is similar to an HTML page, unit o content transmission
o WML describes only intent o interaction in an abstract manner
Accept call
Voice connection
Indicate new voice message
Play requested voice message
Setup call
Accept call
Accept call
WTA-Gateway
Push URL
Display deck;
user selects
WSP Get
HTTP Get
Respond with content
WML
Binary WML
WSP Get
HTTP Get
Respond with card
or call
WML
Binary WML
Wait or call
Setup call
****** WTAI - example with WML only ******
***** <?xml version="1.0"?> *****
***** <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" *****
***** "http://www.wap orum.org/DTD/wml_1.1.xml"> *****
***** <wml> *****
***** <card id="card_one" title="Tele voting"> *****
***** <do type="accept"> *****
***** <go hre ="#card_two"/> *****
***** </do> *****
***** <p> Please choose your candidate! </p> *****
***** </card> *****
***** <card id="card_two" title="Your selection"> *****
***** <do type="accept"> *****
***** <go hre ="wtai://wp/mc;$dialno"/> *****
***** </do> *****
***** <p> Your selection: *****
***** <select name="dialno"> *****
***** <option value="01376685">Mickey</option> *****
***** <option value="01376686">Donald</option> *****
***** <option value="01376687">Pluto</option> *****
***** </select> *****
***** </p> *****
***** </card> *****
***** </wml> *****
****** WTAI - example with WML and WMLScript I ******
***** unction voteCall(Nr) { *****
***** var j = WTACallControl.setup(Nr,1); *****
***** i (j>=0) { *****
***** WMLBrowser.setVar("Message", "Called"); *****
***** WMLBrowser.setVar("No", Nr); *****
***** } *****
***** else { *****
***** WMLBrowser.setVar("Message", "Error!"); *****
***** WMLBrowser.setVar("No", j); *****
***** } *****
***** WMLBrowser.go("showResult"); *****
***** } *****
****** WTAI - example with WML and WMLScript II ******
***** <?xml version="1.0"?> *****
***** <!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" *****
***** "http://www.wap orum.org/DTD/wml_1.1.xml"> *****
***** <wml> *****
***** <card id="card_one" title="Tele voting"> *****
***** <do type="accept"> <go hre ="#card_two"/> </do> *****
***** <p> Please choose your candidate! </p> *****
***** </card> *****
***** <card id="card_two" title="Your selection"> *****
***** <do type="accept"> *****
***** <go hre ="/myscripts#voteCall($dialno)"/> </do> *****
***** <p> Your selection: *****
***** <select name="dialno"> *****
***** <option value="01376685">Mickey</option> *****
***** <option value="01376686">Donald</option> *****
***** <option value="01376687">Pluto</option> *****
***** </select> </p> *****
***** </card> *****
***** <card id="showResult" title="Result"> *****
***** <p> Status: $Message $No </p> *****
***** </card> *****
***** </wml> *****
****** WAP push architecture with proxy gateway ******
* Push Access Protocol
o Content transmission between server and PPG
o First version uses HTTP
* Push OTA (Over The Air) Protocol
o Simple, optimized
o Mapped onto WSP
Client
User Agents
Push Proxy
Gateway
Coding,
checking
Push OTA
Protocol
Push Initiator
Push
Access
Protocol
Server
application
****** Push/Pull services in WAP I ******
* Service Indication
o Service announcement using a pushed short message
o Service usage via a pull
o Service identi ication via a URI
***** <?xml version="1.0"?> *****
***** <!DOCTYPE si PUBLIC "-//WAPFORUM//DTD SI 1.0//EN" *****
***** "http://www.wap orum.org/DTD/si.dtd"> *****
***** <si> *****
***** <indication hre ="http://www.piiiizza4u.de/o er/salad.wml"
*****
***** created="2007-10-30T17:45:32Z" *****
***** si-expires="2007-10-30T17:50:31Z"> *****
***** Salad special: The 5 minute o er *****
***** </indication> *****
PDC-P
TL
HTTP(S)
cHTML + tags
mobile terminal
PDC-P
TL
mobile network
gateway
content provider
L1
L2
IP
TCP
L1
L2
IP
TCP
L1
L2
IP
TCP
L1
L2
IP
TCP
HTTP(S)
cHTML + tags
****** Email example: i-mode push with SMS ******
application
WSP
WTP
WDP
SMS
Operator sends an SMS containing a push message i a new email has arrived. I
the user wants to read the email, an HTTP get ollows with the email as
response.
Popular misconception:
WAP was a ailure, i-mode is di erent and a success wrong rom a technology
point o view, right rom a business point o view
i-mode as a business model:
* content providers get >80% o the revenue.
* independent o technology (GSM/GPRS in Europe, PDC-P in Japan but also
UMTS!)
* not success ul in e.g. Germany (stopped in 2008)
****** i-mode protocol stack based on WAP 2.0 ******
user equipment
gateway
i-mode can use WAP 2.0/Internet protocols (example: i-mode in Germany over GSM/
GPRS)
server
cHTML
HTTP
WTCP
IP
L2
L1
SSL
WTCP
IP
L2
L1
TCP
IP
L2
L1
cHTML
HTTP
SSL
TCP
IP
L2
L1
****** i-mode technical requirements ******
Functions
Descriptions
Status Requirement
WEB Access Portal Site / Internet Access
M
i-mode HTML (cHTML+tags)
E-mail
Internet e-mail and inter-terminal email
M
HTTP 1.1
Security
End-End security
O
SSL (Version 2, 3), TLS 1
Java
Java application made available
O
Compatible i-mode JAVA
Ringing tone Ringing melody download
M
SMF based
download
Image
Stand-by screen download
M
GIF (O: JPEG)
download
Voice call
noti ication Voice termination noti ied and responded during i-mode communicatio
ns
M
3GPP standard system
during imode session
Content
Speci ications depend on each operators billing
charge
Per content charge billed to user
M
system
billing
Third party
Speci ications depend on each operators billing
payment
Content charge collection on behal o Content Provider
M
system
collection
Reverse
Packet usage charges can be billed to third party
O
Speci ications depend on each operators billing
billing
system
Subscriber Hashed subscriber ID rom the operators portal to the CP transmissio
n on
The ID generation algorithm should be determined
ID
each content access
M
by each operator and has to be secret
transmission
Number o
To be de ined by operators (e.g. 500 byte, 1K
characters Number o characters (byte) per e-mail
M
byte, 10K byte)
per e-mail
Character
code set
M
supported
User Agent Browser speci ications to be noti ied
M
HTTP 1.1
i-mode
Dedicated button
O
Hard or so t key
button
****** i-mode very irst examples I ******
****** i-mode very irst examples II ******
****** i-mode very irst examples III ******
****** WAP 2.0 (July 2001) ******
* New or developers
o XHTML
o TCP with Wireless Pro ile
o HTTP
* New applications
o Color graphics
o Animation
o Large ile download
o Location based services
o Synchronization with PIMs
o Pop-up/context sensitive menus
* Goal: integration o WWW, Internet, WAP, i-mode
****** WAP 2.0 architecture ******
Service
discovery
Security
services
Application
ramework
Protocol ramework
External services EFI
Provisioning
Navigation
Discovery
Service
Lookup
Crypto
libraries
Authenti-cation
Identi ication
PKI
Secure
transport
Secure
bearer
Session
Trans er
Transport
Bearer
Multimedia Messaging (Email)
WAE/WTA User Agent (WML, XHTMLMP)
Content ormats
Push
IPv4
IPv6
CSD
SMS
USSD
FLEX
GPRS
MPAK
...
...
Datagrams
(WDP, UDP)
Connections
(TCP with wireless pro ile)
Hypermedia trans er (WTP+WSP, HTTP)
Strea-ming
MMS
Push
OTA
Capability Negotiation
Synchronisation
Cookies
****** WAP 2.0 example protocol stacks ******
bearer
WDP
WTLS
WTP
WSP
WAE
WAP device
bearer
WDP
WTLS
WTP
WSP
IP
TCP
TLS
HTTP
IP
TCP
TLS
HTTP
WAE
Web server
WAP gateway
WAP 1.x Server/Gateway/Client
IP
TCP
TLS
HTTP
WAE
WAP device
IP
TCP
IP
TCP
IP
TCP
TLS
HTTP
WAE
Web server
WAP proxy
WAP Proxy with TLS tunneling
IP
TCP
HTTP
WAE
WAP device
IP
TCP
IP
TCP
IP
TCP
WAE
Web server
WAP proxy
WAP HTTP Proxy with pro iled TCP and HTTP
HTTP
HTTP
HTTP
IP
TCP
HTTP
WAE
WAP device
IP
IP
IP
TCP
WAE
Web server
IP router
WAP direct access
HTTP
****** Java Plat orm, Micro Edition ******
* Java-Boom expected (?)
o Desktop: over 90% standard PC architecture, Intel x86 compatible,
typically MS Windows systems
o Do really many people care about plat orm independent applications?
* BUT: Heterogeneous, small devices
o Internet appliances, cellular phones, embedded control, car radios,
...
o Technical necessities (temperature range, orm actor, power
consumption, ) and economic reasons result in di erent hardware
* Java ME (source released as: phone ME / was: J2ME)
o Provides a uni orm plat orm
o Restricted unctionality compared to standard java plat orm (JVM)
****** Applications o Java ME ******
* Example irst cellular phones
o NTT DoCoMo introduced i ppli
o Applications on PDA, mobile phone, ...
o Game download, multimedia applications, encryption, system updates
o Load additional unctionality with a push on a button (and pay or
it)!
* Embedded control
o Household devices, vehicles, surveillance systems, device control
o System update is an important actor
****** Characteristics and architecture ******
* Java Virtual Machine
o Virtual Hardware (Processor)
o KVM (K Virtual Machine)
# Min. 128 kByte, typ. 256 kByte
www.jochenschiller.de
MC - 2008
8.1
Motivation
or Mobile IP
Routing
based on IP destination address, network pre ix (e.g.
129.13.42) determines physical subnet
change o physical subnet implies change o IP address to
have a topological correct address (standard IP) or needs
special entries in the routing tables
Speci ic routes to end-systems?
change o all routing table entries to orward packets to the
right destination
does not scale with the number o mobile hosts and requent
changes in the location, security problems
Changing the IP-address?
adjust the host IP address depending on the current location
almost impossible to ind a mobile system, DNS updates
take to long time
TCP connections break, security problems
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.2
Terminology
Mobile Node (MN)
system (node) that can change the point o connection
to the network without changing its IP address
Home Agent (HA)
system in the home network o the MN, typically a router
registers the location o the MN, tunnels IP datagrams to the COA
Foreign Agent (FA)
system in the current oreign network o the MN, typically a router
orwards the tunneled datagrams to the MN, typically also the
de ault router or the MN
Care-o Address (COA)
address o the current tunnel end-point or the MN (at FA or MN)
actual location o the MN rom an IP point o view
can be chosen, e.g., via DHCP
Correspondent Node (CN)
communication partner
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.4
Example network
HA
MN
router
home network
mobile end-system
Internet
(physical home network
or the MN)
FA
oreign
network
router
(current physical network
or the MN)
CN
end-system
Pro . Dr.-Ing. Jochen H. Schiller
router
www.jochenschiller.de
MC - 2008
8.5
1
CN
sender
Pro . Dr.-Ing. Jochen H. Schiller
oreign
network
www.jochenschiller.de
MC - 2008
8.6
Data trans er
HA
1
home network
MN
sender
Internet
FA
oreign
network
1. Sender sends to the IP address
o the receiver as usual,
FA works as de ault router
CN
receiver
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.7
Overview
COA
home
network
router
FA
router
HA
MN
oreign
network
Internet
CN
router
home
network
router
HA
router
FA
2.
Internet
3.
MN
4.
oreign
network
1.
CN
router
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.8
Network integration
Agent Advertisement
HA and FA periodically send advertisement messages into their
physical subnets
MN listens to these messages and detects, i it is in the home or a
oreign network (standard case or home network)
MN reads a COA rom the FA advertisement messages
Registration (always limited li etime!)
MN signals COA to the HA via the FA, HA acknowledges via FA to
MN
these actions have to be secured by authentication
Advertisement
HA advertises the IP address o the MN (as or ixed systems), i.e.
standard routing in ormation
routers adjust their entries, these are stable or a longer time (HA
responsible or a MN over a longer period o time)
packets to the MN are sent to the HA,
independent o changes in COA/FA
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.9
Agent advertisement
0
7 8
type
#addresses
15 16
23 24
checksum
li etime
31
code
addr. size
router address 1
pre erence level 1
router address 2
pre erence level 2
...
type = 16
type = 16
length
sequence number
length = 6 + 4 * #COAs
R B H F M G r T reserved
registration li etime
R: registration required
COA 1
B: busy, no more registrations
COA 2
H: home agent
F: oreign agent
...
M: minimal encapsulation
G: GRE encapsulation
r: =0, ignored ( ormer Van Jacobson compression)
T: FA supports reverse tunneling
reserved: =0, ignored
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.10
Registration
MN r
FA
egis
requ tration
es
HA
MN re
HA
gist
requ ration
e
t
st
regi
s
requ tration
es t
n
ratio
t
s
i
reg
y
repl
n
ratio
t
s
i
reg
y
repl
stra
regi
y
repl
tion
t
t
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.11
Encapsulation
original IP header
new IP header
outer header
Pro . Dr.-Ing. Jochen H. Schiller
original data
new data
inner header
www.jochenschiller.de
original data
MC - 2008
8.14
Encapsulation I
Encapsulation o one packet into another as payload
e.g. IPv6 in IPv4 (6Bone), Multicast in Unicast (Mbone)
here: e.g. IP-in-IP-encapsulation, minimal encapsulation or GRE (Generic
Record Encapsulation)
IP-in-IP-encapsulation (mandatory, RFC 2003)
tunnel between HA and COA
ver.
IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
IP-in-IP
IP checksum
IP address o HA
Care-o address COA
ver. IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
lay. 4 prot.
IP checksum
IP address o CN
IP address o MN
TCP/UDP/ ... payload
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.15
Encapsulation II
Minimal encapsulation (optional)
avoids repetition o identical ields
e.g. TTL, IHL, version, DS (RFC 2474, old: TOS)
only applicable or non ragmented packets, no space le t or
ragment identi ication
ver.
IHL
DS (TOS)
length
IP identi ication
lags
ragment o set
TTL
min. encap.
IP checksum
IP address o HA
care-o address COA
lay. 4 protoc. S reserved
IP checksum
IP address o MN
original sender IP address (i
TCP/UDP/ ... payload
S=1)
reserved0
ver.
checksum (optional)
www.jochenschiller.de
MC - 2008
protocol
reserved1 (=0)
TCP/UDP/ ... payload
Pro . Dr.-Ing. Jochen H. Schiller
8.17
Change o
CN
oreign agent
HA
Data
Update
FAold
MN
FAnew
Data
Data
ACK
Data
Data
Update
ACK
Data
Data
Warning
MN changes
location
Registration
Data
Request
Update
ACK
Data
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
Data
MC - 2008
t
8.19
packets a special
research and
IP Micro-mobility support
Micro-mobility support:
E icient local handover inside a oreign domain
without involving a home agent
Reduces control tra ic on backbone
Especially needed in case o route optimization
Important criteria:
Security E iciency, Scalability, Transparency, Manageability
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.24
DHCP characteristics
Server
several servers can be con igured or DHCP, coordination not
yet standardized (i.e., manual con iguration)
Renewal o con igurations
IP addresses have to be requested periodically, simpli ied
protocol
Options
available or routers, subnet mask, NTP (network time
protocol) timeserver, SLP (service location protocol)
directory, DNS (domain name system)
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.27
orward
A
Pro . Dr.-Ing. Jochen H. Schiller
B
www.jochenschiller.de
C
MC - 2008
8.28
Examples
routing
stations
unction o
rom
proactive
FSLS Fuzzy Sighted Link State
FSR Fisheye State Routing
OLSR Optimized Link State Routing Protocol (RFC 3626)
TBRPF Topology Broadcast Based on Reverse Path Forwarding
reactive
AODV Ad hoc On demand Distance Vector (RFC 3561)
DSR Dynamic Source Routing (RFC 4728)
DYMO Dynamic MANET On-demand
Two promising
candidates:
OLSRv2 and
DYMO
Hierarchical
Scalability
10 nodes? 100 nodes? 1000 nodes? 10000 nodes?
Integration with ixed networks
Pro . Dr.-Ing. Jochen H. Schiller
www.jochenschiller.de
MC - 2008
8.50