Ece Viii Wireless Communication [10ec81] Notes

February 24, 2018 | Author: Deepak Salian | Category: 4 G, Cellular Network, 3 G, High Speed Packet Access, Gsm
Share Embed Donate


Short Description

Download Ece Viii Wireless Communication [10ec81] Notes...

Description

Wireless Communication Subject Code

10EC81

: 10EC81

IA Marks

No. of Lecture Hrs/Week : 04 Total no. of Lecture Hrs. : 52

Exam Hours Exam Marks

: 25 : 03 : 100

PART - A UNIT – 1 Introduction to wireless telecommunication systems and Networks, History and evolution Different generations of wireless cellular networks 1G, 2g,3G and 4G etworks. 6 Hours UNIT - 2 Common Cellular System components, Common cellular network components, Hardware and software, views of cellular networks, 3G cellular systems components, Cellular component identification Call establishment.

6 Hours UNIT - 3 Wireless network architecture and operation, Cellular concept Cell fundamentals, Capacity expansion techniques, Cellular backbone networks, Mobility management, Radio resources andpowermanagementWirelessnetwork 6 Hours UNIT - 4 GSM and TDMA techniques, GSM system overview, GSM Network and system Architecture,GSMchannelconcepts,GSM 6 Hours PART - B UNIT - 5 GSM system operation, Traffic cases, Cal handoff, Roaming, GSM protocol architecture. TDMA systems 6 Hours Department of ECE,SJBIT

Page 1

Wireless Communication

10EC81

UNIT - 6 CDMA technology, CDMA overview, CDMA channel concept CDMA operations. 8 hours

UNIT - 7 Wireless Modulation techniques and Hardware, Characteristics of air interface, Path loss models, wireless coding techniques, Digital modulation techniques, OFDM, UWB radio techniques, Diversity techniques, Typical GSM Hardware.

6 Hours UNIT - 8 Introduction to wireless LAN 802.11X technologies, Evolution of Wireless LAN Introduction to 802.15X technologies in PAN Application and architecture Bluetooth Introduction to Broadband wireless MAN, 802.16X technologies. 8 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS:

1.

Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002.

2.

Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007.

3.

Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 2

Wireless Communication

10EC81 INDEX SHEET

Sl.No

Unit & Topic of Discussion

Page no.

UNIT --- 1 1

Introduction to wireless telecommunication systems

2

Introduction to wireless telecommunication Networks

3

5

History of different generations of wireless cellular networks Evolution of different generations of wireless cellular networks 1G,2G networks

6

3G and 4G networks

4

5 to 19

UNIT—2 7

Common Cellular System components

8

Common cellular network components

9

Hardware and software

10

Views of cellular networks

11

3G cellular systems components

12

Cellular component identification Call establishment

13

Call release

20 to 30

UNIT – 3 14

Wireless network architecture and operation

15

Cellular concept , Cell fundamentals

16 17

Capacity expansion techniques, Cellular backbone networks Mobility management

18

Radio resources and power management

19

Wireless network security

31 to 42

UNIT --4 20

GSM and TDMA techniques

21

GSM system overview

22

GSM Network

23

system Architecture

Department of ECE,SJBIT

43 to 54

Page 3

Wireless Communication

10EC81

24

GSM channel concepts

25

GSM identifiers UNIT – 5

26

GSM system operation

27

Traffic cases

28

Call handoff

29

Roaming

30

GSM protocol architecture

31

TDMA systems

32

NA TDMA

55 to 67

UNIT--6 33

CDMA technology

34

CDMA overview

35

CDMA channel concept CDMA operations

36

CDMA channel concept CDMA operations

37

CDMA channel concept

38

CDMA channel assignement

68 to 81

UNIT-7 40

Wireless Modulation techniques and Hardware

41

Characteristics of air interface , Path loss models

42

Wireless coding techniques

43 44

Digital modulation techniques, OFDM, UWB radio techniques Diversity techniques

45

Typical GSM Hardware

82 to 94

UNIT-7 46

Introduction to wireless LAN 802.11X technologies

47

Evolution of Wireless LAN

48

Introduction

to

802.15X

technologies

in

PAN

95 to 108

architecture 49

802.16X technologies

Department of ECE,SJBIT

Page 4

Wireless Communication

10EC81

UNIT - 1 Introduction to wireless telecommunication systems and Networks, History and Evolution Different generations of wireless cellular networks 1G, 2g,3G and 4G networks.

6 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS:

1. 2. 3.

Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 5

Wireless Communication

10EC81

UNIT-1

Introduction to wireless telecommunication systems and networks 1.1

Introduction to wireless telecommunication systems and networks Communication is the transfer of information form one point to another. Invention of telephone by Bell in 1876 was the first manually switched wireline network. Radio or wireless was invented during 20th century which had the convenience of mobile operation to electronic communication. Advances in IC technology gave the cordless telephones during late 1970s , and in 1983 the public had the opportunity to subscribe for cellular telephone systems. These wireless systems gave access to public switched telephone network which had mobile access. The wireless and mobile communications was found useful in commerce, education, defense etc., according to the nature of particular application they can be used in home based, industrial, commercial, military environment. For example, in commercial wireless communications can be employed for purchase or selling of goods, services , playing audio and video, payment of telephone bills , airline , bus reservations etc.,

1.2

History and Evolution of Wireless Radio Systems In 1887 , Heinrich Hertz performed laboratory experiments which proved the existence of EM waves . From 1895 to 1901 Marconi experimented with a wireless telegraph system who built several radio telegraph stations in England and started commercial service between England and France in 1899. Early AM wireless systems The early wireless transmitter consists of inductance and capacitance which is used to tune the output frequency of the spark gap. Max power is generated at lower freq and longer wavelength. The transmitter emits the signal either long or short duration depending on length of time telegraph key is closed. The transmitter signal is the EM noise produced by the spark gap discharge.

Department of ECE,SJBIT

Page 6

Wireless Communication

10EC81

Fig 1. Typical early wireless transmitter

The transmitter signal propagates through the air to a receiver which is located at some distance . At the receiver the detected signal is interpreted by the operator as either a dot or dash depending upon its duration by use of Morse code.

Modern AM : Amplitude modulation is used for low frequency radio broadcasting the AM include quadrature amplitude modulation which is used for high speed data transmission at RF frequencies.

1.2 The Development of Modern Telecommunications Infrastructure The early days of telecommunications The public switched telephone network • The local exchange • Intraoffice calls

Department of ECE,SJBIT

Page 7

Wireless Communication

10EC81

Fig: 1.2 A PSTN intraoffice call through a local exchange

– – –

Circuit-switched calls Interoffice calls T-carrier transport

Fig: 1.3 A PSTN intraoffice call over an inter-exchange trunk line

Department of ECE,SJBIT

Page 8

Wireless Communication Signaling System #7 • • • •

10EC81

Signal transfer points Service switching points Service control points Operations support systems

Signalling System No. 7 (SS7) is a set of telephony signaling protocols which are used to set up most of the world's public switched telephone network telephone calls. The main purpose is to set up and tear down telephone calls. Other uses include number translation, local number portability, prepaid billing mechanisms, short message service (SMS), and a variety of other mass market services. It is usually referenced as Signalling System No. 7 or Signalling System #7, or simply abbreviated to SS7. In North America it is often referred to as CCSS7, an abbreviation for Common Channel Signalling System 7. In some European countries, specifically the United Kingdom, it is sometimes called C7 (CCITT number 7) and is also known as number 7 and CCIS7 (Common Channel Interoffice Signaling 7). In Germany it is often called as N7 (Signalisierungssystem Nummer 7). There is only one international SS7 protocol defined by ITU-T in its Q.700-series recommendations.[1] There are however, many national variants of the SS7 protocols. Most national variants are based on two widely deployed national variants as standardized by ANSI and ETSI, which are in turn based on the international protocol defined by ITU-T. Each national variant has its own unique characteristics. Some national variants with rather striking characteristics are the China (PRC) and Japan (TTC) national variants. The Internet Engineering Task Force (IETF) has also defined level 2, 3, and 4 protocols that are compatible with SS7:   

Message Transfer Part (MTP) level 2 (M2UA and M2PA) Message Transfer Part (MTP) level 3 (M3UA) Signalling Connection Control Part (SCCP) (SUA)

The public data network • Connectionless systems • Private data networks • Virtual private data networks • Tunneling protocols

Department of ECE,SJBIT

Page 9

Wireless Communication

10EC81

Fig: 1.4 Network elements of the SS7 system

1.3 Different Generations of wireless cellular networks: 1G Cellular Systems – AMPS system components and layout • Radio base stations • Communications links • Mobile switching office First-generation cellular systems have been around for a few decades now, and we expect them to remain in place for some time because of the significant infrastructure investments made by operators. All of these systems support circuit data services and may be utilized for various forms of mobile VPN, albeit not without difficulties. This section provides a high-level overview of the air interfaces utilized by most widely deployed 1G systems. AMPS

Department of ECE,SJBIT

Page 10

Wireless Communication

10EC81

All 1G cellular systems rely on analog frequency modulation for speech and data transmission and in-band signaling to move control information between terminals and the rest of the network during the call. Advanced Mobile Phone System is a good example of first-generation analog technology mostly used in the United States. AMPS is based on FM radio transmission using the FDMA principle where every user is assigned their own frequency to separate user channels within the assigned spectrum (see Figure 3.2). FDMA is based on narrowband channels, each capable of supporting one phone circuit that is assigned to a particular user for the duration of the call. Frequency assignment is controlled by the system, and transmission is usually continuous in both uplink and downlink directions. The spectrum in such systems is allocated to the user for the duration of the call, whether it is being used to send voice, data, or nothing at all. As with other 1G technologies, in AMPS a circuit—represented by a portion of spectrum— is allocated to the user and must remain available for this user, similar to the telephone copper pair used for voice communications. Similar to the analog wireline connection, a modem is also used for data access (see Chapter 4 for more on this). Error correction protocols used by wireless modems tend to be more robust than their landline counterparts, because of the necessity of dealing with a more challenging physical environment with inherently higher interference and signal-to-noise ratios than copper or fiber. The peak data rate for an AMPS modem call under good conditions is usually up to 14.4 Kbps, and as low as 4.8 Kbps under poor conditions. It can take anywhere up 20 seconds or more to establish an AMPS data connection.

Fig 1.5 An early AMPS cellular system

Information flow over AMPS channels Department of ECE,SJBIT

Page 11

Wireless Communication – – – –

10EC81

Analog color codes Digital color codes Transponder Signaling tones

Fig 1.6 AMPS forward and reverse control and voice channels

– Typical AMPS operations – AMPS security and identification – Summary of basic AMPS operations • Initialization

Fig 1.7 AMPS mobile phone initialization



AMPS ongoing idle mode tasks

Department of ECE,SJBIT

Page 12

Wireless Communication –

10EC81

Mobile-to-land calls • Handshaking operations • Signaling operations • Service requests

Fig 1.8 AMPS mobile originated call

Land-to-mobile and mobile-to-mobile calls • Paging • ID information exchange • Signaling • Control messages

Department of ECE,SJBIT

Page 13

Wireless Communication

10EC81

Fig 1.9 AMPS mobile terminated call

AMPS network operations • Radio base station operations • Base station control operations • Mobile switching center operations

Fig 1.10 AMPS network operations for a mobile originated call

Department of ECE,SJBIT

Page 14

Wireless Communication Handoff operations • • • •

10EC81

Handshaking operations Signal strength measurements MSC operations during handoff Confirmation messages

Fig 1.11 AMPS handoff operation

2G Cellular Systems

Second-generation (2G) digital cellular systems constitute the majority of cellular communication infrastructures deployed today. 2G systems such as GSM, whose rollout started in 1987, signaled a major shift in the way mobile communications is used worldwide. In part they helped fuel the transition of a mobile phone from luxury to necessity and helped to drive subscriber costs down by more efficient utilization of air interface and volume deployment of infrastructure components and handsets. Major geographical regions adopted different 2G systems, namely TDMA and CDMA in North America, GSM in Europe, and Personal Digital Cellular (PDC) in Japan. cellular systems. It effectively shows how the GSM system has been successful and why it is now being adopted in geographical areas other than Europe (such as North America, China, the Asia-Pacific region, and more recently, South America). CDMA, which Department of ECE,SJBIT

Page 15

Wireless Communication

10EC81

originated in North America, has also proliferated in South America and later in the AsiaPacific region. TDMA remains to be widely deployed in North and South America regions, but it is expected to decline mostly because of the decisions taken by few major North American carriers to convert their TDMA networks to GSM. This second-generation system, widely deployed in the United States, Canada, and South America, goes by many names, including North American TDMA, IS-136, and D-AMPS (Digital AMPS). For the sake of clarity, we will refer to it as North American TDMA, as well as simply TDMA, when the context makes it clear. TDMA has been used in North America since 1992 and was the first digital technology to be commercially deployed there. As its name indicates, it is based on Time Division Multiple Access. In TDMA the resources are shared in time, combined with frequency-division multiplexing (that is, when multiple frequencies are used). As a result, TDMA offers multiple digital channels using different time slots on a shared frequency carrier. Each mobile station is assigned both a specific frequency and a time slot during which it can communicate with the base station. The TDMA transmitter is active during the assigned time slot and inactive during other time slots, which allows for power-saving terminal designs, among other advantages. North American TDMA supports three time slots, at 30 kHz each, further divided into three or six channels to maximize air interface utilization. A sequence of time-division multiplexed time slots in TDMA makes up frames, which are 40 ms long. The TDMA traffic channel total bit rate is 48.6 Kbps. Control overhead and number of users per channel, which is greater than one, decrease the effective throughput of a channel available for user traffic to 13 Kbps. TDMA is a dual-band technology, which means it can be deployed in 800-MHz and 1900-MHz frequency bands. In regions where both AMPS and TDMA are deployed, TDMA phones are often designed to operate in dual mode, analog and digital, in order to offer customers the ability to utilize coverage of the existing analog infrastructure.

Global System for Mobile Communications (GSM) There are still some analog cellular systems in operations in Europe, but their number is declining, and some regional networks are being completely shut down or converted to Global System for Mobile Communications. The GSM cellular system initiative was initiated in 1982 by the Conference of European Posts and Telecommunications Administrations (CEPT) and is currently governed by European Telecommunications Standards Institute (ETSI), which in turn has delegated GSM specifications maintenance and evolution to 3GPP (reviewed in part in Chapter 1). The intent behind GSM introduction was to have a common approach to the creation of digital systems across European countries, to allow—among other advantages of a common standard—easy international roaming and better economies of scale by decreasing handset and infrastructure components costs through mass production. In hindsight, this was a smart political decision, which contributed to the worldwide success of European cellular infrastructure providers and equipment manufacturers.

Department of ECE,SJBIT

Page 16

Wireless Communication



10EC81

2.5g Cellular Systems

"2.5G" is an informal term, invented solely for marketing purposes, unlike "2G" or "3G" which are officially defined standards based on those defined by the International Telecommunication (ITU). The term "2.5G" usually describes a 2G cellular system combined with General Packet Radio Services (GPRS), or other services not generally found in 2G or 1G networks.Wireless telecommunication technology like CDMA200 1xRTT, Enhanced Data Rates for GSM Evolution (EDGE) or Enhanced General Packet Radio Service (EGPRS), since they have data transmission rates of 144 kbps or higher, may qualify as 3G technology. However, they are usually classified as 2.5G technology because they have slower network speeds than most 3G services.

GPRS is a service commonly associated with 2.5G technology. It has data transmission rates of 28 kbps or higher. GPRS came after the development of the Global System for Mobile (GSM) service, which is classified as 2G technology, and it was succeeded by the development of the Universal Mobile Telecommunication Service (UMTS), which is classified as 3G technology.A 2.5G system may make use of 2G system infrastructure, but it implements a packet-switched network domain in addition to a circuit-switched domain. This does not necessarily give 2.5G an advantage over 2G in terms of network speed, because bundling of timeslots is also used for circuit-switched data services (HSCSD). The services and infrastructure of a 2.5G network may be used on a per-transaction basis rather than a per-minute-of-use basis, thanks to its packet-switched domain. This makes its infrastructure more efficient and improves the service delivery. This impetus is known as the "always-on" capability.2.5G networks may support services such as WAP, MMS, SMS mobile games, and search and directory.

3G Cellular Systems

Cell phones and systems are classified by the generation they belong to. Third generation (3G) phones were developed in the late 1990s and 2000s. The goal was to improve the data capability and speed. 3G phones were defined by the Third Generation Partnership Project (3GPP) and later standardized by the ITU-T. Generally known as the Universal Mobile Telecomunications System (UMTS), this 3G system is based on wideband CDMA that operates in 5 MHz of bandwidth and can produce download data rates of typically 384 kb/s under normal conditions and up to 2 Mb/s in some instances. Another 3G standard, cdma2000, was developed by Qualcomm. It uses 1.25 MHz bands to produce data rates to 2 Mb/s. Another version of cdma2000 is an improved IS-95 version. It is a 3GPP2 standard. It can transmit data at a rate to 153 kb/s and up to 2 Mb/s in some cases.

Department of ECE,SJBIT

Page 17

Wireless Communication

10EC81

3G phone standards have been expanded and enhanced to further expand data speed and capacity. The WCDMA phones have added high speed packet access (HSPA) that use higher level QAM modulation to get speeds up to 21 or 42 Mb/s downlink (cell site to phone) and up to 7 and/or 14 Mb/s uplink (phone to cell site). AT&T and T-Mobile use HSPA technology. The cdma2000 phones added 1xRTT as well as Rev. A and Rev B modifications that boost speed as well. Verizon and Sprint use cdma2000 3G standard technology. Virtually all standard and smartphone models and most tablets still use some form of 3G.

Fig 1.12 3G operating environments

Department of ECE,SJBIT

Page 18

Wireless Communication

10EC81

Table 1.1 3G characteristics by cell size and mobile speed



4G Cellular Systems and Beyond

The fourth generation has been defined but we are not in it, yet. Yes, many if not most of the mobile carriers and the various phone and equipment manufacturers actually advertise 4G now. The formal definition of 4G as declared by the 3GPP and the ITU-T is something called Long Term Evolution-Advanced (LTE-A). The standard has not been fully completed but basically it is an improved and enhanced version of LTE that uses wider bandwidth channels and a greater number of MIMO antennas. The theoretical upper data rate is 1 Gb/s. That remains to be seen in practice. As for what the various companies are calling 4G, Verizon says that their LTE network is 4G. AT&T promotes their LTE and HSPA networks as 4G. T-Mobile indicates that their HSPA+ networks are 4G. Furthermore Sprint and Clearwire say that their WiMAX network is 4G. As mentioned, WiMAX is actually defined as a 3G technology by ITU-T like LTE.

Department of ECE,SJBIT

Page 19

Wireless Communication

10EC81

UNIT - 2 Common Cellular System components, Common cellular network components, Hardware and software, views of cellular networks, 3G cellular systems components, Cellular component identification Call establishment.

6 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS:

1. 2. 3.

Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 20

Wireless Communication

10EC81

UNIT-2 COMMON CELLULAR SYSTEM COMPONENTS It is very much essential to implement increased system functionality to meet the demands of the increasing number of subscribers with the more sophisticated wireless cellular network. To achieve this the various hardware network elements used to create the wireless cellular network plays an important role. The network element scan be divided into three basic groups 1.The mobile or subscriber device (providers the user link to the wireless network. 2.Base station ( provides wireless system links to the subscriber over air interface) 3.Network switching system (provides interface to the PSTN and PDN ) 2.1 COMMON CELLULAR NETWORK COMPONENTS

Fig 2.1 Typical wireless cellular system components

During 1G wireless cellular system , it consists of several subsystems to perform certain operations in support of the entire system. For 2G and 2.5G cellular networks , the air interface functions are performed by fixed Radio Base Station and Mobile Station or Subscriber device that provide user mobility. The radio base station is controlled by a base station controller which is referred as base station system. The base station system is connected to a fixed switching system that handles the routing of both voice calls and data services to and from the mobile switching centre and various databases and functional nodes to support the mobility management and security operations of the system. The switching system is usually connected to the PSTN , the PDN , other public land mobile networks(PLMN ) and various data messaging networks through gate way switches. Department of ECE,SJBIT

Page 21

Wireless Communication

10EC81

The various network elements that make up the wireless system are interconnected by communication links that transport system messages between network elements to facilitate network operations and deliver the actual voice call or data services information. SUBSCRIBER DEVICES: The subscriber device is the link between the customer and the wireless network. The SD must be able to provide a means for the subscriber to control and input information to the phone and display its operation status.

Fig 2.2 subscriber device

The subscriber device must be able to sample , digitize and process audio and other multimedia signals, transmit and receive RF signals, process system control messages and provide the power needed to operate the complex electronics subsystems . A SD consists of man machine interface, an RF transceiver section a signal processing section , a system control processor and a power supply/ management section. BASE STATION SYSTEM COMPONENTS: The Base station system handles all radio interface related functions for the wireless network .The BSS consists of several to many radio base stations , a base station contr5oller , Transcoder controller .The radio equipment required to serve one cell is typically called a base transceiver system. A single radio base station might contain three base transceiver systems which is used to serve a cell site that consists of three 120 degree sectors or cells.

Department of ECE,SJBIT

Page 22

Wireless Communication

10EC81

Fig 2.3

components of base station system

Typical CDMA wireless system The base station controller functions as the interface between mobile switching centre and packet core network and all the radio base stations controlled by BSC. The BSC system provides timing signals and connectivity to every subsystem within it and computer interfaces to the entire system. The BSC will supply signaling towards the MSC using message transfer part protocol to transfer the message over a PCM link connected to SS7 signaling terminals located within MSC and the BSC. The TRC consists of subsystems that perform transcoding and rate adaptation which can be either stand alone or combined. REGISTERS IN WIRELESS SYSTEMS: VISITOR LOCATION REGISTER:

It is a database that temporarily stores information about any mobile station that attaches to a RBS in the area services by a particular MSC. This temporary subscriber information is required by the MSC to provide service to a visiting subscriber . HOME LOCATION REGISTER:

It is a data base that stores information about every user that has a cellular service contract with specific wireless service provider . This database stores permanent data about the networks subscribers, information about the subscribers present location. The HLR also plays a major role in the process of handling calls terminating at the MS. The HLR analyzes the information about the incoming call and controls the routing of the call. AUC Interconnection: The AUC provides authentication and encryption information for the MS being used in the cellular network. Upon a request from a VLR the HLR will be delivered a triplet for a particular mobile subscriber .the HLR receives the triplet information in response to a Department of ECE,SJBIT

Page 23

Wireless Communication

10EC81

request to the AUC for verification of a subscriber. The HLR forwards the random number and returns it to the MSC/VLR and from there to the HLR .The AUC contains a processor, a database for the storage of key information for each subscriber maintenance functions for subscriber and an interface fro communication with HLR. EQUIPMENT IDENTITY REGISTER: Then EIR database is used to validate then status of mobile equipment . This global database is updated daily to reflect the current status of an MS. The MS can be black listed indicating that it has been reported stolen or missing and does not approve for network operation. INTERWORKING UNITS: IWUs are required to provide an interface to various data networks. These nodes are used to connect the base station controller and hence the radio base stations to various data services networks. GATEWAYS and its types 1. Gateway MSC: (GMSC)gateway MSC is an MSC that interfaces the wireless mobile network to other telecommunication networks. A cellular network will have numerous MSCs to facilitate coverage of large area but all switching centers need to be connected to other wireline network .to support its function as gateway the GMSC will have ability to reroute a call to an MS using the information provided by the HLR of a subscriber. 2. Billing gateway : (BGW) this collects billing information from various wireless network elements which becomes a file use by customer administrative system to generate billing information for the system subscribers like monthly access fees, home usage , roaming , data and special services etc., 3. Service order Gateway :(SOG) It is used to connect a customer administrative system to the switching system. This system is used to input new subscriber data to the HLR or to update current subscriber data already contained in the HLR. The SOG allows access to the AUC and EIR for equipment administration. When a customer signs a service contract with cellular service provider the information about the contract is entered into the customer administrative system.

2.2 HARDWARE AND SOFTWARE VIEWS OF CELLULAR NETWORK: – Hardware view of a cellular network •

Serving areas



Cells MSC boundaries

Department of ECE,SJBIT

Page 24

Wireless Communication

10EC81

Fig 2.4



Hardware view of cellular network

Software view of a cellular network •

Location area identity



Cell global identity



Mobile country code and network code

Fig 2.5

Software view of Cellular system

2.3 3G Cellular System Components –

Core network



Radio access network

Department of ECE,SJBIT

Page 25

Wireless Communication

10EC81



Radio network controller



Radio base station

Fig 2.6

The 3G radio network controller

2.4 Cellular Component Identification –

Subscriber device identification •

Mobile station ISDN identification number –

North American version



The rest of the world

Department of ECE,SJBIT

Page 26

Wireless Communication

10EC81

Fig 2.6



Formation of MSISDN number

Cellular Component Identification –

International mobile subscriber identity



International mobile equipment identity

Fig 2.7 Formation of IMSI number

Fig 2.8 Formation of IMEI number

Cellular system component addressing • Location area identity •

Cell global identity



Radio base station identity code

Department of ECE,SJBIT

Page 27

Wireless Communication

10EC81



Location numbering



Addressing cellular network switching nodes



Global title and global title translation

• 2.5 Call Establishment – Mobile-terminated call •

PSTN messages



GMSC operations



MSC/VLR operations



BSC operations

Fig 2.9 Mobile terminated call operations

Mobile-originated call • Mobile operations •

Radio base station operations



Base station controller operations



MSC operations

Department of ECE,SJBIT

Page 28

Wireless Communication

10EC81

Fig 2.10 Mobile originated call operations

– Call release •

Connection management operations



Radio resource operations

Department of ECE,SJBIT

Page 29

Wireless Communication

10EC81

Fig 2.11 Call release

The above figure shows the operation during release of a mobile call through MSC . the steps involved as shown in detail which is self explanatory.

Department of ECE,SJBIT

Page 30

Wireless Communication

10EC81

UNIT - 3 Wireless network architecture and operation, Cellular concept Cell fundamentals, Capacity expansion techniques, Cellular backbone networks, Mobility management, Radio resources and power management Wireless network security

6 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS:

1. 2. 3.

Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 31

Wireless Communication

10EC81

UNIT-3 WIRELESS NETWORK ARCHITECTURE AND OPERATION 3.1 The Cellular Concept Solves the problem of spectral congestion and user capacity,Offer very high capacity in a limited spectrum without major technological changes,Reuse of radio channel in different cells.Enable a fix number of channels to serve an arbitrarily large number of users by reusing the channel throughout the coverage region.Simplex and duplex

Each cellular base station is allocated a group of radio channels within a small geographic area called a cell.Neighboring cells are assigned different channel groups. By limiting the coverage area to within the boundary of the cell, the channel groups may be reused to cover different cells.Keep interference levels within tolerable limits. Frequency reuse or frequency planning seven groups of channel from A to G.footprint of a cell - actual radio coverage ,omni-directional antenna v.s. directional antenna

Steps for frequency reuse: Consider a cellular system which has a total of S duplex channels. • Each cell is allocated a group of k channels, . • The S channels are divided among N cells. • The total number of available radio channels • •

The N cells which use the complete set of channels is called cluster. The cluster can be repeated M times within the system. The total number of channels, C, is used as a measure of capacity

• • • • •

The capacity is directly proportional to the number of replication M. The cluster size, N, is typically equal to 4, 7, or 12. Small N is desirable to maximize capacity. The frequency reuse factor is given by Hexagonal geometry has – exactly six equidistance neighbors – the lines joining the centers of any cell and each of its neighbors are separated by multiples of 60 degrees. Only certain cluster sizes and cell layout are possible. The number of cells per cluster, N, can only have values which satisfy Co-channel neighbors of a particular cell, ex, i=3 and j=2.

• • • •

The Cellular Concept – Cellular hierarchy

Department of ECE,SJBIT

Page 32

Wireless Communication • • • •

10EC81

Picocells Microcells Macrocells Megacells and femtocells

Fig 3.1 Cellular concept 3.2 Cell Fundamentals – The use of hexagons – Reuse number • Cellular reuse patterns

Fig 3.2 Frequency reuse concept •

Frequency reuse scheme – increases capacity

Department of ECE,SJBIT

Page 33

Wireless Communication

• •





10EC81

– minimize interference Channel assignment strategy – fixed channel assignment – dynamic channel assignment Fixed channel assignment – each cell is allocated a predetermined set of voice channel – any new call attempt can only be served by the unused channels – the call will be blocked if all channels in that cell are occupied Dynamic channel assignment – channels are not allocated to cells permanently. – allocate channels based on request. – reduce the likelihood of blocking, increase capacity. Cell Fundamentals – Reuse number • Frequency reuse distance – The reuse distance can be calculated by using the equation:

Fig 3.3 Frequency Reuse number •

Cell Fundamentals – Cellular interference issues • Signal-to-interference ratio • Channel assignments

Fig 3.4 Cellular calculations

3.3 Capacity Expansion Techniques Cell splitting Department of ECE,SJBIT

Page 34

Wireless Communication

• •

10EC81

Split congested cell into smaller cells. – Preserve frequency reuse plan. – Reduce transmission power. Transmission power reduction from to Examining the receiving power at the new and old cell boundary



If we take n = 4 and set the received power equal to each other



The transmit power must be reduced by 12 dB in order to fill in the original coverage area. Problem: if only part of the cells are splited – Different cell sizes will exist simultaneously Handoff issues - high speed and low speed traffic can be simultaneously accommodated

• •

Fig 3.5 cell splitting •

Capacity Expansion Techniques – Cell sectoring • Sectoring concept



Decrease the co-channel interference and keep the cell radius R unchanged – Replacing single omni-directional antenna by several directional antennas – Radiating within a specified sector

Department of ECE,SJBIT

Page 35

Wireless Communication

10EC81

Fig 3.6 Cell sectoring •

Capacity Expansion Techniques – Overlaid cells • Overlay concept

Fig 3.7 Cell overlaid •

Capacity Expansion Techniques – Channel allocation – Other capacity expansion schemes • Lee’s microcell technology • Smart antenna technology • Migration to digital technology • 3.4 Cellular Backhaul Networks – Introduction – Standards for PSTN carriers

Department of ECE,SJBIT

Page 36

Wireless Communication

10EC81

Fig 3.8

cellular backhaul network

Fig 3.9

cellular backhaul network

3.5 Mobility Management – Location management • Need • Frequency • Location updating

Department of ECE,SJBIT

Page 37

Wireless Communication

10EC81

Fig 3.10 Location management in cellular network •



• • •

Mobility Management – Paging messages – Different paging schemes – Transmission of the location information between network elements Mobility Management – Handoff management • Handoff control • Handoff operation • Handoff algorithm When a mobile moves into a different cell while a conversation is in progress, the MSC automatically transfers the call to a new channel belonging to the new base station. Handoff operation – identifying a new base station – re-allocating the voice and control channels with the new base station. Handoff Threshold – Minimum usable signal for acceptable voice quality (-90dBm to -100dBm) – Handoff margin cannot be too large or too small. – If it is too large, unnecessary handoffs burden the MSC – If it is too small, there may be insufficient time to complete handoff before a call is lost.

Department of ECE,SJBIT

Page 38

Wireless Communication

10EC81

Fig 3.10 Mobility management in cellular network •

Handoff must ensure that the drop in the measured signal is not due to momentary fading and that the mobile is actually moving away from the serving base station.



Running average measurement of signal strength should be optimized so that unnecessary handoffs are avoided. – Depends on the speed at which the vehicle is moving. – Steep short term average -> the hand off should be made quickly – The speed can be estimated from the statistics of the received short-term fading signal at the base station



Dwell time: the time over which a call may be maintained within a cell without handoff.



Dwell time depends on – propagation – interference – distance – speed

Department of ECE,SJBIT

Page 39

Wireless Communication •

10EC81



Handoff measurement – In first generation analog cellular systems, signal strength measurements are made by the base station and supervised by the MSC. – In second generation systems (TDMA), handoff decisions are mobile assisted, called mobile assisted handoff (MAHO) Intersystem handoff: If a mobile moves from one cellular system to a different cellular system controlled by a different MSC. Handoff requests is much important than handling a new call.



Different type of users



High speed users need frequent handoff during a call. Low speed users may never need a handoff during a call. • • • •

Microcells to provide capacity, the MSC can become burdened if high speed users are constantly being passed between very small cells. Minimize handoff intervention – handle the simultaneous traffic of high speed and low speed users. Large and small cells can be located at a single location (umbrella cell) – different antenna height – different power level Cell dragging problem: pedestrian users provide a very strong signal to the base station – The user may travel deep within a neighboring cell

Handoff for first generation analog cellular systems ,10 secs handoff time, is in the order of 6 dB to 12 dB,Handoff for second generation cellular systems, e.g., GSM 1 to 2 seconds handoff time, mobile assists handoff , is in the order of 0 dB to 6 dB Handoff decisions based on signal strength, co-channel interference, and adjacent channel interference. IS-95 CDMA spread spectrum cellular system ,Mobiles share the channel in every cell.No physical change of channel during handoff ,MSC decides the base station with the best receiving signal as the service station Handoff within a cell, No channel reassignment, Switch the channel to a different zone site, Reduce interference, Low power transmitters are employed •

Frequency reuse - there are several cells that use the same set of frequencies – co-channel cells – co-channel interference



To reduce co-channel interference, co-channel cell must be separated by a minimum distance.



When the size of the cell is approximately the same

Department of ECE,SJBIT

Page 40

Wireless Communication

10EC81

– –



co-channel interference is independent of the transmitted power co-channel interference is a function of • R: Radius of the cell • D: distance to the center of the nearest co-channel cell • Increasing the ratio Q=D/R, the interference is reduced.



Q is called the co-channel reuse ratio

Fig 3.11 Handoff management

Department of ECE,SJBIT

Page 41

Wireless Communication

10EC81

Fig 3.12 analysis of handoff operation

3.6 Radio Resources and Power Management – –



Power control Power saving schemes • Discontinuous transmission • Sleep modes • Energy efficient designs Radio resource management • Need • Schemes

3.7 Wireless Network Security – – –

Wireless network security requirements Network security requirements Network security

Department of ECE,SJBIT

Page 42

Wireless Communication

10EC81

UNIT - 4 GSM and TDMA techniques, GSM system overview, GSM Network and system Architecture, GSM channel concepts, GSM identifiers

6 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS: 1. Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. 2. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. 3. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 43

Wireless Communication

10EC81

Unit-4 GSM AND TDMA TECHNOLOGIES 4.1 Introduction to GSM and TDMA Global System for Mobile Communications (GSM) services are a standard collection of applications and features available to mobile phone subscribers all over the world. The GSM standards are defined by the 3GPP collaboration and implemented in hardware and software by equipment manufacturers and mobile phone operators. The common standard makes it possible to use the same phones with different companies' services, or even roam into different countries. GSM is the world's most dominant mobile phone standard. The design of the service is moderately complex because it must be able to locate a moving phone anywhere in the world, and accommodate the relatively small battery capacity, limited input/output capabilities, and weak radio transmitters on mobile devices. In order to gain access to GSM services, a user needs three things: 

 

A billing relationship with a mobile phone operator. This is usually either where services are paid for in advance of them being consumed (prepaid), or where bills are issued and settled after the service has been consumed (postpaid). A mobile phone that is GSM compliant and operates at the same frequency as the operator. Most phone companies sell phones from third-party manufacturers. A Subscriber Identity Module (SIM) card, which is activated by the operator once the billing relationship is established. After activation the card is then programmed with the subscriber's Mobile Subscriber Integrated Services Digital Network Number (MSISDN) (the telephone number). Personal information such as contact numbers of friends and family can also be stored on the SIM by the subscriber.

After subscribers sign up, information about their identity (telephone number) and what services they are allowed to access are stored in a "SIM record" in the Home Location Register (HLR). Once the SIM card is loaded into the phone and the phone is powered on, it will search for the nearest mobile phone mast (also called a Base Transceiver Station/BTS) with the strongest signal in the operator's frequency band. If a mast can be successfully contacted, then there is said to be coverage in the area. The phone then identifies itself to the network through the control channel. Once this is successfully completed, the phone is said to be attached to the network. The key feature of a mobile phone is the ability to receive and make calls in any area where coverage is available. This is generally called roaming from a customer perspective, but also called visiting when describing the underlying technical process. Each geographic area has a database called the Visitor Location Register (VLR), which contains details of all the mobiles currently in that area. Whenever a phone attaches, or visits, a new area, the Visitor Location Register must contact the Home Location Register to obtain the details for that phone. The current cellular location of the phone (i.e., which BTS it is at) is entered into

Department of ECE,SJBIT

Page 44

Wireless Communication

10EC81

the VLR record and will be used during a process called paging when the GSM network wishes to locate the mobile phone. Every SIM card contains a secret key, called the Ki, which is used to provide authentication and encryption services. This is useful to prevent theft of service, and also to prevent "over the air" snooping of a user's activity. The network does this by utilising the Authentication Center and is accomplished without transmitting the key directly. Every GSM phone contains a unique identifier (different from the phone number), called the International Mobile Equipment Identity (IMEI). This can be found by dialing *#06#. When a phone contacts the network, its IMEI may be checked against the Equipment Identity Register to locate stolen phones and facilitate monitoring.

TDMA It can be easily adapted to the transmission of data and voice communication. TDMA offers the ability to carry data rates of 64 kbps to 120 Mbps (expandable in multiples of 64 kbps). This enables operators to offer personal communication-like services including fax, voiceband data, and short message services (SMSs) as well as bandwidth-intensive applications such as multimedia and videoconferencing. It will not experience interference from other simultaneous transmissions Unlike spread-spectrum techniques which can suffer from interference among the users all of whom are on the same frequency band and transmitting at the same time, TDMA’s technology, which separates users in time, ensures that they will not TDMA is the only technology that offers an efficient utilization of hierarchical cell structures (HCSs) offering pico, micro, and macrocells. HCSs allow coverage for the system to be tailored to support specific traffic and service Department of ECE,SJBIT

Page 45

Wireless Communication

10EC81

needs. By using this approach, system capacities of more than 40-times AMPS can be achieved in a cost-efficient way. TDMA allows service compatibility with the use of dual-mode handsets because of its inherent compatibility with FDMA analog systems.

4.2 GSM Network and System Architecture Mobile station • Subscriber identity module Base station system – Network switching system





SMS gateway



Flexible numbering register

Operation and support system and other nodes •

Administrative and control system

Fig 4.1 components of GSM network GSM network interfaces and protocols • GSM interfaces –

Abis interface



A interface

Department of ECE,SJBIT

Page 46

Wireless Communication

10EC81 –

Um interface



Layered structure/OSI model

Fig 4.2 interfaces in GSM

GSM network interfaces and protocols • GSM protocols and signaling model –

Um interface



Abis interface



A interface



Ater interface

The network structure is defined within the GSM standards. Additionally each interface between the different elements of the GSM network is also defined. This facilitates the information interchanges can take place. It also enables to a large degree that network elements from different manufacturers can be used. However as many of these interfaces were not fully defined until after many networks had been deployed, the level of standardisation may not be quite as high as many people might like.

1. Um interface The "air" or radio interface standard that is used for exchanges between a mobile (ME) and a base station (BTS / BSC). For signalling, a modified version of the ISDN LAPD, known as LAPDm is used. 2. Abis interface This is a BSS internal interface linking the BSC and a BTS, and it has not been totally standardised. The Abis interface allows control of the radio equipment and radio frequency allocation in the BTS. 3. A interface The A interface is used to provide communication between the BSS and the MSC. The interface carries information to enable the channels, timeslots and the like to be allocated to the mobile equipments being serviced by the BSSs. Department of ECE,SJBIT

Page 47

Wireless Communication

10EC81

The messaging required within the network to enable handover etc to be undertaken is carried over the interface. 4. B interface The B interface exists between the MSC and the VLR . It uses a protocol known as the MAP/B protocol. As most VLRs are collocated with an MSC, this makes the interface purely an "internal" interface. The interface is used whenever the MSC needs access to data regarding a MS located in its area. 5. C interface The C interface is located between the HLR and a GMSC or a SMS-G. When a call originates from outside the network, i.e. from the PSTN or another mobile network it ahs to pass through the gateway so that routing information required to complete the call may be gained. The protocol used for communication is MAP/C, the letter "C" indicating that the protocol is used for the "C" interface. In addition to this, the MSC may optionally forward billing information to the HLR after the call is completed and cleared down. 6. D interface The D interface is situated between the VLR and HLR. It uses the MAP/D protocol to exchange the data related to the location of the ME and to the management of the subscriber. 7. E interface The E interface provides communication between two MSCs. The E interface exchanges data related to handover between the anchor and relay MSCs using the MAP/E protocol. 8. F interface The F interface is used between an MSC and EIR. It uses the MAP/F protocol. The communications along this interface are used to confirm the status of the IMEI of the ME gaining access to the network. 9. G interface The G interface interconnects two VLRs of different MSCs and uses the MAP/G protocol to transfer subscriber information, during e.g. a location update procedure. 10. H interface The H interface exists between the MSC the SMS-G. It transfers short messages and uses the MAP/H protocol. 11. I interface The I interface can be found between the MSC and the ME. Messages exchanged over the I interface are relayed transparently through the BSS. Although the interfaces for the GSM cellular system may not be as rigorously defined as many might like, they do at least provide a large element of the definition required, enabling the functionality of GSM network entities to be defined sufficiently.

Department of ECE,SJBIT

Page 48

Wireless Communication

10EC81

Fig 4.3 GSM network interfaces and protocols

4.3 GSM Channel Concept –

Time division multiple access



Frames Multiframes

A single GSM RF carrier can support up to eight MS subscribers simultaneously. Each channel occupies the carrier for one eighth of the time. This is a technique called Time Division Multiple Access. Time is divided into discrete periods called “timeslots―. The timeslots are arranged in sequence and are conventionally numbered 0 to 7. Each repetition of this sequence is called a “TDMA frame―. Each MS telephone call occupies one timeslot (0–7) within the frame until the call is terminated, or a handover occurs. The TDMA frames are then built into further frame structures according to the type of channel. We shall later examine how the information carried by the air interface builds into frames and multi-frames and discuss the associated timing. For such a system to work correctly, the timing of the transmissions to and from the mobiles is critical. The MS or Base Station must transmit the information related to one call at exactly the right moment, or the timeslot will be missed. The information carried in one timeslot is called a “burst―. Each data burst, occupying its allocated timeslot within successive TDMA frames, provides a single GSM physical channel carrying a varying number of logical channels between the MS and BTS.

Department of ECE,SJBIT

Page 49

Wireless Communication

10EC81

Fig 4.4 TDMA time frame structure GSM Channel Concept – Logical channels •







Broadcast control channel



Frequency correction channel

Synchronization channel Logical channels •



Broadcast channels

Common control channels –

Paging channel



Random access channel



Access grant channel

Dedicated control channels •

Stand-alone dedicated control channel



Slow associated control channel



Fast associated control channel



Cell broadcast channel

Speech processing •

Operations Bit rate

GSM speech processing

Department of ECE,SJBIT

Page 50

Wireless Communication

10EC81

Fig 4.5 GSM processing of speech Timeslots and TDMA frames • TDMA frames –

TDMA multiframes Hyperframes



Superframes



Multiframes





26 frame



51 frame

Timeslot bursts •

Normal burst



Frequency correction burst



Synchronization burst



Access burst Dummy burst

Department of ECE,SJBIT

Page 51

Wireless Communication

10EC81

Fig 4.6 TDMA Hyperframe structure A hyperframe is a multiframe sequence that is composed of 2048 superframes and is largest time interval in the GSM system (3 hours, 28 minutes, 53 seconds). Every time slot during a hyperframe has a sequential number (represented by an 11 bit counter) that is composed of a frame number and a time slot number. This counter allows the hyperframe to synchronize frequency hopping sequence, encryption processes for voice privacy of subscribers' conversations. The hyperframe in an IS-136 TDMA system consists of 192 frames. The basic GSM frame defines the structure upon which all the timing and structure of the GSM messaging and signalling is based. The fundamental unit of time is called a burst period and it lasts for approximately 0.577 ms (15/26 ms). Eight of these burst periods are grouped into what is known as a TDMA frame. This lasts for approximately 4.615 ms (i.e.120/26 ms) and it forms the basic unit for the definition of logical channels. One physical channel is one burst period allocated in each TDMA frame. In simplified terms the base station transmits two types of channel, namely traffic and control. Accordingly the channel structure is organised into two different types of frame, one for the traffic on the main traffic carrier frequency, and the other for the control on the beacon frequency.

GSM multiframe Department of ECE,SJBIT

Page 52

Wireless Communication

10EC81

The GSM frames are grouped together to form multiframes and in this way it is possible to establish a time schedule for their operation and the network can be synchronised. There are several GSM multiframe structures: 



Traffic multiframe: The Traffic Channel frames are organised into multiframes consisting of 26 bursts and taking 120 ms. In a traffic multiframe, 24 bursts are used for traffic. These are numbered 0 to 11 and 13 to 24. One of the remaining bursts is then used to accommodate the SACCH, the remaining frame remaining free. The actual position used alternates between position 12 and 25. Control multiframe: the Control Channel multiframe that comprises 51 bursts and occupies 235.4 ms. This always occurs on the beacon frequency in time slot zero and it may also occur within slots 2, 4 and 6 of the beacon frequency as well. This multiframe is subdivided into logical channels which are time-scheduled.

GSM Superframe Multiframes are then constructed into superframes taking 6.12 seconds. These consist of 51 traffic multiframes or 26 control multiframes. As the traffic multiframes are 26 bursts long and the control multiframes are 51 bursts long, the different number of traffic and control multiframes within the superframe, brings them back into line again taking exactly the same interval.

GSM Hyperframe Above this 2048 superframes (i.e. 2 to the power 11) are grouped to form one hyperframe which repeats every 3 hours 28 minutes 53.76 seconds. It is the largest time interval within the GSM frame structure. Within the GSM hyperframe there is a counter and every time slot has a unique sequential number comprising the frame number and time slot number. This is used to maintain synchronisation of the different scheduled operations with the GSM frame structure. These include functions such as: 



Frequency hopping: Frequency hopping is a feature that is optional within the GSM system. It can help reduce interference and fading issues, but for it to work, the transmitter and receiver must be synchronised so they hop to the same frequencies at the same time. Encryption: The encryption process is synchronised over the GSM hyperframe period where a counter is used and the encryption process will repeat with each hyperframe. However, it is unlikely that the cellphone conversation will be over 3 hours and accordingly it is unlikely that security will be compromised as a result.

Department of ECE,SJBIT

Page 53

Wireless Communication

10EC81

UNIT - 5 GSM system operation, Traffic cases, Cal handoff, Roaming, GSM protocol architecture. TDMA systems

6 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS: 1. Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. 2. 3. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 54

Wireless Communication

10EC81

UNIT-5 GSM SYSTEM OPERATIONS GSM Identities

5.1

To switch a call to a mobile subscriber, the right identities need to be involved. It is therefore important to address them correctly. Followings are those identities; Mobile Station ISDN Number (MSISDN) The MSISDN is a number, which uniquely identifies a mobile telephone subscription in the public switched telephone network numbering plan. These are the digits dialed when calling a mobile subscriber. The MSISDN is consisted with followings;   

Country Code (CC) National Destination Code (NDC) Subscriber Number (SN) MSISDN = CC + NDC + SN

International Mobile Subscriber Identity (IMSI) The IMSI is a unique identity allocated to each subscriber to allow correct identification over the radio path and through the network and is used for all signaling in the PLMN. All network-related subscriber information is connected to the IMSI. The IMSI is stored in the SIM, as well as in the HLR and in the serving VLR. The IMSI is consisted with followings;   

Mobile Country Code (MCC) Mobile Network Code (MNC) Mobile Subscriber Identification Number (MSIN ) IMSI = MCC + MNC + MSIN

Temporary Mobile Subscriber Identity (TMSI) The TMSI is a temporary number used instead of IMSI to identify an MS. The TMSI is used for the subscriber’s confidentiality on the air interface. The TMSI has only local significance (that is, within the MSC/VLR area) and is changed at certain events or time intervals.

Department of ECE,SJBIT

Page 55

Wireless Communication

10EC81

International Mobile Equipment Identity (IMEI) The IMEI is used for equipment identification and uniquely identifies a MS as a piece or assembly of equipment. The IMEI is consisted with followings;    

Type Approval Code (TAC), determined by a central GSM body Final Assembly Code (FAC), identifies the manufacture Serial Number (SNR), uniquely identifies all equipment within each TAC & FAC Spare, a spare bit for future use. IMEI = TAC + FAC + SNR + Spare

Mobile Station Roaming Number (MSRN) A MSRN is used during the call setup phase for mobile terminating calls. Each mobile terminating call enters the GMSC in the PLMN. The call is then re-routed by the GMSC, to the MSC where the called mobile subscriber is located. For this purpose MSRN is allocated by the MSC and provided to the GMSC. The MSRN is consisted with followings;   

Country Code (CC) National Destination Code (NDC) Subscriber Number (SN) MSRN = CC + NDC + SN

Location Area Identity (LAI) The LAI is used for paging, to indicate to the MSC in which Location Area (LA) the MS is currently situated and also for location updating of mobile subscribers. The LAI is consisted with followings;   

Mobile Country Code (MCC) Mobile Network Code (MNC) Location Area Code (LAC) LAI = MCC + MNC + LAC

Department of ECE,SJBIT

Page 56

Wireless Communication

10EC81

Cell Global Identity (CGI) Each cell is identified by cell identity (CI). A CI is unique within a location area (LA). CGI is consisted with following;    

Mobile Country Code (MCC) Mobile Network Code (MNC) Location Area Code (LAC) Cell Identity (CI) CGI = MCC + MNC + LAC + CI

Base Station Identification Code (BSIC) In GSM, the mobile station uses BSIC to distinguish between neighboring base station. The BSIC is consisted with  

Network Colour Code (NCC) Base Transceiver Colour Code (BCC).

5.2 GSM System Operations (Traffic Cases) Registration, call setup, and location updating • Call setup





Interrogation phase



Radio resource connection establishment



Service request



Authentication

GSM System Operations (Traffic Cases) –

Call setup •

Ciphering mode setting



IMEI check



TMSI reallocation



Call initiation procedure

Department of ECE,SJBIT

Page 57

Wireless Communication



10EC81



Assignment of a traffic channel



Call confirmation, call accepted, and call release

GSM System Operations (Traffic Cases) –

Other aspects of call establishment •

Location updating –

Normal location updating (idle mode)



IMSI detach/attach location updating



Periodic location updating

Fig 5.1 GSM channel assignment

Department of ECE,SJBIT

Page 58

Wireless Communication

10EC81

Fig 5.2 GSM channel establishment GSM System Operations (Traffic Cases) Call handoff • Intra-BSC handover The process that occurs during the handover intra BSC as follows: A). During the call, MS will measure the strength and quality of the signal on the TCH and the signal strength from the neighboring cell. MS to evaluate and assess the average for each cell. MS send the results to the BTS measurements every two times in one second cell not only on their own but also the results of measurements from the BTS neighboring cell. B). The BTS will send the results of measurements on the TCH to the BSC. In the BSC, the function is activated when the placement is required to handover to another cell. C). When the handover is done, BSC will check whether the channel had requested be met by another cell, if not the BSC will be the new BTS to enable TCH. D). BSC will ask the BTS for a long time to send a message to MS with information about the frequency, time slot, and the output power for the change. E). MS choose a new frequency handover and access to the appropriate time slot. F). When the BTS to detect the handover, the BTS will send the information contains the physical "timing advance" (the distance between MS to the BTS) to Department of ECE,SJBIT

Page 59

Wireless Communication

10EC81

MS. BTS also inform the BSC to send a "message HO detection" so that point on the new GS is connected. G). MS send a "HO complete message." H). Last time the BTS ordered not to activate the old TCH.

Fig 5.3 Intra BSC handover

Inter-BSC handover In this case BSC1, (old BSC) does not control the better cell which is the target for the handover. This means that the MSC will be part of the link procedure between BSC1 and BSC2 (new BSC). Handover request - BSC1 will use the MSC to send a handover request to BSC2. The MSC will know which BSC controls that cell. Activation of new channel - BSC2 will allocate a TCH in the targetcell and then order the BTS to activate it. The chosen HO ref. no. will be part of the activation message. The BTS will acknowledge that the activation has been made. Handover command - After the activation the new BSC commands the MS to change to the new channel. The message is sent on FACCH via the old channel and will contain a full description of the new channel and the HO ref. no.

Department of ECE,SJBIT

Page 60

Wireless Communication

10EC81

3. Handover bursts - When the MS has changed to the new channel, it will send handover bursts on the new channel. The information content is the HO ref. no. The bursts are as short as the access bursts. This is because the MS does not know the new Timing Advance (TA) value yet. On the detection of the handover bursts, and check of HO ref. no., the new BTS will send the new TA. 4. Handover complete - Now the MS is ready to continue the traffic and will send a handover complete message, which will be addressed to the old BSC as a clear command. 5. Release of old channel - When the old BSC receives the clear command from the MSC, the BSC knows that the handover was successful. The BSC orders the BTS to release the TCH and the BTS will acknowledge.

Fig 5.4 Inter BSC handover

Inter-MSC handover Handing over a GSM call is a complicated procedure. It is even more so when the source and target GSM cells are controlled by different MSCs. The following call flows analyze the different steps involved in a inter-MSC handover:  

The source BSC analyzes the signal quality measurement reports and initiates a handover. The source MSC finds that the call needs to be handed over to a cell controlled by a different MSC.

Department of ECE,SJBIT

Page 61

Wireless Communication   

10EC81

The source MSC and target MSC interact and then command the UT to move to the new cell. The target MSC informs the source MSC when the call has been successfully handed over. The source MSC releases the radio resources for the call. Note that the call is still routed via the source MSC

Fig 5.5 Inter MSC handover

GSM Infrastructure Communications (Um Interface) A GSM network is a bearer data communication protocol families. Any protocol stack for data communication, for example TCP/IP, can be implemented to use a bearer. GSM protocol architecture is - as for ISDN - structured into three independent planes . User plane ,Control plane,Management plane The user plane defines protocols to carry connection oriented voice and user data. At the radio interface Um, user plane data will be carried by the logical traffic channel called TCH. The control plane defines a set of protocols for controlling these connections with signalling information, for example signalling for connection setup. Such signalling data is carried over logical control channels called D-channels (DmDepartment of ECE,SJBIT

Page 62

Wireless Communication

10EC81

channels). As the control channels often have spare capacities, also user data, the packet oriented SMS data, is transported over these channels (see Figure gsm8). All logical channels, however, will be finally multiplexed onto the physical channel.

Management plane function are:  

plane management functions related to the system as a whole including plane coordination functions related to resources and parameters residing in the layers of the control and/or user plane.

Management of network element configuration and network element faults are examples of management plane functionality The basic GSM bearer service, Circuit Switched Data (CSD), simply consists of transmitting and receiving signals representing data instead of voice across the air interface. Modems are used for the conversion between data bit streams and modulated radio signals. Data transmission is either transparent or non-transparent.

Department of ECE,SJBIT

Page 63

Wireless Communication

10EC81

Fig: 5.6 Three layers of interface in GSM

Department of ECE,SJBIT

Page 64

Wireless Communication

10EC81

Fig: 5.7 Linking of Three layers of interface in GSM



GSM Infrastructure Communications (Um Interface) –

Layer 3: Networking layer operations •

Connection management



Mobility management



Radio resource management

Department of ECE,SJBIT

Page 65

Wireless Communication

10EC81

Fig: 5.8 Linking of RR, RM and MM in GSM



GSM Infrastructure Communications (Um Interface) –



Layer 2: Data Link layer operations •

LAPD operations



Service access points



Data link procedures



Physical services required by the Data Link layer



Data link timers

North American TDMA –

TIA/EIA-136 basics



TIA/EIA-136 channel concept



TIA/EIA-136 timeslots and frame details

Department of ECE,SJBIT

Page 66

Wireless Communication

10EC81

Fig: 5.9 NA -TDMA structure

Department of ECE,SJBIT

Page 67

Wireless Communication

10EC81

UNIT - 6 CDMA technology, CDMA overview, CDMA channel concept CDMA operations.

8 Hours TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS: 1. Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. 2. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, 3. Cambridge 2005.

Department of ECE,SJBIT

Page 68

Wireless Communication

10EC81

UNIT- 6 CDMA TECHNOLOGY

6.1 Introduction to CDMA Cellular services are now being used every day by millions of people worldwide. The number of customers requiring such services is increasing exponentially, and there is a demand for integration of a variety of multimedia services. The range of services includes short messaging, voice, data, and video. Consequently, the bit rate required for the services varies widely from just 1.2 kbps for paging up to several Mbps for video transmission. Furthermore, supporting such a wide range of data rates with flexible mobility management increases network complexity dramatically. The CDMA is a digital modulation and radio access system that employs signature codes (rather than time slots or frequency bands) to arrange simultaneous and continuous access to a radio network by multiple users. Contribution to the radio channel interference in mobile communications arises from multiple user access, multipath radio propagation, adjacent channel radiation and radio jamming. The spread spectrum system’s performance is relatively immune to radio interference. Cell sectorisation and voice activity used in CDMA radio schemes provide additional capacity compared to FDMA and TDMA. However, CDMA still has a few drawbacks, the main one being that capacity (number of active users at any instant of time) is limited by the access interference. Furthermore, Near-far effect requires an accurate and fast power control scheme. The first cellular CDMA radio system has been constructed in conformity with IS95 specifications and is now known commercially as cdmaOne.

Fig 6.1 comparison of different techniques

Department of ECE,SJBIT

Page 69

Wireless Communication

10EC81

Fig 6.2 channel allocation

6.2 CDMA Network and System Architecture

There is increasing demand for data traffic over mobile radio. The mobile radio industry has to evolve the current radio infrastructures to accommodate the expected data traffic with the efficient provision of high-speed voice traffic. The General Packet Radio Service (GPRS) is being introduced to efficiently support high-rate data over GSM. GPRS signalling and data do not travel through GSM network. The GPRS operation is supported by new protocols and new network nodes: Serving GPRS support node (SGSN) and Gateway GPRS support node (GGSN). One prominent protocol used to tunnel data through IP backbone network is the GPRS tunnel protocol (GTP). GPRS obtains user profile data using location register database of GSM network. GPRS supports quality of service and peak data rate of up to 171.2 kbps with GPRS using all 8 timeslots at the same time. GPRS uses the same modulation as that used in GSM, that is Gaussian Minimum Shift Keying (GMSK) with 4 coding schemes. GPRS packetises the user data and transports it over 1 to 8 radio channel timeslots using IP backbone network. The Enhanced Data Rates for GSM Evolution (EDGE) employs an Enhanced GPRS (EGPRS) to support data rate up to 384 kbps through optimised modulation. EGPRS support 2 modulation schemes, namely GMSK with 4 coding schemes and 8-PSK with 5 coding schemes. Unlike GPRS where header and data are encoded together, headers are encoded separately in EGPRS.

Fig 6.3 Network architecture of CDMA

CDMA Network and System Architecture Department of ECE,SJBIT

Page 70

Wireless Communication –

10EC81

Mobile-services switching center and visitor location register • Interworking function • Mobile positioning system • Unified messaging/voice mail service • HLR/AC, PPCS, and other nodes

Fig 6.3 Packet Network architecture of CDMA

6.2 CDMA Network and System Architecture – Base station subsystem • Base station controller • Radio base station – PLMN subnetwork • Circuit core network • CDMA radio access network • CDMA Network and System Architecture – PLMN subnetwork • Packet core network • AAA server • Home agent • Packet data serving node • Foreign agent

Department of ECE,SJBIT

Page 71

Wireless Communication

10EC81

Fig 6.5 Packet core Network architecture of CDMA



CDMA Network and System Architecture – Network management system • Network management • Subnetwork management and element management – System communications links

Fig 6.6 Network interface architecture of CDMA

6.3 CDMA Channel Concept Department of ECE,SJBIT

Page 72

Wireless Communication

10EC81

Introduction to Walsh codes • Characteristics • Other pseudorandom noise codes • Short and long PN codes – Spreading procedure

Fig 6.7 CDMA channel concept

The IS-95 CDMA system is a narrow band radio system. Bandwidth is limited to 1.25 MHz and a chip rate of 1.2288 Mcps. The system is intended to provide voice and low bit rate data service using circuit-switching techniques. Data rate varies from 1.2 kbps to 9.6 kbps. Forward (base station to mobile) and reverse (mobile to base station) link structures are different and each is capable of distinctive capacity. Forward transmission is coherent and synchronous while the reverse link is asynchronous. The 'chanellisation' in each link is achieved by using 64- chip orthogonal codes, including provision for pilot, synchronisation, paging, and network access. Consequently, the number of active users able to simultaneously access the network is limited by the level of interference, service provisions and the number of 'channels' available. In IS-95B, an active mobile always has a fundamental code channel at 9.6 kbps and when high data rate is required, the base station assign the mobile up to 7 supplementary code channels. The Wideband CDMA (W-CDMA) system is the major standard in the next-generation Global Mobile Telecommunications standard suite IMT-2000. The W-CDMA supports Department of ECE,SJBIT

Page 73

Wireless Communication

10EC81

high data rate transmission, typically 384 kbps for wide area coverage and 2 Mbps for local coverage for multimedia services. Thus W-CDMA is capable of offering the transmission of voice, text, data, picture (still image) and video over a single platform. However, in addition to the drawbacks arising from the mobile environment and multiple access interference, high bit rate transmission causes Inter-symbol interference (ISI) to occur. The ISI therefore has to be taken into account during transmission. The W-CDMA has 2 versions: frequency division duplex (FDD) and time division duplex (TDD). The FDD version of W-CDMA will operate in either of the following paired bands: Uplink: 1920 - 1980 MHz Downlink: 2110 - 2170 MHz Uplink: 1850 - 1010 MHz Downlink: 1930 - 1990 MHz The 3GPP architecture of the Universal Mobile Telecommunications System (UMTS) is composed of IP-based core network (CN) connected to the user equipment through UMTS Terrestrial Radio Access Network (UTRAN). The UTRAN consists of a set of radio network subsystem comprising a radio controller and one or more node base station. The network controller is responsible for the handover decisions that require signalling to the user equipment. Each subsystem is responsible for the resources of its set of cells and each node B has one or more cells.

Fig 6.8 Walsh code in CDMA

CDMA Channel Concept – Forward logical channels • Pilot channel • Synchronization channel • Paging channel • Traffic/power control channels • Department of ECE,SJBIT

Page 74

Wireless Communication

10EC81

Fig 6.9

I channel pilot signals

Fig 6.10

Power control systems

CDMA Channel Concept – Reverse logical channels • Differences from forward channel Department of ECE,SJBIT

Page 75

Wireless Communication • • •

10EC81

PN code derivation Access channels Traffic/power control channels

Fig 6.11 reverse logic channels

CDMA Channel Concept – CDMA frame format • Vocoding details and formats • Forward channel frame formats • Reverse channel frame formats – Burst transmission

6.4 CDMA System (Layer 3) Operations – Initialization/registration – Status dependent operation

Department of ECE,SJBIT

Page 76

Wireless Communication

10EC81

Fig 6.12 State transition of Initialization of a call

6.4 CDMA System (Layer 3) Operations – Call establishment • Initialization state • Idle state • Access state • Access channel probing Optimal opportunistic spectrum access (OSA) policies for a transmitter in a multichannel wireless system, where a channel can be in one of multiple states. Each channel state is associated with either a prob- ability of transmission success or a transmission rate. In such systems, the transmitter typically has partial informa- tion concerning the channel states, but can deduce more by probing individual channels, e.g. by sending control pack- ets in the channels, at the expense of certain resources, e.g., energy and time. The main goal of this work is to derive op- timal strategies for determining which channels to probe (in what sequence) and which channel to use for transmission. We consider two problems within this context, the constant data time (CDT) and the constant access time (CAT) prob- lems. For both problems, we derive key structural proper- ties of the corresponding optimal strategy. In particular, we show that it has a threshold structure and can be de- scribed by Department of ECE,SJBIT

Page 77

Wireless Communication

10EC81

an index policy. We further show that the opti- mal CDT strategy can only take on one of three structural forms. Using these results we present a two-step lookahead CDT (CAT) strategy. This strategy is shown to be optimal for a number of cases of practical interest.

Fig 6.13 Channel probing

CDMA System (Layer 3) Operations – Traffic state • Mobile-originated call • Mobile-terminated call • Call termination • Operation details

Department of ECE,SJBIT

Page 78

Wireless Communication

10EC81

Fig : 6.14 mobile originate call in CDMA

Fig : 6.14 mobile terminated call in CDMA

Department of ECE,SJBIT

Page 79

Wireless Communication

10EC81

6.4 CDMA System (Layer 3) Operations – Call handoff • Idle/access handoff • Soft handoff – Soft, softer, and soft-softer handoff • Handoff logistics





CDMA System (Layer 3) Operations – Call handoff • Hard handoff • Hand-down – Due to intercarrier handoff – Due to disjointed regions – Border and transition cells CDMA System (Layer 3) Operations – Power control • Need for sophisticated power control • Near-far effect • Forward link power control details • Reverse open loop details • Fast closed loop details

6.5 IS-95-B, cdma2000, and W-CDMA – IS-95B • IS-95B forward and reverse channels • Supplementary code channels – Cdma2000 • Cdma2000 differences from IS-95B • Cdma2000 forward and reverse channel structures

Department of ECE,SJBIT

Page 80

Wireless Communication



10EC81

IS-95-B, cdma2000, and W-CDMA – Evolution of GSM technology – W-CDMA and UMTS • UMTS details • W-CDMA details • UTRAN – TD-CDMA and TD-SCDMA spectrums

Department of ECE,SJBIT

Page 81

Wireless Communication

10EC81

UNIT - 7 Wireless Modulation techniques and Hardware, Characteristics of air interface, Path loss models, wireless coding techniques, Digital modulation techniques, OFDM, UWB radio techniques, Diversity techniques, Typical GSM Hardware.

6 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS: 1. Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. 2. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. 3. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 82

Wireless Communication

10EC81

Unit-7 Wireless Modulation Techniques and Hardware 7.1 Transmission Characteristics of Wireline and Fiber Systems –



Conductor-based transmission lines • Transmission line function • Wireline transmission lines – Types • Wireline characteristics • Limitations Fiber-optic cables • Physical characteristics • BER • Bandwidth • Transport technologies - SONET

7.2 Characteristics of the Air Interface – –

– –

Early usage Radio wave propagation and propagation models • Wave propagation below 2 MHz • Wave propagation between 2 and 30 MHz • Wave propagation above 30 MHz – Wave propagation effects at UHF and above • Reflection • Scattering • Diffraction • Other – Multipath propagation – Indoor and outdoor propagation examples – Path loss models for various coverage areas • Free space • Other path loss models – Two-ray model – Okumura model – Okumura-Hata model – Multipath and Doppler effects Rayleigh fading Multipath delay spread

Department of ECE,SJBIT

Page 83

Wireless Communication

10EC81

Fig 7.1 Wireline transmission lines

Fig 7.2 Wireless transmission lines

Department of ECE,SJBIT

Page 84

Wireless Communication

10EC81

Fig 7.3 comparison of responses

7.3 Wireless Telecommunications Coding Techniques – Error detection and correction coding • Error fundamentals • Block codes • Convolutional and turbo encoders

Department of ECE,SJBIT

Page 85

Wireless Communication

10EC81

Fig 7.4

Block diagram of convolution encoder

Speech coding • Rates and subrates Block interleaving • Examples of coding and interleaving

Fig 7. 5 Diagrammatic rep of block interleaving

Department of ECE,SJBIT

Page 86

Wireless Communication

10EC81

Fig 7.6

Block diagram of channel encoder

GSM channel encoding • Classes of bits • Encoding • Interleaving operations

7.4 Digital Modulation Techniques – Review of digital modulation techniques • FSK, MSK, n-PSK, and n-QAM • Bandwidth efficiency • BER – Typical QPSK transmitter

Fig 7.7 Block diagram of FSK

– – –

Digital frequency modulation • First generation systems • Second generation systems Digital phase modulation • IS-95 CDMA application • NA-TDMA application OFDM • Theory of operation

Department of ECE,SJBIT

Page 87

Wireless Communication • • • •

10EC81

Orthogonality principle Multiple carriers and multirate modems Present uses - wireless LANs Future uses

7.5 Spread Spectrum Modulation Techniques – Frequency hopping spread spectrum • History of development • Theory of operation • Example of FHSS

Fig 7.6

Representation of frequency hopping

– Direct sequence spread spectrum • Theory • Spreading chips • Walsh codes – Other coding forms

7.6 Ultra-wideband Radio Technology – Introduction – Applications – Bandwidth – Challenges of implementation Department of ECE,SJBIT

Page 88

Wireless Communication –

10EC81

Wireless PAN applications

7.7 Diversity Techniques – Introduction to diversity operation – Specialized receiver technology • RAKE receiver • Equalization • Signal resolution • Usage problems

Fig 7.7 Diversity techniques for modualtion

7.7 Diversity Techniques – Space diversity • Theory • Space and polarization diversity • Practical implementations – –

Single antenna interference cancellation • Theory Smart antennas • Theory of operation

Department of ECE,SJBIT

Page 89

Wireless Communication

10EC81

Fig 7.8 Use of antennas for modulation

7.8 Typical GSM System Hardware – Base station controller • Specific BSC parts – Group switch, sub-rate switch exchange/interface circuits, transcoder rate adaptation unit, system control, power supply, and environmental conditioning unit • BSC radio network operations

Fig 7.9 GSM system hardware

Department of ECE,SJBIT

Page 90

Wireless Communication

10EC81

Fig 7.10 components of GSM system hardware

7. 8 Typical GSM System Hardware –

Radio base station • Radio base station subsystems – Distribution switch unit, timing and control, transmitter/receiver units, and combining and distribution units •

RBS transceiver unit – Signal processing and control subsystem, transmitter units, and receiver units

Department of ECE,SJBIT

Page 91

Wireless Communication

10EC81

Fig 7.11 Typical RBS

Fig 7.12

Department of ECE,SJBIT

Block diagram of TR unit

Page 92

Wireless Communication



10EC81

RBS antenna systems • Combining and distribution unit example • Typical antenna configurations • Hybrid combiner • Duplex filter

Fig 7.13 Block diagram of duplexer

– – –

RBS antennas and antenna amplifiers Antenna amplifier theory Software handling/maintenance • OMT software • Field replaceable units

7.10 Subscriber Devices – CDMA mobile radios • Block diagram • RF transmitter, system control, man-machine interface, RF output power control, RF receiver, RAKE receiver, system memory, DSP, etc

Department of ECE,SJBIT

Page 93

Wireless Communication

10EC81

Fig 7.14 Block dia of subscriber unit

Department of ECE,SJBIT

Page 94

Wireless Communication

10EC81

UNIT - 8 Introduction to wireless LAN 802.11X technologies, Evolution of Wireless LAN Introduction to 802.15X technologies in PAN Application and architecture Bluetooth Introduction to Broadband wireless MAN, 802.16X technologies.

8 Hours

TEXT BOOK: 1.

Wireless Telecom Systems and networks, Mullet: Thomson Learning 2006.

REFERENCE BOOKS: 1. Mobile Cellular Telecommunication, Lee W.C.Y, MGH, 2002. Wireless communication - D P Agrawal: 2nd Edition Thomson learning 2007. 2. 3. Fundamentals of Wireless Communication, David Tse, Pramod Viswanath, Cambridge 2005.

Department of ECE,SJBIT

Page 95

Wireless Communication

10EC81

Unit- 8 Wireless LANs/IEEE 802.11x 8.1 Introduction to IEEE 802.11x Technologies 802.11X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN - though the term 'supplicant' is also used interchangeably to refer to the software running on the client that provides credentials to the authenticator. The authenticator is a network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host running software supporting the RADIUS and EAP protocols. The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicant’s identity has been validated and authorized. An analogy to this is providing a valid visa at the airport's arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credentials, such as user name / password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the authentication server determines the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.

8.2 Evolution of Wireless LANs

Wireless LANs have gone through rapid changes with respect to their security architecture in recent years. One view has been to incorporate WLANs under already existing VPN umbrellas and to view them merely as an alternative access method --- thus preserving existing VPN infrastructure. Another view has been to address the security of the airwaves which has been demonstrated to be extremely vulnerable. The evolution of security standardisation based upon the work of the IEEE has evolved from WEP to WPA which introduced new key management and integrity mechanisms through to WAP2 (IEEE 802.11i) which maintains the management and integrity mechanisms of WPA but introduces AES encryption as well as moving much of the security functionality to the hardware. This paper traces the evolution and development of this new WLAN security architecture.

Initialization On detection of a new supplicant, the port on the switch (authenticator) is enabled and set to the "unauthorized" state. In this state, only 802.1X traffic is allowed; other traffic, such as the Internet Protocol (and with that TCP and UDP), is dropped.

Department of ECE,SJBIT

Page 96

Wireless Communication

10EC81

Initiation To initiate authentication the authenticator will periodically transmit EAPRequest Identity frames to a special Layer 2 address on the local network segment. The supplicant listens on this address, and on receipt of the EAP-Request Identity frame it responds with an EAP-Response Identity frame containing an identifier for the supplicant such as a User ID. The authenticator then encapsulates this Identity response in a RADIUS Access-Request packet and forwards it on to the authentication server. The supplicant may also initiate or restart authentication by sending an EAPOL-Start frame to the authenticator, which will then reply with an EAP-Request Identity frame. Negotiation (Technically EAP negotiation) The authentication server sends a reply (encapsulated in a RADIUS Access-Challenge packet) to the authenticator, containing an EAP Request specifying the EAP Method (The type of EAP based authentication it wishes the supplicant to perform). The authenticator encapsulates the EAP Request in an EAPOL frame and transmits it to the supplicant. At this point the supplicant can start using the requested EAP Method, or do an NAK ("Negative Acknowledgement") and respond with the EAP Methods it is willing to perform. Authentication If the authentication server and supplicant agree on an EAP Method, EAP Requests and Responses are sent between the supplicant and the authentication server (translated by the authenticator) until the authentication server responds with either an EAP-Success message (encapsulated in a RADIUS Access-Accept packet), or an EAPFailure message (encapsulated in a RADIUS Access-Reject packet). If authentication is successful, the authenticator sets the port to the "authorized" state and normal traffic is allowed, if it is unsuccessful the port remains in the "unauthorized" state. When the supplicant logs off, it sends an EAPOL-logoff message to the authenticator, the authenticator then sets the port to the "unauthorized" state, once again blocking all nonEAP traffic.

Fig 8.1 Frequency band designation – Extensions to 802.11 • 802.11b/a/g • 802.11d • 802.11e • 802.11f • 802.11h – Extensions to 802.11 • 802.11i • 802.11j Department of ECE,SJBIT

Page 97

Wireless Communication





10EC81

• 802.11k • 802.11ma • 802.11n Extensions to 802.11 • 802.11p • 802.11r • 802.11s • 802.11u • 802.11v Layer 1: Overview • WLAN radio cards • WLAN access points • Ad hoc or peer-to-peer connection • WLAN radio link

8.2 Introduction to 802.15X technologies in PAN applications and architecture. Bluetooth is a wireless technology standard for exchanging data over short distances (using short-wavelength radio transmissions in the ISM band from 2400–2480 MHz) from fixed and mobile devices, creating personal area networks (PANs) with high levels of security. Created by telecom vendor Ericsson in 1994, it was originally conceived as a wireless alternative to RS-232 data cables. It can connect several devices, overcoming problems of synchronization. Bluetooth is managed by the Bluetooth Special Interest Group, which has more than 17,000 member companies in the areas of telecommunication, computing, networking, and consumer electronics. The SIG oversees the development of the specification, manages the qualification program, and protects the trademarks. To be marketed as a Bluetooth device, it must be qualified to standards defined by the SIG.[ A network of patents is required to implement the technology and are licensed only for those qualifying devices. Bluetooth uses a radio technology called frequency-hopping spread spectrum, which chops up the data being sent and transmits chunks of it on up to 79 bands (1 MHz each; centered from 2402 to 2480 MHz) in the range 2,400–2,483.5 MHz (allowing for guard bands). This range is in the globally unlicensed Industrial, Scientific and Medical (ISM) 2.4 GHz shortrange radio frequency band. It usually performs 800 hops per second, with Adaptive Frequency-Hopping (AFH) enabled.[9] Originally Gaussian frequency-shift keying (GFSK) modulation was the only modulation scheme available; subsequently, since the introduction of Bluetooth 2.0+EDR, π/4-DQPSK and 8DPSK modulation may also be used between compatible devices. Devices functioning with GFSK are said to be operating in basic rate (BR) mode where an instantaneous data rate of 1 Mbit/s is possible. The term Enhanced Data Rate (EDR) is used to describe π/4-DPSK and 8DPSK schemes, each giving 2 and 3 Mbit/s respectively. The combination of these (BR and EDR) modes in Bluetooth radio technology is classified as a "BR/EDR radio". Department of ECE,SJBIT

Page 98

Wireless Communication

10EC81

Bluetooth is a packet-based protocol with a master-slave structure. One master may communicate with up to 7 slaves in a piconet; all devices share the master's clock. Packet exchange is based on the basic clock, defined by the master, which ticks at 312.5 µs intervals. Two clock ticks make up a slot of 625 µs; two slots make up a slot pair of 1250 µs. In the simple case of single-slot packets the master transmits in even slots and receives in odd slots; the slave, conversely, receives in even slots and transmits in odd slots. Packets may be 1, 3 or 5 slots long but in all cases the master transmit will begin in even slots and the slave transmit in odd slots. Bluetooth provides a secure way to connect and exchange information between devices such as faxes, mobile phones, telephones, laptops, personal computers, printers, Global Positioning System (GPS) receivers, digital cameras, and video game consoles. It was principally designed as a low-bandwidth technology. Communication and connection A master Bluetooth device can communicate with a maximum of seven devices in a piconet (an ad-hoc computer network using Bluetooth technology), though not all devices reach this maximum. The devices can switch roles, by agreement, and the slave can become the master (for example, a headset initiating a connection to a phone will necessarily begin as master, as initiator of the connection; but may subsequently prefer to be slave). The Bluetooth Core Specification provides for the connection of two or more piconets to form a scatternet, in which certain devices simultaneously play the master role in one piconet and the slave role in another. At any given time, data can be transferred between the master and one other device (except for the little-used broadcast mode[citation needed]). The master chooses which slave device to address; typically, it switches rapidly from one device to another in a round-robin fashion. Since it is the master that chooses which slave to address, whereas a slave is (in theory) supposed to listen in each receive slot, being a master is a lighter burden than being a slave. Being a master of seven slaves is possible; being a slave of more than one master is difficult.[citation needed] The specification is vague as to required behaviour in scatternets. Many USB Bluetooth adapters or "dongles" are available, some of which also include an IrDA adapter. Older (pre-2003) Bluetooth dongles, however, have limited capabilities, offering only the Bluetooth Enumerator and a less-powerful Bluetooth Radio incarnation.[citation needed] Such devices can link computers with Bluetooth with a distance of 100 meters, but they do not offer as many services as modern adapters do. Uses: Bluetooth is a standard wire-replacement communications protocol primarily designed for low power consumption, with a short range (power-class-dependent, but effective ranges vary in practice; see table below) based on low-cost transceiver microchips in each device.[10] Because the devices use a radio (broadcast) communications system, they do not Department of ECE,SJBIT

Page 99

Wireless Communication

10EC81

have to be in visual line of sight of each other, however a quasi optical wireless path must be viable Bluetooth profiles To use Bluetooth wireless technology, a device has to be able to interpret certain Bluetooth profiles, which are definitions of possible applications and specify general behaviors that Bluetooth enabled devices use to communicate with other Bluetooth devices. These profiles include settings to parametrize and to control the communication from start. Adherence to profiles saves the time for transmitting the parameters anew before the bidirectional link becomes effective. There are a wide range of Bluetooth profiles that describe many different types of applications or use cases for devices. A typical Bluetooth mobile phone headset.            

   

Wireless control of and communication between a mobile phone and a handsfree headset. This was one of the earliest applications to become popular. Wireless control of and communication between a mobile phone and a Bluetooth compatible car stereo system Wireless Bluetooth headset and Intercom. Wireless networking between PCs in a confined space and where little bandwidth is required. Wireless communication with PC input and output devices, the most common being the mouse, keyboard and printer. Transfer of files, contact details, calendar appointments, and reminders between devices with OBEX. Replacement of previous wired RS-232 serial communications in test equipment, GPS receivers, medical equipment, bar code scanners, and traffic control devices. For controls where infrared was often used. For low bandwidth applications where higher USB bandwidth is not required and cable-free connection desired. Sending small advertisements from Bluetooth-enabled advertising hoardings to other, discoverable, Bluetooth devices.[14] Wireless bridge between two Industrial Ethernet (e.g., PROFINET) networks. Three seventh and eighth generation game consoles, Nintendo's Wii[15] and Sony's PlayStation 3, PSP Go and PS Vita, use Bluetooth for their respective wireless controllers. Dial-up internet access on personal computers or PDAs using a data-capable mobile phone as a wireless modem. Short range transmission of health sensor data from medical devices to mobile phone, set-top box or dedicated telehealth devices.[16] Allowing a DECT phone to ring and answer calls on behalf of a nearby mobile phone Real-time location systems (RTLS), are used to track and identify the location of objects in real-time using “Nodes” or “tags” attached to, or embedded in the objects tracked, and “Readers” that receive and process the wireless signals from these tags to determine their locations[17]

Department of ECE,SJBIT

Page 100

Wireless Communication 



10EC81

Personal security application on mobile phones for prevention of theft or loss of items. The protected item has a Bluetooth marker (e.g. a tag) that is in constant communication with the phone. If the connection is broken (the marker is out of range of the phone) then an alarm is raised. This can also be used as a man overboard alarm. A product using this technology has been available since 2009.[18] Calgary, Alberta, Canada's Roads Traffic division uses data collected from travelers' Bluetooth devices to predict travel times and road congestion for motorists.[

Bluetooth vs. Wi-Fi (IEEE 802.11) Bluetooth and Wi-Fi (the brand name for products using IEEE 802.11 standards) have some similar applications: setting up networks, printing, or transferring files. Wi-Fi is intended as a replacement for cabling for general local area network access in work areas. This category of applications is sometimes called wireless local area networks (WLAN). Bluetooth was intended for portable equipment and its applications. The category of applications is outlined as the wireless personal area network (WPAN). Bluetooth is a replacement for cabling in a variety of personally carried applications in any setting and also works for fixed location applications such as smart energy functionality in the home (thermostats, etc.). Wi-Fi is a wireless version of a common wired Ethernet network, and requires configuration to set up shared resources, transmit files, and to set up audio links (for example, headsets and hands-free devices). Wi-Fi uses the same radio frequencies as Bluetooth, but with higher power, resulting in higher bit rates and better range from the base station. The nearest equivalents in Bluetooth are the DUN profile, which allows devices to act as modem interfaces, and the PAN profile, which allows for ad-hoc networking A Bluetooth USB dongle with a 100 m range. The MacBook Pro, shown, also has a built in Bluetooth adaptor.Bluetooth exists in many products, such as telephones, tablets, media players, Lego Mindstorms NXT, PlayStation 3, PS Vita, the Nintendo Wii, and some high definition headsets, modems, and watches. The technology is useful when transferring information between two or more devices that are near each other in low-bandwidth situations. Bluetooth is commonly used to transfer sound data with telephones (i.e., with a Bluetooth headset) or byte data with hand-held computers (transferring files). Bluetooth protocols simplify the discovery and setup of services between devices.[20] Bluetooth devices can advertise all of the services they provide.[21] This makes using services easier because more of the security, network address and permission configuration can be automated than with many other network types Air interface The protocol operates in the license-free ISM band at 2.402–2.480 GHz.[53] To avoid interfering with other protocols that use the 2.45 GHz band, the Bluetooth protocol divides the band into 79 channels (each 1 MHz wide) and changes channels, generally 800 times Department of ECE,SJBIT

Page 101

Wireless Communication

10EC81

per second. Implementations with versions 1.1 and 1.2 reach speeds of 723.1 kbit/s. Version 2.0 implementations feature Bluetooth Enhanced Data Rate (EDR) and reach 2.1 Mbit/s. Technically, version 2.0 devices have a higher power consumption, but the three times faster rate reduces the transmission times, effectively reducing power consumption to half that of 1.x devices

ZigBee is a specification for a suite of high level communication protocols using small, low-power digital radios based on an IEEE 802 standard for personal area networks. ZigBee devices are often used in mesh network form to transmit data over longer distances, passing data through intermediate devices to reach more distant ones. This allows ZigBee networks to be formed ad-hoc, with no centralized control or high-power transmitter/receiver able to reach all of the devices. Any ZigBee device can be tasked with running the network. ZigBee is targeted at applications that require a low data rate, long battery life, and secure networking. ZigBee has a defined rate of 250 kbit/s, best suited for periodic or intermittent data or a single signal transmission from a sensor or input device. Applications include wireless light switches, electrical meters with in-home-displays, traffic management systems, and other consumer and industrial equipment that requires short-range wireless transfer of data at relatively low rates. The technology defined by the ZigBee specification is intended to be simpler and less expensive than other WPANs, ZigBee is a low-cost, low-power, wireless mesh network standard. The low cost allows the technology to be widely deployed in wireless control and monitoring applications. Low power-usage allows longer life with smaller batteries. Mesh networking provides high reliability and more extensive range. ZigBee chip vendors typically sell integrated radios and microcontrollers with between 60 KB and 256 KB flash memory. ZigBee operates in the industrial, scientific and medical (ISM) radio bands; 868 MHz in Europe, 915 MHz in the USA and Australia and 2.4 GHz in most jurisdictions worldwide. Data transmission rates vary from 20 to 250 kilobits/second.The ZigBee network layer natively supports both star and tree typical networks, and generic mesh networks. Every network must have one coordinator device, tasked with its creation, the control of its parameters and basic maintenance. Within star networks, the coordinator must be the central node. Both trees and meshes allows the use of ZigBee routers to extend communication at the network level.ZigBee builds upon the physical layer and medium access control defined in IEEE standard 802.15.4 (2003 version) for low-rate WPANs. The specification goes on to complete the standard by adding four main components: network layer, application layer, ZigBee device objects (ZDOs) and manufacturer-defined application objects which allow for customization and favor total integration. Besides adding two high-level network layers to the underlying structure, the most significant improvement is the introduction of ZDOs. These are responsible for a number of tasks, which include keeping of device roles, management of requests to join a network,

Department of ECE,SJBIT

Page 102

Wireless Communication

10EC81

device discovery and security.ZigBee is not intended to support powerline networking but to interface with it at least for smart metering and smart appliance purposes. Because ZigBee nodes can go from sleep to active mode in 30 ms or less, the latency can be low and devices can be responsive, particularly compared to Bluetooth wake-up delays, which are typically around three seconds.[2] Because ZigBee nodes can sleep most of the time, average power consumption can be low, resulting in long battery life. Application profiles The current list of application profiles either published, or in the works are: 

Released specifications o ZigBee Home Automation o ZigBee Smart Energy 1.0 o ZigBee Telecommunication Services o ZigBee Health Care o ZigBee RF4CE – Remote Control o ZigBee RF4CE – Input Device o ZigBee Light Link



Specifications under development o ZigBee Smart Energy 2.0 o ZigBee Building Automation o ZigBee Retail Services

The ZigBee Smart Energy V2.0 specifications define an IP-based protocol to monitor, control, inform and automate the delivery and use of energy and water. It is an enhancement of the ZigBee Smart Energy version 1 specifications,[8] adding services for plug-in electric vehicle (PEV) charging, installation, configuration and firmware download, prepay services, user information and messaging, load control, demand response and common information and application profile interfaces for wired and wireless networks. It is being developed by partners including:      

HomeGrid Forum responsible for marketing and certifying ITU-T G.hn technology and products HomePlug Powerline Alliance International Society of Automotive Engineers SAE International IPSO Alliance SunSpec Alliance Wi-Fi Alliance.

In 2009 the RF4CE (Radio Frequency for Consumer Electronics) Consortium and ZigBee Alliance agreed to jointly deliver a standard for radio frequency remote controls. ZigBee RF4CE is designed for a wide range of consumer electronics products, such as TVs and set-top boxes. It promises many advantages over existing remote control solutions, including richer communication and increased reliability, enhanced features and flexibility, Department of ECE,SJBIT

Page 103

Wireless Communication

10EC81

interoperability, and no line-of-sight barrier. The ZigBee RF4CE specification lifts off some networking weight and does not support all the mesh features, which is traded for smaller memory configurations for lower cost devices, such as remote control of consumer electronics. With the introduction of second Zigbee RF4CE application profile in 2012, and increased momentum in MSO market, Zigbee RF4CE team provided an overview on current status of standard, applications, and future of the technology. Configurable functionality A number of network properties can be pre-configured. The network is initialised by the Co-ordinator, at which time these configuration values are taken into account. These properties determine the maximum size (in terms of the maximum number of nodes) and shape of the network, and are as follows: Network Depth: The depth of a device in a network is the number of nodes from the root of the network tree (the Co-ordinator) to the device. The maximum network depth is then the maximum number of hops from the Co-ordinator to the most distant device in the network. This determines the overall diameter for the network. Note that a Star network has a network depth of 1. Number of Children: Each Router in the network can have a number of child devices attached to it. These may be either Routers or End Devices. The Co-ordinator specifies the maximum number of child devices allowed per Router. Number of Child Routers: In addition to the number of children per Router, a limit is put on how many of these children may be Routers themselves. The Co-ordinator uses the above information during initialisation to allocate blocks of network addresses to the branches of the network tree. In turn, the Routers use it to allocate subsets of these address blocks to their children. Forming a ZigBee Network: The Co-ordinator is responsible for starting a ZigBee network. Network initialisation involves the following steps: 

Search for a Radio Channel

The Co-ordinator first searches for a suitable radio channel (usually the one which has least activity). This search can be limited to those channels that are known to be usable - for example, by avoiding frequencies in which it is known that a wireless LAN is operating. 

Assign PAN ID

The Co-ordinator starts the network, assigning a PAN ID (Personal Area Network identifier) to the network. The PAN ID can be pre-determined, or can be obtained dynamically by detecting other networks operating in the same frequency channel and

Department of ECE,SJBIT

Page 104

Wireless Communication

10EC81

choosing a PAN ID that does not conflict with theirs. At this stage, the Co-ordinator also assigns a network (short) address to itself. Usually, this is the address 0x0000. 

Start the Network

The Co-ordinator then finishes configuring itself and starts itself in Co-ordinator mode. It is then ready to respond to queries from other devices that wish to join the network. Joining a ZigBee Network: Once the network has been created by the Co-ordinator, other devices (Routers and End Devices) can join the network. Both Routers and the Coordinator have the capability to allow other nodes to join the network. The join process is as follows: 

Search for Network

The new node first scans the available channels to find operating networks and identifies which one it should join. Multiple networks may operate in the same channel and are differentiated by their PAN IDs. 

Select Parent

The node may be able to ‘see’ multiple Routers and a Co-ordinator from the same network, in which case it selects which one it should connect to. Usually, this is the one with the best signal. 

Send Join Request

The node then sends a message to the relevant Router or Co-ordinator asking to join the network. 

Accept or Reject Join Request

The Router or Co-ordinator decides whether the node is a permitted device, whether the Router/Co-ordinator is currently allowing devices to join and whether it has address space available. If all these criteria are satisfied, the Router/Co-ordinator will then allow the device to join and allocate it an address. Typically, a Router or Co-ordinator can be configured to have a time-period during which joins are allowed. The join period may be initiated by a user action, such as pressing a button. An infinite join period can be set, so that child nodes can join the parent node at any time. Message Propagation: The way that a message propagates through a ZigBee network depends on the network topology. However, in all topologies, the message usually needs to pass through one or more intermediate nodes before reaching its final destination. The message therefore contains two destination addresses:  

Address of the final destination Address of the node which is the next “hop”

Department of ECE,SJBIT

Page 105

Wireless Communication

10EC81

The way these addresses are used in message propagation depends on the network topology, as follows:  



Star Topology: All messages are routed via the Co-ordinator. Both addresses are needed and the “next hop” address is that of the Co-ordinator. Tree Topology: A message is routed up the tree until it reaches a node that can route it back down the tree to the destination node. Both addresses are needed and the initial “next hop” address is that of the parent of the sending node. The parent node then resends the message to the next relevant node - if this is the target node itself, the “final destination” address is used. The last step is then repeated and message propagation continues in this way until the target node is reached. Mesh Topology: In this case, the propagation path depends on whether the target node is in range: o If the target node is in range, only the “final destination” address is used. o If the target node is not in range, the initial “next hop” address is that of the first node in the route to the final destination. The message propagation continues in this way until the target node is reached.

Route Discovery: The ZigBee stack network layer supports a “route discovery” facility in which a mesh network can be requested to find the best available route to the destination, when sending a message. Route discovery is initiated when requested by a data transmission request. Route Discovery Options There are three options related to route discovery for a mesh network (the required option being indicated in the message):  



SUPPRESS route discovery: The message is routed along the tree. ENABLE route discovery: The message is routed along an already discovered mesh route, if one exists, otherwise the Router initiates a route discovery. Once this is complete, the message will be sent along the calculated route. If the Router does not have the capacity to store the new route, it will direct the message along the tree. FORCE route discovery: If the Router has the route capacity, it will initiate a route discovery, even if a known route already exists. Once this is complete, the message will be sent along the calculated route. If the Router does not have the route capacity, it will route the message along the tree. Use of this option should be restricted, as it generates a lot of network traffic.

Route Discovery Mechanism: The mechanism for route discovery between two End Devices involves the following steps:   

A route discovery broadcast is sent by the parent Router of the source End Device. This broadcast contains the network address of the destination End Device. All Routers eventually receive the broadcast, one of which is the parent of the destination End Device. The parent Router of the destination node sends back a reply addressed to the parent Router of the source.

Department of ECE,SJBIT

Page 106

Wireless Communication 



10EC81

As the reply travels back through the network, the hop count and a signal quality measure for each hop are recorded. Each Router in the path can build a routing table entry containing the best path to the destination End Device. Eventually, each Router in the path will have a routing table entry and the route from source to destination End Device is established. Note that the corresponding route from destination to source is not known – the route discovered is unidirectional.

The choice of best path is usually the one with the least number of hops, although if a hop on the most direct route has a poor signal quality (and hence a greater chance that retries will be needed), a route with more hops may be chosen. Device and Service Discovery: The ZigBee specification provides the facility for devices to find out information about other nodes in a network, such as their addresses, which types of applications are running on them, their power source and sleep behaviour. This information is stored in descriptors on each node, and is used by the enquiring node to tailor its behaviour to the requirements of the network. Discovery is typically used when a node is being introduced into a user-configured network, such as a domestic security or lighting control system. Once the device has joined the network, its integration into the network may require the user to start the integration process by pressing a button or similar. The first task is to find out if there are any other devices that it can talk to. For example, a device implementing the switch conforming to the HCL profile tries to find devices containing HCL load controllers to which it could potentially send its switch state information (the process of associating the switch with a particular load controller is handled by the binding process). There are two types of discovery, Device and Service Discovery: Device Discovery: Device Discovery involves interrogating a remote node for address information. The retrieved information can be either:  

the MAC (IEEE) address of the node with a given network address the network address of the node with a given MAC address.

If the node being interrogated is a Router or Co-ordinator, it may optionally supply the addresses of all the devices that are associated with it, as well as its own address. In this way, it is possible to discover all the devices in a network by requesting this information from the Co-ordinator and then using the list of addresses corresponding to the children of the Co-ordinator to launch queries about their child nodes. Service Discovery: Service discovery involves interrogating a remote node for information about its capabilities. This information is stored in a number of descriptors on the remote node, and includes:   

The device type and capabilities of the node (Node Descriptor) The power characteristics of the node (Node Power Descriptor) Information about each application running on the node (Simple Descriptor)

Department of ECE,SJBIT

Page 107

Wireless Communication

10EC81

Requests for these descriptors are made by a device during its configuration and integration into a ZigBee network. Uses ZigBee protocols are intended for embedded applications requiring low data rates and low power consumption. The resulting network will use very small amounts of power — individual devices must have a battery life of at least two years to pass ZigBee certification.[12] Typical application areas include:[13]       

Home Entertainment and Control — Home automation, smart lighting, advanced temperature control, safety and security, movies and music Wireless sensor networks — Starting with individual sensors like Telosb/Tmote and Iris from Memsic Industrial control Embedded sensing Medical data collection Smoke and intruder warning Building automation

Device types Zigbee devices are of three types: 

 

ZigBee Co-ordinator (ZC): The most capable device, the Co-ordinator forms the root of the network tree and might bridge to other networks. There is exactly one ZigBee Co-ordinator in each network since it is the device that started the network originally (the ZigBee LightLink specification also allows operation without a ZigBee Co-ordinator, making it more usable for over-the-shelf home products). It stores information about the network, including acting as the Trust Center & repository for security keys.[14][15] ZigBee Router (ZR): As well as running an application function, a Router can act as an intermediate router, passing on data from other devices. ZigBee End Device (ZED): Contains just enough functionality to talk to the parent node (either the Co-ordinator or a Router); it cannot relay data from other devices. This relationship allows the node to be asleep a significant amount of the time thereby giving long battery life.

Department of ECE,SJBIT

Page 108

View more...

Comments

Copyright ©2017 KUPDF Inc.
SUPPORT KUPDF