summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRefik Hadzialic2012-08-30 17:11:27 +0200
committerRefik Hadzialic2012-08-30 17:11:27 +0200
commitf0657db3d307619fafa20799c5c7cfca4f56b2ee (patch)
tree861c3dc320cdc6533dd4a3af2d73e0bc53ce115e
parentImplementation (diff)
downloadmalign-f0657db3d307619fafa20799c5c7cfca4f56b2ee.tar.gz
malign-f0657db3d307619fafa20799c5c7cfca4f56b2ee.tar.xz
malign-f0657db3d307619fafa20799c5c7cfca4f56b2ee.zip
implementation intro
-rw-r--r--vorlagen/thesis/maindoc.pdfbin17090304 -> 17094529 bytes
-rw-r--r--vorlagen/thesis/src/kapitel_x.tex44
2 files changed, 40 insertions, 4 deletions
diff --git a/vorlagen/thesis/maindoc.pdf b/vorlagen/thesis/maindoc.pdf
index 86a26e1..e103055 100644
--- a/vorlagen/thesis/maindoc.pdf
+++ b/vorlagen/thesis/maindoc.pdf
Binary files differ
diff --git a/vorlagen/thesis/src/kapitel_x.tex b/vorlagen/thesis/src/kapitel_x.tex
index 1ab6f73..dad2025 100644
--- a/vorlagen/thesis/src/kapitel_x.tex
+++ b/vorlagen/thesis/src/kapitel_x.tex
@@ -2628,12 +2628,48 @@ functions e.q. an FM radio, a GPS receiver, GSM and etc.,
all of them working on different standards and frequency spectrums
\citep{fmRadio} \citep{openBTS}. Theoretically ``anything'' can be
built using an SDR platform that is within the domain of the SDR hardware.
+
The exploited SDR platform in this thesis was the Universal Software
Radio Peripheral (USRP) that already had an GSM and RRLP implementation.
-The GSM implementation used on USRP was OpenBTS, a Linux application
-that uses software radio to present a GSM air interface
-and uses a software switch to connect calls \citep{openBTS}. After the
-system has been successfully set in operation, the RRLP
+The GSM implementation used on USRP was OpenBTS, a Linux application written in C++
+that uses software radio to provide a GSM air interface
+and uses a software switch to interconnect calls \citep{openBTS}. After the
+system has been successfully set up and set in operation. Initially the system was
+tested with 2G cell phones (Nokia 3310 and Siemens M50). While the system was
+tested with smart phones, a strange behaviour could be noticed. Sometimes
+the smart phones ($iPhones$ $3GS$ and $4$) could not detect the GSM network
+existance at all in the network search menu where all GSM networks in range are shown.
+The reason for this strange phenomenon may be found in the unstable
+operation of the cheap clock oscillator. Although the clock unstability issue can not be
+confirmed by the author due to the missing frequency counter to measure the actual frequency.
+Nevertheless these results, network undetectability behaviour, are consistent with those
+of the developers of OpenBTS with the same clock oscillator\footnote{GSM not detecting station, USRP1, FA-SY1, WBX, DBS
+\url{http://www.ruby-forum.com/topic/1876696}}. As previously stated in the GSM chapter,
+the clock oscillator for the BTS is not allowed to deviate more than $\pm$5 ppm
+(parts per million). This finding that older cell phones (the tested 2G phones)
+have rather less problems than the newer ones suggest that newer generation
+cell phones are not robust to the timing deviation issues. Meanwhile the RRLP
+module was downloaded and installed. The module was written by Kurtis Heimerl in two
+different programming languages, Erlang and Common Gateway Interface (CGI)\footnote{Kurtis
+Heimerl's code can be found on \url{https://github.com/ttsou/RRLP}}. Once the
+RRLP module was configured the new system configuration was tested with RRLP.
+The first observation and finding was that not a single smart phone could
+connect to the GSM network. In the log files it could be seen a time out was triggered
+by OpenBTS while the smart phones tried to get a position fix after the RRLP request
+was received by the MS. This result may be explained by the fact that the RRLP
+request was immediatelly sent after the paging request has been sent by the BTS. Once
+the option was found to disable the RRLP request sending each time the cell phones are
+being paged. Next step was manually so send the RRLP requests from the OpenBTS terminal
+to smart phones. Contrary to expectations, the smart phones sometimes received the
+RRLP request as an SMS message. In the case where the smart phone did not receive the
+RRLP request as an SMS message, it would still not respond its position back.
+One of the consequences of such behaviour was that the RRLP could not be tested
+inside of this set up because the system itself was unstable and had an unpredictive
+behaviour. The conducted tests with OpenBTS lead to the decision to employ dedicated
+hardware BTS with a tested and calibrated clock oscillator only for GSM. On the other
+hand, the Erlang RRLP module was a starting point to understand the RRLP protocol.
+The generated assistance data packets by the module were used as a template and
+comparison to build author's RRLP assistance data generator.
\section{OpenBSC}
OpenBSC is an open source implementation of a GSM network by Osmocom. It was developed