Wednesday, December 16, 2009

GSM(Groupe Spécial Mobile)

GSM (Global System for Mobile communications: originally from Groupe Spécial Mobile) is the most popular standard for mobile phones in the world. Its promoter, the GSM Association, estimates that 80% of the global mobile market uses the standard. GSM is used by over 3 billion people across more than 212 countries and territories. Its ubiquity makes international roaming very common between mobile phone operators, enabling subscribers to use their phones in many parts of the world. GSM differs from its predecessors in that both signaling and speech channels are digital, and thus is considered a second generation (2G) mobile phone system. This has also meant that data communication was easy to build into the system. GSM EDGE is a 3G version of the protocol.


The ubiquity of the GSM standard has been an advantage to both consumers (who benefit from the ability to roam and switch carriers without switching phones) and also to network operators (who can choose equipment from any of the many vendors implementing GSM). GSM also pioneered a low-cost (to the network carrier) alternative to voice calls, the short message service (SMS, also called "text messaging"), which is now supported on other mobile standards as well. Another advantage is that the standard includes one worldwide emergency telephone number, 112. This makes it easier for international travellers to connect to emergency services without knowing the local emergency number.

Newer versions of the standard were backward-compatible with the original GSM phones. For example, Release '97 of the standard added packet data capabilities, by means of General Packet Radio Service (GPRS). Release '99 introduced higher speed data transmission using Enhanced Data Rates for GSM Evolution (EDGE).

History

In 1982, the European Conference of Postal and Telecommunications Administrations (CEPT) created the Groupe Spécial Mobile (GSM) to develop a standard for a mobile telephone system that could be used across Europe. In 1987, a memorandum of understanding was signed by 13 countries to develop a common cellular telephone

Finally the system created by SINTEF lead by Torleiv Maseng was selected.

In 1989, GSM responsibility was transferred to the European Telecommunications Standards Institute (ETSI) and phase I of the GSM specifications were published in 1990. The first GSM network was launched in 1991 by Radiolinja in Finland with joint technical infrastructure maintenance from Ericsson. By the end of 1993, over a million subscribers were using GSM phone networks being operated by 70 carriers across 48 countries.


Technical details


GSM cell site antennas in the Deutsches Museum
Cellular radio network

GSM is a cellular network, which means that mobile phones connect to it by searching for cells in the immediate vicinity.

There are five different cell sizes in a GSM network—macro, micro, pico, femto and umbrella cells. The coverage area of each cell varies according to the implementation environment. Macro cells can be regarded as cells where the base station antenna is installed on a mast or a building above average roof top level. Micro cells are cells whose antenna height is under average roof top level; they are typically used in urban areas. Picocells are small cells whose coverage diameter is a few dozen metres; they are mainly used indoors. Femtocells are cells designed for use in residential or small business environments and connect to the service provider’s network via a broadband internet connection. Umbrella cells are used to cover shadowed regions of smaller cells and fill in gaps in coverage between those cells.

Cell horizontal radius varies depending on antenna height, antenna gain and propagation conditions from a couple of hundred meters to several tens of kilometres. The longest distance the GSM specification supports in practical use is 35 kilometres (22 mi). There are also several implementations of the concept of an extended cell, where the cell radius could be double or even more, depending on the antenna system, the type of terrain and the timing advance.

Indoor coverage is also supported by GSM and may be achieved by using an indoor picocell base station, or an indoor repeater with distributed indoor antennas fed through power splitters, to deliver the radio signals from an antenna outdoors to the separate indoor distributed antenna system. These are typically deployed when a lot of call capacity is needed indoors; for example, in shopping centers or airports. However, this is not a prerequisite, since indoor coverage is also provided by in-building penetration of the radio signals from any nearby cell.

The modulation used in GSM is Gaussian minimum-shift keying (GMSK), a kind of continuous-phase frequency shift keying. In GMSK, the signal to be modulated onto the carrier is first smoothed with a Gaussian low-pass filter prior to being fed to a frequency modulator, which greatly reduces the interference to neighboring channels (adjacent channel interference).

Interference with audio devices

Some audio devices are susceptible to radio frequency interference (RFI), which could be mitigated or eliminated by use of additional shielding and/or bypass capacitors in these audio devices. However, the increased cost of doing so is difficult for a designer to justify.

It is a common occurrence for a nearby GSM handset to induce a "dit, dit di-dit, dit di-dit, dit di-dit" audio output on PAs, wireless microphones, home stereo systems, televisions, computers, cordless phones, and personal music devices. When these audio devices are in the near field of the GSM handset, the radio signal is strong enough that the solid state amplifiers in the audio chain act as a detector. The clicking noise itself represents the power bursts that carry the TDMA signal. These signals have been known to interfere with other electronic devices, such as car stereos and portable audio players. This also depends on the handset's design, and its conformance to strict rules and regulations allocated by Title 47 CFR Part 15 regulations in the United States, pertaining to interference with electronic devices.

GSM frequencies

GSM networks operate in a number of different frequency ranges (separated into GSM frequency ranges for 2G and UMTS frequency bands for 3G). Most 2G GSM networks operate in the 900 MHz or 1800 MHz bands. Some countries in the Americas (including Canada and the United States) use the 850 MHz and 1900 MHz bands because the 900 and 1800 MHz frequency bands were already allocated. Most 3G GSM networks in Europe operate in the 2100 MHz frequency band.

The rarer 400 and 450 MHz frequency bands are assigned in some countries where these frequencies were previously used for first-generation systems.

GSM-900 uses 890–915 MHz to send information from the mobile station to the base station (uplink) and 935–960 MHz for the other direction (downlink), providing 125 RF channels (channel numbers 1 to 124) spaced at 200 kHz. Duplex spacing of 45 MHz is used.

In some countries the GSM-900 band has been extended to cover a larger frequency range. This 'extended GSM', E-GSM, uses 880–915 MHz (uplink) and 925–960 MHz (downlink), adding 50 channels (channel numbers 975 to 1023 and 0) to the original GSM-900 band. Time division multiplexing is used to allow eight full-rate or sixteen half-rate speech channels per radio frequency channel. There are eight radio timeslots (giving eight burst periods) grouped into what is called a TDMA frame. Half rate channels use alternate frames in the same timeslot. The channel data rate for all 8 channels is 270.833 kbit/s, and the frame duration is 4.615 ms.

The transmission power in the handset is limited to a maximum of 2 watts in GSM850/900 and 1 watt in GSM1800/1900.

Voice codecs

GSM has used a variety of voice codecs to squeeze 3.1 kHz audio into between 6.5 and 13 kbit/s. Originally, two codecs, named after the types of data channel they were allocated, were used, called Half Rate (6.5 kbit/s) and Full Rate (13 kbit/s). These used a system based upon linear predictive coding (LPC). In addition to being efficient with bitrates, these codecs also made it easier to identify more important parts of the audio, allowing the air interface layer to prioritize and better protect these parts of the signal.

GSM was further enhanced in 1997 with the Enhanced Full Rate (EFR) codec, a 12.2 kbit/s codec that uses a full rate channel. Finally, with the development of UMTS, EFR was refactored into a variable-rate codec called AMR-Narrowband, which is high quality and robust against interference when used on full rate channels, and less robust but still relatively high quality when used in good radio conditions on half-rate channels.

Network structure






The structure of a GSM network

The network behind the GSM seen by the customer is large and complicated in order to provide all of the services which are required. It is divided into a number of sections and these are each covered in separate articles.

• the Base Station Subsystem (the base stations and their controllers).

• the Network and Switching Subsystem (the part of the network most similar to a fixed network). This is sometimes also just called the core network.

• the GPRS Core Network (the optional part which allows packet based Internet connections).

• all of the elements in the system combine to produce many GSM services such as voice calls and SMS.

Subscriber Identity Module (SIM)

One of the key features of GSM is the Subscriber Identity Module, commonly known as a SIM card. The SIM is a detachable smart card containing the user's subscription information and phone book. This allows the user to retain his or her information after switching handsets. Alternatively, the user can also change operators while retaining the handset simply by changing the SIM. Some operators will block this by allowing the phone to use only a single SIM, or only a SIM issued by them; this practice is known as SIM locking, and is illegal in some countries.

In Australia, North America and Europe many operators lock the mobiles they sell. This is done because the price of the mobile phone is typically subsidised with revenue from subscriptions, and operators want to try to avoid subsidising competitor's mobiles. A subscriber can usually contact the provider to remove the lock for a fee, utilize private services to remove the lock, or make use of ample software and websites available on the Internet to unlock the handset themselves. While most web sites offer the unlocking for a fee, some do it for free. The locking applies to the handset, identified by its International Mobile Equipment Identity (IMEI) number, not to the account (which is identified by the SIM card).

In some countries such as Bangladesh, Belgium, Costa Rica, Indonesia, Malaysia, Hong Kong, Pakistan and Singapore, all phones are sold unlocked. However, in Belgium, it is unlawful for operators there to offer any form of subsidy on the phone's price. This was also the case in Finland until April 1, 2006, when selling subsidized combinations of handsets and accounts became legal (3G phones only), though operators have to unlock phones free of charge after a certain period (at most 24 months).

In New Zealand, since May 2008, it is illegal for operators to lock handsets, and any phones purchased locked in the country before that date can be unlocked for free.




GSM security

GSM was designed with a moderate level of security. The system was designed to authenticate the subscriber using a pre-shared key and challenge-response. Communications between the subscriber and the base station can be encrypted. The development of UMTS introduces an optional USIM, that uses a longer authentication key to give greater security, as well as mutually authenticating the network and the user - whereas GSM only authenticates the user to the network (and not vice versa). The security model therefore offers confidentiality and authentication, but limited authorization capabilities, and no non-repudiation. GSM uses several cryptographic algorithms for security. The A5/1 and A5/2 stream ciphers are used for ensuring over-the-air voice privacy. A5/1 was developed first and is a stronger algorithm used within Europe and the United States; A5/2 is weaker and used in other countries. Serious weaknesses have been found in both algorithms: it is possible to break A5/2 in real-time with a ciphertext-only attack, and in February 2008, Pico Computing, Inc revealed its ability and plans to commercialize FPGAs that allow A5/1 to be broken with a rainbow table attack.


Mobile phone tracking

Mobile phone tracking tracks the current position of a mobile phone even on the move. To locate the phone, it must emit at least the roaming signal to contact the next nearby antenna tower, but the process does not require an active call. GSM localisation is then done by multilateration based on the signal strength to nearby antenna masts.

Mobile positioning, i.e. location based service that discloses the actual coordinates of a mobile phone bearer, is a technology used by telecommunication companies to approximate where a mobile phone, and thereby also its user (bearer), temporarily resides. The more properly applied term locating refers to the purpose rather than a positioning process. Such service is offered as an option of the class of location-based services (LBS).

Technology

The technology of locating is based on measuring power levels and antenna patterns and uses the concept that a mobile phone always communicates wirelessly with one of the closest base stations, so if you know which base station the phone communicates with, you know that the phone is close to the respective base station.

Advanced systems determine the sector in which the mobile phone resides and roughly estimate also the distance to the base station. Further approximation can be done by interpolating signals between adjacent antenna towers. Qualified services may achieve a precision of down to 50 meters in urban areas where mobile traffic and density of antenna towers (base stations) is sufficiently high. Rural and desolate areas may see miles between base stations and therefore determine locations less precisely.

GSM localization is the use of multilateration to determine the location of GSM mobile phones, usually with the intent to locate the user .

Localization-Based Systems can be broadly divided into:

• Network based

• Handset based

• Hybrid

Network Based

Network-based techniques utilize the service provider's network infrastructure to identify the location of the handset. The advantage of network-based techniques (from mobile operator's point of view) is that they can be implemented non-intrusively, without affecting the handsets.

The accuracy of network-based techniques varies, with cell identification as the least accurate and triangulation as the most accurate. The accuracy of network-based techniques is closely dependent on the concentration of base station cells, with urban environments achieving the highest possible accuracy.

One of the key challenges of network-based techniques is the requirement to work closely with the service provider, as it entails the installation of hardware and software within the operator's infrastructure. Often, a legislative framework, such as E911, would need to be in place to compel the cooperation of the service provider as well as to safeguard the privacy of the information.

Handset Based

Handset-based technology requires the installation of client software on the handset to determine its location. This technique determines the location of the handset by computing its location by cell identification, signal strengths of the home and neighboring cells or the latitude and longitude, if the handset is equipped with a GPS module. The calculated location is then sent from the handset to a location server.

The key disadvantage of this technique (from mobile operator's point of view) is the necessity of installing software on the handset. It requires the active cooperation of the mobile subscriber as well as software that must be able to handle the different operating systems of the handsets. Typically, smart phones, such as one based on Symbian,Windows Mobile, iPhone / iPhone OS, or Android, would be able to run such software.

One proposed work-around is the installation of embedded hardware or software on the handset by the manufacturers. This avenue has not made significant headway, due to the difficulty of convincing different manufacturers to cooperate on a common mechanism and to address the cost issue. Another difficulty would be to address the issue of foreign handsets that are roaming in the network.

Well, let us find an example to demonstrate the Network based location tracking algorithm: According to global GSM structure and ETSI, the GSM service providers information flows through the control channel and the control channel is free to access. Interestingly, all the present GSM modem/mobiles (Telit, SIMCOM, HTC, Nokia etc.) are coming with some extra feature to monitor the neighbouring cells and its RSSI value. Theoretically you should get 1+6=7 cell information (1 home cell ID, 7 BCCH info+ 7 RSSI). If you know the location of 7 cells, it is possible to get a mobile phone location with very high accuracy (<100 meters).

Hybrid

Hybrid positioning systems use a combination of network-based and handset-based technologies for location determination. One example would be Assisted GPS, which uses both GPS and network information to compute the location. Hybrid-based techniques give the best accuracy of the three but inherit the limitations and challenges of network-based and handset-based technologies.

Examples of LBS technologies

• Cell Identification - The accuracy of this method can be as good as a few hundred meters in urban areas, but as poor as 35 km[4] in suburban areas and rural zones. The accuracy depends on the known range of the particular network base station serving the handset at the time of positioning.

• Enhanced Cell Identification - With this method, one can get a precision similar to Cell Identification, but for rural areas, with circular sectors of 550 meters.

• U-TDOA - Uplink-Time difference of arrival - The network determines the time difference and therefore the distance from each base station to the mobile phone.

• TOA - Time of arrival - Same as U-TDOA, but this technology uses the absolute time of arrival at a certain base station rather than the difference between two stations.

• AOA - Angle of arrival - AOA mechanism locates the mobile phone at the point where the lines along the angles from each base station intersect.

• E-OTD - E-OTD is similar to U-TDOA, but the position is estimated by the mobile phone, not by the base station. The precision of this method depends on the number of available LMUs in the networks, varying from 50 to 200 m.

• Assisted-GPS - A largely GPS-based technology, which uses an operator-maintained ground station to correct for GPS errors caused by the atmosphere/topography. Assisted-GPS positioning technology typically falls back to cell-based positioning methods when indoors or in an urban canyon environment.

• Cell and GPS Identification - The accuracy of this method add the features of Cell of origin and Assisted-GPS, being a good option when GPS signal is not good enough - for example, under a roof. Mobile applications like www.DondeEsta.com are actually using this system.

Operational purpose

In order to route calls to a phone the cell towers listen for a signal sent from the phone and negotiate which tower is best able to communicate with the phone. As the phone changes location, the antenna towers monitor the signal and the phone is roamed to an adjacent tower as appropriate.

By comparing the relative signal strength from multiple antenna towers a general location of a phone can be roughly determined. Other means is the antenna pattern that supports angular determination and phase dicrimination.

Newer phones may also allow the tracking of the phone even when turned on and not active in a telephone call-. This results from the roaming procedures that perform hand over of the phone from one base station to another.

Bearer interest

A phone's location can be uploaded to a common web site where one's "friends and family" can view one's last reported position. Newer phones may have built-in GPS receivers which could be used in a similar fashion, but with much higher accuracy.

Privacy

Locating or positioning touches upon delicate privacy issues, since it enables someone to check where a person is without the person's consent. Strict ethics and security measures are strongly recommended for services that employ positioning, and the user must give an informed, explicit consent to a service provider before the service provider can compute positioning data from the user's mobile phone.

In Europe, where most countries have a constitutional guarantee on the secrecy of correspondence, location data obtained from mobile phone networks is usually given the same protection as the communication itself. The United States however has no explicit constitutional guarantee on the privacy of telecommunications, so use of location data is limited by law.

With tolling systems, as in Germany, the locating of vehicles is equally sensitive to the constitutional guarantee on the secrecy of correspondence and thus any further use of tolling information beyond deducting the road fee is prohibited. That leads to the strange situation that even obviously criminal intent may not be interfered by such yet available technical means.

Officially, the authorities (like the police) can obtain permission to position phones in emergency cases where people (including criminals) are missing.

The FBI appears to have begun using a novel form of electronic surveillance in criminal investigations: remotely activating a mobile phone's microphone and using it to eavesdrop on nearby conversations. This works with or without locating. The technique is called a "roving bug," and was approved by top U.S. Department of Justice. A judge ruled that police use of such tracking in the USA will require a warrant showing probable cause

The Electronic Frontier Foundation is tracking some cases, including USA v. Pen Register, regarding government tracking of individuals such as pedophiles and political activists.