Escolar Documentos
Profissional Documentos
Cultura Documentos
MOBILE COMMUNICATION
EE – 737
Submitted by,
Sohel K. Baramatiwala
INDEX
1. Objective………………………………………………3
2. History………………………………………………....3
7. Summary………………………………………………12
8. Future Enhancements………………………………….12
10. References……………………………………………..13
FIGURES
Fig1. Representation of a GSM signal using TDMA and FDMA with respect to the
transmitted power.
2
Fig 4. Receiver for voice signal
1. OBJECTIVE –
In this paper I have outlined the reasons GSM started and how, the architecture that
the GSM is built on, the signaling and ciphering codes used, the Air and Abis Interface and
last but not the least future prospects and enhancements possible.
2. HISTORY –
In 1980’s the analog cellular telephone systems were growing rapidly all throughout
Europe, France and Germany. Each country defined its own protocols and frequencies to
work on. For example UK used the Total Access Communication System (TACS), USA used
the AMPS technology and Germany used the C-netz technology. None of these systems were
In 1982 the Conference of European Posts and Telegraphs (CEPT) formed a study
group called the GROUPE SPECIAL MOBILE (GSM) The main area this focused on was to
get the cellular system working throughout the world, and ISDN compatibility with the
ability to incorporate any future enhancements. In 1989 the GSM transferred the work to the
European Telecommunications Standards Institute (ETSI.) the ETS defined all the standards
used in GSM.
The GSM architecture is nothing but a network of computers. The system has to
partition available frequency and assign only that part of the frequency spectrum to any base
transreceiver station and also has to reuse the scarce frequency as often as possible.
GSM uses TDMA and FDMA together. Graphically this can be shown below –
3
Fig 1. Representation of a GSM signal using TDMA & FDMA with
GSM was originally defined for the 900 Mhz range but after some time even the 1800 Mhz
range was used for cellular technology. The 1800 MHz range has its architecture and
specifications almost same to that of the 900 Mhz GSM technology but building the Mobile
exchanges is easier and the high frequency Synergy effects add to the advantages of the 1800
Mhz range.
4
4. ARCITECTURE AND BUILDIGN BLOCKS –
• GSM Radio Network – This is concerned with the signaling of the system. Hand-
overs occur in the radio network. Each BTS is allocated a set of frequency channels.
• GSM Mobile switching Network – This network is concerned with the storage of data
• GSM Operation and Maintenance – The task carried out by it include Administration
5
Mobile System (MS) The actual cell phone that we use
Base Transceiver Station (BTS) Provides connectivity between network and
(TRAU)
Mobile Services Switching Center The BSC is connected to the MSC. The MSC
Visitor Location Resigter (VLR) This contains part of data so that the HLR is not
Equipment Identity Register (EIR) The IMEI no. is allocated by the manufacturer
6
network/s if the IMEI no is known.
GSM is digital but voice is inherently analog. So the analog signal has to be
converted and then transmitted. The coding scheme used by GSM is RPE-LTP (Rectangular
The voice signal is sampled at 8000 bits/sec and is quantized to get a 13 bit resolution
corresponding to a bit rate of 104 kbits/sec. This signal is given to a speech coder (codec)
that compresses this speech into a source-coded speech signal of 260 bit blocks at a bit rate
of 13 kbit/sec. The codec achieves a compression ratio of 1:8. The coder also has a Voice
7
activity detector (VAD) and comfort noise synthesizer. The VAD decides whether the
current speech frame contains speech or pause, this is turn is used to decide whether to turn
on or off the transmitter under the control of the Discontinuous Transmission (DTX). This
transmission takes advantage of the fact that during a phone conversation both the parties
rarely speak at the same time. Thus the DTX helps in reducing the power consumption and
prolonging battery life. The missing speech frames are replaced by synthetic background
noise generated by the comfort noise synthesize in a Silence Descriptor (SID) frame.
Suppose a loss off speech frame occurs due to noisy transmission and it cannot be corrected
by the channel coding protection mechanism then the decoder flags such frames with a bad
frame indicator (BFI) In such a case the speech frame is discarded and using a technique
called error concealment which calculates the next frame based on the previous frame.
MS Authentication algorithm’s –
These algorithms are stored in the SIM and the operator can decide which one
it prefers using.
5.1.1 A3/8 –
RAND which the MSC has received from the HLR. The A3 algorithm gets the
RAND from the MSC and the secret key Ki from the SIM as input and
generated a 32- bit output, the SRES response. The A8 has a 64 bit Kc output.
The A5 algorithm is the stream cipher used to encrypt over the air
transmissions. The stream cipher is initialized for every frame sent with the
8
session key Kc and the no. of frames being decrypted / encrypted. The same
Kc key is used throughout the call but different 22-bit frame is used.
The two main interfaces are the AIR and the ABIS interface. The figure shows the
6.1AIR INTERFACE –
The air interface is like the physical layer in the model. The signaling schemes used
9
o FREQUENCY CORRECTION CHANNEL (FCCH) –
identify a BSC.
It is the Uplink portion, accessed from the mobile stations in a cell to ask for a
It is used to inform mobile stations about incoming calls and broadcast calls.
Used for signaling between the BSS and MS when there is no active
10
This channel had to continuously transfer data because it is considered as
This is the interface between BTS & BSC. The transmission rate is 2.048 Mbps,
interference problems between BTS’s increased and QoS decreased. Thus service providers
moved to using more cells with fewer TRX’s and smaller output power (<1W.)
Layer 1 forms the D-channel – It provides the basic signaling on the Abis interface that is it
Layer 2 is the LAPD channel – Also known as the Link Access Protocol. Once a
connection has been established between the BSC and BTS, data can be transmitted as soon
as layer 2 is operable.
Layer 3 is the TRX management – This layer decides whether the incoming signal is to be
link.
7. SUMMARY –
In this paper I have tried to explain the basic working of the GSM system. Although
this paper might be missing many details of a detailed GSM explanation I believe I have
explained the philosophy behind GSM. GSM operates at 900 MHz and 1800 MHz and is
11
truly an international system which is compatible with ISDN. Together with international
roaming, SMS, Data transfer etc GSM systems are coming closer to a personal
generation mobile phones are taking over the market, the back-bone for most cellular
8. FUTURE ENHANCEMENTS –
One major problem was number compatibility, but now this problem has been solved
Another major problem is SIM card cloning which allows users to make fraudulent
calls. This can be got rid of by incorporating a more secret key in the SIM then the
Another possibility is making the whole GSM station design in software; this will
few years will make 2G obsolete. The 3G system incorporates W-CDMA in it, and
The next step is AD-HOC networks used in cellular technology. In this every MS
itself would act as a BTS. But they have a long way to go as research in this area is
You could also do in depth analysis of the signaling scheme used in GSM, including
the timing and the structure of the frames, the error correcting codes and QoS. The codecs
12
used in GSM is a vast topic and improved codecs that can utilize the available frequency
better and yet give a sharper speech output are being developed.
Study of the ciphering techniques used in detail and type of possible attacks on the
GSM system.
Study about General Packet Radio Service (GPRS) and how packet switching helps
Study about the Wireless Access Protocol which defines an architecture such that the
web pages can be viewed on a mobile device using the current GSM technology.
10. REFERENCES –
http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html
www.gsm.org
www.techmind.org
http://www.isaac.cs.berkeley.edu/isaac/gsm-faq.html
13
GSM
GLOBAL SYSTEM FOR MOBILE
COMMUNICATION
14
Debby Nahl
Dec. 10, 2004
15
GSM (Global System for Mobile Communication) is an ever changing / ever evolving
digital technology for global communication. I discovered that in order to get to the big
picture of what GSM really is I had to look into some of the history and the building blocks it
has used to get to where it is today. Innovation is the key to keeping up with the market and
with that and user demands, like any other technology there is always something bigger and
It all began in the early 1980’s when Europe began experiencing rapid growth in the
analog cellular telephone systems. Scandinavia, France, Germany and The United Kingdom
were all developing their own type of telecommunication systems. Each of these systems
were incompatible with the others in equipment and operation therefore causing concern with
the congestion and the entire market. In 1982 at the Conference of European Posts and
Telegraphs (CEPT) a group was formed to study and develop a pan-European public land
mobile system. This group was originally known as Groupe Special Mobile (GSM) – this
name later takes on the name of the project and eventually the new technology itself.
The mandate for this group was to develop a standard to be common for the countries
that created it and to provide service to the entire European continent. The criteria they were
faced with was based on a couple of different things – they wanted to correct the known
problems that the analog service was experiencing but they also wanted it to be ISDN
compatible – visions of the future. The list of some of the criteria follows:
16
- enhance privacy – remove the eavesdropping problem
- security against fraud – fraud was common with analog telephone service
Basically they wanted the best for the least amount of money possible. To achieve this goal
they decided to build their system in a digital environment, which was unexplored territory at
the time. They chose this environment in order to meet the criteria listed above and because
they felt that the advancements in the area with the new compressed algorithms and digital
signal processors supplied the tools and flexibility they needed to achieve their goals.
In the late 1980’s the GSM “project” was transferred to the European
Telecommunication Standards Institute (ETSI) and a new group SMG (Special Mobile
Group) was created. Their task was to document the functionality and interaction of every
aspect of the GSM network. The network equipment manufacturers around the world were
expressing concerns about this new spreading technology. The biggest questions were how
many systems would be built and would all of the systems be the same or would there be a
Understanding) Association. This association was overseen by the ETSI in 1987. It was
made up of work groups throughout the world specifically designed to allow interested
parties to meet and work on finding solutions to system enhancements that will fit into
existing programs of GSM operators. Their concept of a published international standard and
great that the system name was changed from Groupe Special Mobile to Global Systems for
Mobile Communications (still GSM). The first commercial service started in mid-1991 and
the first paying customers were signed up for service in 1992. There is no way to determine
17
or prove who actually signed up the first paying customer because people were given service
within hours of one another. One company, Dansk Mobile Telefone in Denmark, currently
holds the uncontested title as the first with their product Sonofon.
It didn’t take long for it to catch on and it spread rather quickly. For example one
year later (1993) there were 1.3 million subscribers worldwide. Three years after that (1996)
there were more than 25 million subscribers and by October of 1997 it had grown to more
than 55 million subscribers worldwide. In a five-year time period it had grown to service
Some of the building blocks that were used along the way include some of the older
analog technologies. For example they referenced a technology that was mainly used in
North and South America and approximately 35 other countries. This analog technology was
called Advanced Mobile Phone System (AMPS) and it operated in the 800 MHz band using
deployed in a number of other countries but it was prevalent in the UK. Another system is
the NMT (Nordic Mobile Telephone System), which is also an analog technology. NMT
operates in the 450 to 900 MHz band and was the first technology to offer international
The developers of the GSM system were the first to use digital technology, which
was considered unproven at the time. It’s now considered the 2nd generation digital
technology that was originally developed in the 900 MHz band and has been modified for the
18
There are two common types of transport mechanisms used for digital systems:
TDMA (Time Division Multiple Access) and CDMA (Code Division Multiple Access).
During my research of these technologies I found a useful example that really helps explain
the difference in these two technologies. It likened the TDMA technology to several streets
converging into one and at the intersection was a traffic cop that determined which car got to
pass on the single street – the traffic cop acting as the base station and the shared street the
radio channel. CDMA was explained by using a party environment. At this party there are
multiple groups of people having different conversations. When you join a group you are
aware that there are multiple other conversations going on in the room around you (similar to
broadcasting on the same frequency), but you are only participating in the conversation
within the group you joined (a code assigned to that particular person within the group).
These transport mechanisms are used to pass the data between the antennas at the base
The system architecture is made up of the Mobile Station (MS), Base Station System
(BSS) and the Network Subsystem (NSS). The MS has two entities: 1) the Mobile
Equipment (ME) and 2) the Subscriber (SIM). Mobile Equipment (the handsets) are
produced by many manufacturers but they must obtain approval of their handsets from the
The SIM is simply a smart card that contains the International Mobile Subscriber
Identity (IMSI). They come in two forms – large and small. The SIM card allows the user to
send and receive calls and to also receive other subscribed services. Each of these contains
encoded network identification details and are protected by a password or a PIN. These SIM
19
can be moved from handset to handset and are necessary to activate the phone because they
The Base Station Subsystem (BSS) is composed of two parts that communicate across
the standardized Abis interface allowing operation between components made by different
suppliers. These parts are the Base Transceiver Station (BTS) and the Base Station
Controller (BSC). The BTS houses the radio transceivers that define the calls. They have
antennas with several TRXs (radio transceivers) that each communicates on one frequency.
The speech and data transmissions are recoded using the special encoding used on the radio
handles radio-link protocols with the MS. Because of this the BTS is required to be rugged,
reliable, and portable. The BSC manages resources for the BTS, handles the call set up and
The Mobile Switching Center is known as the Heart of the Network and is
part of the Network Subsystem and its function is to switch speech and data connections
between Base Station Controllers, Mobile Switching Centers, GSM-networks, and other
external networks. Its three main jobs are to connect calls from sender to receiver, collect
details of the calls made and received, and supervise operation of the rest of the network
There two different types of Location Registers – Home Location Registers (HLR)
and Visitor Location Registers (VLR). The HLR contains administrative information of each
subscriber and the current location of the mobile so the MSC does not have to search to find
the handset. This is known as mobile management. The VLR contains selected
administrative information from the HLR. It authenticates the user, tracks which customers
20
have their handsets on and therefore ready to receive a call. It also periodically updates the
database with the information on which handsets are active and ready to receive calls.
mainly used for security but it is also the data storage location and functional part of the
network. The Ki is the primary element of the AUC because it is used in the encryption of
the data packets. The SIM card generates a Kc by running Ki and Rand (a random number)
through the A8 algorithm. The Kc is then passed from the SIM to the handset. The data
packet, Kc and current number of the TDMA frame is run through the A5 algorithm and
receives a numeric answer known as the SRES. The SRES is then slotted into the TDMA
frame and sent to the VLR for authentication. If the numbers match the call is connected
without sending any important information out onto the system. See Appendix A for a
There is another type of encryption that can be used called Frequency Hopping. The
encryption is done by scattering each data packet onto different channels – for example one
handsets using the IMEI and made up of three classes: 1) the White List, 2) the Black List,
and 2) the Gray List. The IMEI’s that appear on the White List are considered good and can
continue on with the process of connecting. The Black List is used to keep track of handsets
that are stolen or should not be allowed access anymore. The Gray List is used for testing
and development.
GSM has some of the basic features that were a part of the analog system but it has
also added some additional ones which gives GSM an advantage over other types of systems.
21
Some of the basic features provided by GSM are:
22
Just for the fun of it I compared these advantages to the original criteria that was set
out for GSM at the onset. In comparing the criteria with the advantages in the table below I
Criteria Advantages
The innovations in the market today include new service requirements and the
availability of new radio bands that can lead to potential new customers. There are also new
user demands that will have to be addressed in the third generation models because they
cannot be handled in the current GSM network. These user demands include seamless
Internet / Intranet access, a wider range of available services, compact, lightweight and
affordable terminals, simplified terminal operation, and open and understandable pricing
structures for the whole spectrum of available services. UMTS (Universal Mobile Telephone
System) is the next third generation system for the year 2002 and going forward into the
current year. The plan has been to deploy the new enhanced technology that is geared
toward multimedia communication in stages. The system will be further enhanced at every
23
Mobile to Mobile: Request is sent to the MSC – validated in the VLR – authenticated in the AuC – passed on
to Public Switched Telephone Network (PSTN) – PSTN validates the number – verifies it can be delivered –
connects
Land to Mobile: PSTN receives request – sends to home MSC – queries VLR – incoming call from particular
MSISDN – responds with IMSI and last known location – validates handset is on – authenticates receiving SIM
– instructs handset to ring
Mobile to Mobile on the same network: Call request – MSC validates in VLR – authentication – MSC advises
VLR incoming call with MSISDN – VLR responds with IMSI and last known location – validates handset is on
– authenticates receiving SIM – network instructs handset to ring
APPENDIX A
24
Bibliography:
Website References:
Overview of the Global System for Mobile Communication. John Scourias. 1997.
http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html
Forensics and the GSM mobile telephone system. Svein Yngvar Willassen, M.Sc,
Senior Investigator, Computer Forensics, Ibas AS. 2002.
http://www.ijde.net/03_spring_art1.html
Books:
Muratore, Flavio. UMTS Mobile Communications for the Future. New York: John
Wiley & Sons, 2001.
Lee, William C.Y. Mobile Communications Design Fundamentals. New York: Wiley
Interscience Publication, 1993.
25
Newton, Harry. Newton’s Telecom Dictionary. San Francisco: CMP Books, 2004.
Acronyms:
Kc Ciphering key
Ki Subscriber Authentication Key
26
27