“GSM”

GLOBAL SYSTEM FOR

MOBILE COMMUNICATION

EE – 737

Digital Spread Spectrum

Dr. James Stephens

May 24, 2004

Submitted by,
 Sohel K. Baramatiwala
INDEX

1. Objective………………………………………………3

2. History………………………………………………....3

3. Basics and Specifications of GSM…………………….3

4. Architecture and Building Blocks……………………..5

5. Signaling schemes and Ciphering codes used…………7

5.1 Ciphering Codes…………………………………...8

5.1.1 A3/8 Algorithm………………………….9

5.1.2 A3/1 Algorithm………………………….10

6. Two Main Interfaces…………………………………..10

6.1 Air Interface…………………………………….…10

6.2 Abis Interface……………………………………...11

7. Summary………………………………………………12

8. Future Enhancements………………………………….12

9. SUGGESTIONS FOR FURTHER STUDY…………..13

10. References……………………………………………..13

FIGURES

Fig1. Representation of a GSM signal using TDMA and FDMA with respect to the

transmitted power.

Fig 2. The Basic Blocks of the whole GSM system

Fig 3. Transmitter for the voice signal

2
Fig 4. Receiver for voice signal

1. OBJECTIVE –

In this paper I have outlined the reasons GSM started and how, the architecture that

the GSM is built on, the signaling and ciphering codes used, the Air and Abis Interface and

last but not the least future prospects and enhancements possible.

2. HISTORY –

In 1980’s the analog cellular telephone systems were growing rapidly all throughout

Europe, France and Germany. Each country defined its own protocols and frequencies to

work on. For example UK used the Total Access Communication System (TACS), USA used

the AMPS technology and Germany used the C-netz technology. None of these systems were

interoperable and also they were analog in nature.

In 1982 the Conference of European Posts and Telegraphs (CEPT) formed a study

group called the GROUPE SPECIAL MOBILE (GSM) The main area this focused on was to

get the cellular system working throughout the world, and ISDN compatibility with the

ability to incorporate any future enhancements. In 1989 the GSM transferred the work to the

European Telecommunications Standards Institute (ETSI.) the ETS defined all the standards

used in GSM.

3. BASICS OF WORKING AND SPECIFICATIONS OF GSM –

The GSM architecture is nothing but a network of computers. The system has to

partition available frequency and assign only that part of the frequency spectrum to any base

transreceiver station and also has to reuse the scarce frequency as often as possible.

GSM uses TDMA and FDMA together. Graphically this can be shown below –

3
 Fig 1. Representation of a GSM signal using TDMA & FDMA with

respect to the transmitted power.

Some of the technical specifications of GSM are listed below –

Multiple Access Method TDMA / FDMA

Uplink frequencies (MHz) 933-960 (basic GSM)
Downlink frequencies (MHz) 890-915 (basic GSM)
Duplexing FDD
Channel spacing, kHz 200
Modulation GMSK
Portable TX power, maximum / average (mW) 1000 / 125
Power control, handset and BSS Yes
Speech coding and rate (kbps) RPE-LTP / 13
Speech Channels per RF channel: 8
Channel rate (kbps) 270.833
Channel coding Rate 1/2 convolutional
Frame duration (ms) 4.615

GSM was originally defined for the 900 Mhz range but after some time even the 1800 Mhz

range was used for cellular technology. The 1800 MHz range has its architecture and

specifications almost same to that of the 900 Mhz GSM technology but building the Mobile

exchanges is easier and the high frequency Synergy effects add to the advantages of the 1800

Mhz range.

4
 4. ARCITECTURE AND BUILDIGN BLOCKS –

GSM is mainly built on 3 building blocks. (Ref Fig. 2)

• GSM Radio Network – This is concerned with the signaling of the system. Hand-

overs occur in the radio network. Each BTS is allocated a set of frequency channels.

• GSM Mobile switching Network – This network is concerned with the storage of data

required for routing and service provision.

• GSM Operation and Maintenance – The task carried out by it include Administration

and commercial operation , Security management, Network configuration, operation,

performance management and maintenance tasks.

Fig.2 The basic blocks of the whole GSM system

Explanations of some of the abbreviations used –

Public Land Mobile Network(PLMN) The whole GSM system

5
Mobile System (MS) The actual cell phone that we use
Base Transceiver Station (BTS) Provides connectivity between network and

mobile station via the Air- interface

Controls the whole subsystem.

BaseStationController(BSC)
Transcoding Rate & Adaption Unit This is instrumental in compressing the Data that

is passed on to the network, is a part of the BSS.

(TRAU)
Mobile Services Switching Center The BSC is connected to the MSC. The MSC

routes the incoming and outgoing calls and

(MSC) assigns user cannels on the A- interface.

Home Location Register (HLR) This register stores data of large no of users. It is

like a database that manages data of all the users.

Every PLMN will have atleast one HLR.

Visitor Location Resigter (VLR) This contains part of data so that the HLR is not

overloaded with inquiries. If a subscriber moves

out of VLR area the HLR requests removal of

data related to that user from the VLR.

Equipment Identity Register (EIR) The IMEI no. is allocated by the manufacturer

and is stored on the network in the EIR. A stolen

phone can be made completely useless by the

6
 network/s if the IMEI no is known.

5. SIGNALLING SCHEMES AND CIPHERING CODES USED –

GSM is digital but voice is inherently analog. So the analog signal has to be

converted and then transmitted. The coding scheme used by GSM is RPE-LTP (Rectangular

pulse Excitation – Long Term Prediction)

Fig.3 Transmitter for the voice signal

Fig.4 Receiver for the Voice signal

The voice signal is sampled at 8000 bits/sec and is quantized to get a 13 bit resolution

corresponding to a bit rate of 104 kbits/sec. This signal is given to a speech coder (codec)

that compresses this speech into a source-coded speech signal of 260 bit blocks at a bit rate

of 13 kbit/sec. The codec achieves a compression ratio of 1:8. The coder also has a Voice

7
activity detector (VAD) and comfort noise synthesizer. The VAD decides whether the

current speech frame contains speech or pause, this is turn is used to decide whether to turn

on or off the transmitter under the control of the Discontinuous Transmission (DTX). This

transmission takes advantage of the fact that during a phone conversation both the parties

rarely speak at the same time. Thus the DTX helps in reducing the power consumption and

prolonging battery life. The missing speech frames are replaced by synthetic background

noise generated by the comfort noise synthesize in a Silence Descriptor (SID) frame.

Suppose a loss off speech frame occurs due to noisy transmission and it cannot be corrected

by the channel coding protection mechanism then the decoder flags such frames with a bad

frame indicator (BFI) In such a case the speech frame is discarded and using a technique

called error concealment which calculates the next frame based on the previous frame.

5.1 CIPHERING CODES –

MS Authentication algorithm’s –

These algorithms are stored in the SIM and the operator can decide which one

it prefers using.

5.1.1 A3/8 –

The A3 generates the SRES response to the MSC’s random challenge,

RAND which the MSC has received from the HLR. The A3 algorithm gets the

RAND from the MSC and the secret key Ki from the SIM as input and

generated a 32- bit output, the SRES response. The A8 has a 64 bit Kc output.

5.1.2 A5/1 (Over the Air Voice Privacy Algorithm) –

The A5 algorithm is the stream cipher used to encrypt over the air

transmissions. The stream cipher is initialized for every frame sent with the

8
 session key Kc and the no. of frames being decrypted / encrypted. The same

Kc key is used throughout the call but different 22-bit frame is used.

6. TWO MAIN INTERFACES –

The two main interfaces are the AIR and the ABIS interface. The figure shows the

signaling between them.

AIR INTERFACE – signaling between MS and BTS

ABIS INTERFACE – signaling between BTS and BSC

Fig.5 Signaling between Air and Abis Interface

6.1AIR INTERFACE –

The air interface is like the physical layer in the model. The signaling schemes used

in the AIR interface are as follows –

• BROADCAST CONTROL CHANNE (BCCH) –

o Broadcast Control Channel (BCCH) –

This channel broadcasts a series of information elements to the MS, such as

radio channel configuration, synchronization information etc.

9
 o FREQUENCY CORRECTION CHANNEL (FCCH) –

This channel contains information about the correction in transmission

frequency broadcasted to MS.

o 0SYNCHRONIZATION CHANNEL (SCH) –

It broadcasts data for the frame synchronization of a MS and information to

identify a BSC.

• COMMON CONTROL CHANNEL (BCH) –

This is a point to multi-point signaling channel to deal with access management

functions. Consists of 3 channels –

o RANDOM ACCESS CHANNEL (RACH) –

It is the Uplink portion, accessed from the mobile stations in a cell to ask for a

dedicated signaling channel for 1 transaction.

o ACCESS GRANT CHANNEL (AGCH) –

It is the downlink portion used to assign a dedicated signaling channel.

o NOTIFICATION CHANNEL (NCH) –

It is used to inform mobile stations about incoming calls and broadcast calls.

• DEDICATED CONTROL CHANNEL (DCCH) –

It is a Bi-directional point to point signaling channel. Consists of 3 channels –

o STAND ALONE DEDICATED CONTROL CHANNEL (SDDCH) –

Used for signaling between the BSS and MS when there is no active

connection between them.

o SLOW ASSOCIATED CONTROL CHANNEL (SACCH) –

10
 This channel had to continuously transfer data because it is considered as

proof of existence of a physical radio connection.

o FAST ASSOCIATED CONTROL CHANNEL (FACCH) –

This channel is used to make additional band-width available for signaling.

6.2. ABIS INTERFACE –

This is the interface between BTS & BSC. The transmission rate is 2.048 Mbps,

portioned into 32 channels of 64 Kbps each. As commercial service was introduced

interference problems between BTS’s increased and QoS decreased. Thus service providers

moved to using more cells with fewer TRX’s and smaller output power (<1W.)

SIGNALLING on the Abis Interface –

It utilizes layer 1-3 of the OSI protocol stack.

Layer 1 forms the D-channel – It provides the basic signaling on the Abis interface that is it

helps in building a link between the BTS and BSC.

Layer 2 is the LAPD channel – Also known as the Link Access Protocol. Once a

connection has been established between the BSC and BTS, data can be transmitted as soon

as layer 2 is operable.

Layer 3 is the TRX management – This layer decides whether the incoming signal is to be

just passed or processed depending on whether it is a speech signal or a signal to establish a

link.

7. SUMMARY –

In this paper I have tried to explain the basic working of the GSM system. Although

this paper might be missing many details of a detailed GSM explanation I believe I have

explained the philosophy behind GSM. GSM operates at 900 MHz and 1800 MHz and is

11
truly an international system which is compatible with ISDN. Together with international

roaming, SMS, Data transfer etc GSM systems are coming closer to a personal

communication system, close to UMTS currently being developed in Europe. Though 3 rd

generation mobile phones are taking over the market, the back-bone for most cellular

technologies will always remain GSM.

8. FUTURE ENHANCEMENTS –

 One major problem was number compatibility, but now this problem has been solved

and this is possible.

 Another major problem is SIM card cloning which allows users to make fraudulent

calls. This can be got rid of by incorporating a more secret key in the SIM then the

currently used one which can be cracked asking a few queries.

 Another possibility is making the whole GSM station design in software; this will

make upgradation of systems really easy.

 3 GSM which seems to be taking over the market is an advancement in 2G and in a

few years will make 2G obsolete. The 3G system incorporates W-CDMA in it, and

makes multimedia and high speed internet access possible.

 The next step is AD-HOC networks used in cellular technology. In this every MS

itself would act as a BTS. But they have a long way to go as research in this area is

still going on.

9. SUGGESTIONS FOR FURTHER STUDY –

You could also do in depth analysis of the signaling scheme used in GSM, including

the timing and the structure of the frames, the error correcting codes and QoS. The codecs

12
used in GSM is a vast topic and improved codecs that can utilize the available frequency

better and yet give a sharper speech output are being developed.

Study of the ciphering techniques used in detail and type of possible attacks on the

GSM system.

Study about General Packet Radio Service (GPRS) and how packet switching helps

to reduce the complexity in networks. GPRS needs to be incorporated in the GSM

architecture. Also GPRS helps reduce misuse as is the case in GSM.

Study about the Wireless Access Protocol which defines an architecture such that the

web pages can be viewed on a mobile device using the current GSM technology.

10. REFERENCES –

 GSM networks: Terminology, protocols and implementation – Gunnar Heine

 GSM: Switching, Services And Protocols – Jorg, Vogel and Bettstetter

 GSM Technical Specification – ETSI

 http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html

 www.gsm.org

 www.techmind.org

 An Overview of GSM www.comms.eee.strath.ac.uk/~gozalvez/gsm/gsm

 http://www.isaac.cs.berkeley.edu/isaac/gsm-faq.html

13
 GSM
GLOBAL SYSTEM FOR MOBILE
COMMUNICATION

“GSM is a cooperative effort among

thousands of the best minds in the world, all
of whom share both the workload and the
benefits of each others successes.”
[Lamb 1997]

14
Debby Nahl
Dec. 10, 2004

15
 GSM (Global System for Mobile Communication) is an ever changing / ever evolving

digital technology for global communication. I discovered that in order to get to the big

picture of what GSM really is I had to look into some of the history and the building blocks it

has used to get to where it is today. Innovation is the key to keeping up with the market and

with that and user demands, like any other technology there is always something bigger and

better already being developed or waiting in the wings.

It all began in the early 1980’s when Europe began experiencing rapid growth in the

analog cellular telephone systems. Scandinavia, France, Germany and The United Kingdom

were all developing their own type of telecommunication systems. Each of these systems

were incompatible with the others in equipment and operation therefore causing concern with

the congestion and the entire market. In 1982 at the Conference of European Posts and

Telegraphs (CEPT) a group was formed to study and develop a pan-European public land

mobile system. This group was originally known as Groupe Special Mobile (GSM) – this

name later takes on the name of the project and eventually the new technology itself.

The mandate for this group was to develop a standard to be common for the countries

that created it and to provide service to the entire European continent. The criteria they were

faced with was based on a couple of different things – they wanted to correct the known

problems that the analog service was experiencing but they also wanted it to be ISDN

compatible – visions of the future. The list of some of the criteria follows:

- good subjective quality – better sound quality

- low terminal and service cost – not too costly
- support for international roaming – one system for all of Europe
- ability to support handheld terminals – all types of mobile phones
- support for range of new services and facilities – able to communicate with other
areas
- enhanced features – wanted more features such as a form of caller id
- ISDN compatability – wanted the services that were similarly offered by ISDN

16
 - enhance privacy – remove the eavesdropping problem
- security against fraud – fraud was common with analog telephone service

Basically they wanted the best for the least amount of money possible. To achieve this goal

they decided to build their system in a digital environment, which was unexplored territory at

the time. They chose this environment in order to meet the criteria listed above and because

they felt that the advancements in the area with the new compressed algorithms and digital

signal processors supplied the tools and flexibility they needed to achieve their goals.

In the late 1980’s the GSM “project” was transferred to the European

Telecommunication Standards Institute (ETSI) and a new group SMG (Special Mobile

Group) was created. Their task was to document the functionality and interaction of every

aspect of the GSM network. The network equipment manufacturers around the world were

expressing concerns about this new spreading technology. The biggest questions were how

many systems would be built and would all of the systems be the same or would there be a

custom version for every market.

These concerns led to the creation of the GSM MoU (Memorandum of

Understanding) Association. This association was overseen by the ETSI in 1987. It was

made up of work groups throughout the world specifically designed to allow interested

parties to meet and work on finding solutions to system enhancements that will fit into

existing programs of GSM operators. Their concept of a published international standard and

a constantly evolving common standard was unique to GSM.

Phase I of the specifications was published in 1990. International demand was so

great that the system name was changed from Groupe Special Mobile to Global Systems for

Mobile Communications (still GSM). The first commercial service started in mid-1991 and

the first paying customers were signed up for service in 1992. There is no way to determine

17
or prove who actually signed up the first paying customer because people were given service

within hours of one another. One company, Dansk Mobile Telefone in Denmark, currently

holds the uncontested title as the first with their product Sonofon.

It didn’t take long for it to catch on and it spread rather quickly. For example one

year later (1993) there were 1.3 million subscribers worldwide. Three years after that (1996)

there were more than 25 million subscribers and by October of 1997 it had grown to more

than 55 million subscribers worldwide. In a five-year time period it had grown to service

over 55 million subscribers.

Some of the building blocks that were used along the way include some of the older

analog technologies. For example they referenced a technology that was mainly used in

North and South America and approximately 35 other countries. This analog technology was

called Advanced Mobile Phone System (AMPS) and it operated in the 800 MHz band using

FDMA (Frequency Division Multiple Access) technology. TACS (Total Access

Communication System) is a variation of AMPS so it is also an analog system. It was

deployed in a number of other countries but it was prevalent in the UK. Another system is

the NMT (Nordic Mobile Telephone System), which is also an analog technology. NMT

operates in the 450 to 900 MHz band and was the first technology to offer international

roaming but only within the Nordic countries.

The developers of the GSM system were the first to use digital technology, which

was considered unproven at the time. It’s now considered the 2nd generation digital

technology that was originally developed in the 900 MHz band and has been modified for the

850, 1800 and 1900 MHz bands.

18
 There are two common types of transport mechanisms used for digital systems:

TDMA (Time Division Multiple Access) and CDMA (Code Division Multiple Access).

During my research of these technologies I found a useful example that really helps explain

the difference in these two technologies. It likened the TDMA technology to several streets

converging into one and at the intersection was a traffic cop that determined which car got to

pass on the single street – the traffic cop acting as the base station and the shared street the

radio channel. CDMA was explained by using a party environment. At this party there are

multiple groups of people having different conversations. When you join a group you are

aware that there are multiple other conversations going on in the room around you (similar to

broadcasting on the same frequency), but you are only participating in the conversation

within the group you joined (a code assigned to that particular person within the group).

These transport mechanisms are used to pass the data between the antennas at the base

station and the handset.

The system architecture is made up of the Mobile Station (MS), Base Station System

(BSS) and the Network Subsystem (NSS). The MS has two entities: 1) the Mobile

Equipment (ME) and 2) the Subscriber (SIM). Mobile Equipment (the handsets) are

produced by many manufacturers but they must obtain approval of their handsets from the

standardization body therefore they are somewhat standardized. Each ME is identified by an

IMEI (International Mobile Equipment Identity).

The SIM is simply a smart card that contains the International Mobile Subscriber

Identity (IMSI). They come in two forms – large and small. The SIM card allows the user to

send and receive calls and to also receive other subscribed services. Each of these contains

encoded network identification details and are protected by a password or a PIN. These SIM

19
can be moved from handset to handset and are necessary to activate the phone because they

contain key information necessary to begin service on that handset.

The Base Station Subsystem (BSS) is composed of two parts that communicate across

the standardized Abis interface allowing operation between components made by different

suppliers. These parts are the Base Transceiver Station (BTS) and the Base Station

Controller (BSC). The BTS houses the radio transceivers that define the calls. They have

antennas with several TRXs (radio transceivers) that each communicates on one frequency.

The speech and data transmissions are recoded using the special encoding used on the radio

interface to the standard 64 kbit/s encoding used in telecommunication networks. It also

handles radio-link protocols with the MS. Because of this the BTS is required to be rugged,

reliable, and portable. The BSC manages resources for the BTS, handles the call set up and

location updates. It also handles the handovers for each MS.

The Mobile Switching Center is known as the Heart of the Network and is

part of the Network Subsystem and its function is to switch speech and data connections

between Base Station Controllers, Mobile Switching Centers, GSM-networks, and other

external networks. Its three main jobs are to connect calls from sender to receiver, collect

details of the calls made and received, and supervise operation of the rest of the network

components (thus the heart of the network).

There two different types of Location Registers – Home Location Registers (HLR)

and Visitor Location Registers (VLR). The HLR contains administrative information of each

subscriber and the current location of the mobile so the MSC does not have to search to find

the handset. This is known as mobile management. The VLR contains selected

administrative information from the HLR. It authenticates the user, tracks which customers

20
have their handsets on and therefore ready to receive a call. It also periodically updates the

database with the information on which handsets are active and ready to receive calls.

The Authentication Center (AuC) is also a part of the Network subsystem. It is

mainly used for security but it is also the data storage location and functional part of the

network. The Ki is the primary element of the AUC because it is used in the encryption of

the data packets. The SIM card generates a Kc by running Ki and Rand (a random number)

through the A8 algorithm. The Kc is then passed from the SIM to the handset. The data

packet, Kc and current number of the TDMA frame is run through the A5 algorithm and

receives a numeric answer known as the SRES. The SRES is then slotted into the TDMA

frame and sent to the VLR for authentication. If the numbers match the call is connected

without sending any important information out onto the system. See Appendix A for a

diagram of a high level overview of the system.

There is another type of encryption that can be used called Frequency Hopping. The

encryption is done by scattering each data packet onto different channels – for example one

packet will be sent on channel 1 and another on channel 2, etc.

The Equipment Identity Register (EIR) is an optional database. It is used to track

handsets using the IMEI and made up of three classes: 1) the White List, 2) the Black List,

and 2) the Gray List. The IMEI’s that appear on the White List are considered good and can

continue on with the process of connecting. The Black List is used to keep track of handsets

that are stolen or should not be allowed access anymore. The Gray List is used for testing

and development.

GSM has some of the basic features that were a part of the analog system but it has

also added some additional ones which gives GSM an advantage over other types of systems.

21
Some of the basic features provided by GSM are:

o call waiting – notification of an incoming call while on the handset

o call hold – the ability to put a caller on hold and they won’t hear any of the
conversion you may be having on another line
o call barring – the ability to not accept any calls, any or only outgoing call,
any or only incoming calls, any or only roaming calls, etc.
o call forwarding – the ability to have calls made to that handset be sent to
any number defined by the user
o multi-party call conferencing – the ability to link multiple call together so
all parties can participate in the same conversation

Some of the added features provided by GSM are:

o calling line id – incoming telephone number displayed

o alternate line service – one line for personal call and one line for business
calls (allows the user to keep accurate records of how much time is used
for business and / or personal)
o closed user group – group of people that can be called from that handset
by dialing only the last four digits of the phone number (much like what is
used within businesses using extensions)
o advice of charge – ability to tally actual costs of particular phone calls
o fax & data – the Virtual Office / Professional Office – an adapter card
(type II standard PCM/CIA card) that can fit into any laptop or portable
fax machine (credit card sized computer modem)
o roaming – services and features can follow customer from market to
market

The advantages of GSM over analog services are:

o crisper, cleaner, quieter calls

o security against fraud and eavesdropping
o international roaming capability in over 100 countries
o improved battery life
o efficient network design for less expensive system expansion
o efficient use of spectrum
o advanced features such as short messaging and caller ID
o wide variety of handsets and accessories
o high stability mobile fax and data at up to 9600 baud
o each of use with over the air activation – all account information is held in
the SIM which can be moved from handset to handset

22
 Just for the fun of it I compared these advantages to the original criteria that was set

out for GSM at the onset. In comparing the criteria with the advantages in the table below I

believe they were successful in meeting the original criteria.

Criteria Advantages

good subjective quality crisper, cleaner, quieter calls

low terminal and service cost
support for international roaming
ability to support handheld terminals
support for range of new services and facilities
enhanced features
ISDN compatible
enhance privacy
security against fraud
efficient network design for less expensive System
expansion
international roaming capability in over 100 countries
wide variety of handsets and accessories
efficient use of spectrum
Enhanced features such as short messaging
high stability mobile fax and data at up to 9600 baud
security against eavesdropping
security against fraud

The innovations in the market today include new service requirements and the

availability of new radio bands that can lead to potential new customers. There are also new

user demands that will have to be addressed in the third generation models because they

cannot be handled in the current GSM network. These user demands include seamless

Internet / Intranet access, a wider range of available services, compact, lightweight and

affordable terminals, simplified terminal operation, and open and understandable pricing

structures for the whole spectrum of available services. UMTS (Universal Mobile Telephone

System) is the next third generation system for the year 2002 and going forward into the

current year. The plan has been to deploy the new enhanced technology that is geared

toward multimedia communication in stages. The system will be further enhanced at every

stage and it will also maintain backward compatibility as well.

23
Mobile to Mobile: Request is sent to the MSC – validated in the VLR – authenticated in the AuC – passed on
to Public Switched Telephone Network (PSTN) – PSTN validates the number – verifies it can be delivered –
connects

Land to Mobile: PSTN receives request – sends to home MSC – queries VLR – incoming call from particular
MSISDN – responds with IMSI and last known location – validates handset is on – authenticates receiving SIM
– instructs handset to ring

Mobile to Mobile on the same network: Call request – MSC validates in VLR – authentication – MSC advises
VLR incoming call with MSISDN – VLR responds with IMSI and last known location – validates handset is on
– authenticates receiving SIM – network instructs handset to ring

APPENDIX A

24
Bibliography:

Website References:

GSM World. 2004. http://www.gsmworld.com/technology/3g/intro.shtml

GSM World. 2004. http://www.gsmworld.com/technology/glossary.shtml

GSM World. 2004. http://www.gsmworld.com/technology/faq.shtml

GSM World. 2004. http://www.gsmworld.com/about/history/index.shtml

Protocols.com. RAD COM Academy. http://www.protocols.com/pbook/cellular.htm

Introduction to GSM. Performance Technology. 2001.

http://www.pt.com/products/gsmintro.html

Overview of the Global System for Mobile Communication. John Scourias. 1997.
http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html

Forensics and the GSM mobile telephone system. Svein Yngvar Willassen, M.Sc,
Senior Investigator, Computer Forensics, Ibas AS. 2002.
http://www.ijde.net/03_spring_art1.html

Web ProForum Tutorials. The International Engineering Consortium. 15 Jan.

http://www.iec.org

An overview of the GSM system. Sempere, Javier Gonzalez. 2002

http://www.comms.eee.strath.ac.uk/~gonzalvez/gsm/html

Books:

Muratore, Flavio. UMTS Mobile Communications for the Future. New York: John
Wiley & Sons, 2001.

Lee, William C.Y. Mobile Communications Design Fundamentals. New York: Wiley
Interscience Publication, 1993.

Eberspacher, Jory., Vogel, Hans-Jory, and Bettstetter, Christian. GSM Switching

Services and Protocols. New York: John Wiley & Sons, 2001.

Lamb, George. GSM Made Simple. Georgia: Regal Printing, 1997.

25
Newton, Harry. Newton’s Telecom Dictionary. San Francisco: CMP Books, 2004.

Acronyms:

AMPS Advanced Mobile Phone Service

AuC Authentication Center
BSC Base Station Controller
BSS Base Station Subsystem
BTS Base Transceiver Station
CDMA Code Division Multiple Access
CEPT Conference of European Posts and Telegraph
CSPDN Circuit Switched Public Data Network
EIR Equipment Identity Register
ETSI European Telecommunication Standards Institute
FDMA Frequency Division Multiple Access
GSM Groupe Speciale Mobile and Global Systems for Mobile Communications
GSM MoU GSM Memorandum of Understanding Association
HLR Home Location Register
IMEI International Mobile Station Equipment Identity
IMSI International Mobile Subscriber Identity
ISDN Integrated Services Digital Network
ME Mobile Equipment
MS Mobile Station
MSC Mobile Services Switching Center
NMT Nordic Mobile Telephone System
NSS Network Subsystem
PIN Personal Identification Number
PSPDN Packet Switched Public Data Networks
PSTN Public Switched Telephone Network
RAND Random Number
SIM Subscriber Identity Module
SMG Special Mobile Group
SRES Signed RESult
TACS Total Access Communication System
TDMA Time Division Multiple Access
VLR Visitor Location Key

A5 Algorithm Ciphering algorithm

A8 Algorithm Ciphering key computation

Kc Ciphering key
Ki Subscriber Authentication Key

26
27