Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless/Cellular Technologies Prabhaker Mateti. Mobile Communication Technology according to IEEE (examples) CEG436: Mobile Computing (PM)2 Personal.

Similar presentations

Presentation on theme: "Wireless/Cellular Technologies Prabhaker Mateti. Mobile Communication Technology according to IEEE (examples) CEG436: Mobile Computing (PM)2 Personal."— Presentation transcript:

1 Wireless/Cellular Technologies Prabhaker Mateti

2 Mobile Communication Technology according to IEEE (examples) CEG436: Mobile Computing (PM)2 Personal wireless nw WPAN Wireless distribution networks WMAN (Broadband Wireless Access) [ (Mobile Broadband Wireless Access)] e (addition to.16 for mobile devices) b/c WiFi a b802.11g h Bluetooth a/b/c/d/e/f/g ZigBee Mobility WiMAX ,.6 (WBAN)

3 Mobile Communications Schiller Chapter 3 : Media Access Motivation SDMA, FDMA, TDMA Aloha, reservation schemes Collision avoidance, MACA Polling CDMA, SAMA Comparison

4 Motivation Can we apply media access methods from fixed/wired networks? Example CSMA/CD – Carrier Sense Multiple Access with Collision Detection – send as soon as the medium is free, listen into the medium if a collision occurs (legacy method in IEEE 802.3) Problems in wireless networks – signal strength decreases proportional to the square of the distance – the sender would apply CS and CD, but the collisions happen at the receiver – it might be the case that a sender cannot “hear” the collision, i.e., CD does not work – furthermore, CS might not work if, e.g., a terminal is “hidden” 4CEG436: Mobile Computing (PM)

5 Motivation - hidden and exposed terminals Hidden terminals – A sends to B, C cannot receive A – C wants to send to B, C senses a “free” medium (CS fails) – collision at B, A cannot receive the collision (CD fails) – A is “hidden” for C Exposed terminals – B sends to A, C wants to send to another terminal (not A or B) – C has to wait, CS signals a medium in use – but A is outside the radio range of C, therefore waiting is not necessary – C is “exposed” to B BAC CEG436: Mobile Computing (PM)5

6 Motivation - near and far terminals Terminals A and B send, C receives – signal strength decreases proportional to the square of the distance – the signal of terminal B therefore drowns out A’s signal – C cannot receive A If C for example was an arbiter for sending rights, terminal B would drown out terminal A already on the physical layer Also severe problem for CDMA-networks - precise power control needed! ABC CEG436: Mobile Computing (PM)6

7 Access methods SDMA/FDMA/TDMA SDMA (Space Division Multiple Access) – segment space into sectors, use directed antennas – cell structure FDMA (Frequency Division Multiple Access) – assign a certain frequency to a transmission channel between a sender and a receiver – permanent (e.g., radio broadcast), slow hopping (e.g., GSM), fast hopping (FHSS, Frequency Hopping Spread Spectrum) TDMA (Time Division Multiple Access) – assign the fixed sending frequency to a transmission channel between a sender and a receiver for a certain amount of time The multiplexing schemes presented in chapter 2 are now used to control medium access. 7CEG436: Mobile Computing (PM)

8 MACA variant: DFWMAC in IEEE idle wait for the right to send wait for ACK senderreceiver packet ready to send; RTS time-out; RTS CTS; data ACK RxBusy idle wait for data RTS; RxBusy RTS; CTS data; ACK time-out  data; NAK ACK: positive acknowledgement NAK: negative acknowledgement RxBusy: receiver busy time-out  NAK; RTS CEG436: Mobile Computing (PM)8

9 Polling mechanisms If one terminal can be heard by all others, this “central” terminal (a.k.a. base station) can poll all other terminals according to a certain scheme – now all schemes known from fixed networks can be used (typical mainframe - terminal scenario) Example: Randomly Addressed Polling – base station signals readiness to all mobile terminals – terminals ready to send can now transmit a random number without collision with the help of CDMA or FDMA (the random number can be seen as dynamic address) – the base station now chooses one address for polling from the list of all random numbers (collision if two terminals choose the same address) – the base station acknowledges correct packets and continues polling the next terminal – this cycle starts again after polling all terminals of the list CEG436: Mobile Computing (PM)9

10 Access method CDMA CDMA (Code Division Multiple Access) – all terminals send on the same frequency probably at the same time and can use the whole bandwidth of the transmission channel – each sender has a unique random number, the sender XORs the signal with this random number – the receiver can “tune” into this signal if it knows the pseudo random number, tuning is done via a correlation function Disadvantages: – higher complexity of a receiver (receiver cannot just listen into the medium and start receiving if there is a signal) – all signals should have the same strength at a receiver Advantages: – all terminals can use the same frequency, no planning needed – huge code space (e.g. 232) compared to frequency space – interferences (e.g. white noise) is not coded – forward error correction and encryption can be easily integrated 10CEG436: Mobile Computing (PM)


12 GSM, DECT, TETRA, UMTS, LTE Schiller Chapter 4: Wireless Telecommunication Systems

13 How does it work? How can the system locate a user? Why don’t all phones ring at the same time? What happens if two users talk simultaneously? Why don’t I get the bill from my neighbor? Why can an Australian use her phone in Berlin? Why can’t I simply overhear the neighbor’s communication? How secure is the mobile phone system? What are the key components of the mobile phone network? CEG436: Mobile Computing (PM)13

14 GSM: Overview GSM – Global System for Mobile Communication formerly: Groupe Spéciale Mobile (founded 1982) – Pan-European standard (ETSI, European Telecommunications Standardization Institute) GSM all over the world – 219 countries in Asia, Africa, Europe, Australia, America USA: T-mobile, AT&T, Cinci Bell, … – > 4.2 billion subscribers in >700 networks – > 75% of all digital mobile phones – CEG436: Mobile Computing (PM)14

15 Performance characteristics of GSM Communication – mobile, wireless communication; support for voice and data services Total mobility – international access, chip-card enables use of access points of different providers Worldwide connectivity – one number, the network handles localization High capacity – better frequency efficiency, smaller cells, more customers per cell High transmission quality – high audio quality and reliability for wireless, uninterrupted phone calls at higher speeds (e.g., from cars, trains) Security functions – access control, authentication via chip-card and PIN 15CEG436: Mobile Computing (PM)

16 Disadvantages of GSM no end-to-end encryption of user data roaming profiles accessible high complexity of the system several incompatibilities within the GSM standards CEG436: Mobile Computing (PM)16

17 GSM: Mobile Services Bearer Services Telematic Services Supplementary Services GSM-PLMN transit network (PSTN, ISDN) source/ destination network TE bearer services tele services R, S(U, S, R)UmUm MT MS CEG436: Mobile Computing (PM)17

18 Bearer Services Telecommunication services to transfer data between access points Specification of services up to the terminal interface (OSI layers 1-3) Different data rates for voice and data (original standard) – data service (circuit switched) synchronous: 2.4, 4.8 or 9.6 kbit/s asynchronous: bit/s – data service (packet switched) synchronous: 2.4, 4.8 or 9.6 kbit/s asynchronous: bit/s Today: data rates of approx. 50 kbit/s possible – even more with new modulation CEG436: Mobile Computing (PM)18

19 Telecommunication Services I mobile telephony offering the traditional bandwidth of 3.1 kHz Emergency number common number throughout Europe (112); mandatory for all service providers; free of charge; connection with the highest priority (preemption of other connections possible) Multinumbering several ISDN phone numbers per user possible CEG436: Mobile Computing (PM)19

20 Tele Services II: Non-Voice-Teleservices group 3 fax voice mailbox (implemented in the fixed network supporting the mobile terminals) electronic mail (MHS, Message Handling System, implemented in the fixed network)... Short Message Service (SMS) alphanumeric data transmission to/from the mobile terminal (160 characters) using the signaling channel, thus allowing simultaneous use of basic services and SMS (almost ignored in the beginning now the most successful add-on!) CEG436: Mobile Computing (PM)20

21 Supplementary services Services in addition to the basic services, cannot be offered stand-alone Similar to ISDN services besides lower bandwidth due to the radio link May differ between different service providers, countries and protocol versions Important services – identification: forwarding of caller number – suppression of number forwarding – automatic call-back – conferencing with up to 7 participants – locking of the mobile terminal (incoming or outgoing calls) –... CEG436: Mobile Computing (PM)21

22 Architecture of the GSM system GSM is a PLMN (Public Land Mobile Network) – several providers setup mobile networks following the GSM standard within each country – components MS (mobile station) BS (base station) MSC (mobile switching center) LR (location register) – subsystems RSS (radio subsystem): covers all radio aspects NSS (network and switching subsystem): call forwarding, handover, switching OSS (operation subsystem): management of the network CEG436: Mobile Computing (PM)22

23 GSM: overview fixed network BSC MSC GMSC OMC, EIR, AUC VLR HLR NSS with OSS RSS VLR CEG436: Mobile Computing (PM)23

24 segmentation of the area into cells use of several carrier frequencies not the same frequency in adjoining cells cell sizes vary from some 100 m up to 35 km depending on user density, geography, transceiver power etc. hexagonal shape of cells is idealized (cells overlap, shapes depend on geography) if a mobile user changes cells handover of the connection to the neighbor cell possible radio coverage of the cell idealized shape of the cell cell

25 GSM: system architecture UmUm A bis A BSS radio subsystem MS BTS BSC BTS BSC BTS network and switching subsystem MSC fixed partner networks IWF ISDN PSTN PSPDN CSPDN SS7 EIR HLR VLR ISDN PSTN CEG436: Mobile Computing (PM)25

26 Radio subsystem Components – MS (Mobile Station) – BSS (Base Station Subsystem): consisting of BTS (Base Transceiver Station): sender and receiver BSC (Base Station Controller): controlling several transceivers Interfaces – U m : radio interface – A bis : standardized, open interface with 16 kbit/s user channels – A: standardized, open interface with 64 kbit/s user channels UmUm A bis A BSS radio subsystem network and switching subsystem MS BTS BSC MSC BTS BSC BTS MSC CEG436: Mobile Computing (PM)26

27 Network and switching subsystem Components MSC (Mobile Services Switching Center): IWF (Interworking Functions) ISDN (Integrated Services Digital Network) PSTN (Public Switched Telephone Network) PSPDN (Packet Switched Public Data Net.) CSPDN (Circuit Switched Public Data Net.) Databases HLR (Home Location Register) VLR (Visitor Location Register) EIR (Equipment Identity Register) CEG436: Mobile Computing (PM)27 network subsystem fixed partner networks MSC IWF ISDN PSTN PSPDN CSPDN SS7 EIR HLR VLR ISDN PSTN

28 GSM frequency bands (examples) TypeChannelsUplink [MHz]Downlink [MHz] GSM GSM 900 classical extended 0-124, channels +49 channels GSM GSM GSM-R exclusive , channels CEG436: Mobile Computing (PM)28

29 Mobile station Terminal for the use of GSM services A mobile station (MS) comprises several functional groups – MT (Mobile Terminal): offers common functions used by all services the MS offers corresponds to the network termination (NT) of an ISDN access end-point of the radio interface (Um) – TA (Terminal Adapter): terminal adaptation, hides radio specific characteristics – TE (Terminal Equipment): peripheral device of the MS, offers services to a user does not contain GSM specific functions – SIM (Subscriber Identity Module): personalization of the mobile terminal, stores user parameters RS UmUm TETAMT CEG436: Mobile Computing (PM)29

30 Network and switching subsystem NSS is the main component of the public mobile network GSM – switching, mobility management, interconnection to other networks, system control Components – Mobile Services Switching Center (MSC) controls all connections via a separated network to/from a mobile terminal within the domain of the MSC - several BSC can belong to a MSC – Databases (important: scalability, high capacity, low delay) Home Location Register (HLR) central master database containing user data, permanent and semi- permanent data of all subscribers assigned to the HLR (one provider can have several HLRs) Visitor Location Register (VLR) local database for a subset of user data, including data about all user currently in the domain of the VLR CEG436: Mobile Computing (PM)30

31 Mobile Services Switching Center The MSC (mobile services switching center) plays a central role in GSM – switching functions – additional functions for mobility support – management of network resources – interworking functions via Gateway MSC (GMSC) – integration of several databases Functions of a MSC – specific functions for paging and call forwarding – termination of SS7 (signaling system no. 7) – mobility specific signaling – location registration and forwarding of location information – provision of new services (fax, data calls) – support of short message service (SMS) – generation and forwarding of accounting and billing information CEG436: Mobile Computing (PM)31

32 Operation subsystem The OSS (Operation Subsystem) enables centralized operation, management, and maintenance of all GSM subsystems Components – Authentication Center (AUC) generates user specific authentication parameters on request of a VLR authentication parameters used for authentication of mobile terminals and encryption of user data on the air interface within the GSM system – Equipment Identity Register (EIR) registers GSM mobile stations and user rights stolen or malfunctioning mobile stations can be locked and sometimes even localized – Operation and Maintenance Center (OMC) different control capabilities for the radio subsystem and the network subsystem CEG436: Mobile Computing (PM)32

33 GSM - TDMA/FDMA higher GSM frame structures MHz 124 channels (200 kHz) downlink MHz 124 channels (200 kHz) uplink frequency time GSM TDMA frame GSM time-slot (normal burst) ms µs 577 µs tailuser dataTrainingS guard space Suser datatail guard space 3 bits57 bits26 bits 57 bits1 13 CEG436: Mobile Computing (PM)33

34 GSM hierarchy of frames hyperframe superframe multiframe frame burst slot 577 µs ms 120 ms ms 6.12 s 3 h 28 min s CEG436: Mobile Computing (PM)34

35 GSM protocol layers for signaling CM MM RR MM LAPD m radio LAPD m radio LAPD PCM RR’ BTSM CM LAPD PCM RR’ BTSM 16/64 kbit/s UmUm A bis A SS7 PCM SS7 PCM 64 kbit/s / Mbit/s MS BTSBSCMSC BSSAP CEG436: Mobile Computing (PM)35

36 Mobile Terminated Call 1: calling a GSM subscriber 2: forwarding call to GMSC 3: signal call setup to HLR 4, 5: request MSRN from VLR 6: forward responsible MSC to GMSC 7: forward call to current MSC 8, 9: get current status of MS 10, 11: paging of MS 12, 13: MS answers 14, 15: security checks 16, 17: set up connection PSTN calling station GMSC HLR VLR BSS MSC MS CEG436: Mobile Computing (PM)36

37 Mobile Originated Call 1, 2: connection request 3, 4: security check 5-8: check resources (free circuit) 9-10: set up call PSTN GMSC VLR BSS MSC MS

38 Mobile Terminated/Originated Call BTSMS paging request channel request immediate assignment paging response authentication request authentication response ciphering command ciphering complete setup call confirmed assignment command assignment complete alerting connect connect acknowledge data/speech exchange BTSMS channel request immediate assignment service request authentication request authentication response ciphering command ciphering complete setup call confirmed assignment command assignment complete alerting connect connect acknowledge data/speech exchange MTCMOC CEG436: Mobile Computing (PM)38

39 4 types of handover MSC BSC BTS MS CEG436: Mobile Computing (PM)39

40 Handover decision receive level BTS old receive level BTS old MS HO_MARGIN BTS old BTS new CEG436: Mobile Computing (PM)40

41 Handover procedure HO access BTS old BSC new measurement result BSC old Link establishment MSC MS measurement report HO decision HO required BTS new HO request resource allocation ch. activation ch. activation ack HO request ack HO command HO complete clear command clear complete CEG436: Mobile Computing (PM)41

42 DECT DECT (Digital European Cordless Telephone) standardized by ETSI (ETS x) for cordless telephones standard describes air interface between base-station and mobile phone DECT has been renamed for international marketing reasons into „Digital Enhanced Cordless Telecommunication“ Characteristics – frequency: MHz – channels: 120 full duplex – duplex mechanism: TDD (Time Division Duplex) with 10 ms frame length – multplexing scheme: FDMA with 10 carrier frequencies, TDMA with 2x 12 slots – modulation: digital, Gaußian Minimum Shift Key (GMSK) – power: 10 mW average (max. 250 mW) – range: approx. 50 m in buildings, 300 m open space CEG436: Mobile Computing (PM)42

43 DECT system architecture reference model global network local network local network FT PTPA PTPA VDB HDB D1D1 D2D2 D3D3 D4D4 CEG436: Mobile Computing (PM)43

44 physical layer medium access control data link control data link control network layer OSI layer 1 OSI layer 2 OSI layer 3 U-PlaneC-Plane signaling, interworking application processes DECT reference model close to the OSI reference model management plane over all layers several services in C(ontrol)- and U(ser)-plane management CEG436: Mobile Computing (PM)44

45 DECT layers I Physical layer – modulation/demodulation – generation of the physical channel structure with a guaranteed throughput – controlling of radio transmission channel assignment on request of the MAC layer detection of incoming signals sender/receiver synchronization collecting status information for the management plane MAC layer – maintaining basic services, activating/deactivating physical channels – multiplexing of logical channels e.g., C: signaling, I: user data, P: paging, Q: broadcast – segmentation/reassembly – error control/error correction CEG436: Mobile Computing (PM)45

46 DECT layers II Data link control layer – creation and keeping up reliable connections between the mobile terminal and basestation – two DLC protocols for the control plane (C-Plane) connectionless broadcast service: paging functionality Lc+LAPC protocol: in-call signaling (similar to LAPD within ISDN), adapted to the underlying MAC service – several services specified for the user plane (U-Plane) null-service: offers unmodified MAC services frame relay: simple packet transmission frame switching: time-bounded packet transmission error correcting transmission: uses FEC, for delay critical, time- bounded services bandwidth adaptive transmission “Escape” service: for further enhancements of the standard CEG436: Mobile Computing (PM)46

47 DECT layers III Network layer – similar to ISDN (Q.931) and GSM (04.08) – offers services to request, check, reserve, control, and release resources at the basestation and mobile terminal – resources necessary for a wireless connection necessary for the connection of the DECT system to the fixed network – main tasks call control: setup, release, negotiation, control call independent services: call forwarding, accounting, call redirecting mobility management: identity management, authentication, management of the location register CEG436: Mobile Computing (PM)47

48 Enhancements of the standard Several „DECT Application Profiles“ in addition to the DECT specification – GAP (Generic Access Profile) standardized by ETSI in 1997 assures interoperability between DECT equipment of different manufacturers (minimal requirements for voice communication) enhanced management capabilities through the fixed network: Cordless Terminal Mobility (CTM) – DECT/GSM Interworking Profile (GIP): connection to GSM – ISDN Interworking Profiles (IAP, IIP): connection to ISDN – Radio Local Loop Access Profile (RAP): public telephone service – CTM Access Profile (CAP): support for user mobility DECT basestation GAP DECT Common Air Interface DECT Portable Part fixed network CEG436: Mobile Computing (PM)48

49 UMTS and IMT-2000 Proposals for IMT-2000 (International Mobile Telecommunications) – UWC-136, cdma2000, WP-CDMA – UMTS (Universal Mobile Telecommunications System) from ETSI UMTS – UTRA (was: UMTS, now: Universal Terrestrial Radio Access) – enhancements of GSM EDGE (Enhanced Data rates for GSM Evolution): GSM up to 384 kbit/s CAMEL (Customized Application for Mobile Enhanced Logic) VHE (virtual Home Environment) – fits into GMM (Global Multimedia Mobility) initiative from ETSI – requirements min. 144 kbit/s rural (goal: 384 kbit/s) min. 384 kbit/s suburban (goal: 512 kbit/s) up to 2 Mbit/s urban CEG436: Mobile Computing (PM)49

50 IMT-2000 family IMT-DS (Direct Spread) UTRA FDD (W-CDMA) 3GPP IMT-TC (Time Code) UTRA TDD (TD-CDMA); TD-SCDMA 3GPP IMT-MC (Multi Carrier) cdma2000 3GPP2 IMT-SC (Single Carrier) UWC-136 (EDGE) UWCC/3GPP IMT-FT (Freq. Time) DECT ETSI GSM (MAP) ANSI-41 (IS-634) IP-Network IMT-2000 Core Network ITU-T IMT-2000 Radio Access ITU-R Interface for Internetworking Flexible assignment of Core Network and Radio Access Initial UMTS (R99 w/ FDD) CEG436: Mobile Computing (PM)50

51 UMTS protocol stacks (user plane) apps. & protocols MAC radio MAC radio RLC SAR UuUu I u CS UE UTRAN3G MSC RLC AAL2 ATM AAL2 ATM SAR apps. & protocols MAC radio MAC radio PDCP GTP UuUu I u PSUEUTRAN3G SGSN RLC AAL5 ATM AAL5 ATM UDP/IP PDCP RLCUDP/IP GnGn GTP L2 L1 UDP/IP L2 L1 GTP 3G GGSN IP, PPP, … IP, PPP, … IP tunnel Circuit switched Packet switched CEG436: Mobile Computing (PM)51

52 Support of mobility: macro diversity Multicasting of data via several physical channels – Enables soft handover – FDD mode only Uplink – simultaneous reception of UE data at several Node Bs – Reconstruction of data at Node B, SRNC or DRNC Downlink – Simultaneous transmission of data via different cells – Different spreading codes in different cells CNNode BRNC Node B UE CEG436: Mobile Computing (PM)52

53 Support of mobility: handover From and to other systems (e.g., UMTS to GSM) – This is a must as UMTS coverage will be poor in the beginning RNS controlling the connection is called SRNS (Serving RNS) RNS offering additional resources (e.g., for soft handover) is called Drift RNS (DRNS) End-to-end connections between UE and CN only via I u at the SRNS – Change of SRNS requires change of I u – Initiated by the SRNS – Controlled by the RNC and CN SRNC UE DRNC I ur CN IuIu Node B I ub Node B I ub CEG436: Mobile Computing (PM)53

54 Example handover types in UMTS/GSM RNC 1 UE 1 RNC 2 I ur 3G MSC 1 IuIu Node B 1 I ub Node B 2 Node B 3 3G MSC 2 BSCBTS 2G MSC 3 A A bis UE 2 UE 3 UE 4 CEG436: Mobile Computing (PM)54

55 Breathing Cells GSM – Mobile device gets exclusive signal from the base station – Number of devices in a cell does not influence cell size UMTS – Cell size is closely correlated to the cell capacity – Signal-to-nose ratio determines cell capacity – Noise is generated by interference from other cells other users of the same cell – Interference increases noise level – Devices at the edge of a cell cannot further increase their output power (max. power limit) and thus drop out of the cell  no more communication possible – Limitation of the max. number of users within a cell required – Cell breathing complicates network planning CEG436: Mobile Computing (PM)55

56 Breathing Cells: Example CEG436: Mobile Computing (PM)56

57 Long Term Evolution (LTE) Initiated in 2004 by NTT DoCoMo, focus on enhancing the Universal Terrestrial Radio Access (UTRA) and optimizing 3GPP’s radio access architecture Targets: Downlink 100 Mbit/s, uplink 50 Mbit/s, RTT<10ms 2007: E UTRA progressed from the feasibility study stage to the first issue of approved Technical Specifications 2008: stable for commercial implementation 2009: first public LTE service available (Stockholm and Oslo) 2010: LTE starts in Germany LTE is not 4G – sometimes called 3.9G – Does not fulfill all requirements for IMT advanced CEG436: Mobile Computing (PM)57

58 Key LTE features Simplified network architecture compared to GSM/UMTS – Flat IP-based network replacing the GPRS core, optimized for the IP- Multimedia Subsystem (IMS), no more circuit switching Network should be in parts self-organizing Scheme for soft frequency reuse between cells – Inner part uses all subbands with less power – Outer part uses pre-served subbands with higher power Much higher data throughput supported by multiple antennas Much higher flexibility in terms of spectrum, bandwidth, data rates Much lower RTT – good for interactive traffic and gaming Smooth transition from W-CDMA/HSPA, TD-SCDMA and cdma2000 1x EV- DO – but completely different radio! Large step towards 4G – IMT advanced See for all specs, tables, figures etc.! CEG436: Mobile Computing (PM)58

59 High flexibility E-UTRA (Evolved Universal Terrestrial Radio Access) – Operating bands MHz – Channel bandwidth 1.4, 3, 5, 10, 15, or 20 MHz – TDD and FDD Modulation – QPSK, 16QAM, 64QAM Multiple Access – OFDMA (DL), SC-FDMA (UL) Peak data rates – 300 Mbit/s DL – 75 Mbit/s UL – Depends on UE category Cell radius – From <1km to 100km CEG436: Mobile Computing (PM)59

60 LTE frame structure Radio frame (10 ms) Subframe (1 ms) FDD UL DL TDD... Synchronization is part of subframe 0 and 5 UL/DL Downlink Pilot Time Slot (data plus pilot signal) Guard Period Uplink Pilot Time Slot (random access plus pilot signal) CEG436: Mobile Computing (PM)60

61 LTE architecture S-GW UE 2 eNode B UE 1 E-UTRAN EPC (Evolved Packet Core) X2-U/-C S1-U MME S1-MME Mobility Management EntityServing Gateway Packet-data network GatewayHome Subscriber Server Policy and Charging Rules Function S11 MME S10 P-GW S5 S8 (roaming) Internet, Operators… UuUu UuUu PCRF HSS SGi S6 S7 Rx+ GPRS S3 S4 CEG436: Mobile Computing (PM)61

62 LTE advanced GSM – UMTS - LTE – LTE advanced as candidate for IMT-advanced Worldwide functionality & roaming Compatibility of services Interworking with other radio access systems Enhanced peak data rates to support advanced services and applications (100 Mbit/s for high and 1 Gbit/s for low mobility) 3GPP will be contributing to the ITU-R towards the development of IMT-Advanced via its proposal for LTE-Advanced. Relay Nodes to increase coverage 100 MHz bandwidth (5x LTE with 20 MHz) CEG436: Mobile Computing (PM)62

63 Wireless IEEE Schiller Chapter 7: Wireless LANs

64 Characteristics of wireless LANs Advantages – very flexible within the reception area – Ad-hoc networks without previous planning possible – (almost) no wiring difficulties (e.g. historic buildings, firewalls) – more robust against disasters like, e.g., earthquakes, fire - or users pulling a plug... Disadvantages – typically very low bandwidth compared to wired networks (1-10 Mbit/s) due to shared medium – many proprietary solutions, especially for higher bit-rates, standards take their time (e.g. IEEE n) – products have to follow many national restrictions if working wireless, it takes a vary long time to establish global solutions like, e.g., IMT-2000 CEG436: Mobile Computing (PM)64

65 Design goals for wireless LANs global, seamless operation low power for battery use no special permissions or licenses needed to use the LAN robust transmission technology simplified spontaneous cooperation at meetings easy to use for everyone, simple management protection of investment in wired networks security (no one should be able to read my data), privacy (no one should be able to collect user profiles), safety (low radiation) transparency concerning applications and higher layer protocols, but also location awareness if necessary … CEG436: Mobile Computing (PM)65

66 Comparison: infrared vs. radio transmission Infrared – uses IR diodes, diffuse light, multiple reflections (walls, furniture etc.) Advantages – simple, cheap, available in many mobile devices – no licenses needed – simple shielding possible Disadvantages – interference by sunlight, heat sources etc. – many things shield or absorb IR light – low bandwidth Example – IrDA (Infrared Data Association) interface available everywhere Radio – typically using the license free ISM band at 2.4 GHz Advantages – experience from wireless WAN and mobile phones can be used – coverage of larger areas possible (radio can penetrate walls, furniture etc.) Disadvantages – very limited license free frequency bands – shielding more difficult, interference with other electrical devices Example – Many different products CEG436: Mobile Computing (PM)66

67 Comparison: infrastructure vs. ad-hoc networks infrastructure network ad-hoc network AP wired network AP: Access Point CEG436: Mobile Computing (PM)67

68 Architecture of an infrastructure network Station (STA) – terminal with access mechanisms to the wireless medium and radio contact to the access point Basic Service Set (BSS) – group of stations using the same radio frequency Access Point – station integrated into the wireless LAN and the distribution system Portal – bridge to other (wired) networks Distribution System – interconnection network to form one logical network (EES: Extended Service Set) based on several BSS Distribution System Portal 802.x LAN Access Point LAN BSS LAN BSS 1 Access Point STA 1 STA 2 STA 3 ESS

69 Architecture of an ad-hoc network Direct communication within a limited range – Station (STA): terminal with access mechanisms to the wireless medium – Independent Basic Service Set (IBSS): group of stations using the same radio frequency LAN IBSS LAN IBSS 1 STA 1 STA 4 STA 5 STA 2 STA 3

70 IEEE standard mobile terminal access point fixed terminal application TCP PHY MAC IP MAC PHY application TCP PHY MAC IP MAC PHY LLC infrastructure network LLC CEG436: Mobile Computing (PM)70

71 Layers and functions PLCP Physical Layer Convergence Protocol – clear channel assessment signal (carrier sense) PMD Physical Medium Dependent – modulation, coding PHY Management – channel selection, MIB Station Management – coordination of all management functions PMD PLCP MAC LLC MAC Management PHY Management MAC – access mechanisms, fragmentation, encryption MAC Management – synchronization, roaming, MIB, power management PHY DLC Station Management CEG436: Mobile Computing (PM)71

72 Physical layer (legacy) 3 versions: 2 radio (typ. 2.4 GHz), 1 IR – data rates 1 or 2 Mbit/s FHSS (Frequency Hopping Spread Spectrum) – spreading, despreading, signal strength, typ. 1 Mbit/s – min. 2.5 frequency hops/s (USA), two-level GFSK modulation DSSS (Direct Sequence Spread Spectrum) – DBPSK modulation for 1 Mbit/s (Differential Binary Phase Shift Keying), DQPSK for 2 Mbit/s (Differential Quadrature PSK) – preamble and header of a frame is always transmitted with 1 Mbit/s, rest of transmission 1 or 2 Mbit/s – chipping sequence: +1, -1, +1, +1, -1, +1, +1, +1, -1, -1, -1 (Barker code) – max. radiated power 1 W (USA), 100 mW (EU), min. 1mW Infrared – nm, diffuse light, typ. 10 m range – carrier detection, energy detection, synchronization CEG436: Mobile Computing (PM)72

73 FHSS PHY packet format (legacy) Synchronization – synch with pattern SFD (Start Frame Delimiter) – start pattern PLW (PLCP_PDU Length Word) – length of payload incl. 32 bit CRC of payload, PLW < 4096 PSF (PLCP Signaling Field) – data of payload (1 or 2 Mbit/s) HEC (Header Error Check) – CRC with x 16 +x 12 +x 5 +1 synchronizationSFDPLWPSFHECpayload PLCP preamblePLCP header variable bits CEG436: Mobile Computing (PM)73

74 MAC layer I - DFWMAC Traffic services – Asynchronous Data Service (mandatory) exchange of data packets based on “best-effort” support of broadcast and multicast – Time-Bounded Service (optional) implemented using PCF (Point Coordination Function) Access methods – DFWMAC-DCF CSMA/CA (mandatory) collision avoidance via randomized „back-off“ mechanism minimum distance between consecutive packets ACK packet for acknowledgements (not for broadcasts) – DFWMAC-DCF w/ RTS/CTS (optional) Distributed Foundation Wireless MAC avoids hidden terminal problem – DFWMAC- PCF (optional) access point polls terminals according to a list CEG436: Mobile Computing (PM)74

75 MAC layer II Priorities – defined through different inter frame spaces – no guaranteed, hard priorities – SIFS (Short Inter Frame Spacing) highest priority, for ACK, CTS, polling response – PIFS (PCF IFS) medium priority, for time-bounded service using PCF – DIFS (DCF, Distributed Coordination Function IFS) lowest priority, for asynchronous data service t medium busy SIFS PIFS DIFS next framecontention direct access if medium is free  DIFS CEG436: Mobile Computing (PM)75

76 t medium busy DIFS next frame contention window (randomized back-off mechanism) CSMA/CA access method I station ready to send starts sensing the medium (Carrier Sense based on CCA, Clear Channel Assessment) if the medium is free for the duration of an Inter-Frame Space (IFS), the station can start sending (IFS depends on service type) if the medium is busy, the station has to wait for a free IFS, then the station must additionally wait a random back-off time (collision avoidance, multiple of slot-time) if another station occupies the medium during the back-off time of the station, the back-off timer stops (fairness) slot time (20µs) direct access if medium is free  DIFS CEG436: Mobile Computing (PM)76

77 Special Frames: ACK, RTS, CTS Acknowledgement Request To Send Clear To Send Frame Control Duration Receiver Address Transmitter Address CRC bytes Frame Control Duration Receiver Address CRC bytes Frame Control Duration Receiver Address CRC bytes ACK RTS CTS CEG436: Mobile Computing (PM)77

78 MAC management Synchronization – try to find a LAN, try to stay within a LAN – timer etc. Power management – sleep-mode without missing a message – periodic sleep, frame buffering, traffic measurements Association/Reassociation – integration into a LAN – roaming, i.e. change networks by changing access points – scanning, i.e. active search for a network MIB - Management Information Base – managing, read, write CEG436: Mobile Computing (PM)78

79 Synchronization using a Beacon (infrastructure) beacon interval (20ms – 1s) t medium access point busy B BBB value of the timestamp B beacon frame CEG436: Mobile Computing (PM)79

80 Synchronization using a Beacon (ad- hoc) t medium station 1 busy B1B1 beacon interval busy B1B1 value of the timestamp B beacon frame station 2 B2B2 B2B2 random delay CEG436: Mobile Computing (PM)80

81 Power management Idea: switch the transceiver off if not needed States of a station: sleep and awake Timing Synchronization Function (TSF) – stations wake up at the same time Infrastructure – Traffic Indication Map (TIM) list of unicast receivers transmitted by AP – Delivery Traffic Indication Map (DTIM) list of broadcast/multicast receivers transmitted by AP Ad-hoc – Ad-hoc Traffic Indication Map (ATIM) announcement of receivers by stations buffering frames more complicated - no central AP collision of ATIMs possible (scalability?) APSD (Automatic Power Save Delivery) – new method in e replacing above schemes CEG436: Mobile Computing (PM)81

82 Power saving with wake-up patterns (infrastructure) TIM interval t medium access point busy D TTD T TIM D DTIM DTIM interval BB B broadcast/multicast station awake p PS poll p d d d data transmission to/from the station CEG436: Mobile Computing (PM)82

83 Power saving with wake-up patterns (ad-hoc) awake A transmit ATIM D transmit data t station 1 B1B1 B1B1 B beacon frame station 2 B2B2 B2B2 random delay A a D d ATIM window beacon interval a acknowledge ATIM d acknowledge data CEG436: Mobile Computing (PM)83

84 Roaming No or bad connection? Then perform: Scanning – scan the environment, i.e., listen into the medium for beacon signals or send probes into the medium and wait for an answer Reassociation Request – station sends a request to one or several AP(s) Reassociation Response – success: AP has answered, station can now participate – failure: continue scanning AP accepts Reassociation Request – signal the new station to the distribution system – the distribution system updates its data base (i.e., location information) – typically, the distribution system now informs the old AP so it can release resources Fast roaming – r – e.g. for vehicle-to-roadside networks CEG436: Mobile Computing (PM)84

85 WLAN: IEEE b Data rate – 1, 2, 5.5, 11 Mbit/s, depending on SNR – User data rate max. approx. 6 Mbit/s Transmission range – 300m outdoor, 30m indoor – Max. data rate ~10m indoor Frequency – DSSS, 2.4 GHz ISM-band Security – Limited, WEP insecure, SSID Availability – Many products, many vendors Connection set-up time – Connectionless/always on Quality of Service – Typ. Best effort, no guarantees (unless polling is used, limited support in products) Manageability – Limited (no automated key distribution, sym. Encryption) Special Advantages/Disadvantages – Advantage: many installed systems, lot of experience, available worldwide, free ISM-band, many vendors, integrated in laptops, simple system – Disadvantage: heavy interference on ISM-band, no service guarantees, slow relative speed only CEG436: Mobile Computing (PM)85

86 IEEE b – PHY frame formats synchronizationSFDsignalserviceHECpayload PLCP preamblePLCP header variable bits length µs at 1 Mbit/s DBPSK1, 2, 5.5 or 11 Mbit/s short synch.SFDsignalserviceHECpayload PLCP preamble (1 Mbit/s, DBPSK) PLCP header (2 Mbit/s, DQPSK) variable bits length µs2, 5.5 or 11 Mbit/s Long PLCP PPDU format Short PLCP PPDU format (optional) CEG436: Mobile Computing (PM)86

87 Channel selection (non-overlapping) 2400 [MHz] channel 1channel 7channel 13 Europe (ETSI) US (FCC)/Canada (IC) 2400 [MHz] channel 1channel 6channel MHz CEG436: Mobile Computing (PM)87

88 WLAN: IEEE a Data rate – 6, 9, 12, 18, 24, 36, 48, 54 Mbit/s, depending on SNR – User throughput (1500 byte packets): 5.3 (6), 18 (24), 24 (36), 32 (54) – 6, 12, 24 Mbit/s mandatory Transmission range – 100m outdoor, 10m indoor E.g., 54 Mbit/s up to 5 m, 48 up to 12 m, 36 up to 25 m, 24 up to 30m, 18 up to 40 m, 12 up to 60 m Frequency – Free , , GHz ISM-band Security – Limited, WEP insecure, SSID Availability – Some products, some vendors Connection set-up time – Connectionless/always on Quality of Service – Typ. best effort, no guarantees (same as all products) Manageability – Limited (no automated key distribution, sym. Encryption) Special Advantages/Disadvantages – Advantage: fits into 802.x standards, free ISM-band, available, simple system, uses less crowded 5 GHz band – Disadvantage: stronger shading due to higher frequency, no QoS CEG436: Mobile Computing (PM)88

89 IEEE a – PHY frame format rateservicepayload variablebits 6 Mbit/s PLCP preamblesignaldata symbols121variable reservedlengthtailparitytailpad variable 6, 9, 12, 18, 24, 36, 48, 54 Mbit/s PLCP header CEG436: Mobile Computing (PM)89

90 Operating channels of a in Europe 5150 [MHz] MHz center frequency = *channel number [MHz] channel [MHz] MHz channel CEG436: Mobile Computing (PM)90

91 Operating channels for a / US U-NII 5150 [MHz] MHz center frequency = *channel number [MHz] channel [MHz] MHz channel CEG436: Mobile Computing (PM)91

92 WLAN: IEEE – current developments (06/2009) c: Bridge Support – Definition of MAC procedures to support bridges as extension to 802.1D d: Regulatory Domain Update – Support of additional regulations related to channel selection, hopping sequences e: MAC Enhancements – QoS – Enhance the current MAC to expand support for applications with Quality of Service requirements, and in the capabilities and efficiency of the protocol – Definition of a data flow (“connection”) with parameters like rate, burst, period… supported by HCCA (HCF (Hybrid Coordinator Function) Controlled Channel Access, optional) – Additional energy saving mechanisms and more efficient retransmission – EDCA (Enhanced Distributed Channel Access): high priority traffic waits less for channel access F: Inter-Access Point Protocol (withdrawn) – Establish an Inter-Access Point Protocol for data exchange via the distribution system g: Data Rates > 20 Mbit/s at 2.4 GHz; 54 Mbit/s, OFDM – Successful successor of b, performance loss during mixed operation with.11b h: Spectrum Managed a – Extension for operation of a in Europe by mechanisms like channel measurement for dynamic channel selection (DFS, Dynamic Frequency Selection) and power control (TPC, Transmit Power Control) i: Enhanced Security Mechanisms – Enhance the current MAC to provide improvements in security. – TKIP enhances the insecure WEP, but remains compatible to older WEP systems – AES provides a secure encryption method and is based on new hardware CEG436: Mobile Computing (PM)92

93 WLAN: IEEE – current developments (06/2009) j: Extensions for operations in Japan – Changes of a for operation at 5GHz in Japan using only half the channel width at larger range : Current “complete” standard – Comprises amendments a, b, d, e, g, h, i, j k: Methods for channel measurements – Devices and access points should be able to estimate channel quality in order to be able to choose a better access point of channel m: Updates of the standard n: Higher data rates above 100Mbit/s – Changes of PHY and MAC with the goal of 100Mbit/s at MAC SAP – MIMO antennas (Multiple Input Multiple Output), up to 600Mbit/s are currently feasible – However, still a large overhead due to protocol headers and inefficient mechanisms p: Inter car communications – Communication between cars/road side and cars/cars – Planned for relative speeds of min. 200km/h and ranges over 1000m – Usage of GHz band in North America r: Faster Handover between BSS – Secure, fast handover of a station from one AP to another within an ESS – Current mechanisms (even newer standards like i) plus incompatible devices from different vendors are massive problems for the use of, e.g., VoIP in WLANs – Handover should be feasible within 50ms in order to support multimedia applications efficiently CEG436: Mobile Computing (PM)93

94 WLAN: IEEE – current developments (06/2009) s: Mesh Networking – Design of a self-configuring Wireless Distribution System (WDS) based on – Support of point-to-point and broadcast communication across several hops T: Performance evaluation of networks – Standardization of performance measurement schemes u: Interworking with additional external networks v: Network management – Extensions of current management functions, channel measurements – Definition of a unified interface w: Securing of network control – Classical standards like , but also i protect only data frames, not the control frames. Thus, this standard should extend i in a way that, e.g., no control frames can be forged y: Extensions for the MHz band in the USA z: Extension to direct link setup aa: Robust audio/video stream transport ac: Very High Throughput <6Ghz ad: Very High Throughput in 60 GHz Note: Not all “standards” will end in products, many ideas get stuck at working group level Info:, CEG436: Mobile Computing (PM)94

95 Bluetooth Basic idea – Universal radio interface for ad-hoc wireless connectivity – Interconnecting computer and peripherals, handheld devices, PDAs, cell phones – replacement of IrDA – Embedded in other devices, goal: 5€/device (already < 1€) – Short range (10 m), low power consumption, license- free 2.45 GHz ISM – Voice and data transmission, approx. 1 Mbit/s gross data rate One of the first modules (Ericsson). CEG436: Mobile Computing (PM)95

96 Bluetooth History – 1994: Ericsson (Mattison/Haartsen), “MC-link” project – Renaming of the project: Bluetooth according to Harald “Blåtand” Gormsen [son of Gorm], King of Denmark in the 10 th century – 1998: foundation of Bluetooth SIG, – 1999: erection of a rune stone at Ercisson/Lund ;-) – 2001: first consumer products for mass market, spec. version 1.1 released – 2005: 5 million chips/week Special Interest Group – Original founding members: Ericsson, Intel, IBM, Nokia, Toshiba – Added promoters: 3Com, Agere (was: Lucent), Microsoft, Motorola – > members – Common specification and certification of products (was: ) CEG436: Mobile Computing (PM)96

97 History and hi-tech… 1999: Ericsson mobile communications AB reste denna sten till minne av Harald Blåtand, som fick ge sitt namn åt en ny teknologi för trådlös, mobil kommunikation. CEG436: Mobile Computing (PM)97

98 …and the real rune stone Located in Jelling, Denmark, erected by King Harald “Blåtand” in memory of his parents. The stone has three sides – one side showing a picture of Christ. This could be the “original” colors of the stone. Inscription: “auk tani karthi kristna” (and made the Danes Christians) Inscription: "Harald king executes these sepulchral monuments after Gorm, his father and Thyra, his mother. The Harald who won the whole of Denmark and Norway and turned the Danes to Christianity." Btw: Blåtand means “of dark complexion” (not having a blue tooth…) CEG436: Mobile Computing (PM)98

99 Characteristics 2.4 GHz ISM band, 79 (23) RF channels, 1 MHz carrier spacing – Channel 0: 2402 MHz … channel 78: 2480 MHz – G-FSK modulation, mW transmit power FHSS and TDD – Frequency hopping with 1600 hops/s – Hopping sequence in a pseudo random fashion, determined by a master – Time division duplex for send/receive separation Voice link – SCO (Synchronous Connection Oriented) – FEC (forward error correction), no retransmission, 64 kbit/s duplex, point-to-point, circuit switched Data link – ACL (Asynchronous ConnectionLess) – Asynchronous, fast acknowledge, point-to-multipoint, up to kbit/s symmetric or 723.2/57.6 kbit/s asymmetric, packet switched Topology – Overlapping piconets (stars) forming a scatternet CEG436: Mobile Computing (PM)99

100 Piconet Collection of devices connected in an ad hoc fashion One unit acts as master and the others as slaves for the lifetime of the piconet Master determines hopping pattern, slaves have to synchronize Each piconet has a unique hopping pattern Participation in a piconet = synchronization to hopping sequence Each piconet has one master and up to 7 simultaneous slaves (> 200 could be parked) M=Master S=Slave P=Parked SB=Standby M S P SB S S P P CEG436: Mobile Computing (PM)100

101 Forming a piconet All devices in a piconet hop together – Master gives slaves its clock and device ID Hopping pattern: determined by device ID (48 bit, unique worldwide) Phase in hopping pattern determined by clock Addressing – Active Member Address (AMA, 3 bit) – Parked Member Address (PMA, 8 bit) SB M S P S S P P                   CEG436: Mobile Computing (PM)101

102 Scatternet Linking of multiple co-located piconets through the sharing of common master or slave devices – Devices can be slave in one piconet and master of another Communication between piconets – Devices jumping back and forth between the piconets M=Master S=Slave P=Parked SB=Standby M S P SB S S P P M S S P Piconets (each with a capacity of 720 kbit/s) CEG436: Mobile Computing (PM)102

103 Bluetooth protocol stack Radio Baseband Link Manager Control Host Controller Interface Logical Link Control and Adaptation Protocol (L2CAP) Audio TCS BINSDP OBEX vCal/vCard IP NW apps. TCP/UDP BNEP RFCOMM (serial line interface) AT modem commands telephony apps.mgmnt. apps. AT: attention sequence OBEX: object exchange TCS BIN: telephony control protocol specification – binary BNEP: Bluetooth network encapsulation protocol SDP: service discovery protocol RFCOMM: radio frequency comm. PPP CEG436: Mobile Computing (PM)103

104 S Frequency selection during data transmission fkfk 625 µs f k+1 f k+2 f k+3 f k+4 f k+3 f k+4 fkfk fkfk f k+5 f k+1 f k+6 MMMM M MM MM t t t SS SS S CEG436: Mobile Computing (PM)104

105 Baseband Piconet/channel definition Low-level packet definition – Access code Channel, device access, e.g., derived from master – Packet header 1/3-FEC, active member address (broadcast + 7 slaves), link type, alternating bit ARQ/SEQ, checksum access codepacket headerpayload 68(72) bits AM addresstypeflowARQNSEQNHEC bits preamblesync.(trailer) 464(4) CEG436: Mobile Computing (PM)105

106 SCO payload types payload (30) audio (30) audio (10) HV3 HV2 HV1 DV FEC (20) audio (20)FEC (10) header (1)payload (0-9)2/3 FECCRC (2) (bytes) CEG436: Mobile Computing (PM)106

107 ACL Payload types payload (0-343) header (1/2)payload (0-339)CRC (2) header (1)payload (0-17)2/3 FEC header (1)payload (0-27) header (2)payload (0-121)2/3 FEC header (2)payload (0-183) header (2)payload (0-224)2/3 FEC header (2)payload (0-339) DH5 DM5 DH3 DM3 DH1 DM1 header (1)payload (0-29) AUX1 CRC (2) (bytes) CEG436: Mobile Computing (PM)107

108 Baseband data rates PayloadUserSymmetricAsymmetric HeaderPayloadmax. Rate max. Rate [kbit/s] Type[byte][byte]FECCRC[kbit/s]ForwardReverse DM /3yes DH110-27noyes DM /3yes DH noyes DM /3yes DH noyes AUX110-29nono HV1na101/3no64.0 HV2na202/3no64.0 HV3na30nono64.0 DV1 D10+(0-9) D2/3 Dyes D D ACL 1 slot 3 slot 5 slot SCO Data Medium/High rate, High-quality Voice, Data and Voice CEG436: Mobile Computing (PM)108

109 Baseband link types Polling-based TDD packet transmission – 625µs slots, master polls slaves SCO (Synchronous Connection Oriented) – Voice – Periodic single slot packet assignment, 64 kbit/s full-duplex, point-to-point ACL (Asynchronous ConnectionLess) – Data – Variable packet size (1, 3, 5 slots), asymmetric bandwidth, point-to-multipoint MASTER SLAVE 1 SLAVE 2 f6f6 f0f0 f1f1 f7f7 f 12 f 13 f 19 f 18 SCO ACL f5f5 f 21 f4f4 f 20 ACL f8f8 f9f9 f 17 f 14 ACL

110 Robustness Slow frequency hopping with hopping patterns determined by a master – Protection from interference on certain frequencies – Separation from other piconets (FH-CDMA) Retransmission – ACL only, very fast Forward Error Correction – SCO and ACL MASTER SLAVE 1 SLAVE 2 ACCHF GG BDE NAKACK Error in payload (not header!)

111 Baseband states of a Bluetooth device standby inquirypage connected AMA transmit AMA park PMA hold AMA sniff AMA unconnected connecting active low power Standby: do nothing Inquire: search for other devices Page: connect to a specific device Connected: participate in a piconet detach Park: release AMA, get PMA Sniff: listen periodically, not each slot Hold: stop ACL, SCO still possible, possibly participate in another piconet CEG436: Mobile Computing (PM)111

112 Example: Power consumption/CSR BlueCore2 Typical Average Current Consumption 1 – VDD=1.8V Temperature = 20°C – Mode SCO connection HV3 (1s interval Sniff Mode) (Slave) 26.0 mA SCO connection HV3 (1s interval Sniff Mode) (Master)26.0 mA SCO connection HV1 (Slave) 53.0 mA SCO connection HV1 (Master) 53.0 mA ACL data transfer 115.2kbps UART (Master) 15.5 mA ACL data transfer 720kbps USB (Slave) 53.0 mA ACL data transfer 720kbps USB (Master) 53.0 mA ACL connection, Sniff Mode 40ms interval, 38.4kbps UART 4.0 mA ACL connection, Sniff Mode 1.28s interval, 38.4kbps UART 0.5 mA Parked Slave, 1.28s beacon interval, 38.4kbps UART 0.6 mA Standby Mode (Connected to host, no RF activity)47.0 µ A Deep Sleep Mode µ A Notes: – 1 Current consumption is the sum of both BC212015A and the flash. – 2 Current consumption is for the BC212015A device only. CEG436: Mobile Computing (PM)112

113 Example: Bluetooth/USB adapter (2002: 50€, today: some cents if integrated) CEG436: Mobile Computing (PM)113

114 L2CAP - Logical Link Control and Adaptation Protocol Simple data link protocol on top of baseband Connection oriented, connectionless, and signaling channels Protocol multiplexing – RFCOMM, SDP, telephony control Segmentation & reassembly – Up to 64kbyte user data, 16 bit CRC used from baseband QoS flow specification per channel – Follows RFC 1363, specifies delay, jitter, bursts, bandwidth Group abstraction – Create/close group, add/remove member CEG436: Mobile Computing (PM)114

115 L2CAP logical channels baseband L2CAP baseband L2CAP baseband L2CAP Slave Master ACL 2d1dd11d21 signallingconnectionlessconnection-oriented ddd CEG436: Mobile Computing (PM)115

116 L2CAP packet formats length 2bytes CID=2 2 PSM 22 payload length 2bytes CID 2 payload length 2bytes CID=1 2 One or more commands Connectionless PDU Connection-oriented PDU Signalling command PDU codeIDlengthdata 112 00 CEG436: Mobile Computing (PM)116

117 Security E3E3 E2E2 link key (128 bit) encryption key (128 bit) payload key Keystream generator Data Cipher data Authentication key generation (possibly permanent storage) Encryption key generation (temporary storage) PIN (1-16 byte) User input (initialization) Pairing Authentication Encryption Ciphering E3E3 E2E2 link key (128 bit) encryption key (128 bit) payload key Keystream generator PIN (1-16 byte) CEG436: Mobile Computing (PM)117

118 SDP – Service Discovery Protocol Inquiry/response protocol for discovering services – Searching for and browsing services in radio proximity – Adapted to the highly dynamic environment – Can be complemented by others like SLP, Jini, Salutation, … – Defines discovery only, not the usage of services – Caching of discovered services – Gradual discovery Service record format – Information about services provided by attributes – Attributes are composed of an 16 bit ID (name) and a value – values may be derived from 128 bit Universally Unique Identifiers (UUID) CEG436: Mobile Computing (PM)118

119 Additional protocols to support legacy protocols/apps. RFCOMM – Emulation of a serial port (supports a large base of legacy applications) – Allows multiple ports over a single physical channel Telephony Control Protocol Specification (TCS) – Call control (setup, release) – Group management OBEX – Exchange of objects, IrDA replacement WAP – Interacting with applications on cellular phones CEG436: Mobile Computing (PM)119

120 Profiles Represent default solutions for a certain usage model – Vertical slice through the protocol stack – Basis for interoperability Generic Access Profile Service Discovery Application Profile Cordless Telephony Profile Intercom Profile Serial Port Profile Headset Profile Dial-up Networking Profile Fax Profile LAN Access Profile Generic Object Exchange Profile Object Push Profile File Transfer Profile Synchronization Profile Additional Profiles Advanced Audio Distribution PAN Audio Video Remote Control Basic Printing Basic Imaging Extended Service Discovery Generic Audio Video Distribution Hands Free Hardcopy Cable Replacement Profiles Protocols Applications CEG436: Mobile Computing (PM)120

121 Bluetooth versions Bluetooth 1.1 – also IEEE Standard – initial stable commercial standard Bluetooth 1.2 – also IEEE Standard – eSCO (extended SCO): higher, variable bitrates, retransmission for SCO – AFH (adaptive frequency hopping) to avoid interference Bluetooth EDR (2004, no more IEEE) – EDR (enhanced date rate) of 3.0 Mbit/s for ACL and eSCO – lower power consumption due to shorter duty cycle Bluetooth EDR (2007) – better pairing support, e.g. using NFC – improved security Bluetooth HS (2009) – Bluetooth EDR + IEEE a/g = 54 Mbit/s CEG436: Mobile Computing (PM)121

122 WPAN: IEEE – Bluetooth Data rate – Synchronous, connection-oriented: 64 kbit/s – Asynchronous, connectionless kbit/s symmetric / 57.6 kbit/s asymmetric Transmission range – POS (Personal Operating Space) up to 10 m – with special transceivers up to 100 m Frequency – Free 2.4 GHz ISM-band Security – Challenge/response (SAFER+), hopping sequence Availability – Integrated into many products, several vendors Connection set-up time – Depends on power-mode – Max. 2.56s, avg. 0.64s Quality of Service – Guarantees, ARQ/FEC Manageability – Public/private keys needed, key management not specified, simple system integration Special Advantages/Disadvantages – Advantage: already integrated into several products, available worldwide, free ISM-band, several vendors, simple system, simple ad- hoc networking, peer to peer, scatternets – Disadvantage: interference on ISM- band, limited range, max. 8 active devices/network, high set-up latency CEG436: Mobile Computing (PM)122

123 WPAN: IEEE – future developments : Coexistance – Coexistence of Wireless Personal Area Networks (802.15) and Wireless Local Area Networks (802.11), quantify the mutual interference : High-Rate – Standard for high-rate (20Mbit/s or greater) WPANs, while still low- power/low-cost – Data Rates: 11, 22, 33, 44, 55 Mbit/s – Quality of Service isochronous protocol – Ad hoc peer-to-peer networking – Security – Low power consumption – Low cost – Designed to meet the demanding requirements of portable consumer imaging and multimedia applications CEG436: Mobile Computing (PM)123

124 WPAN: IEEE – future developments 2 Several working groups extend the standard a: - withdrawn - – Alternative PHY with higher data rate as extension to – Applications: multimedia, picture transmission b: – Enhanced interoperability of MAC – Correction of errors and ambiguities in the standard c: – Alternative PHY at GHz – Goal: data rates above 2 Gbit/s Not all these working groups really create a standard, not all standards will be found in products later … CEG436: Mobile Computing (PM)124

125 WPAN: IEEE – future developments : Low-Rate, Very Low-Power – Low data rate solution with multi-month to multi-year battery life and very low complexity – Potential applications are sensors, interactive toys, smart badges, remote controls, and home automation – Data rates of kbit/s, latency down to 15 ms – Master-Slave or Peer-to-Peer operation – Up to 254 devices or simpler nodes – Support for critical latency devices, such as joysticks – CSMA/CA channel access (data centric), slotted (beacon) or unslotted – Automatic network establishment by the PAN coordinator – Dynamic device addressing, flexible addressing format – Fully handshaked protocol for transfer reliability – Power management to ensure low power consumption – 16 channels in the 2.4 GHz ISM band, 10 channels in the 915 MHz US ISM band and one channel in the European 868 MHz band Basis of the ZigBee technology – CEG436: Mobile Computing (PM)125

126 ZigBee Relation to similar to Bluetooth / Pushed by Chipcon (now TI), ember, freescale (Motorola), Honeywell, Mitsubishi, Motorola, Philips, Samsung… More than 260 members – about 15 promoters, 133 participants, 111 adopters – must be member to commercially use ZigBee spec ZigBee platforms comprise – IEEE for layers 1 and 2 – ZigBee protocol stack up to the applications CEG436: Mobile Computing (PM)126

127 WPAN: IEEE – future developments a: – Alternative PHY with lower data rate as extension to – Properties: precise localization (< 1m precision), extremely low power consumption, longer range – Two PHY alternatives UWB (Ultra Wideband): ultra short pulses, communication and localization CSS (Chirp Spread Spectrum): communication only b, c, d, e, f, g: – Extensions, corrections, and clarifications regarding – Usage of new bands, more flexible security mechanisms – RFID, smart utility neighborhood (high scalability) : Mesh Networking – Partial meshes, full meshes – Range extension, more robustness, longer battery live : Body Area Networks – Low power networks e.g. for medical or entertainment use : Visible Light Communication Not all these working groups really create a standard, not all standards will be found in products later … CEG436: Mobile Computing (PM)127

128 Some more IEEE standards for mobile communications IEEE : Broadband Wireless Access / WirelessMAN / WiMax – Wireless distribution system, e.g., for the last mile, alternative to DSL – 75 Mbit/s up to 50 km LOS, up to 10 km NLOS; 2-66 GHz band – Initial standards without roaming or mobility support – e adds mobility support, allows for roaming at 150 km/h IEEE : Mobile Broadband Wireless Access (MBWA) – Licensed bands < 3.5 GHz, optimized for IP traffic – Peak rate > 1 Mbit/s per user – Different mobility classes up to 250 km/h and ranges up to 15 km – Relation to e unclear IEEE : Media Independent Handover Interoperability – Standardize handover between different 802.x and/or non 802 networks IEEE : Wireless Regional Area Networks (WRAN) – Radio-based PHY/MAC for use by license-exempt devices on a non-interfering basis in spectrum that is allocated to the TV Broadcast Service CEG436: Mobile Computing (PM)128

129 RF Controllers – ISM bands Data rate – Typ. up to 115 kbit/s (serial interface) Transmission range – m, depending on power (typ mW) Frequency – Typ. 27 (EU, US), 315 (US), 418 (EU), 426 (Japan), 433 (EU), 868 (EU), 915 (US) MHz (depending on regulations) Security – Some products with added processors Cost – Cheap: 10€-50€ Availability – Many products, many vendors Connection set-up time – N/A Quality of Service – none Manageability – Very simple, same as serial interface Special Advantages/Disadvantages – Advantage: very low cost, large experience, high volume available – Disadvantage: no QoS, crowded ISM bands (particularly 27 and 433 MHz), typ. no Medium Access Control, 418 MHz experiences interference with TETRA CEG436: Mobile Computing (PM)129

130 RFID – Radio Frequency Identification (1) Data rate – Transmission of ID only (e.g., 48 bit, 64kbit, 1 Mbit) – 9.6 – 115 kbit/s Transmission range – Passive: up to 3 m – Active: up to m – Simultaneous detection of up to, e.g., 256 tags, scanning of, e.g., 40 tags/s Frequency – 125 kHz, MHz, 433 MHz, 2.4 GHz, 5.8 GHz and many others Security – Application dependent, typ. no crypt. on RFID device Cost – Very cheap tags, down to 1€ (passive) Availability – Many products, many vendors Connection set-up time – Depends on product/medium access scheme (typ. 2 ms per device) Quality of Service – none Manageability – Very simple, same as serial interface Special Advantages/Disadvantages – Advantage: extremely low cost, large experience, high volume available, no power for passive RFIDs needed, large variety of products, relative speeds up to 300 km/h, broad temp. range – Disadvantage: no QoS, simple denial of service, crowded ISM bands, typ. one-way (activation/ transmission of ID) CEG436: Mobile Computing (PM)130

131 RFID – Radio Frequency Identification (2) Function – Standard: In response to a radio interrogation signal from a reader (base station) the RFID tags transmit their ID – Enhanced: additionally data can be sent to the tags, different media access schemes (collision avoidance) Features – No line-of sight required (compared to, e.g., laser scanners) – RFID tags withstand difficult environmental conditions (sunlight, cold, frost, dirt etc.) – Products available with read/write memory, smart-card capabilities Categories – Passive RFID: operating power comes from the reader over the air which is feasible up to distances of 3 m, low price (1€) – Active RFID: battery powered, distances up to 100 m CEG436: Mobile Computing (PM)131

132 RFID – Radio Frequency Identification (3) Applications – Total asset visibility: tracking of goods during manufacturing, localization of pallets, goods etc. – Loyalty cards: customers use RFID tags for payment at, e.g., gas stations, collection of buying patterns – Automated toll collection: RFIDs mounted in windshields allow commuters to drive through toll plazas without stopping – Others: access control, animal identification, tracking of hazardous material, inventory control, warehouse management,... Local Positioning Systems – GPS useless indoors or underground, problematic in cities with high buildings – RFID tags transmit signals, receivers estimate the tag location by measuring the signal‘s time of flight CEG436: Mobile Computing (PM)132

133 RFID – Radio Frequency Identification (4) Security – Denial-of-Service attacks are always possible Interference of the wireless transmission, shielding of transceivers – IDs via manufacturing or one time programming – Key exchange via, e.g., RSA possible, encryption via, e.g., AES Future Trends – RTLS: Real-Time Locating System – big efforts to make total asset visibility come true – Integration of RFID technology into the manufacturing, distribution and logistics chain – Creation of „electronic manifests“ at item or package level (embedded inexpensive passive RFID tags) – 3D tracking of children, patients CEG436: Mobile Computing (PM)133

134 RFID – Radio Frequency Identification (5) Relevant Standards – American National Standards Institute ANSI, – Automatic Identification and Data Capture Techniques JTC 1/SC 31, – European Radiocommunications Office ERO, – European Telecommunications Standards Institute ETSI, – Identification Cards and related devices JTC 1/SC 17, – Identification and communication ISO TC 104 / SC 4, – Road Transport and Traffic Telematics CEN TC 278, – Transport Information and Control Systems ISO/TC204, CEG436: Mobile Computing (PM)134

135 RFID – Radio Frequency Identification (6) ISO Standards – ISO MH Data Identifiers EAN.UCC Application Identifiers – ISO Syntax for High Capacity ADC Media – ISO Transfer Syntax – ISO Part 2, kHz Part 3, MHz Part 4, 2.45 GHz Part 5, 5.8 GHz Part 6, UHF ( MHz, 433 MHz) – ISO RFID Device Conformance Test Methods – ISO RF Tag and Interrogator Performance Test Methods CEG436: Mobile Computing (PM)135

136 ISM band interference Many sources of interference – Microwave ovens, microwave lighting – , b, g, , … – Even analog TV transmission, surveillance – Unlicensed metropolitan area networks – … Levels of interference – Physical layer: interference acts like noise Spread spectrum tries to minimize this FEC/interleaving tries to correct – MAC layer: algorithms not harmonized E.g., Bluetooth might confuse OLD © Fusion Lighting, Inc., now used by LG as Plasma Lighting System NEW CEG436: Mobile Computing (PM)136

137 Bluetooth may act like a rogue member of the network – Does not know anything about gaps, inter frame spacing etc. IEEE discusses these problems – Proposal: Adaptive Frequency Hopping a non-collaborative Coexistence Mechanism Real effects? Many different opinions, publications, tests, formulae, … – Results from complete breakdown to almost no effect – Bluetooth (FHSS) seems more robust than b (DSSS) vs.(?) /Bluetooth t f [MHz] b 3 channels (separated by installation) ACK DIFS SIFS 1000 byte SIFS DIFS 500 byte ACK DIFS 500 byte SIFS ACK DIFS 500 byte DIFS 100 byte SIFS ACK DIFS 100 byte SIFS ACK DIFS 100 byte SIFS ACK DIFS 100 byte SIFS ACK DIFS 100 byte SIFS ACK channels (separated by hopping pattern) CEG436: Mobile Computing (PM)137

138 Wireless IEEE Traditional Bluetooth Infrared CEG436: Mobile Computing (PM)138

139 The WiMAX Possibility Wireless & Mobile Broadband at miles range CEG436: Mobile Computing (PM)139

Download ppt "Wireless/Cellular Technologies Prabhaker Mateti. Mobile Communication Technology according to IEEE (examples) CEG436: Mobile Computing (PM)2 Personal."

Similar presentations

Ads by Google