How and what to choose the mobile Internet? GSM decoding

Currently, a huge number of people living in cities and regional centers, and especially away from them, have difficulties with the possibility of choosing a service provider for qualitatively using such blessings of civilization as digital television, Internet, radio and simply decide, for example, which mobile operator communication choose from possible for high-quality and reliable telephone communication in this place (Megaphone, Beeline, MTS, TELE2, etc.). As a rule, at best, this is solved by polling the neighbors “what connection do you use?” And, relying on their answer, acquire the necessary SIM card of the mobile operator, and then you face what is not heard, there is no connection, the Internet, and then how to read Habr , etc.

Of course, you can buy cards of all operators, and by setting them up on the phone to look like and checking the quality of communication and signal level, you can visit friends who use different cellular operators, look at the Internet for cellular operators coverage areas, make a choice on them, but unfortunately, all these methods, for a number of technical reasons, are not always accurate and in most cases not correct, require quite a long time and cost, and as a rule, it is necessary to determine here and now. This is especially true for professionals who install and configure equipment, who left on request to carry out any installation in a completely new, unknown place. In some cases, it is necessary to use an additional external antenna to get a high-quality signal, and it happens that the connection was gone and, in most cases, this is not a new installation, but as a rule, the antennas are already installed and configured by the masters at the time of commissioning the necessary system, but during operation, as well as due to the movement and change of transmitting antennas associated with the reconstruction of towers by telecom operators and television broadcasting, changes in their territorial location, as well as changes in m The mechanical strength of the receiving antenna and its fasteners (for example, as a result of a large amount of snow coming down from the roof, strong wind), the transmitting misalignment of the receiving path occurs and the possibility of high-quality signal reception up to its complete absence is excluded. For television, the DVB_T2 broadcasting commissioning also implies new points of installation of transmitting antennas that broadcast to which the receiving antenna must be sent for high-quality reception of the television signal (the previously used UHF antenna is fully suitable for receiving this format). The cost of such works, when calling the master, is quite high, although these works can be performed by any person on their own, using the simplest DVB-T dongle based on Realtek RTL2832U chip or any SDR receiver with the ability to capture 700-1000 MHz and GSM scanning program. It is not always possible to use the built-in settings of the system settings qualitatively due to the large inertia of such systems, as well as in the case of a weak signal that requires accurate positioning of the antenna to display at least the initial signal level.

For those who are not interested in technical issues, but I want to immediately start using, just download the GSM scanner and start using (link at the bottom of the article), though if you have a DVB-T dongle or SDR receiver available. The program starts automatically after launch, everything is displayed on the screen (Fig. 1) and after 3-5 minutes or more (depending on the signal quality) displays colored columns whose height means the level and, accordingly, the signal quality, and the color in which is colored by a bar, it defines the telecom operator (the hint - green is a megaphone). According to the results, the scanner allows you to save a list of identifiers of base stations MCC, MNC, LAC and CI for all scanned channels. In this place, we can conclude that Beeline is the most optimal in terms of signal level (Figure 2).

Figure 1:

')
Fig.2:


For those lucky ones who already have the equipment, and who have already launched the scan, while it is being carried out - a description of what the program is doing now and what your processor is so loaded with.

First of all, the frequency range is scanned, whether the given signal is a GSM signal, and if a positive decision is made, an attempt is made to decode it; thus, there are three possible signal detection results: 1 - not a GSM signal, 2 - a GSM signal, but it is impossible to decode data (for example, due to poor signal quality), 3 - a GSM signal and data are decoded.

Under the decoded data refers to the system information SI messages transmitted over the broadcast channels BCCH.

Thus, the decoder provides the following parameters:
• MCC country code, MNC operator code, LAC location code, CI cell ID and BSIC base station “color” code
• The number of time slots occupied by common synchronization channels BS-CC-CHANS, the number of blocks allocated for the access channel BS-AG-BLKS-RES, the combining flag of common and dedicated channels BS-CCCH-SDCCH-COMB
• List of frequency channels of the base station
• List of BCCH frequencies of channels of neighboring base stations
Another function of the decoder is to analyze TCH traffic channels, in order to detect base stations with disabled encryption. This feature can be used to detect GSM security problems, IMSI-catcher detection, etc.

In addition, the decoder provides a set of additional parameters characterizing the signal quality: the signal level, the shift of the carrier frequency, the number of decoded frames, the signal-to-noise ratio, the relative number of errors, the number of busy traffic channels, etc.

The principle of operation of the GSM decoder.

The GSM physical layer decoder works as follows. The first step is to search for frequency correction packets (FC burst) and estimate the carrier frequency shift, after detecting it with a delay of one TDMA frame (approximately 4.6 ms), a syn burst packet is searched. Decoding of the synchronization packet allows to achieve multi-frame synchronization and learn the color code of the given BS. After this, it is possible to decode the broadcast message channels and traffic channels.

The GSM decoder consists of the following functional blocks:
• preprocessing of signals and adjustment of carrier frequency shift,
• search for known training sequences and adjustment of carrier phase and symbol synchronization,
• Evaluator of the channel impulse response and Viterbi EQ with a soft output
• reverse interleaver and Viterbi decoder external convolutional code
• parsing data packets

Preliminary processing.

The GSM preprocessing unit performs the following functions:
• conversion of input quadrature samples from an arbitrary input format to an internal representation format and resampling from an input sampling frequency in the range of 250–500 kHz to a fixed frequency equal to twice the symbol rate
• low-pass filtering of the signal with decimation to the symbol rate, estimation of the input signal level
• compensation of the input shift of the carrier frequency by multiplying with the complex sine wave of the corresponding frequency
• block alignment of output samples at the beginning of the frame

Search for training sequences.

The block search for training sequences performs the following functions:
• preliminary search of frequency correction packets (FCH channel) by calculating the correlation with a known reference signal; to save resources, the preliminary search is performed with a large time step
• clarification of the position of the frequency correction packet and estimation of the carrier frequency shift
• frame time synchronization by synchronization packets (SCH channel)
• phase adjustment of the carrier frequency of SCH, BCCH, TCH packets
• estimation of the phase of symbolic synchronization of SCH, BCCH, TCH packets and interpolation in order to achieve maximum opening of the diagram eye
• detection of empty (Dummy) packets transmitted over the TCH channel.

Channel estimator and Viterbi equalizer.

The channel impulse response is estimated by calculating the correlation of the signal with the delayed training sequences. From the obtained estimate of the correlation function, the own correlation of the GMSK signal with BT = 0.3 is subtracted, and the results are averaged.

The resulting estimate of the channel impulse response is fed to the Viterbi EQ with a soft output (SOVA), which implements the MLSE decoder. The Viterbi EQ (VE) uses a 64-state grid, the Viterbi EQ state is described by the following components: 1 bit determines the current value of the accumulated phase for all characters from the completed EH, 2 bits describes the characters from the unfinished EY, 3 bits describes the history of the characters. In contrast to the classical implementation, where 4 values ​​of the accumulated phase are used, in the described implementation only 2 phase values ​​(1 bit) are used, which requires a preliminary rotation of each sample on Pi / 2 compared to the previous one.

The soft output of the Vitrebi algorithm is formed by multiplying the hard decision by the minimum difference between the metric of the surviving path and the metric of the competitive path, which is distinguished by the given symbol.

This module also performs differential decoding of symbols, evaluation of the signal-to-noise ratio, and estimation of the error rate using known training sequences.

Deinterlager and Viterbi decoder.

The sequencer performs the symbol permutation for the BCCH and TCH channels, inverse to the interleaver and the formation of blocks. The Viterbi decoder performs decoding of a convolutional code using a standard algorithm.

Parser data packages.

The parser checks the reception of data packets by calculating the checksum (in the standard it is called the Block code) and comparing it with the transmitted one. After that, the packet is parsed.

We look at the plotted chart and determine the optimal telecom operator for a given location and run to buy the desired SIM card.

A tuner was purchased on Avito, the photo of the tuner at work in the photo below:


The source codes of the GSM scanner are available in the open GIT repository on Bitbucket. The scanner is built under MS Visual C ++ 2010 Express and Qt 4.8.4.

The program is updated and available for download.