Introduction to software defined radio

voxylophone · August 19, 2017, 10:14am

Introduction:

Software defined radio history
How we receive
Hrtp images from low altitude satellites, constant orbit
Cloud patterns
Signalling system in the background
wifi is part of the rf spectrum
Cellphones have radio modules in them

our laptops must be Augmented them with device and antennae
Software defined radio boards
Signal jamming
building a gsm base station

Usb dongle
Rx capable (receiving, not broadcasting), low power, digital video broadcast stick
Capture fm, listen to stock standard radio,
software was built around the Rtlsdr library, in order to use this stick.

Low frequency antennae, up converter
Base stations
2.5-2.4 ghz wifi

What is radio?
Start with magnetic fields
north pole to the south pole
they have a direction, a vector field
which can be measured or seen (iron dust on a piece of glass)

The other part is its relation to electicity/current
Coloumb force is the measurement of force
electric and magnetic fields affect each other, you can not have non static electric fields without magnetic fields and vice versa.

James Clerk Maxwell:
he write 20 equations which have been reduced to 4 currently:

Gauss|s law
Gauss|s law for magnetism
Maxwell-Faraday equation (law of induction)

Electromagnetic Waves
spektrum of waves: gamma, x, untraviolet, infrared radiation, micro and radio waves

Heinrich Hertz was the first to transmit the radio waves for the first time.
Marconi G was the first to send waves over 10s of meters

Radio telegraph, binary morse code to transmit signal though a device at the time called a Monocle.

electromagnetic waves with spark transmitter creates a lot of noise but there was only one channel

electric field on one axis and magnetic field on another
x (real value) + y (imaginary value)

sign and cosign waves = a 1/4 of a circle
when x is a big as possible, then y would be 0.

amplitude
frequency
phase - offset in time

Modulation
continuous wave - used in wireless telegraphy by sending a sinus tone or not.

amplitude modulation (AM)
amplify the information signal with carrier signal

frequency modultaion (FM)
constant amplitude, constant volume of the signal, slightly varying the frequency

frequency shift keying (FSK)
1s and 0s

Amplitude shift Keying (ASK)
scaling the amplitude

phase shift keying (PSK)
jumping, rotating around the circle

quadrature phase shift keying (QPSK)

QAM
16 point
64 point
used by wifi

DSSS direct sequence spread spectrum- multiplies with pseudo random noise that both sender and receiver knows

OFDM orthogonal frequency division multiplexing - uses QAM buut sends lots of low rate channels and combine

DMA code viivion multiple access

Frequency spectrum
y scale in decibles verticle (amplitude), x horizontal (time)

Heisenbergs uncertainty principle you cannot know both position and speed with arbitary precision

Receivers
Zincite crystal and Galena rock

Crystal radio - pwered by the energy in the radio waves
bandpass filter allows from a certain frequency range through
w/ detector (demodulator)

high and low frequency is controlled and sometimes goes only one way.

Superheterodyne receiver
RF filter, local oscillator…
you can move the frequencies

IF (intermediate frequency is the result of filtered high frequency radio waves.

mixing 2cosines

Decibel (dB)
same as pH in chemistry but 1 in pH is 10 times the concentration
an increase of 10, multiply by 10
Ca 3db up doubles, ca 3db halves

Polarisation
direction of propagation

Antennas
resonator
radiator
the wave should resonate in the antenna at the speed of the wave in the substrate

Gain
is a measure of how good an antenna is
often a direct consequence of directionaltiy

Radiation Patterns
Yagi antenna model
Yagi Antenna 3D Radiation Pattern
Yagi antenna ayimuth plane pattern
Yagi Antenna elevation plane pattern

Monopole
wifi
needs to be 1/4 of the (2400) mhz

Dipole

Yagi
analogue t.v. antennae, where they are not connected to each other but coupled

Patch

Vivaldi
wide opening/mouth - low frequency reception
inner part - high freqeuncy reception

UWB

Microstrip

Fractal antenna

horn antenna
directional

Helical/QFH
looks like dna
rotating in orbit

satellite tracking helical antenna

Impedance - a complex valued generalisation of resistance
matching of antennas and transmission lines is very important, otherwise the signal gets mirrored back and cancels itself
Typical antenna and coaxial cable impendance is 50 Ohm

Software Defined Radio (SDR) where components have been implemented in hardware (e.g. mixers, filters, amps, mod/demodulators, detectors, ect) are implemented by means of software on a pc or embedded system.

Ideally, antenna connects direct to the LNA and ADCor the PA and DAC. the processor handles all radio functions, filtering up/downconversion, modulation/demodulation, and digital baseband.

what is done instead is one analogue tuner to oscillator to tune the frequency down

**a quick example of how we can do something through the computer: **

through the host operating system
access through the usb stick

connect the antenna and sit it vertical

in terminal
gqrx

an interface to work with various dongles
24 megahz - 1774

peaks indicate strong currents of electromagnetic energy.
dial is like a radio pique

electromagnetic wave signal, probably disturbed from things in the room
squelch
find the quietest part

dc remove
filters out power bridge current

ppm correction with walkie talkies can depend on the clock despite the board heating up.

input controls–>frequency corrections
to line up frequencies

stable temp

option:
gps continually measures the oscillator rate and stabalizes the rate at all times.

2.56 input rate in configuration is an important number

images encoded in fm wave or packet, network.

dump1090
testing if there is any airplane signal
transponders in airplanes

Generating Sound

new radio companion
similar to max msp, pure data
generates python code

gnuradiocomp

gui widgets
NOAA
Core–>audio–>audio sync
waveform generator–>signal source

output always on left side
input always on the right side

change signal source output to float

range QT GUI Range
change the parameters and set the frequency to the frequency in signal source

back in signal source:
frequency display
looking at the waveform

another GUI Range for amplitude
back in signal source, define amplitude with newly designated amplitude

drag in another signal source (setting the first one back from cosine to sine wave)

pull in another multiply
connect both signal sources and the other end to the audio sink and the QT GUI sink

put an add in the middle connect both the signal soures, and then again to the audio and QT Sink

with another QT GUI Range, you can make an amplitude 2 and create a second oscillator

add a lowpass filter
radio
mixing

transition width 10
the lower the number is, the more expensive it is

connections, at this point:
signal sources to multiply, multiply through low pass filter, low pass filter connects to audio sink and the QT GUI Sink

New Example:
RTL SDR
QT GUI Range: 1 for frequency and one for gain
variable: audiorate at 40000
Rational resampler

interpolation to make more samples (192)
decimation number reduces the amount of data flowing through that factor (1280)
WBFM
192000 Quadrature Rate
4 Audio Decimation

webuiltthis1280×731 115 KB

Recipes for tuning…

20.August.2017

900 Herz
VGA gain -14

space station
gsm communication to handsets
open base station project
configure it in a web interface

stealth cell tower
stingray systeams
imsi catcher
imsi (number that’s hiding behind your phone number) vs tmsi (hardware model)
Antennas catching the imsi
tracking the clocks to see if they congregate

crop dusting planes also catching imsi
fcc pushing for a person to be assigned to one imsi number (harder to get a sim card now)

kill by phone number
predator drones with directional antennas, catch the imsi, locate and send in a kill request.

tracked by gps.
not unless there is malware on the phone that reads from that specifically or magnetized gps stuck under a car
by cell towers (imci catchers)

Base Station
yate (system in the core program)
-v (very talkative)
yate -vvv

ls /usr/local/ect/yate/

vim /usr/local/ect/yate/

yate.conf
yate requires msisdn (country code)

subscribers
regexp, disallow every single number begins with 001
^001 (or whichever country code corresponds)
allow every single phone to register regexp=,*

base station.conf
radio band 850, 900, 1800, 1900 megaherz
refers to a certain bandwidth
area code, cell id, base station color code, attenuation of amplitude

OpenCellID

vim /usr/local/ect/yate/scripts/nib.js

call on a conference number

`cat /usr/local/ect/yate//tmsidata.conf``

tmsi, imsi number, country id, number, shortcut number

live management interface, control commands, live audio

routing calls
sip switch

catching imsi
gaining the trust of the sim card.
even if encrypted, routed through internet infrastructure, would be in the clear.

passive listening
cd bin/
ls
cd bin/IMSI - catcher/
ls
sudo python simple_IMSI-catcher.py

second terminal:
grgsm_livemon -f 935800000