Category Archives: RF

IMTx: NET02x (4G Network Essentials) – Radio Interface – 1. Radio Transmission

These are my lecture notes from IMT’s NET02x (4G Network Essentials) course, I thought I’d post them here as they may be useful to someone. You can find my complete notes here.

The E-UTRAN relies on Phase Shift Keying to modulate data.

The downlink uses orthogonal frequency division multiplex (OFDM) while the uplink uses SC-FDMA due to OFDM’s high peak-to-average-power ratio making it unstable for uplink due to power consumption requirements.

Binary Phase Shift Keying (BPSK)

The simplest modulation is Binary Phase Shift Keying, allowing the phase to be left unmodified to encode a 0, or offset by 180 degrees (aka π) to transmit a 1.

While each bit of data is being transmitted, the time it is being sent over the air is referred to as the symbol length.

2 phase states of BPSK in LTE
2 Phase States of BPSK

Quaternary Phase Shift Keying (QPSK)

QPSK adds to additional phase states, to allow us to send twice as much data in one symbol.

This is done by defining more than two states (phase unmodified, phase offset by pi), but rather 4 states:

DataPhase Offset
00π/2
115π/2
013π/2
107π/2

This means we can transmit double the number of bits in a single symbol, with QPSK we can now transmit 2 bits per symbol as per the table above.

This means the data rate of QPSK is twice that of BPSK.

4 phase states of QPSK in LTE
4 phase states of QPSK

BPSK vs QPSK

Thanks to interference, drift, Doppler shift etc, our modulated data probably isn’t going to be received at exactly the same offset that it was sent.

So because our phase shift isn’t going to land exactly on the red dot in the circle, but somewhere nearby.

The receiver will determine the phase of the signal based on it’s proximity to a known phase shift angle.

Because QPSK has more phase states than BPSK we get a higher data rate, but as the recieved data isn’t going to be exactly the phase offsets defined, the states may overlap and the receiver will not receive the correct information

BPSK vs QPSK in LTE UTRAN
BPSK vs QPSK

Channel conditions restrict the modulation techniques we can use. BPSK is slower but more reliable, while QPSK is faster but more error prone due to it’s lower tolerances.

Transmission Reliability

Error Correction is needed in LTE to make sure the message can be reconstructed correctly by the reciever.

To do this, in a simple form LTE adds redundant data.

For example sending 3 copies of the data increases the chance one will get through correctly, and provides the receiver with information to discriminate the right data.

(If only two copies were sent to increase the reliability, the receiver wouldn’t know which one was the correct one.)

Let’s take an example of sending the message “Hello World” and look at the 3 copies sent.

Copy 1: Helso Wdrld
Copy 2: H1llo Worlp
Copy 3: qello Uorld
Correct Data: Hello World

By looking at what’s common we can see that the first letter is H in the first to copies, but not in the third copy, so we can say with some surety that the first letter is H.

The second letter is e in copy 1 and copy 3, so we can again say the second letter is e.

This is a simplified example of coding the data with redundant data to aid in reconstruction.

The ratio of useful information / total transmitted is called the coding rate.

LTE coding rates can vary from 1/3 for extensive error correction, to close to 1 for almost no error correction.

Modulation Coding Scheme (MCS)

As channel conditions change continuously for each terminal/UE, LTE has to change the modulation technique and coding rate dynamically as channel conditions change for each terminal/UE.

The Modulation Coding Scheme is the combination of modulation and coding scheme used, and this changes/adapts in real time based on the signal conditions, independently for each terminal/UE.

There are 29 MCS combinations in LTE.

Magma – Facebook’s Open Source LTE / 4G EPC/OSS Platform

In February Facebook announced they’d open sourced their Magma project,

Magma provides a software-centric distributed mobile packet core and tools for automating network management.

Open-sourcing Magma to extend mobile networks

Magma’s modular software based architecture means you can scale up extra resources as needed, with no need to have physical hardware to run your EPC.

(Cisco’s Ultra Packet Core does have a virtualisation option, but it’s not cheap)

I got pretty excited by this, so I’ve ordered myself an eNodeB (Just a Picocell), a pile of USIMs, programmer and started installing an environment.

In the past I’ve used srsEPC and NextEPC and software-defined radio hardware (BladeRF) to run LTE stuff, so I’m looking forward to seeing if I can implement parts of them into Magma, and also eventually use Kamailio’s IMS modules to implement an IMS core and run VoLTE.

So let’s install Magma, explore it and lurk on the Discord, all while we kill time waiting for hardware to arrive!

Motorola GP Series CPS Unlock

The GP series of radios are locked to a specific region code by the CPS. Meaning you can’t program US radios with an Australian CPS, for example.

The lock is in the CPS, not the radio, and there’s a registry workaround:

  1. Install Motorola CPS
  2. Reboot machine
  3. Open Regedit
  4. Go to HKEY_LOCAL_MACHINE -> SOFTWARE -> Motorola -> ProRadio -> FSK
  5. Edit the string called “SerializedString
  6. Replace data with
    @%&MAHUS
  7. Open CPS software

Now you can program it regardless of region.