Cmov GSM PDF

Comunicações Móveis
Licenciatura em Engenharia Electrotécnica e de Computadores

Licenciatura em Engenharia Informática e Computação
Mobile Communication Systems: GSM

Global System for Mobile Communication
Mário Jorge Leitão
Partially adapted with permission from

Mobile Communication: Wireless Telecommunication Systems - Jochen Schiller
http://www.jochenschiller.de
Overview
GSM
formerly: Groupe Spéciale Mobile (founded 1982)
now: Global System for Mobile Communication
Pan-European standard (ETSI, European Telecommunications
Standardisation Institute)
simultaneous introduction of essential services in three phases by the
European telecommunication administrations
seamless roaming within Europe possible
today many providers all over the world use GSM (more than 180
countries in Asia, Africa, Europe, Australia, America)
more than 900 million subscribers
more than 70% of all digital mobile phones use GSM
Mário Jorge Leitão GSM 2

Performance characteristics of GSM
Communication
mobile, wireless communication; support for voice and data services
Total mobility
international access, chip-card enables use of access points of different
providers
Worldwide connectivity
one number, the network handles localization
High capacity
better frequency efficiency, smaller cells, more customers per cell
High transmission quality

high audio quality and reliability for wireless, uninterrupted phone calls
at higher speeds (e.g., from cars, trains)
Security functions
access control, authentication via chip-card and PIN
Mobile Services
GSM services
basic services
z voice services
z data services
z short message service
additional services
z emergency number
z group 3 fax
z electronic mail
supplementary services
z identification: forwarding of caller number
z suppression of number forwarding
z automatic call-back
z conferencing with up to 7 participants
z ...

Basic Services
Services are supported by traffic channels

full rate: 22.8 kbit/s (gross bit rate, unprotected transmission)
half rate: 11.4 kbit/s (gross bit rate, unprotected transmission)
Voice services (speech coding with protection)

full rate: 13 / 12.2 kbit/s (original coder / enhanced full rate coder)
half rate: 5.6 kbit/s (enhanced half rate coder)
Data services (coding with different levels of protection)

full rate: 9.6 / 4.8 / 2.4 kbit/s
half rate: 4.8 / 2.4 kbit/s
Enhanced data services

HSCSD (High Speed Circuit Switched Data)
z n X 14.4 / n X 9.6 / n X 4.8 kbit/s (n=1, 2, 3, 4)
GPRS (General Packet Radio Service)
z various rates (typically up to 53.6 kbit/s)
GSM architecture: PLMN - Public Land Mobile Network
radio cell
BSS
MS MS
radio cell
RSS BTS MS
BTS
BSC BSC
MSC MSC
NSS VLR VLR signaling
HLR ISDN, PSTN

GMSC
PDN
IWF
OSS EIR AuC OMC

RSS - Radio Subsystem: covers all radio aspects

MS Mobile Station Mobile terminal equipment
BSC Base Station Controller Management of several BTS and MS
BTS Base Transceiver Station Transmitter, receiver and antennas
BSS BSC
Base Station
Subsystem BSC
MS
BTS
NSS - Network Subsystem: switching, mobility management,

interconnection to other networks, system control
MSC Mobile Switching Centre Management of all connections
HLR Home Location Register Associated to each PLMN
VLR Visitor Location Register Associated to each MSC
GMSC Gateway MSC MSC providing interconnection to other
networks
HLR
GMSC
fixed network
VLR MSC MSC VLR
BSC BSC

OSS - Operation Subsystem: centralized operation, management, and

maintenance of all GSM subsystems
OMC Operation and Management Control of the radio and network
Centre subsystems
AuC Authentication Centre Security functions
EIR Equipment Identity Register Mobile station registration
OMC AuC EIR
Network HLR MSC

Element
GSM architecture: interfaces

radio network and fixed
subsystem switching subsystem partner networks
MS MS
ISDN
PSTN
Um MSC
Abis Interfaces
BTS
BSC Um : radio interface
BTS A
HLR Abis : standardized, open
interface with 16/64 kbit/s
SS7
user channels
VLR A: standardized, open

interface with 64 kbit/s user
channels
BTS
BSC ISDN
BTS GMSC PSTN
BSS IWF
PDN

Voice transcoding and rate adaptation
Need for transcoding and rate adaptation

BTS - 13 kbit/s air-interface (original coder)
MSC - 64 kbit/s ISDN type switching (PCM, A-law)
3 options for Transcoding and Rate Adapter Unit (TRAU)

Abis A
BTS BTS TRAU BSC MSC

64 kbit/s 64 kbit/s
BSC BTS BSC TRAU MSC

16 kbit/s 64 kbit/s
MSC BTS BSC TRAU MSC

16 kbit/s 64 kbit/s
(4 x 16 sub-mux)
Mobile addresses
Several mobile numbers are needed

IMSI - International Mobile Subscriber Identity
Mobile Country Code (MCC) + Mobile Network Code (MNC)
+ Mobile Subscriber Identification Number (MSIN)
z uniquely identifies the user (SIM card)
TMSI - Temporary Mobile Subscriber Identity

32 bits
z local number allocated by VLR, may be changed periodically
z hides the IMSI over the air interface - transmitted instead of IMSI
MSRN - Mobile Station Roaming Number

Visitor Country Code (VCC) + Visitor National destination Code (VNDC)
+ Current MSC code + temporary subscriber number
z generated by VLR for all visiting users
z helps HLR to determine current location area
z hides the IMSI inside the network

Mobile station functional groups
MT (Mobile Termination)
offers common functions used by all services the MS offers
end-point of the radio interface (Um) - equivalent to NT of an ISDN access
hides GSM radio specific characteristics
TE (Terminal Equipment)
peripheral device of the MS, offers services to a user
TA (Terminal Adapter)
interfaces MT with different types of terminal
TE1 MT TE2 TA MT
Um Um
Mobile station functional groups
SIM card (Subscriber Identity Module)

uniquely associated to a user
stores user and location addresses
z IMSI - International Mobile Subscriber Identity
z TMSI - Temporary Mobile Subscriber Identity
z LAI - Location Area Identification
supports authentication and encryption mechanisms

z PIN - Personal Identity Number
z PUK - PIN Unblocking Key
z Ki - subscriber secret authentication key
z A3 - authentication algorithm
z A8 - cipher key generation algorithm
contains personal data

z list of subscribed services
z RAM for user directory, SMS

Base transceiver station and base station controller
Tasks of a BSS are distributed over BSC and BTS

BTS comprises radio specific functions
BSC is the switching center for radio channels
z switch calls from MSC to correct BTS
Functions BTS BSC

Management of radio channels X
Frequency hopping (FH) X X
Management of terrestrial channels X
Mapping of terrestrial onto radio channels X
Channel coding and decoding X
Rate adaptation X
Encryption and decryption X X
Paging X X
Uplink signal measurements X
Traffic measurement X
Authentication X
Location registry, location update X
Handover management X
Mobile switching center
The MSC (mobile switching center) plays a central role in GSM

switching functions
additional functions for mobility support
management of network resources
interworking functions via Gateway MSC (GMSC)
integration of several databases
Specific functions of a MSC

switching of 64 kbit/s channels
paging and call forwarding
termination of SS7 (signaling system no. 7)
mobility specific signaling
location registration and forwarding of location information
support of short message service (SMS)
generation and forwarding of accounting and billing information

Location registers
Database requirements
scalability
high capacity
low delay
Home Location Register (HLR)

central master database
z data from every user that has subscribed to the operator
z one database per operator
z may be replicated
subscriber data
z list of subscribed services with parameters and restrictions
location data
z current MSC/VLR address
Location registers
Visitor Location Register (VLR)

local database
z data about all users currently in the domain of the VLR
z includes roamers and non-roamers
z associated to each MSC
subscriber identity
temporary location
z LAI - Location Area Identification
temporary addresses
z MSRN - Mobile Station Roaming Number

GSM location / mobile addresses: summary
HLR - Home Location Register

Permanent IMSI - International Mobile Subscriber Identity
Temporary MSRN - Mobile Station Roaming Number
VLR - Visitor Location Register

LAI - Location Area Identification

Temporary MSRN - Mobile Station Roaming Number
SIM - Subscriber Identity Module

LAI - Location Area Identification

Temporary
Operation subsystem elements
Authentication Center (AuC)

associated to HLR
search key: IMSI
supports authentication and encryption mechanisms
z Ki - subscriber secret authentication key
z A3 - authentication algorithm
z A8 - cipher key generation algorithm
Equipment Identity Register (EIR)

stores mobile stations IMEI (International Mobile Equipment Identity)
white list - mobile stations allowed to connect without restrictions
black list - mobile stations locked (stolen or not type approved)
gray list - mobile stations under observation for possible problems
Operation and Maintenance Center (OMC)

control capabilities for the radio and the network subsystems

GSM - TDMA/FDMA
935-960 MHz
124 channels (200 kHz)
downlink
y FDMA channels
e nc
qu
890-915 MHz
fre
124 channels (200 kHz)

uplink
time
TDMA frame
0 1 2 3 4 5 6 7
4.615 ms
Radio interface
time-slot (normal burst) bit rate
guard 156.25 bits/0.5769 ms=
tail user data S training S user data tail space 270.8 kbit/s
3 bits 57 bits 1 26 bits 1 57 bits 3 bits 8.25 bits
148 bits / 0.5465 ms
156.25 bits / 0.5769 ms
Burst structures
Normal Burst: normal data transmission

TB CD S TS S CD TB GP
3 57 1 26 1 57 3 8.25
Trainin Sequence - allows estimation of Guard Period - avoids

propagation characteristics (including multipath), overlapping between bursts
in order to set up the equaliser parameters Tail Bits - assist receiver
equalisation (set to 0)
Stealing flags - indicate that a burst normally
assigned to traffic is stolen for signalling Coded Data - user data transmission
Access Burst: MS first time access

TB SS CD TB GP
8 41 36 3 68.25
Synchronisation Sequence - Guard Period - long period since

long training sequence Coded Data - channel or time advance is not yet defined
handover access request

Burst structures
Frequency Correction Burst: frequency synchronisation of the MS
TB FBS TB GP
3 142 3 8.25
Fixed Bit Sequence - frequency

information for MS local oscilator locking
Synchronisation Burst: time synchronisation of the MS

TB CD SS CD TB GP
3 39 64 39 3 8.25
Synchronisation Sequence -
long training sequence
Coded Data - data used to align the mobile

to the base station's time-slot structure
Frame hierarchy
frame
8 x 15/26 ms = 60/13 ms = 4.615 ms
time-slot
15/26 ms = 0.577 ms
0 1 2 3 4 5 6 7 frame 0
2 frame 1
2 frame 2
traffic multiframe
26 x 60/13 = 120 ms
2 frame 24 x 51
2 frame 25
x 2048
superframe (*) hyperframe (**)
6.12 s ≈ 3.5 hours
0 1 2 3 4 5 6 7 frame 0
0 frame 1
x 26
0 frame 2
control multiframe
51 x 60/13 = 235.38 ms
0 frame 49
0 frame 50 (*) - aligns traffic and control multiframes

(**) - allows cycle for frame number

Logical channels
TCH CCH
Traffic Channels Control Channels
CCCH DCCH
Full-rate Half-rate BCH
Common Dedicated
Broadcast
Control Control
Channels
TCH/F TCH/H Channels Channels
Half-rate
TrafficChannels
TrafficChannels
Full-rate
ACCH
FCCH SCH BCCH RACH AGCH PCH
Associated
Frequency Correction
Channel
Channel
Random Access
Channel
Channel
Channel
Paging
Broadcast
Access Grant
Synchronization
Control Channel
Control
Channels
SDCCH SACCH FACCH
Fast Associated
Control Channel
Dedicated
Slow Associated
Stand-alone
Control Channel
Control Channel
Uplink channel: MS transmits
Downlink channel: BTS transmits
Bi-direccional channel: both transmit
Logical channels
Channel Direction Application Allocation
TCH TCH/H Allocated by network on

BTS ↔ MS User data
Traffic Channels TCH/F demand by MS
FCCH Carrier synchronization

BCH
Broadcast SCH BTS → MS Frame synchronisation Permanent
Channels
General network information
BCCH
Cell information (present and adjacent)
Request SDCCH for signalling Multiple access with slotted
RACH BTS ← MS
CCCH Request TCH for handover Alhoa contention between MS
Common
AGCH Confirmation of SDCCH or TCH request
Control
Channels BTS → MS Permanent
PCH Allert MS to a call originated in the network
Registration / location updating Allocated by network on

SDCCH
DCCH Call control procedures demand
Dedicated Control information between MS and BTS Associated to a specific TCH
SACCH BTS ↔ MS
Control during the progress of a call or call set up or SDCCH
Channels Exchange of time critical control information
FACCH Allocated by network or MS (*)
during the progress of a call
(*) Fast allocation by setting S bit; bits are stolen from TCH

Logical channels
Bursts /
Channel Burst type Time-slot Mulitiframe Capacity
Multiframe
TCH TCH/H Normal 26 frames 24 24 x 114 / 120 = 22.8 kbit/s
Any
Traffic Channels TCH/F (114 data bits) (120 ms) 12 12 x 114 / 120 = 11.4 kbit/s
Frequency
FCCH 5
correction
BCH
TS0 - base channel (*) 51 frames
Broadcast SCH Synchronisation 5
TS0/TS2/TS4/TS6 (**) (235.38 ms)
Channels
Normal
BCCH 4 4 x 114 / 235.38 = 1.94 kbit/s
(114 data bits)
Random 27 minimum
RACH
CCCH access 51 typical
Common TS0 - base channel (*) 51 frames
AGCH
Control Normal TS2/TS4/TS6 (**) (235.38 ms) 12 x 114 / 235.38 = 5.81 kbit/s
Channels 12 minimum
(114 data bits) minimum
PCH
TS0 - base channel (*)

SDCCH 51 frames 4 4 x 114 / 120 = 3.8 kbit/s
TS0/TS2/TS4/TS6 (**)
DCCH (235.38 ms)
Dedicated Normal Same TS as SDCCH 2 (***) 2 x 114 / 120 = 1.9 kbit/s
SACCH
Control (114 data bits) Same TS as TCH 1 1 x 114 / 120 = 0.95 kbit/s
Channels 26 frames
Same TS as TCH (bits (120 ms) Same as
FACCH Same as TCH
stolen from TCH) TCH
(*) Low capacity cells (***) 4 bursts in 2 multiframes

(**) High capacity cells equivalent to 2 bursts/ multiframe
Transmission / reception timing
Transmit / receive frame staggering

to simplify hardware design, transmitter and receiver never operate at
the same time
transmission is half-duplex
the numbering scheme is staggered by 3 time-slots
receive receive
downlink
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
uplink
0 1 2 3 4 5 6 7 0 1 2 3 4 5
transmit transmit

Transmission / reception timing
Transmit time advance

Principle of operation
z correct timing of uplink bursts at the BTS is required to avoid overlapping
z different path delays (MS-BTS distances) must be compensated
z transmission from the MS is advanced 0-63 bits under BTS control
z maximum time advance of 63 bits allows 0.233 ms round trip delay
z maximum cell radius is approximately 35 km
Initial ranging
z Access Burst is transmitted without time advance
z Guard Period of 68.25 bits allows for a path delay due to 37 km distance
z BTS measures path delay and sends required time advance on SACCH
z MS introduces time advance on all bursts
Adaptive control
z BTS monitors burst and measures delays with specified time advance
z if path delay varies more than 1 bit period, the new value is signalled on
SACCH
Frequency hopping
Application of frequency hoping

optional, but usually implemented
channels with no frequency hopping: BCH and CCCH
Hoping sequence
several possible hoping algorithms
selected algorithm broadcast on BCCH
Slow frequency hopping characteristics

in a given time-slot, successive TDMA frame are transmitted on different
carriers
main hoping parameters
z period: 4.615 ms
z frequency: 217 hops/s
z number of bits: 1250 bits/hop

Transmission power
Mobile station power classes
GSM 900 GSM 1800

8W 39 dBm vehicular 4W 36 dBm vehicular
5W 37 dBm portable 1W 30 dBm portable
2W 33 dBm portable 0.25 W 24 dBm portable usual classes
0.8 W 29 dBm portable
Discontinuous transmission (DTX) for voice

no data transmission during periods of silence (approx. 60% of time)
z Voice Activity Detector (VAD) algorithm suppresses TCH transmission
silent frames are sent to synthesise comfort noise at the receiver

several advantages
z reduces interference, on average, by 3 dB
z Increases MS battery life
Transmission power
Power control
implemented on both links
objective: lowest power level which provides desired quality (BER)
procedure
z MS measures power received and BER and sends result on SACCH
z BTS sends new power level on SACCH, if and when necessary
control range
GSM 900 GSM 1800 Comments
effective maxima depend on cell size and MS capability
5 - 39 dBm 0 - 36 dBm
control steps of 2 dB
channels with no power control - use maximum power for the cell
z downlink BCH and CCCH: power set by BTS
z uplink RACH
– BCCH broadcasts maximum power level for the cell
– MS uses this value to set RACH transmission power

Security in GSM
Security services
access control/authentication
z user Î SIM (Subscriber Identity Module): secret PIN (Personal
Identification Number)
z SIM Î network: challenge - response method
confidentiality
z voice and signaling encrypted on the wireless link (after successful
authentication)
anonymity
“secret”:
• A3 and A8
z newly assigned at each new location update available via the
z encrypted transmission Internet
• network providers
3 algorithms specified in GSM can use stronger
mechanisms
A3 for authentication (“secret”, open interface)
A5 for encryption (standardized)
A8 for encryption key generation (“secret”, open interface)
GSM - authentication
mobile network SIM
RAND
Ki RAND RAND Ki
AuC 128 bit 128 bit 128 bit 128 bit
A3 A3
SIM
SRES* 32 bit SRES 32 bit
SRES
MSC SRES* =? SRES SRES
32 bit
Ki: individual subscriber authentication key SRES: signed response

GSM - key generation and encryption
mobile network (BTS) MS with SIM
RAND
Ki RAND RAND Ki
AuC 128 bit 128 bit 128 bit 128 bit SIM
A8 A8
cipher Kc
key 64 bit Kc
64 bit
data encrypted SRES
data
BTS
data MS
A5 A5
GSM protocol layers for signaling
Um Abis A
MS BTS BSC MSC
CM CM
MM MM
BSSAP BSSAP
RR RR’
RR’ BTSM BTSM
SS7 SS7
LAPDm LAPDm LAPD LAPD
radio radio PCM PCM PCM PCM
16/64 kbit/s 64 kbit/s /

2048 kbit/s

GSM protocol layers for signaling
CM (Connection Management)
call control, short message service and supplementary service
MM (Mobility Management)
registration, authentication, location and handover management
RR (Radio Resource Management)

setup, maintenance and release of radio channels
control of radio transmission quality
LAPDm (“Link Access Protocol D-channel” modified)

modified version of ISDN LAPD protocol
BTSM (Base Transceiver Station Management)

radio resources control messages between BSC and BTS
BSSAP (Base Station System Application Part)

control of BSC by MSC
Mobile Terminated Call
1: calling a GSM subscriber

4
2: forwarding call to GMSC HLR VLR
3: signal call setup to HLR 5
3 6 15 8 9
4, 5: get routing info
14
(MSRN) from VLR
calling
6: forward routing station 1
PSTN GMSC MSC
2 7
info to GMSC
10 10 13 10
7: route call to current MSC 16
8, 9: get current status of MS (LAI + TMSI) BSS BSS BSS
11 11 11
10, 11: paging of MS in location area
11 12
12, 13: MS answers paging and
17
authentication request
MS
14, 15: security checks
16, 17: set up connection

Channel activity at radio interface

BTS MS
BCCH System parameters and other overhead idle updated
incoming call PCH Paging message to specified TMSI

announced TMSI
matches stored value
Channel request RACH
successful access
AGCH Assign stand alone dedicated control channel
successful paging Paging acknowledge SDCCH

send RAND
calculate SRES / Kc
SDCCH Authentication request calculate SRES / Kc
Authentication response SDCCH send SRES

SRES confirmed
SDCCH Request to transmit in cipher mode switch to cipher mode
Acknowledge cipher mode request SDCCH
Channel activity at radio interface (cont.)

BTS MS
SDCCH Setup message for incoming call
SDCCH Assign traffic channel and release SDCCH switch signaling to

FACCH using
Acknowledge channel assignment FACCH assigned TCH
FACCH Alerting mobile generate ringing sound
Connect FACCH mobile off-hook
switch to traffic channel FACCH Connect acknowledge switch to traffic channel
TCH data flow
remote party on-hook FACCH Disconnect
Release FACCH
FACCH Release complete
FACCH Release traffic channel idle updated

Mobile Originated Call
1, 2: connection and authentication

request
HLR
3, 4: security check
5-8: check resources (free circuit) 3 4
9-10: set up call 6 5
PSTN GMSC MSC
7 8
2 9
1
MS BSS
10

BTS MS
Channel request RACH number dialed

successful access
Call establishment request SDCCH

send RAND
calculate SRES / Kc

SRES confirmed


BTS MS
Setup message for outgoing call SDCCH
SDCCH Assign traffic channel and release SDCCH switch signaling to

FACCH using
Acknowledge channel assignment FACCH assigned TCH
remote party ringing FACCH Alerting remote party ringing tone
remote party off-hook FACCH Connect
switch to traffic channel Connect acknowledge FACCH switch to traffic channel
TCH data flow
Disconnect FACCH mobile on-hook
FACCH Release
Release complete FACCH
FACCH Release traffic channel idle updated
4 types of handover
1
2 3 4
MS MS MS MS
BTS BTS BTS BTS
BSC BSC BSC
MSC MSC
1 - between different sectors of the same cell

2 - between different cells within the same BSC domain
3 - between different BSC domains within the same MSC domain
4 - between different MSC domains

Handover decision
receive level receive level

BTSold BTSnew
handover
margin
HO_MARGIN
MS MS
BTSold BTSnew
Mobile-Assisted Handover (MAHO)
MS scans, measures and reports power received from several RF carrier based on BCCH information
OLD NEW
MS BTS BSC MSC BSC BTS
measurement measurement
report result
HO decision
HO required HO request
resource allocation
ch. activation
HO request ack ch. activation ack

HO command HO command
HO command
HO access
link establishment
HO complete HO complete
clear command clear command
clear complete clear complete

Location update
MS is aware of location
BTS broadcasts Location Area Identification (LAI) on BCCH
SIM stores current LAI and TMSI
Events which determine a current location update

MS is switched on and current LAI equals stored LAI
a timer set by the network expires and MS reports position
ªTMSI may be updated and stored in SIM
Events which determine a new location update
MS is switched on and current LAI differs from stored LAI
MS enters a new location area
ªTMSI and LAI are updated and stored in SIM
Location update
OLD NEW
MSCold VLRold HLR VLR MSC MS
location update
location update request
request
request IMSI (old LAI/TMSI sent)
send IMSI
send IMSI
update location update location

request
update
cancel location confirmed update
request confirmed update
cancel location confirmed
cancellation
confirmed cancellation
confirmed

Location update

BTS MS
Channel request RACH

successful access
Location updating request SDCCH old LAI/TMSI sent

send RAND
calculate SRES / Kc

SRES confirmed

new TMSI sent
(optional)
SDCCH Location update confirmed store LAI/TMSI in SIM
Acknowledge new location SDCCH
SDCCH Release stand alone dedicated control channel idle updated

Cmov GSM PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Cmov GSM PDF

Hochgeladen von

Copyright:

Verfügbare Formate

Comunicações Móveis

Licenciatura em Engenharia Electrotécnica e de Computadores

Mobile Communication Systems: GSM

Mário Jorge Leitão

Partially adapted with permission from

Mário Jorge Leitão GSM 2

High transmission quality

Mário Jorge Leitão GSM 3

Mário Jorge Leitão GSM 4

 Services are supported by traffic channels

 Voice services (speech coding with protection)

 Data services (coding with different levels of protection)

 Enhanced data services

Mário Jorge Leitão GSM 5

GSM architecture: PLMN - Public Land Mobile Network

NSS VLR VLR signaling

HLR ISDN, PSTN

OSS EIR AuC OMC

Mário Jorge Leitão GSM 6

RSS - Radio Subsystem: covers all radio aspects

 BSC Base Station Controller Management of several BTS and MS

 BTS Base Transceiver Station Transmitter, receiver and antennas

Mário Jorge Leitão GSM 7

GSM architecture: PLMN - Public Land Mobile Network

NSS - Network Subsystem: switching, mobility management,

VLR MSC MSC VLR

Mário Jorge Leitão GSM 8

OSS - Operation Subsystem: centralized operation, management, and

 AuC Authentication Centre Security functions

 EIR Equipment Identity Register Mobile station registration

OMC AuC EIR

Network HLR MSC

Mário Jorge Leitão GSM 9

GSM architecture: interfaces

VLR  A: standardized, open

Mário Jorge Leitão GSM 10

 Need for transcoding and rate adaptation

 3 options for Transcoding and Rate Adapter Unit (TRAU)

BTS BTS TRAU BSC MSC

BSC BTS BSC TRAU MSC

MSC BTS BSC TRAU MSC

Mário Jorge Leitão GSM 11

 Several mobile numbers are needed

 TMSI - Temporary Mobile Subscriber Identity

 MSRN - Mobile Station Roaming Number

Mário Jorge Leitão GSM 12

Mário Jorge Leitão GSM 13

Mobile station functional groups

 SIM card (Subscriber Identity Module)

 supports authentication and encryption mechanisms

 contains personal data

Mário Jorge Leitão GSM 14

 Tasks of a BSS are distributed over BSC and BTS

Functions BTS BSC

Mário Jorge Leitão GSM 15

Mobile switching center

 The MSC (mobile switching center) plays a central role in GSM

 Specific functions of a MSC

Mário Jorge Leitão GSM 16

 Home Location Register (HLR)

Mário Jorge Leitão GSM 17

Visitor Location Register (VLR)

Mário Jorge Leitão GSM 18

Services are supported by traffic channels

Voice services (speech coding with protection)

Data services (coding with different levels of protection)

Enhanced data services

BSC Base Station Controller Management of several BTS and MS

BTS Base Transceiver Station Transmitter, receiver and antennas

AuC Authentication Centre Security functions

EIR Equipment Identity Register Mobile station registration

VLR A: standardized, open

Need for transcoding and rate adaptation

3 options for Transcoding and Rate Adapter Unit (TRAU)

Several mobile numbers are needed

TMSI - Temporary Mobile Subscriber Identity

MSRN - Mobile Station Roaming Number

SIM card (Subscriber Identity Module)

supports authentication and encryption mechanisms

contains personal data

Tasks of a BSS are distributed over BSC and BTS

The MSC (mobile switching center) plays a central role in GSM

Specific functions of a MSC

Home Location Register (HLR)

Normal Burst: normal data transmission

Access Burst: MS first time access

Frequency Correction Burst: frequency synchronisation of the MS

Synchronisation Burst: time synchronisation of the MS

Transmit / receive frame staggering

Transmit time advance

Application of frequency hoping

Slow frequency hopping characteristics

Mobile station power classes

Discontinuous transmission (DTX) for voice

silent frames are sent to synthesise comfort noise at the receiver

RR (Radio Resource Management)

LAPDm (“Link Access Protocol D-channel” modified)

BTSM (Base Transceiver Station Management)

BSSAP (Base Station System Application Part)

Channel activity at radio interface