Showing posts with label GPRS. Show all posts
Showing posts with label GPRS. Show all posts

Thursday, January 4, 2018

Introduction to 3GPP Security in Mobile Cellular Networks


I recently did a small presentation on 3GPP Security, looking at the how the security mechanism works in mobile cellular networks; focusing mainly on signaling associated with authentication, integrity protection and ciphering / confidentiality. Its targeted towards people with basic understanding of mobile networks. Slides with embedded video below.



You can also check-out all such videos / presentations at the 3G4G training section.

Friday, June 17, 2016

History: 30 years of the mobile phone in the UK


In January 1985 the UK launched its first mobile networks. Now, thirty years on, many people and companies in the UK have been celebrating this enormous achievements and advances that have been made since then and which have seen the mobile evolve from a humble telephone into the multimedia pocket computer which has become such an essential part of modern life. It was simply not possible in 1985 to envisage a country that would be able to boast more active mobile phones than people or to have along the way clocked up several world firsts, and be now leading on the deployment of 4G and shaping the future 5G technologies.

Below is a series of talks in an event organised by University of Salford,



The following talks are part of playlist:

1. Launch of Vodafone – Nigel Linge, on behalf of Vodafone
2. Launch of Cellnet - Mike Short, O2
3. The emergence of GSM - Stephen Temple, 5GIC
4. The launch of Mercury one2one and Orange - Graham Fisher, Bathcube Telecoms
5. From voice to data - Stuart Newstead, Ellare
6. Telepoint - Professor Nigel Linge, University of Salford
7. 3G - Erol Hepsaydir, 3 UK
8. Handset evolution and usage patterns - Julian Divett, EE
9. 4G and onwards to 5G – Professor Andy Sutton, EE  and University of Salford.

For anyone interested in reading about the history of mobile phones in UK, read this book below with more facts and figures


If you have any facts to share, please feel free to add in the comments below.

Monday, October 10, 2011

What is GELTE?

GSM, EDGE and LTE Interworking.
This presentation available to download from here.

Sunday, July 17, 2011

Network Mode of Operation (NMO)

Picture Source: Tektronix

The Network Mode of Operation (NMO) is also sometimes referred to as Network Operation Mode (NOM). The Network Modes have different values and interpretation in UTRAN and GERAN

In both the cases the Operation modes is decided based on the Gs interface between the CS CN (core network) a.k.a. MSC and the PS CN a.k.a. SGSN

In UTRAN:

Network Operation Mode I (NMO-I) is used when the Gs interface is present. In this case during the registration a Combined Attach (includes GPRS Attach & IMSI Attach procedures) procedure can be performed. A GMM Attach Request message with the attach type set to Combined Attach is used. Upon completion of this procedure, MM Status is IMSI Attached and GMM State is Attached.

In Network Operation Mode II (NMO-II) the GS Interface is not present. So the GMM attach procedure and the IMSI Attach (via Location Update) has to be performed seperately. This causes additional signalling.

Basic air interface signalling in case of NMO2 is shown here.


In GERAN:

Network operation mode 1. A network which has the Gs interface implemented is referred to as being in network operation mode 1. CS and PS paging is coordinated in this mode of operation on either the GPRS or the GSM paging channel. If the mobile device has been assigned a data traffic channel then CS paging will take place over this data channel rather than the paging channel (CS or PS).

Network operation mode 2. The Gs interface is not present and there is no GPRS paging channel present. In this case, paging for CS and PS devices will be transferred over the standard GSM common control channel (CCCH) paging channel. Even if the mobile device has been assigned a packet data channel, CS paging will continue to take place over the CCCH paging channel and thus monitoring of this channel is still required.

Network operation mode 3. The Gs interface is not present. CS paging will be transferred over the CCCH paging channel. PS paging will be transferred over the packet CCCH (PCCCH) paging channel, if it exists in the cell. In this case the mobile device needs to monitor both the paging channels.

The GERAN part above is extract from the book Convergence Technologies for 3G Networks.


The Gs interface, has a number of subtle but important advantages:

During an ongoing GPRS / EDGE data transfer (TBF established), mobiles can't detect incoming voice calls and SMS messages as they are focused on receiving packets and thus can not observe the paging channel. In NMO-1, the circuit switched part of the network forwards the paging message to the packet switched side of the network which then forwards the paging message between the user data blocks while a data transfer is ongoing. Mobiles can thus receive the paging message despite the ongoing data transfer, interrupt the session and accept the voice call or SMS.

Location/Routing area updates when moving to a cell in a different location/routing area are performed much faster as the mobile only communicates with the packet switched part of the network. The packet switched network (the SGSN) then forwards the location update to the circuit switched part of the network (to the MSC) which spares the mobile from doing it itself. This is especially important for ongoing data transfers as these are interrupted for a shorter period of time.

Cell reselections from UMTS to GPRS can be executed much faster due to the same effect as described in the previous bullet. Whithout NOM-1 an Inter RAT (Radio Access Technology) cell reselection with Location and Routing Area update requires around 10 to 12 seconds. With NOM-1 the time is reduced to around 5 to 6 seconds. An important difference as this reduces the chance to miss an incoming call during the change of the radio network. Also, ongoing data transfers are interrupted for a shorter time,an additional benefit that should not be underestimated.


Thursday, December 16, 2010

Packet Flow in 2.5G, 3G, 3.5G and 4G




The 'LTE Signaling' is a very interesting book just being released that is a must have for people who are involved in design, development and testing. A book that explains the basic concepts from beginning till advanced concepts and explains how different components and interfaces fit together.

Though I havent yet read this book, I have read the earlier one titled UMTS Signaling, from the same authors that is an excellent reference for understanding Signalling in UMTS. I have no doubt that this book will be the same high quality.

The Excerpt on Wiley's website provides complete chapter 1 which is quite detailed and the Packet flow pictures and details below is extracted from this book.
The first stage of the General Packet Radio Service (GPRS), that is often referred to as the 2.5G network, was deployed in live networks starting after the year 2000. It was basically a system that offered a model of how radio resources (in this case, GSM time slots) that had not been used by Circuit Switched (CS) voice calls could be used for data transmission and, hence, profitability of the network could be enhanced. At the beginning there was no pre-emption for PS (Packet Switched) services, which meant that the packet data needed to wait to be transmitted until CS calls had been finished.

In contrast to the GSM CS calls that had a Dedicated Traffic Channel (DTCH) assigned on the radio interface, the PS data had no access to dedicated radio resources and PS signaling, and the payload was transmitted in unidirectional Temporary Block Flows (TBFs) as shown in Figure 1.2.

In Release 99, when a PDP (Packet Data Protocol) context is activated the UE is ordered by the RNC (Radio Network Controller) to enter the Radio Resource Control (RRC) CELL_DCH state. Dedicated resources are assigned by the Serving Radio Network Controller (SRNC): these are the dedicated physical channels established on the radio interface. Those channels are used for transmission of both IP payload and RRC signaling – see Figure 1.7. RRC signaling includes the exchange of Non-Access Stratum (NAS) messages between the UE and SGSN.

The spreading factor of the radio bearer (as the combination of several physical transport resources on the Air and Iub interfaces is called) depends on the expected UL/DL IP throughput. The expected data transfer rate can be found in the RANAP (Radio Access Network Application Part) part of the Radio Access Bearer (RAB) assignment request message that is used to establish the Iu bearer, a GPRS Tunneling Protocol (GTP) tunnel for transmission of a IP payload on the IuPS interface between SRNC and SGSN. While the spreading factor controls the bandwidth of the radio connection, a sophisticated power control algorithm guarantees the necessary quality of the radio transmission. For instance, this power control ensures that the number of retransmitted frames does not exceed a certain critical threshold.

Activation of PDP context results also in the establishment of another GTP tunnel on the Gn interface between SGSN and GGSN. In contrast to IuPS, where tunnel management is a task of RANAP, on the Gn interface – as in (E)GPRS – the GPRS Tunneling Protocol – Control (GTP-C) is responsible for context (or tunnel) activation, modification, and deletion.

However, in Release 99 the maximum possible bit rate is still limited to 384 kbps for a single connection and, more dramatically, the number of users per cell that can be served by this highest possible bit rate is very limited (only four simultaneous 384 kbps connections per cell are possible on the DL due to the shortness of DL spreading codes).

To increase the maximum possible bit rate per cell as well as for the individual user, HSPA was defined in Releases 5 and 6 of 3GPP.

In High-Speed Downlink Packet Access (HSDPA) the High-Speed Downlink Shared Channel (HSDSCH) which bundles several High-Speed Physical Downlink Shared Channels (HS-PDSCHs) is used by several UEs simultaneously – that is why it is called a shared channel.

A single UE using HSDPA works in the RRC CELL_DCH state. For DL payload transport the HSDSCH is used, that is, mapped onto the HS-PDSCH. The UL IP payload is still transferred using a dedicated physical data channel (and appropriate Iub transport bearer); in addition, the RRC signaling is exchanged between the UE and RNC using the dedicated channels – see Figure 1.8.

All these channels have to be set up and (re)configured during the call. In all these cases both parties of the radio connection, cell and UE, have to be informed about the required changes. While communication between NodeB (cell) and CRNC (Controlling Radio NetworkController) uses NBAP (Node B Application Part), the connection between the UE and SRNC (physically the same RNC unit, but different protocol entity) uses the RRC protocol.

The big advantage of using a shared channel is higher efficiency in the usage of available radio resources. There is no limitation due to the availability of codes and the individual data rate assigned to a UE can be adjusted quicker to the real needs. The only limitation is the availability of processing resources (represented by channel card elements) and buffer memory in the base station.

From the user plane QoS perspective the two major targets of LTE are:
• a further increase in the available bandwidth and maximum data rate per cell as well as for the individual subscriber;
• reducing the delays and interruptions in user data transfer to a minimum.

These are the reasons why LTE has an always-on concept in which the radio bearer is set up immediately when a subscriber is attached to the network. And all radio resources provided to subscribers by the E-UTRAN are shared resources, as shown in Figure 1.9. Here it is illustrated that the IP payload as well as RRC and NAS signaling are transmitted on the radio interfaces using unidirectional shared channels, the UL-SCH and the Downlink Shared Channel (DL-SCH). The payload part of this radio connection is called the radio bearer. The radio bearer is the bidirectional point-to-point connection for the user plane between the UE and eNodeB (eNB). The RAB is the user plane connection between the UE and the Serving Gateway (S-GW) and the S5 bearer is the user plane connection between the S-GW and public data network gateway (PDN-GW).

The end-to-end connection between the UE and PDN-GW, that is, the gateway to the IP world outside the operator’s network, is called a PDN connection in the E-UTRAN standard documents and a session in the core network standards. Regardless, the main characteristic of this PDN connection is that the IP payload is transparently tunneled through the core and the radio access network.

To control the tunnels and radio resources a set of control plane connections runs in parallel with the payload transport. On the radio interface RRC and NAS signaling messages are transmitted using the same shared channels and the same RLC transport layer that is used to transport the IP payload.

RRC signaling terminates in the eNB (different from 3G UTRAN where RRC was transparently routed by NodeB to the RNC). The NAS signaling information is – as in 3G UTRAN – simply forwarded to the Mobility Management Entity (MME) and/or UE by the eNB.

You can read in detail about all these things and much more from the Wiley's website here.

Tuesday, October 5, 2010

3GPP Green activities / Energy Saving initiatives


3GPP has been working on Energy saving initiatives for Release-10 and Release-11. Here is a very quick summary of some of these items.

Telecommunication management; Study on Energy Savings Management (ESM)

Most mobile network operators aim at reducing their greenhouse emissions, by several means such as limiting their networks' energy consumption.

In new generation Radio Access Networks such as LTE, Energy Savings Management function takes place especially when mobile network operators want e.g. to reduce Tx power, switch off/on cell, etc. based on measurements made in the network having shown that there is no need to maintain active the full set of NE capabilities.

By initiating this Work Item about Energy Savings Management, 3GPP hopes to contribute to the protection of our environment and the environment of future generations.

The objective of this technical work is to study automated energy savings management features. Usage of existing IRPs is expected as much as possible, e.g. Configuration Management IRP, etc. However, this technical work may identify the need for defining a new IRP.

The following operations may be considered in this study item (but not necessarily limited to):
• Retrieval of energy consumption measurements
• Retrieval of traffic load measurements
• Adjust Network Resources capabilities


OAM aspects of Energy Saving in Radio Networks

There are strong requirements from operators on the management and monitoring of energy saving functions and the evaluation of its impact on the network and service quality. Therefore an efficient and standardized Management of Energy Saving functionality is needed. Coordination with other functionalities like load balancing and optimization functions is also required.

The objectives of this work item are:
• Define Energy Savings Management OAM requirements and solutions for the following use cases,
• eNodeB Overlaid
• Carrier restricted
• Capacity Limited Network
• Define OAM requirements and solutions for coordination of ESM with other functions like
• Self-Optimization
• Self Healing
• Traditional configuration management
• Fault Management
• Select existing measurements which can be used for assessing the impact and effect of Energy Saving actions corresponding to above Energy Saving use cases.
• Define new measurements which are required for assessing the impact and effect of Energy Saving actions, including measurements of the energy consumption corresponding to above Energy Saving use cases.


Study on impacts on UE-Core Network signalling from Energy Saving

Energy Saving (ES) mechanisms are becoming an integral part of radio networks, and consequently, of mobile networks. Strong requirements from operators (for reasons of cost and environmental image) and indirectly from authorities (for the sake of meeting overall international and national targets) have been formulated. With the expected masses of mobile network radio equipment as commodities, in the form of Home NB/eNBs, this aspect becomes even more crucial.

It is necessary to ensure that ES does not lead to service degradation or inefficiencies in the network. In particular:
• the activation status of radio stations (on/off) introduces a new scale of dynamicity for the UE and network;
• mass effects in signalling potentially endanger the network stability and need to be handled properly.

It is unclear whether and how currently defined procedures are able to cope with, and eventually can be optimized for, ES conditions; thus a systematic study is needed.

The study aims, within the defined CT1 work areas, at:
• analysing UE idle mode procedures and UE-Core Network signalling resulting from frequent switch on/off of radio equipment in all 3GPP accesses, including home cell deployment and I-WLAN;
• performing a corresponding analysis for connected mode UEs;
• analysing similar impacts from activation status of non-3GPP access networks;
• documenting limitations, weaknesses and inefficiencies in these procedures, with emphasis on mass effects in the UE-Core Network signalling;
• studying potential optimizations and enhancements to these procedures;

The study shall also evaluate and give recommendations on potential enhancements to 3GPP specifications (whether and where they are seen necessary).


Study on Solutions for Energy Saving within UTRA Node B

Due to the need to reduce energy consumption within operators’ networks, and considering the large amount of UMTS network equipment deployed in the field around the world, the standardisation of methods to save energy in UMTS Node Bs is seen as an important area of study for 3GPP.There has not been a large amount of focus on energy-saving in UMTS networks so far in 3GPP, although some solutions have been agreed in Release 9. Therefore it is proposed to start an initial study phase to identify solutions and perform any initial evaluation, such that a subset of these proposals can be used as the basis for further investigation of their feasibility.

The objective is to do an initial study to identify potential solutions to enable energy saving within UMTS Node-Bs, and do light initial evaluation of the proposed solutions, with the aim that a subset of them can be taken forward for further investigation as part of a more focused study in 3GPP.

The solutions identified in this study item should consider the following aspects:
• Impacts on the time for legacy and new UEs to gain access to service from the Node B
• Impacts on legacy and new terminals (e.g. power consumption, mobility)

Some initial indication of these aspects in relation to the proposed solutions should be provided.


Study on Network Energy Saving for E-UTRAN

The power efficiency in the infrastructure and terminal should be an essential part of the cost-related requirements in LTE-A. There is a strong need to investigate possible network energy saving mechanisms to reduce CO2 emission and OPEX of operators.

Although some solutions have been proposed and part of them have been agreed in Release-9, there has not been a large amount of attention on energy saving for E-UTRAN so far. Many potential solutions are not fully shown and discussed yet. Therefore, it is proposed to start an initial study phase to identify solutions, evaluate their gains and impacts on specifications.

The following use cases will be considered in this study item:
• Intra-eNB energy saving
• Inter-eNB energy saving
• Inter-RAT energy saving

Intra-eNB energy saving, in EUTRAN network, a single cell can operate in energy saving mode when the resource utilization is sufficiently low. In this case, the reduction of energy consumption will be mainly based on traffic monitoring with regard to QoS and coverage assurance.

A lot of work on Inter-eNB energy saving has already been done for both LTE and UTRA in Rel-9. This Study Item will investigate additional aspects (if any) on top of what was already agreed for R9.

Inter-RAT energy saving, in this use case, legacy networks, i.e. GERAN and UTRAN, provide radio coverage together with E-UTRAN. For example E-UTRAN Cell A is totally covered by UTRAN Cell B. Cell B is deployed to provide basic coverage of the voice or medium/low-speed data services in the area, while Cell A enhances the capability of the area to support high-speed data services. Then the energy saving procedure can be enabled based on the interaction of E-UTRAN and UTRAN system.

The objective of this study item is to identify potential solutions for energy saving in E-UTRAN and perform initial evaluation of the proposed solutions, so that a subset of them can be used as the basis for further investigation and standardization.

Energy saving solutions identified in this study item should be justified by valid scenario(s), and based on cell/network load situation. Impacts on legacy and new terminals when introducing an energy saving solution should be carefully considered. The scope of the study item shall be as follows:
• User accessibility should be guaranteed when a cell transfers to energy saving mode
• Backward compatibility shall be ensured and the ability to provide energy saving for Rel-10 network deployment that serves a number of legacy UEs should be considered
• Solutions shall not impact the Uu physical layer
• The solutions should not impact negatively the UE power consumption

RAN2 will focus on the Intra-eNB energy saving, while RAN3 will work on Inter-RAT energy saving and potential additional Inter-eNB energy saving technology.


Study on Solutions for GSM/EDGE BTS Energy Saving

There has not been a large amount of focus on energy-saving in GSM/EDGE networks so far in 3GPP, although some solutions have been agreed in previous Releases, notably MCBTS. Therefore it is proposed to start an initial study phase to identify solutions and perform any initial evaluation, such that a subset of these proposals can be used as the basis for further investigation of their feasibility.

The objective is to study potential solutions to enable energy saving within the BTS (including MCBTS and MSR), and evaluate each proposed solutions in detail. These potential solutions shall focus on the following specific aspects
• Reduction of Power on the BCCH carrier (potentially enabling dynamic adjustment of BCCH power)
• Reduction of power on DL common control channels
• Reduction of power on DL channels in dedicated mode, DTM and packet transfer mode
• Deactivation of cells (e.g. Cell Power Down and Cell DTX like concepts as discussed in RAN)
• Deactivation of other RATs in areas with multi-RAT deployments, for example, where the mobile station could assist the network to suspend/minimise specific in-use RATs at specific times of day
• And any other radio interface impacted power reduction solutions.

The solutions identified in this study item shall also consider the following aspects:
• Impacts on the time for legacy and new mobile stations to gain access to service from the BTS
• Impacts on legacy and new mobile stations to keep the ongoing service (without increasing drop rate)
• Impacts on legacy and new mobile stations implementation and power consumption, e.g. due to reduction in DL power, cell (re-)selection performance, handover performance, etc.
• Impacts on UL/DL coverage balance, especially to CS voice

Solutions shall be considered for both BTS energy saving non-supporting and supporting mobile stations (i.e. solutions that are non-backwards compatible towards legacy mobile stations shall be out of the scope of this study).

Tuesday, August 31, 2010

EDGE evolution to REDHOT


EDGE is more than three times as efficient as GSM/GPRS in handling packet-switched data. Using EDGE, operators can support 3x more subscribers than GPRS, either by increasing the data rate per subscriber to 300 kbps, according to network & device capabilities, or adding voice capacity. EDGE uses the same TDMA frame structure, logic channel and 200 kHz carrier as GSM; existing cell plans remain intact. No change is needed in the core network. Neither new spectrum nor a new operating licence is needed. EDGE is a mature, mainstream global technology which allows operators to compete, to protect investments/assets, and stimulate growth of mobile multimedia services. Upgrading to EDGE is a natural step for operators to offer high performance mobile data services over GSM.

The performance of EDGE has improved steadily since its introduction in the market in 2003, and today offers users the possibility of data speeds up to 250kbps, with a latency of less than 150ms. This is sufficient for any current data service to be attractive to customers. According to GSA’s latest EDGE Fact Sheet (August 19, 2010 and available as a free download from www.gsacom.com) over 80% of GSM/GPRS operators globally have committed to deploying EDGE in their networks. 531 GSM/EDGE networks are in commercial service in 196 countries, and thousands of EDGE-capable user devices are launched.

A key part of the evolution is the opportunity to deploy more than a single RF carrier. Downlink Dual Carrier (DLDC) is the first step in evolving EDGE, doubling data rates to 592 kbps on existing EDGE-capable networks.

Downlink speed quadrupled:
up to 1.2 Mbps per user initially
(the standard enables up to 1.9 Mbps per user)
• Dual Carrier first phase implementation 10 timeslots per user; standard enables up to 16 timeslots per user
• EGPRS-2 DL (REDHOT) level B maximum 118.4 kbps per timeslot

Uplink speed up to 474 kbps per user
(the standard enables up to 947 kbps per user)
• EGPRS-2 UL (HUGE) level B with maximum 118.4 kbps per timeslot
• Peak implementation today 4 timeslots per user (standard enables up to 8 timeslots per user)

The EGPRS-2 feature is expected in the market in 2012.

More information is available in the GSA Report 'EDGE Evolution' released on Aug 23 2010. Available to download from GSACOM here.