Upload
others
View
16
Download
0
Embed Size (px)
Citation preview
Introduction of
USRP and Demos
by Dong Han & Rui Zhu
Introduction
• USRP(Universal Software Radio Peripheral ):
A computer-hosted software radio, which
is commonly used by research labs,
universities.
Motherboard + Daughterboard
Introduction
USRP(Universal Software Radio Peripheral ):A RF frontend, FPGA and an OMAP 3, which includes an ARM
processor and a DSP. This allows standalone operation for
embedded applications. A modular design allows the USRP E100 to
operate from DC to 6 GHz.
Daughterboard: WBX 50-2200 MHz Rx/Tx
• The WBX is a wide bandwidth transceiver.
• It is ideal for applications requiring access to a number of different
bands within its range - 50 MHz to 2.2 GHz.
• Example application areas: land-mobile communications, maritime
and aviation band radios; cell phone base stations, PCS and GSM
multi-band radios; wireless sensor networks; broadcast TV.
The USRP hardware driver (UHD)
• The USRP hardware driver (UHD) is the device driver for
use with the USRP product family.
• Support : Linux, MacOS, and Windows platforms.
• Several frameworks including GNU Radio, LabVIEW and
Simulink use UHD.
Software frameworks that support UHD
• GNU RadioGNU Radio is an open source toolkit that can be used to develop
software-defined radios. This framework uses a combination of C++
and Python to optimize DSP performance while providing an easy-
to-use application programming environment.
• LabVIEW
• MATLAB and Simulink
• Custom and/or proprietary frameworks
Dome 1
Demo 1- FM Receiver
• Background
FM stands for frequency modulation, which is the process of
encoding a message signal, such as music, in the frequency of an
RF signal. Broadcast FM radio around the world is typically
transmitted using center frequencies from 87.5 MHz to 108 MHz,
and each station is generally allocated a bandwidth of 200 kHz. For
this example, use the center frequency of 106.7 MHz, the known
location of a local radio station near the center of the US FM band.
Demo 1- FM Receiver
Demo 1- FM Receiver
Demo 2
Demo 2 - GSM Base station
• Background---- GSM (Global System for Mobile
Communications), is a standard set
developed by the European
Telecommunications Standards
Institute (ETSI) to describe protocols for
second generation (2G) digital cellular
networks used by mobile phones.
---- The base station contains the equipment
for transmitting and receiving signals
(transceivers), antennas, and equipment
for encrypting and decrypting
communications with the base station
controller (BSC).
Demo 2 - GSM Base station
• Structure of the mobile phone cellular network
Demo 2 - GSM Base station
• OpenBTS (Open Base Transceiver Station)
---OpenBTS is a software-based GSM access point, allowing
standard GSM-compatible mobile phones to be used.
---This project uses the USRP to present a GSM air interface to
a standard GSM handset. It’s an open-source Unix application.
Demo 2 - GSM Base station
• Hardware
Demo 2 - GSM Base station
• OpenBTS: modulation and
demodulation. Assign a channel
for every communication.
• Asterisk: play the roles of MSC. If
two communicators are in the
same OpenBTS network, build
the communication links.
Otherwise, access the VoIP
gateway to connect to the PSTN.
• MySQL: Replace the HLR(Home Location Register)and
the VLR(Visitor Location
Register)
Demo 2 - GSM Base station
Demo 2 - GSM Base station
• Official website of OpenBTS
http://wush.net/trac/rangepublic
Demo 3
Demo 3- Simulation of Wireless
Outlet Controller
• Background
– A wireless outlet is controlled remotely by a
controller. The controller uses 315 MHz
carrier signal sending information to outlet.
• Our aim and method
– Our aim is to use USRP to control a remote
outlet, that is to simulate a real controller.
– We try to use USRP to sniff the signal. Then
we analysis the signal and use USRP to
replay it.
Signal Collection (1)
• Generally, to simulate the behavior of controller, to get the signal that controls an outlet. We have two method.– One is to get signal from microcontroller. We can use
oscilloscope to get signal sequence, which is composed by high voltage and low level voltage to define 1 and 0, respectively .
– The second method is that we can sense the signature in air by collecting radio frequency.
• In the demo, we use the second way by utilizing USRP device and GNU Radio software to collect, analyze and replay the signal.
Signal Collection (2)
GNU Radio
Controller USRP
Collected Signal
GNU Radio Modules
Collected SignalThe signal that is collected by pressing the first turn on button.
From the shape of the signal, we make an assumption that binary sequence
from Microcontroller in controller is modulated by OOK (On-off keying)
modulation.
On-off keying (OOK) the simplest form of amplitude-shift keying modulation
that represents digital Data as the presence or absence of a carrier wave.
Signal Analysis
0 1 1 0 1 0 0 0 1 0 0 0 0 0 0 0
Signal Analysis
0 1 1 0 1 0 0 0 1 0 0 0 0 0 0 0
Binary sequence
Binary sequence for Turn ON
Binary sequence for Turn OFF
0 1 1 0 1 0 0 0 1 0 0 0 0 0 0 0
0 1 1 0 1 0 0 0 0 1 0 0 0 0 0 0
Final step
USRP
0110100010000000
GNU Radio
Wireless Outlet
Conclusion
• It is a very simple reverse engineering. We use USRP and GNR Radio to collect signal.
• Then we analysis the signal, and use a binary sequence to represent the signal.
• After that, we use USRP and GNU Radio to send similar signal. And the outlet is controlled by our signal.
• This method can be widely used in many scenarios. For example, some typical cases are garage gate remote opener, car gate controller, wireless toy controller, etc.
• USRP can be widely used in RF design area.