Professional Documents
Culture Documents
GSM Concepts
GSM Concepts
GSM Handover
Handover is the process of switching a radio connection from one BS to another in order to maintain seamless radio connection during mobile station movement Handover in GSM is implemented as Mobile Assisted Handover (MAHO) and backward handover signalling GSM handover is hard handover as the old radio link is released before the new radio link has been fully established due to non-synchronised BTSs
The overall handover process is implemented in the MS, BSS and MSC. Measurement of radio subsystem downlink performance and signal levels received from surrounding cells, is made in the MS. These measurements are signalled to the BSS for assessment. The BSS measures the uplink performance for the MS being served and also assesses the signal level of interference on its idle traffic channels. Initial assessment of the measurements in conjunction with defined thresholds and handover strategy may be performed in the BSS. Assessment requiring measurement results from other BTS or other information resident in the MSC, may be performed in the MSC.
Handover Process
The handover process in GSM consists of the following four steps 1. Measurements 2. Handover request 3. Handover decision 4. Handover execution
In any cellular mobile radio system handover is an essential part of radio link maintenance. In order to maintain a radio link in the light of mobility it is essential for the cellular system to be able to switch the radio link from one base station to another when the radio link quality with the exisitng base station drops below an acceptable level and/or the radio link quality with a target base station is better. The main input data into the handover process are radio link quality measurements taken by mobile station and/or base station. The handover decision can be made in the mobile station, in the base station or somewhere else in the network. The GSM handover process is divided into four parts as indicated in the slide above. In a normal handover process, the handover request is generated by the BSC, and the handover decision and the actual handover are the responsibility of the MSC. Depending on the type of handover, functions 3 and 4 (see slide) can be implemented in the BSC.
Handover Criteria
Permanent data such as transmitter power of
MS, BTS in supplying cell, BTSs in neighbour cells
Traffic-oriented aspects (cell capacity, no. of free channels, no. of new connections waiting for TCH)
Handover is initiated by the network based on radio subsystem criteria (RF level, quality, distance) as well as network directed criteria (e.g. current traffic loading per cell, maintenance requests, etc.). In order to determine if a handover is required, due to RF criteria, the MS shall take radio measurements from neighbouring cells. These measurements are reported to the serving cell on a regular basis. When a network determines a need for a handover the procedures given in GSM 08.08 are followed. Additionally, the handover decision by the network may take into account both the measurement results from the MS and network directed criteria. The same decision process is used to determine when to perform both the Intra-MSC and Inter-MSC handover in all the procedures described in the following.
Measurement Protocol
Measurements on current radio channel
measurement of signal strength and link quality of slot in every frame (4.615ms measurement interval) 100 samples per reporting period of 480ms reporting of average values once or twice per second (one or two 480ms SACCH blocks
Measurement Parameters
Signal Field Strength dBm . . . -110 -109 -108 -107 RXLEV 0 1 2 3 . . . 60 61 62 63 Bit error [%] 0.2 0.4 0.8 1.6 3.2 6.4 12.8 Signal Quality Average 0.14 0.28 0.57 1.13 2.26 4.53 9.05 18.10 RXQUAL 0 1 2 3 4 5 6 7
Distance:
dTA =
Measurement Reports
Measurement reports transmitted periodically every 480ms interleaved over 4 SACCHs Measurements
Signal field strength from -110dBm to -48dBm (RXLEV) with relative accuracy of 1dB and absolute accuracy of 4dB (up to -70dBm) and 6dB Average calculated over SACCH multiframe (480ms) Measurement of RXLEV on the allocated TCH in every frame and at least one neighbour per TDMA frame Signal quality measured in BER before channel decoding (based on training sequence) and mapped onto RXQUAL levels with accuracy of 75% for RXQUAL=1 - 4 and 95% accuracy for RXQUAL=5 - 7 Distance absolute distance based on TA value with 0.5 bit accuracy provides about 1km spatial resolution (not too useful)
Handover Decision
Handover decision and selection of target cell made by either BSC or MSC depending on measurements BSC may decide to initiate handover itself by sending HND_CMD message to BTS or to report to MSC by sending HDN_RQD that a handover is required In case of BSC deciding to handover, MSC is informed with HND_PERF message
10
Handover Scenarios
Intra-BTS Handover Intra-BSC Handover Intra-MSC Handover Inter-MSC Handover Subsequent Handover
11
12
13
14
15
16
17
18
Conditions must be met by neighbour cell to become target cell Target cells are sorted by PBGT value and cell with highest PBGT is selected for handover If handover is considered imperative, the list can also contain neighbour cells with PBGT(n) < 0. If RXQUAL is low but RXLEV is fine, co-channel interference is high and intra-BTS handover is performed
19
20
There is also provision for giving individual cells priority in order to distribute traffic load
during congestion situations in hierarchical cellular systems for handover between cell layers
21
Number of Handovers
Due to complexity of handover protocol GSM tries to avoid unneccessary handovers Due to shadow fading variations randomly distributed handover points around best point and can cause large number of handovers
22
Proposed Improvements
Handover considering evolution of signal strength Handover utilising level crossing rate of received signals provides estimation of MS speed MS speed and signal strength evolution can provide more reliable handover decision to avoid ping-pong effect prediction based handover
23
Mobile Identifiers
GSM numbering follows the rules of ITU-T Rec. E.164 for ISDN numbering MS numbers/identifiers
MSISDN - Mobile Station ISDN Number IMSI - International Mobile Subscriber Identity MSRN - Mobile Station Roaming Number IMEI - International Mobile Equipment Identity TMSI - Temporary Mobile Subscriber Identity
24
Mobile Identifiers
National Country Destination Code Code Subscriber Number MSISDN
CC
NDC
SN
14 - 15 digits (7 - 7.5 octets)
Mobile Mobile Country Network Mobile Subscriber Code Code Identification Number IMSI
MCC MNC
3 digits 2 digits
MSIN
10 digits of less ( 5 octets)
25
Mobile Identifiers
Visitor Visitor National Country Destination Code VMSC = Visitor MSC Code MSRN
VCC VNDC
3 digits 2 digits
SN (VMSC + VSN)
10 digits of less ( 5 octets) Type Final Approval Assembly Serial Number Spare Code Code
TMSI
TMSI
4 octets
IMEI
SP
26
Network Identifiers
Mobile Network Code (MNC) Location Area Identity (LAI)
MCC - Mobile Country Code, e.g. Ireland = 272 MNC - Mobile Network Code, e.g. Eircell = 01 LAC - Location Area Code (2 octets fixed code)
Routing Area Identity (RAI) - similar to LAI Cell Identity (CI), 2 octets fixed length Global Cell Identity = LAI + CI
27
Network Identities
Base Station Identity Code (BSIC)
6 bit number consisting of
Network Colour Code - NCC, 3 bits Base Station Colour Code - BCC, 3 bits
28
SIM Card
Microcontroller based smart card MS = SIM + ME (mobile equipment) SIM card personalises the mobile equipment Two types of SIM
credit card size - ISO SIM plug-in SIM (usually comes as an ISO from which its popped out)
SIM architecture Controller + RAM of 256 - 512 Byte, will to grow to 2KB (2000), several OS are in use ROM - 16 - 24kB (1997), will to grow to 64kB (2000) EEPROM - 16kB (1997), will grow to 64KB (2000) I/O ports SIM power and clock supplied by ME
29
30
31
SIM card holds data about subscriptions of services in EFSST (service table)
SMS, Last Number Dialled, AoC, CB Message Identifier, Service provider name, etc
SIM card holds access level information EFACC, which determines access restriction to the network Stores current location information Holds account and charge information (for prepaid SIM card)
32
33
Location Management
GSM is a cellular system and as such divided into location areas to facilitate efficient paging Location areas are identified by the LAI LAI is broadcast within SYSTEM-INFO message on BCCH Size of a location area depends on expected subscriber penetration and PCH capacity Every time MS detects a change of LAI, that is the LAI temporarily stored in the SIM is different to LAI in SYSTEM_INFO message, location update is performed Upon power up of the MS, a location registration procedure is performed of which the user is oblivious
34
GSM algorithms for authentication and encryption are strictly confidential and not publicly available
35
Authentication
Authentication is required in every mobile radio system
to establish the authenticity of a user/equipment establish whether the user is allowed to access the service
36
37
Authentication Process
38
Encryption
Protecting analogue information against eavesdropping is not easy but digital transmission allows for excellent level of protection Encryption is the process where a series of bits are transformed by mathematical or logical functions into another series of bits GSM cipher algorithm A5/n uses a cipher key Kc that is generated during authentication process and stored in SIM Kc is generated from RAND by algorithm A8 driven by Ki Kc is 64 bits in length Ciphering is periodic based on TDMA frame number (periodic with length of hyper frame)
39
Encryption Process
40