1.

GSM History
During the early 1980s, analog cellular telephone systems were experiencing rapid growth in Europe, particularly in Scandinavia and the United Kingdom, but also in France and Germany. Each country developed its own system, which was incompatible with everyone else's in equipment and operation. This was an undesirable situation, because not only was the mobile equipment limited to operation within national boundaries, which in a unified Europe were increasingly unimportant, but there was also a very limited market for each type of equipment, so economies of scale and the subsequent savings could not be realized. The Europeans realized this early on, and in 1982 the Conference of European Posts and Telegraphs (CEPT) formed a study group called the Groupe Spécial Mobile (GSM) to study and develop a pan-European public land mobile system. The proposed system had to meet certain criteria: • • • • • • • Good subjective speech quality Low terminal and service cost Support for international roaming Ability to support handheld terminals Support for range of new services and facilities Spectral efficiency ISDN compatibility

Pan-European means European-wide. ISDN throughput at 64Kbs was never envisioned, indeed, the highest rate a normal GSM network can achieve is 9.6kbs. Europe saw cellular service introduced in 1981, when the Nordic Mobile Telephone System or NMT450 began operating in Denmark, Sweden, Finland, and Norway in the 450 MHz range. It was the first multinational cellular system. In 1985 Great Britain started using the Total Access Communications System or TACS at 900 MHz. Later, the West German C-Netz, the French Radiocom 2000, and the Italian RTMI/RTMS helped make up Europe's nine analog incompatible radio telephone systems. Plans were afoot during the early 1980s, however, to create a single European wide digital mobile service with advanced features and easy roaming. While North American groups concentrated on building out their robust but increasingly fraud plagued and featureless analog network, Europe planned for a digital future. Link to my mobile telephone history series In 1989, GSM responsibility was transferred to the European Telecommunication Standards Institute (ETSI), and phase I of the GSM specifications were published in 1990. Commercial service was started in mid-1991, and by 1993 there were 36 GSM networks in 22 countries [6]. Although standardized in Europe, GSM is not only a European standard. Over 200 GSM networks (including DCS1800 and PCS1900) are operational in 110 countries around the world. In the beginning of 1994, there were 1.3 million subscribers worldwide [18], which had grown to more than 55 million by October 1997. With North America making a delayed entry into the GSM field with a derivative of GSM called PCS1900, GSM systems exist on every continent, and the acronym GSM now aptly stands for Global System for Mobile communications. According to the GSM Association as of 2002, here are the current GSM statistics:

• • • • • •

No. of Countries/Areas with GSM System (October 2001) - 172 GSM Total Subscribers - 590.3 million (to end of September 2001) World Subscriber Growth - 800.4 million (to end of July 2001) SMS messages sent per month - 23 Billion (to end of September 2001) SMS forecast to end December 2001 - 30 Billion per month GSM accounts for 70.7% of the World's digital market and 64.6% of the World's wireless market

http://www.gsmworld.com/membership/mem_stats.html (external link, now dead.) The developers of GSM chose an unproven (at the time) digital system, as opposed to the then-standard analog cellular systems like AMPS in the United States and TACS in the United Kingdom. They had faith that advancements in compression algorithms and digital signal processors would allow the fulfillment of the original criteria and the continual improvement of the system in terms of quality and cost. The over 8000 pages of GSM recommendations try to allow flexibility and competitive innovation among suppliers, but provide enough standardization to guarantee proper interworking between the components of the system. This is done by providing functional and interface descriptions for each of the functional entities defined in the system. The United States suffered no variety of incompatible systems as in the different countries of Europe. Roaming from one city or state to another wasn't difficult . Your mobile usually worked as long as there was coverage. Little desire existed to design an all digital system when the present one was working well and proving popular. To illustrate that point, the American cellular phone industry grew from less than 204,000 subscribers in 1985 to 1,600,000 in 1988. And with each analog based phone sold, chances dimmed for an all digital future. To keep those phones working (and producing money for the carriers) any technological system advance would have to accommodate them. GSM was an all digital system that started new from the beginning. It did not have to accommodate older analog mobile telephones or their limitations. American digital cellular, first called IS-54 and then IS-136, still accepts the earliest analog phones. American cellular networks evolved slowly, dragging a legacy of underperforming equipment with it. Advanced fraud prevention, for example, was designed in later for AMPS, whereas GSM had such measures built in from the start. GSM was a revolutionary system because it was fully digital from the beginning.

2. Services provided by GSM
From the beginning, the planners of GSM wanted ISDN compatibility in terms of the services offered and the control signalling used. However, radio transmission limitations, in terms of bandwidth and cost, do not allow the standard ISDN Bchannel bit rate of 64 kbps to be practically achieved. Isn't this a shame? What many wireless customers need most is a high speed data connection and this is what GSM provides least. Only 9.6kbs if everything works right. It is possible the GSM designers in the early 1980s never envisioned the need for such bandwidth. It may be true, too, that in most countries the radio spectrum needed to give every caller a 64kbs channel was never available. The add on

technology EDGE (external link) promises higher data speed rates in the near to mid-term for GSM. Highest data rates will come in the long term when GSM changes into a radio service based on wide band code division multiple access, and not TDMA. Using the ITU-T definitions (external link), telecommunication services can be divided into bearer services, teleservices, and supplementary services. The most basic teleservice supported by GSM is telephony. As with all other communications, speech is digitally encoded and transmitted through the GSM network as a digital stream. There is also an emergency service, where the nearest emergency-service provider is notified by dialing three digits (similar to 911). • • • Bearer services: Typically data transmission instead of voice. Fax and SMS are examples. Teleservices: Voice oriented traffic. Supplementary services: Call forwarding, caller ID, call waiting and the like.

A variety of data services is offered. GSM users can send and receive data, at rates up to 9600 bps, to users on POTS (Plain Old Telephone Service), ISDN, Packet Switched Public Data Networks, and Circuit Switched Public Data Networks using a variety of access methods and protocols, such as X.25 or X.32. Since GSM is a digital network, a modem is not required between the user and GSM network, although an audio modem is required inside the GSM network to interwork with POTS. GSM is an all digital network but many machines are still analog, as is most of the local loop. Thus, we need a modem, even though we are dealing with digital. A FAX machine's digital signal processor converts an analog image into an instantaneous digital representation; a series of bits, all 0s and 1s. A modulator then turns these bits into audio tones representing the digital values. An analog FAX machine at the other end converts the tones received back into digital bits and then into an image. This tedious process was required initially because local loops were and are primarily analog. In addition, digital services such as T1, fractional T1, or ISDN, where available, was and is extremely expensive. All digital equipment, such as Group 4 Fax machines, are far higher priced than their analog counterparts. The local loop will remain primarily analog for some time.

Other data services include Group 3 facsimile, as described in ITU-T recommendation T.30, which is supported by use of an appropriate fax adaptor. A unique feature of GSM, not found in older analog systems, is the Short Message Service (SMS). SMS is a bidirectional service for short alphanumeric (up to 160 bytes) messages. Messages are transported in a store-and-forward fashion. For point-to-point SMS, a message can be sent to another subscriber to the service, and an acknowledgement of receipt is provided to the sender. SMS can also be used in a cell-broadcast mode, for sending messages such as traffic updates or news updates. Messages can also be stored in the SIM card for later retrieval [2]. Supplementary services are provided on top of teleservices or bearer services. In the current (Phase I) specifications, they include several forms of call forward (such as call forwarding when the mobile subscriber is unreachable by the network), and call barring of outgoing or incoming calls, for example when roaming in another country. Many additional supplementary services will be provided in the Phase 2 specifications, such as caller identification, call waiting, multi-party conversations.

3.Architecture of the GSM network
A GSM network is composed of several functional entities, whose functions and interfaces are specified. Figure 1 shows the layout of a generic GSM network. The GSM network can be divided into three broad parts. The Mobile Station is carried by the subscriber. The Base Station Subsystem controls the radio link with the Mobile Station. The Network Subsystem, the main part of which is the Mobile services Switching Center (MSC), performs the switching of calls between the mobile users, and between mobile and fixed network users. The MSC also handles the mobility management operations. Not shown is the Operations and Maintenance Center, which oversees the proper operation and setup of the network. The Mobile Station and the Base Station Subsystem communicate across the Um interface, also known as the air interface or radio link. The Base Station Subsystem communicates with the Mobile services Switching Center across the A interface. As John states, he presents a generic GSM architecture. Lucent, Ericsson, Nokia, and others feature their own vision in their own diagrams. But they all share the same main elements and parts from different vendors should all work together. The links

below show how these vendors picture the GSM architecture. You can remember the different terms much better by looking at all these diagrams. Lucent GSM architecture/ Ericsson GSM architecture / Nokia GSM architecture / Siemen's GSM architecture

architecture of a GSM network SIM: Subscriber identify ME: Mobile equipment. module. BSC: Base station HLR: Home location controller. register. MSC: Mobile services EIR: Equipment identity switching center. register. UM: Represents the radio link.

Figure 1. General

BTS: Base transceiver station. VLR: Visitor location register. AuC: Authentication Center.

Abis: Represents the interface between the base stations and base station controllers. "A": The interface between the base station subsystem and the network subsystem. PSTN and PSPDN: Public switched telephone network and packet switched public data network. 3.1. Mobile Station The mobile station (MS) consists of the mobile equipment (the terminal) and a smart card called the Subscriber Identity Module (SIM). The SIM provides personal mobility, so that the user can have access to subscribed services irrespective of a specific terminal. By inserting the SIM card into another GSM terminal, the user is able to receive calls at that terminal, make calls from that terminal, and receive other subscribed services. The mobile equipment is uniquely identified by the International Mobile Equipment Identity (IMEI). The SIM card contains the International Mobile Subscriber Identity (IMSI) used to identify the subscriber to the system, a secret key for authentication, and other information. The IMEI and the IMSI are independent, thereby allowing personal mobility. The SIM card may be protected against unauthorized use by a password or personal identity number.

GSM phones use SIM cards, or Subscriber information or identity modules. Memory modules. They're the biggest difference a user sees between a GSM phone or handset and a conventional cellular telephone. With the SIM card and its memory the GSM handset is a smart phone, doing many things a conventional cellular telephone cannot. Like keeping a built in phone book or allowing different ringtones to be downloaded and then stored. Conventional cellular telephones either lack the features GSM phones have built in, or they must rely on resources from the cellular system itself to provide them. Let me make another, important point. With a SIM card your account can be shared from mobile to mobile, at least in theory. Want to try out your neighbor's brand new mobile? You should be able to put your SIM card into that GSM handset and have it work. The GSM network cares only that a valid account exists, not that you are using a different device. You get billed, not the neighbor who loaned you the phone. This flexibility is completely different than AMPS technology, which enables one device per account. No swtiching around. Conventional cellular telephones have their electronic serial number burned into a chipset which is permanently attached to the phone. No way to change out that chipset or trade with another phone. SIM card technology, by comparison, is meant to make sharing phones and other GSM devices quick and easy.

On the left above: Front of a Pacific Bell GSM phone. In the middle above: Same phone, showing the back. The SIM card is the white plastic square. It fits into the grey colored holder next to it. On the right above. A new and different idea, a holder for two SIM cards, allowing one phone to access either of two wireless carriers. Provided you have an account with both. :-) The Sim card is to the left of the body. 3.2 Base Station Subsystem The Base Station Subsystem is composed of two parts, the Base Transceiver Station (BTS) and the Base Station Controller (BSC). These communicate across the

standardized Abis interface, allowing (as in the rest of the system) operation between components made by different suppliers. An explanation of the Abis interface is here The Base Transceiver Station houses the radio tranceivers that define a cell and handles the radio-link protocols with the Mobile Station. In a large urban area, there will potentially be a large number of BTSs deployed, thus the requirements for a BTS are ruggedness, reliability, portability, and minimum cost. The BTS or Base Transceiver Station is also called an RBS or Remote Base station. Whatever the name, this is the radio gear that passes all calls coming in and going out of a cell site. The base station is under direction of a base station controller so traffic gets sent there first. The base station controller, described below, gathers the calls from many base stations and passes them on to a mobile telephone switch. From that switch come and go the calls from the regular telephone network. Some base stations are quite small, the one pictured here is a large outdoor unit. The large number of base stations and their attendant controllers, are a big difference between GSM and IS-136. Want to read more about a base station? Download this product brochure from Siemens. It's about 228K in .pdf The Base Station Controller The Base Station Controller manages the radio resources for one or more BTSs. It handles radio-channel setup, frequency hopping, and handovers, as described below. The BSC is the connection between the mobile station and the Mobile service Switching Center (MSC).

Another difference between conventional cellular and GSM is the base station controller. It's an intermediate step between the base station transceiver and the mobile switch. GSM designers thought this a better approach for high density cellular networks. As one anonymous writer penned, "If every base station talked directly to the MSC, traffic would become too congested. To ensure quality communications via traffic management, the wireless infrastructure network uses Base Station Controllers as a way to segment the network and control congestion. The result is that MSCs route their circuits to BSCs which in turn are responsible for connectivity and routing of calls for 50 to 100 wireless base stations."

Want to read more about a base station controller? Download this product brochure from Siemens. It's about 363K in .pdf Two page .pdf file on the network subsystem by Nokia. It's a glossy product brochure but it does mention all the important elements. (363k in .pdf) Many GSM descriptions picture equipment called a TRAU, which stands for Transcoding Rate and Adaptation Unit. Of course. Also known as a TransCoding Unit or TCU, the TRAU is a compressor and converter. It first compresses traffic coming from the mobiles through the base station controllers. That's quite an achievement because voice and data have already been compressed by the voice coders in the handset. Anyway, it crunches that data down even further. It then puts the traffic into a format the Mobile Switch can understand. This is the transcoding part of its name, where code in one format is converted to another. The TRAU is not required but apparently it saves quite a bit of money to install one. Here's how Nortel Networks sells their unit: "Reduce transmission resources and realize up to 75% transmission cost savings with the TCU." "The TransCoding Unit (TCU), inserted between the BSC and MSC, enables speech compression and data rate adaptation within the radio cellular network. The TCU is designed to reduce transmission costs by minimizing transmission resources between the BSC and MSC. This is achieved by reducing the number of PCM links going to the BSC, since four traffic channels (data or speech) can be handled by one PCM time slot. Additionally, the modular architecture of the TCU supports all three GSM vocoders (Full Rate, Enhanced Full Rate, and Half Rate) in the same cabinet, providing you with a complete range of deployment options." (PCM? To read more about that click here.) Voice coders or vocoders are built into the handsets a cellular carrier distributes. They're the circuitry that turns speech into digital. The carrier specifies which rate they want traffic compressed, either a great deal or just a little. The cellular system is designed this way, with handset vocoders working in league with the equipment of the base station subsystem.

3.3 Network Subsystem
The Mobile Switch The central component of the Network Subsystem is the Mobile services Switching Center (MSC). It acts like a normal switching node of the PSTN or ISDN, and additionally provides all the functionality needed to handle a mobile subscriber, such as registration, authentication, location updating, handovers, and call routing to a roaming subscriber. These services are provided in conjunction with several functional entities, which together form the Network Subsystem. The MSC provides the connection to the fixed networks (such as the PSTN or ISDN). Signalling between

functional entities in the Network Subsystem uses Signalling System Number 7 (SS7), used for trunk signalling in ISDN and widely used in current public networks. .pdf file on SS7 and mobile networking -- Good reading! Mobile switches go by many names: mobile switch (MS), mobile switching center (MSC), or mobile telecommunications switching office (MTSO). They all do the same thing, however, and that is to process mobile telephone calls. This switch can be a normal landline switch like a 5ESS, a Nokia, an Alcatel, or an Ericsson AXE (Automatic Exchange Electric) or a dedicated switch, built just to handle mobile calls. Each mobile switch manages dozens to scores of cell sites. In GSM the mobile switch handles cell sites by first directing the base station controllers. Large systems may have two or more MSCs. It's easy understand what a switch does. What is harder to understand is the role the switch has to do with other network resources. Two page .pdf file on the network subsystem by Nokia. It's a glossy product brochure but it does mention all the important elements. (363k in .pdf) Home Location Register and the Visitor/ed Location Register The Home Location Register (HLR) and Visitor Location Register (VLR), together with the MSC, provide the call-routing and roaming capabilities of GSM. The HLR contains all the administrative information of each subscriber registered in the corresponding GSM network, along with the current location of the mobile. The location of the mobile is typically in the form of the signalling address of the VLR associated with the mobile station. The actual routing procedure will be described later. There is logically one HLR per GSM network, although it may be implemented as a distributed database. The Visitor Location Register (VLR) contains selected administrative information from the HLR, necessary for call control and provision of the subscribed services, for each mobile currently located in the geographical area controlled by the VLR. Although each functional entity can be implemented as an independent unit, all manufacturers of switching equipment to date implement the VLR together with the MSC, so that the geographical area controlled by the MSC corresponds to that controlled by the VLR, thus simplifying the signalling required. Note that the MSC contains no information about particular mobile stations --- this information is stored in the location registers. The Home Location Register and the Visitor or Visited Location Register work together -- they permit both local operation and roaming outside the local service area. You couldn't use your mobile in San Francisco and then Los Angeles without these two electronic directories sharing information. Most often these these two directories are located in the same place, often on the same computer. The HLR and VLR are big databases maintained on computers called servers, often UNIX workstations. Companies like Tandem, now part of Compaq, make the servers, which they call HLRs when used for cellular. These servers maintain more than the home location register, but that's what they call the machine. Many mobile switches

use the same HLR. So, you'll have many Home Location Registers. To operate its nationwide cellular system, iDEN, Motorola uses over 60 HLRs nationwide. The HLR stores complete local customer information. It's the main database. Signed up for cellular service in Topeka? Your carrier puts your information on its nearest HRL, or the one assigned to your area. That info includes your international mobile equipment identity number or IMEI, your directory number, and the class of service you have. It also includes your current city and your last known "location area," the place you last used your mobile. The VLR or visitor location registry contains roamer information. Passing through another carrier's system? Once the visited system detects your mobile, its VLR queries your assigned home location register. The VLR makes sure you are a valid subscriber, then retrieves just enough information from the now distant HLR to manage your call. It temporarily stores your last known location area, the power your mobile uses, special services you subscribe to and so on. Though traveling, the cellular network now knows where you are and can direct calls to you. The equipment Identity Register and the Authentication Center The other two registers are used for authentication and security purposes. The Equipment Identity Register (EIR) is a database that contains a list of all valid mobile equipment on the network, where each mobile station is identified by its International Mobile Equipment Identity (IMEI). An IMEI is marked as invalid if it has been reported stolen or is not type approved. The Authentication Center (AuC) is a protected database that stores a copy of the secret key stored in each subscriber's SIM card, which is used for authentication and encryption over the radio channel. "The Equipment Identity Register (EIR) is a standard GSM network element that allows a mobile network to check the type and serial number of a mobile device and determine whether or not to offer any service." The EIR or equipment identity register is yet another database. It's first purpose is to deny stolen or defective mobiles service. Good mobiles are allowed on the network, of course, as is faulty but still serviceable equipment. In the latter case such mobiles are flagged for the cellular carrier to monitor. The AC or AuC is the Authentication Center, a secured database handling authentication and encryption keys. Authentication verifies a mobile customer with a complex challenge and reply routine. The network sends a randomly generated number to the mobile. The mobile then performs a calculation against it with a number it has stored in its SIM and sends the result back. Only if the switch gets the number it expects does the call proceed. The AC stores all data needed to authenticate a call and to then encrypt both voice traffic and signaling messages. The Interfaces Cellular radio's most cryptic terms belong to these names: A, Um, Abis, and Ater. A telecom interface means many things. It can be a mechanical or electrical link connecting equipment together. Or a boundary between systems, such as between the base station system and the network subsystem. GSM calls that one Interface "A", remember? To be more specific, Smith says "A" is the signaling link between the two subsystems. Which brings us to the point I want to make.

Interfaces are standardized methods for passing information back and forth. The transmission media isn't important. Whether copper or fiber optic cable or microwave radio, an interface insists that signals go back and forth in the same way, in the same format. With this approach different equipment from any manufacturer will work together. See my page on standards. Let's consider the the A-bis interface as an example. Tektronix says the A-bis "is a French term meaning 'the second A Interface.' " Good grief! In most cases the actual span or physical connection is made on a T1 line or in Europe its equivalent, the E1.But regardless of the material used, the transmission media, it is the signaling protocol that is most important. Although the interface is unlabeled, the mobile switch communicates with the telephone network using Signaling System Seven, an internationally agreed upon standard. More specifically, it uses ISUP over SS7. As the Performance Technologies people tersely put in in their tutorial on SS7, "ISUP defines the protocol and procedures used to set-up, manage, and release trunk circuits that carry voice and data calls over the public switched telephone network (PSTN). ISUP is used for both ISDN and non-ISDN calls." Using SS7 throughout is a big difference between conventional cellular and GSM. IS136 and IS-95 also uses SS7 but to communicate between the HLR and VLR it uses a standard called IS-41. What about the mysterious UM? That's the radio link between a mobile and a base station. Um are the actual radio frequencies that calls are put on. Possibly the letters stand for User Mobile. R.C. Levine clears up this matter nicely, "Interface names (A, Abis, B, C, etc.) were arbitrarily assigned in alphabetical order. The Um label is taken from the customer-network U interface label used in ISDN. Although mnemonics have been proposed for these letters, they are after-the-fact." .pdf file on SS7 and mobile networking -- Good reading!

BTS: Base transceiver SIM: Subscriber identify ME: Mobile equipment. module. station.

BSC: Base station HLR: Home location controller. register. MSC: Mobile services EIR: Equipment identity switching center. register. UM: Represents the radio link.

VLR: Visitor location register. AuC: Authentication Center.

Abis: Represents the interface between the base stations and base station controllers. "A": The interface between the base station subsystem and the network subsystem. PSTN and PSPDN: Public switched telephone network and packet switched public data network. Figure 1. General architecture of a GSM network

Sign up to vote on this title
UsefulNot useful