Global System for Mobile Communications (GSM) is a standard developed by the European

Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G)
digital cellular networks used by mobile devices such as mobile phones and tablets. It was first
deployed in Finland in December 1991.
The GSM standard originally described a digital, circuit-switched network optimized for full
duplex voice telephony. This expanded over time to include data communications, first by circuit-
switched transport, then by packet data transport via General Packet Radio Service (GPRS),
and Enhanced Data Rates for GSM Evolution (EDGE).
GSM is a cellular network, which means that cell phones connect to it by searching for cells in the
immediate vicinity.
There are five different cell sizes in a GSM network—macro, micro, pico, femto, and umbrella cells. The coverage area of each cell
varies according to the implementation environment.

GSM carrier frequencies

GSM networks operate in a number of different carrier frequency ranges (separated into GSM
frequency ranges for 2G and UMTS frequency bands for 3G), with most 2G GSM networks operating
in the 900 MHz or 1800 MHz bands.
Regardless of the frequency selected by an operator, it is divided into timeslots for individual phones.
This allows eight full-rate or sixteen half-rate speech channels per radio frequency. These eight radio
timeslots (or burst periods) are grouped into a TDMA frame. Half-rate channels use alternate frames
in the same timeslot. The channel data rate for all 8 channels is 270.833 kbit/s, and the frame
duration is 4.615 ms.
The transmission power in the handset is limited to a maximum of 2 watts in GSM 850/900 and 1
watt in GSM 1800/1900.

GSM frequency bands

Uplink (MHz) Downlink (MHz) Equivalent

GSM band ƒ(MHz) Channel numbers Regional deployments
(mobile to base) (base to mobile) LTE band

None
P-GSM-900 900 890.0 – 915.0 935.0 – 960.0 1–124 8 (subset)
deprecated

E-GSM-900 900 880.0 – 915.0 925.0 – 960.0 0–124, 975–1023 8 APAC,[f]EMEA[g]

APAC,[f]EMEA[g]
R-GSM-900 900 876.0 – 915.0 921.0 – 960.0 0–124, 955–1023 ?
used for GSM-R

T-GSM-900 900 870.4 – 876.0 915.4 – 921.0 dynamic None None

P-GSM is the standard or primary GSM-900 band

E-GSM is the extended GSM-900 band: a superset of the standard GSM-900 band
R-GSM, or GSM-R, is the Railways GSM-900 band, which also includes the standard and extended GSM-900 bands.
T-GSM is Trunking-GSM
Voice codecs
GSM has used a variety of voice codecs to squeeze 3.1 kHz audio into between 7 and 13 kbit/s.
Originally, two codecs, named after the types of data channel they were allocated, were used,
called Half Rate (6.5 kbit/s) and Full Rate (13 kbit/s). These used a system based on linear
predictive coding (LPC).
Linear predictive coding (LPC) is a tool used mostly in audio signal processing and speech
processing for representing the spectral envelope of a digital signal of speech in compressed form,
using the information of a linear predictive model.
It is one of the most powerful speech analysis techniques, and one of the most useful methods for
encoding good quality speech at a low bit rate and provides extremely accurate estimates of speech
parameters.
GSM security
GSM was intended to be a secure wireless system. It has considered the user authentication using
a pre-shared key and challenge-response, and over-the-air encryption. However, GSM is vulnerable
to different types of attack, each of them aimed at a different part of the network.\\
The development of UMTS introduced an optional Universal Subscriber Identity Module (USIM), that
uses a longer authentication key to give greater security, as well as mutually authenticating the
network and the user, whereas GSM only authenticates the user to the network (and not vice versa).
The security model therefore offers confidentiality and authentication, but limited authorization
capabilities, and no non-repudiation.
GSM uses several cryptographic algorithms for security. The A5/1, A5/2, and A5/3 stream
ciphers are used for ensuring over-the-air voice privacy. A5/1 was developed first and is a stronger
algorithm used within Europe and the United States; A5/2 is weaker and used in other countries.
Serious weaknesses have been found in both algorithms: it is possible to break A5/2 in real-time with
a ciphertext-only attack, and in January 2007
Circuit switching and packet switching are the two switching methods that are used to connect the
multiple communicating devices with one another.
Circuit Switching was particularly designed for voice communication and it was less suitable for
data transmission. So, a better solution evolved for data transmission called Packet switching.
The main difference between circuit switching and packet switching is that Circuit
Switching is connection oriented whereas, Packet Switching is connectionless

ASIS FOR COMPARISON CIRCUIT SWITCHING PACKET SWITCHING

Orientation Connection oriented Connectionless.

Purpose Initially designed for Voice Initially designed for

communication. Data Transmission.
Flexibility Inflexible, because once a Flexible, because a route
path is set all parts of a is created for each
transmission follows the packet to travel to the
same path. destination.
Order Message is received in the Packets of a message are
order, sent from the source. received out of order and
assembled at the
 ASIS FOR COMPARISON CIRCUIT SWITCHING PACKET SWITCHING

destination.

Technology/Approach Circuit switching can be Packet Switching has two

achieved using two
technologies, either Space
Division Switching or Time-
Division Switching.
Layers Circuit Switching is
implemented at Physical
Layer.
approaches Datagram
Approach and Virtual
Circuit Approach.
Packet Switching is
implemented at Network
Layer

Subsequently, the 3GPP (3rd Generation Partnership Project) developed third-generation

(3G) UMTS (Universal Mobile Telecommunication System) standards, followed by fourth-
generation (4G) LTE (Long Term Evolution) Advanced standards, which do not form part of the ETSI
GSM standard.
Network structure
The network is structured into several discrete sections:

 Base station subsystem – the base stations and their controllers

 Network and Switching Subsystem – the part of the network most similar to a fixed network,
sometimes just called the "core network"
 GPRS Core Network – the optional part which allows packet-based Internet connections
 Operations support system (OSS) – network maintenance

Base station subsystem (BSS) is the section of a traditional cellular telephone network which is
responsible for handling traffic and signaling between a mobile phone and the network switching
subsystem. The BSS carries out transcoding of speech channels, allocation of radio channels to
mobile phones, paging, transmission and reception over the air interface and many other tasks
related to the radio network

The Base Transceiver Station (BTS) is a term used to denote a base station in GSM terminology.

A BTS consists of an antenna and the radio equipment necessary to communicate by radio with a
Mobile Station (MS). Each BTS covers a defined area, known as a cell. A BTS is under control of
a BSC, which is in turn under control of a MSC (Mobile Switching Centre).

BTS, contains the equipment for transmitting and receiving radio signals (transceivers), antennas,
and equipment for encrypting and decrypting communications with the base station controller (BSC).
Typically a BTS for anything other than a picocell will have several transceivers (TRXs) which allow it
to serve several different frequencies and different sectors of the cell (in the case of sectorised base
stations).

A BTS is controlled by a parent BSC via the "base station control function" (BCF). The BCF is
implemented as a discrete unit or even incorporated in a TRX in compact base stations. The BCF
provides an operations and maintenance (O&M) connection to the network management system
(NMS), and manages operational states of each TRX, as well as software handling and alarm
collection.

Base station controller

The base station controller (BSC) provides, classically, the intelligence behind the BTSs. Typically a
BSC has tens or even hundreds of BTSs under its control. The BSC handles allocation of radio
channels, receives measurements from the mobile phones, and controls handovers from BTS to
BTS (except in the case of an inter-BSC handover in which case control is in part the responsibility
of the anchor MSC). A key function of the BSC is to act as a concentrator where many different low
capacity connections to BTSs (with relatively low utilisation) become reduced to a smaller number of
connections towards the mobile switching center (MSC) (with a high level of utilisation). Overall, this
means that networks are often structured to have many BSCs distributed into regions near their
BTSs which are then connected to large centralised MSC sites.

The BSC is responsible for the allocation of radio resources to a mobile call and for the handovers
that are made between base stations under his control. Other handovers are under control of
the MSC

The Mobile Switching Centre (MSC) is a telephone exchange that makes the connection between
mobile users within the network, from mobile users to the public switched telephone network and
from mobile users to other mobile networks.

The MSC also administers handovers to neighbouring base stations, keeps a record of the location
of the mobile subscribers, is responsible for subscriber services and billing.

A TRX transmits and receives according to the GSM standards, which specify eight TDMA timeslots
per radio frequency. A TRX may lose some of this capacity as some information is required to
be broadcast to handsets in the area that the BTS serves. This information allows the handsets to
identify the network and gain access to it. This signalling makes use of a channel known as
the Broadcast Control Channel (BCCH).

Sectorization

By using directional antennas on a base station, each pointing in different directions, it is possible to
sectorise the base station so that several different cells are served from the same location. Typically
these directional antennas have a beamwidth of 65 to 85 degrees. This increases the traffic capacity
of the base station (each frequency can carry eight voice channels) whilst not greatly increasing
the interference caused to neighboring cells (in any given direction, only a small number of
frequencies are being broadcast). Typically two antennas are used per sector, at spacing of ten or
more wavelengths apart. This allows the operator to overcome the effects of fading due to physical
phenomena such as multipath reception. Some amplification of the received signal as it leaves the
antenna is often used to preserve the balance between uplink and downlink signal.

Absolute radio-frequency channel number

In GSM cellular networks, an absolute radio-frequency channel number (ARFCN) is a code that
specifies a pair of physical radio carriers used for transmission and reception in a land mobile radio
system, one for the uplink signal and one for the downlink signal. ARFCNs for GSM are defined in
 Specification 45.005 Section 2. There are also other variants of the ARFCN numbering scheme that
are in use for other systems that are not GSM. One such example is the TETRA system that has
25 kHz channel spacing and uses different base frequencies for numbering.
Different frequencies (ARFCNs) are used for the frequency-based component of GSMs multiple
access scheme (FDMA — frequency-division multiple access). Uplink/downlink channel pairs in GSM
are identified by ARFCN. Together with the time-based component (TDMA — time-division multiple
access) the physical channel is defined by selecting a certain ARFCN and a certain time slot. Note
not to confuse this physical channel with the logical channels (e.g. BCCH — Broadcast Control
Channel) that are time-multiplexed onto it under the rules of GSM Specification 05.03.
Band Designation ARFCN fUL fDL
GSM 450 259−293 450.6 + 0.2·(n−259) fUL(n) + 10
GSM 500
GSM 480 306−340 479.0 + 0.2·(n−306)[1] fUL(n) + 10
GSM 700 GSM 750 438−511 747.2 + 0.2·(n−438)[2] fUL(n) + 30
GSM 850 GSM 850 128−251 824.2 + 0.2·(n−128) fUL(n) + 45
P-GSM 1−124 890.0 + 0.2·n fUL(n) + 45

0−124 890.0 + 0.2·n

E-GSM fUL(n) + 45
975−1023 890.0 + 0.2·(n−1024)
GSM 900

0−124 890.0 + 0.2·n

GSM-R fUL(n) + 45
955−1023 890.0 + 0.2·(n−1024)

GSM 1800 DCS 1800 512−885 1710.2 + 0.2·(n−512) fUL(n) + 95

GSM 1900 PCS 1900 512−810 1850.2 + 0.2·(n−512) fUL(n) + 80

Gaussian minimum-shift keying

In digital communication, Gaussian minimum shift keying or GMSK is a continuous phase frequency
modulation scheme.

GMSK is similar to standard minimum-shift keying (MSK); however, the digital data stream is first
shaped with a Gaussian filter before being applied to a frequency modulator, and typically has much
narrower phase shift angles than most MSK modulation systems. This has the advantage of
 reducing sideband power, which in turn reduces out-of-band interference between signal carrier in
adjacent frequency channels.

However, the Gaussian filter increases the modulation memory in the system and causes inter
symbol interference, making it more difficult to differentiate between different transmitted data
values and requiring more complex channel equalization algorithms such as an adaptive
equalizer at the receiver. GMSK has high spectral efficiency, but it needs a higher power level
than QPSK, for instance, in order to reliably transmit the same amount of data.

GMSK is most notably used in the Global System for Mobile Communications (GSM) and the
satellite communications, e.g. in the Automatic Identification System (AIS) for maritime navigation.

Bluetooth Devices are radio frequency devices designed to use the 2.4 to 2.48 GHz frequency band
known as the ISM (Industrial, Scientific and Medical) band. Bluetooth devices share this band with
other devices such as wireless networks (802.11) and cordless phones. Bluetooth devices use
frequency hopping to help minimize the effects of interference with other devices.

Beamforming is a technique by which an array of antennas can be steered to transmit radio signals in
a specific direction. Rather than simply broadcasting energy/signals in all directions, the antenna
arrays that use beamforming, determine the direction of interest and send/receive a stronger beam of
signals in that specific direction.

This technique is widely used in radars and sonar, biomedical, and particularly in communications
(telecom, Wi-Fi), specially 5G – Where very high data rates are required and the only way to support
this would be to maximize transmit and receive efficiency by using beamforming.

In this technique, each antenna element is fed separately with the signal to be transmitted. The phase
and amplitude of each signal is then added constructively and destructively in such a way that they
concentrate the energy into a narrow beam or lobe.

Clear Channel Assessment

The Clear Channel Assessment (CCA) is a mechanism for determining whether the medium is idle or
not. The CCA includes carrier sensing and energy detection. The Carrier Sense (CS) mechanism
consists of a physical CS and a virtual CS.
Direct Sequence Spread Spectrum (DSSS) is a spread spectrum technique whereby the original
data signal is multiplied with a pseudo random noise spreading code. This spreading code has a
higher chip rate, which results in a wideband time continiuous scrambled signal.

DSSS significantly improves protection against interfering (or jamming) signals, especially narrowband
and makes the signal less noticeable. It also provides security of transmission if the code is not known
to the public. These reasons make DSSS very popular by the military

DSSS can also be used as a multiple access technique, whereby several different pseudo random
spreading codes are being used simultaneously. This multiple access technique is better known as
Direct Sequence CDMA.

DSSS is e.g. used in IEEE 802.11b and Zigbee.

Frequency Hopping Spread Spectrum (FHSS)

a method of transmitting radio signals by rapidly switching a carrier among many frequency channels,
using a pseudorandom sequence known to both transmitter and receiver. It is used as a multiple
access method in the code division multiple access (CDMA) scheme frequency-hopping code division
multiple access (FH-CDMA).

In FHSS systems the data is sent using a transmission frequency that moves from one frequency to
another in a "hop" sequence. Hence, a hopping pattern can be observed in the spectrum.

Each available frequency band is divided into sub-frequencies. Signals rapidly change ("hop") among
these in a predetermined order. Interference at a specific frequency will only affect the signal during
that short interval. FHSS can, however, cause interference with adjacent direct-sequence spread
spectrum(DSSS) systems.

FHSS is for instance used by Bluetooth. Bluetooth hoppes 1600 times per second between the 79
available channels
Frequency Hopping is a technique where when a link is formed the devices are synchronized to
change channels together many times a second. The pattern of channels used is called the hop
sequence and is unique for each link. Since the devices spend only small amounts of time on a
particular channel and because the hop sequence is different for each link the possibility of
interference is minimized.

How AFH works

first generation Bluetooth devices use 79 of the 83.5 available channels in the 2.4 GHz band,
hopping across these channels in a random fashion and at a rate of 1600 times per second. As
soon as another wireless device is introduced into the environment this type of hopping results in
occasional collisions. Without AFH Bluetooth lacks the ability to avoid these conflicts, and thus to
adapt to its environment.

Figure 2.1 -- Collisions resulting from random frequency hopping Adapting to the environment
In contrast to the above, Adaptive Frequency Hopping allows Bluetooth to adapt to the environment
by identifying fixed sources of interference and excluding them from the list of available channels.
 This process of re-mapping also involves reducing the number of channels to be used by Bluetooth.
The Bluetooth Specification requires a minimum set of at least twenty channels.

Figure 2.2 -- Collisions avoided using Adaptive Frequency Hopping identifying "bad" channels

Listen Before Talk (LBT) or sometimes called Listen Before Transmit is a technique used in
radio communications whereby a radio transmitters first sense its radio environment before it starts a
transmission. LBT can be used by a radio device to find a network the device is allowed to operate on
or to find a free radio channel to operate on..

There are two broad types of LBT schemes: Frame Based Equipment (FBE) and Load Based
Equipment (LBE)

In FBE, channel sensing is performed at fixed time instants; if the channel is busy, LAA BS backs off
for a fixed time period and senses the channel again after this period.

In LBE approach, the channel sensing is performed at any time instant and random back-off is used if
the channel is found busy.

Peak Envelope Power

An RF waveform under any form of amplitude modulation is not a steady sine wave, and a common
measure is of the power at the crest of modulation.

The ITU Radio Regulations define the terms Peak Envelope Power as:

Peak Envelope Power ‘pX’ (s1.157) means the average power supplied to the antenna transmission
line by a transmitter during one radiofrequency cycle at the crest of the modulation envelope taken
under normal operating conditions.

Peak Envelope Power is usually measured in a resistive load, and in that case it is simply given by
PEP=V2/2/R (where V is the peak RF voltage) or PEP=VRMS2/R.

A Power Spectral Density (PSD) is the measure of signal's power content versus frequency. A
PSD is typically used to characterize broadband random signals. The amplitude of the PSD is
normalized by the spectral resolution employed to digitize the signal
Ultra-wideband (also known as UWB, ultra-wide band and ultra band) is a radio technology that can
use a very low energy level for short-range, high-bandwidth communications over a large portion of
the radio spectrum

The terms “narrowband” and “wideband” refer to the actual radio channel bandwidth.

A common definition (ETSI) of narrowband is when 25 kHz or less is used for the radio channel. The
benefit of using a narrow channel is the lower noise bandwidth and hence better sensitivity and range.
The advantage of wideband is the capability to transfer higher data rates.

Orthogonal frequency-division multiplexing (OFDM) is a method of digital signal modulation in

which a single data stream is split across several separate narrowband channels at
different frequencies to reduce interference and crosstalk.

OFDM is used in Wi-Fi, DSL internet access, 4G wireless communications, and digital television and
radio broadcast services.

Equivalent Isotropically Radiated Power(EIRP) is the product of transmitter power and

the antenna gain in a given direction relative to an isotropic antenna of a radio transmitter.

Normally the EIRP is given in dBi, or decibels over isotropic.

An isotropic antenna is an ideal antenna that radiates its power uniformly in all directions. There is no
actual physical isotropic antenna. However, an isotropic antenna is often used as a reference antenna
for the antenna gain.

The antenna gain is often specified in dBi, or decibels over isotropic. This is the power in the strongest
direction divided by the power that would be transmitted by an isotropic antenna emitting the same
total power.

Duty cycle or power cycle is the fraction of one period in which a signal or system is active
D = PW/T

Defined as the ratio between the pulse duration, or pulse width PW and the period T of a rectangular
waveform

A period is the time, it takes for a signal to complete an on-and-off cycle

Duty cycle (%) may be expressed as: D= (PW/T)*100%

Thus, a 60% duty cycle means the signal is on 60% of the time but off 40% of the time.
The Medium Utilization (MU) factor is a measure to quantify the amount of resources (Power and
Time) used by non-adaptive equipment.
The Medium Utilization factor is defined by the formula: MU = (P/100 mW) × DC
where: MU is Medium Utilization factor in %.
P is the RF output power expressed in mW
DC is the Duty Cycle expressed in %.