Master of Science Thesis in Electrical Engineering

Department of Electrical Engineering, Linköping University, 2020

Software-Defined Radio
Receiver for IEEE 802.11n

Matilda Ödquist
 Master of Science Thesis in Electrical Engineering
Software-Defined Radio Receiver for IEEE 802.11n:
Matilda Ödquist
LiTH-ISY-EX--20/5338--SE

Supervisor: Giovanni Interdonato

isy, Linköping University
Peter Nagy
Swedish Defense Research Agency (FOI)

Examiner: Danyo Danev

isy, Linköping University

Division of Communication Systems

Department of Electrical Engineering
Linköping University
SE-581 83 Linköping, Sweden

Copyright © 2020 Matilda Ödquist

Abstract
This thesis studies the physical layer (PHY layer) of the IEEE 802.11n wireless
local area network (WLAN) standard. The possibility of integrating a receiver
designed according to the standard with software-defined radios is investigated.
The proposed design was implemented in MATLAB and tested using two software-
defined radios. One of the radios transmitted IEEE 802.11n signals whilst the
other one captured them and sent them to a computer for decoding. In this way,
evaluation of the proposed receiver design was done. The tests resulted in suc-
cessfully decoded WLAN packets, although errors occured regularly due to dis-
tortions in the air. The proposed MATLAB design can be developed further, with
more features, for future tests and research.

iii
Acknowledgments
I want to thank FOI for giving me the opportunity to write my master thesis,
and the support from everyone at the department. A special thank you to my
supervisor at FOI, Peter Nagy, for all the help with technical advise and input. I
would also like thank my supervisor and examiner at Liu, Giovanni Interdonato
and Danyo Danev. I received great support and feedback throughout the project,
and the thesis is in way better shape after the proofreading done by Giovanni.

Linköping, September 2020

Matilda Ödquist

v
 Contents

Notation ix

1 Introduction 1
1.1 Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.3 Problem statements . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.4 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2 Theory 5
2.1 Supported bandwidths . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.2 OFDM and modulation constellation patterns . . . . . . . . . . . . 5
2.3 The 802.11n layers . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.3.1 Physical layer . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.3.2 Medium access control . . . . . . . . . . . . . . . . . . . . . 9
2.3.3 Logical link control and higher layers . . . . . . . . . . . . 9
2.4 The 802.11n PHY layer . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.4.1 Non-HT short training field and non-HT long training field 10
2.4.2 Non-HT signal field . . . . . . . . . . . . . . . . . . . . . . . 12
2.4.3 HT signal field . . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.4.4 HT short training field . . . . . . . . . . . . . . . . . . . . . 13
2.4.5 HT long training field . . . . . . . . . . . . . . . . . . . . . . 14
2.4.6 Data field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.5 USRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

3 Method 19
3.1 Overview of the workflow of the receiver . . . . . . . . . . . . . . . 19
3.2 System model in detail . . . . . . . . . . . . . . . . . . . . . . . . . 20
3.2.1 Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.2.2 Symbol timing . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.2.3 Carrier frequency offset correction . . . . . . . . . . . . . . 21
3.2.4 Channel estimation using L-LTF . . . . . . . . . . . . . . . . 22
3.2.5 Noise variance estimation . . . . . . . . . . . . . . . . . . . 22
3.2.6 Recovery of L-SIG . . . . . . . . . . . . . . . . . . . . . . . . 23

vii
viii Contents

3.2.7 Recovery of HT-SIG . . . . . . . . . . . . . . . . . . . . . . . 23

3.2.8 Deciding the length of HT-LTF . . . . . . . . . . . . . . . . 23
3.2.9 Channel estimation using HT-LTF . . . . . . . . . . . . . . 23
3.2.10 Recovery of the transmitted data . . . . . . . . . . . . . . . 24
3.3 Performed tests and simulations . . . . . . . . . . . . . . . . . . . . 24

4 Results 27
4.1 Test set-up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.2 Packets received on USRP . . . . . . . . . . . . . . . . . . . . . . . 27
4.3 USRP tests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
4.4 Simulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
4.5 Comparison of USRP tests and simulations . . . . . . . . . . . . . . 31
4.6 Reasons for unsuccessful packet decoding . . . . . . . . . . . . . . 31

5 Discussion 33
5.1 Result . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
5.1.1 Tests done with simulated channel . . . . . . . . . . . . . . 33
5.1.2 Tests done with USRPs . . . . . . . . . . . . . . . . . . . . . 33
5.2 Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
5.3 The project in further context . . . . . . . . . . . . . . . . . . . . . 34

6 Conclusion 35
6.1 Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
6.2 Problem statements . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
6.3 Future work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Bibliography 37
ix
x Notation

Notation

Abbreviations

Abbreviation Definition
bcc Binary convolutional codes
ber Bit error rate
bpsk Binary phase-shift keying
crc Cyclic redundancy check
dft Discrete Fourier transform
fec Forward error correction
gi Guard interval
ht High throughput
ht-dltf HT data long training field
ht-eltf HT extension long training field
ht-ltf HT long training field
ht-sig HT signal field
ht-stf HT short training field
idft Inverse discrete Fourier transform
l-ltf Non-HT long training field
l-sig Non-HT signal field
l-stf Non-HT short training field
ldpc Low-density parity-check
llc Logical link control
mac Medium access control
mcs Modulation and coding scheme
mimo Multiple input multiple output
mpdu MAC protocol data unit
ofdm Orthogonal frequency-division multiplexing
per Packet error rate
phy Physical layer
plcp Physical layer convergence protocol
ppdu PLCP protocol data unit
psdu PHY service data unit
qam Quadrature amplitude modulation
qpsk Quadrature phase-shift keying
sdr Software-defined radio
snr Signal-to-noise ratio
stbc Space-time block coding
usrp Universal software radio peripheral
wlan Wireless local area network
Notation xi

Terminology

Word Explanation
802.11n A wireless networking standard in the 802.11 set of
protocols. Also called “HT”.
NewRowFix
NewRowFix
Cyclic Abbreviated CRC. An error-detecting code used to de-
redundancy tect accidental changes to the data. A check value is
check generated and added to the data to be transmitted. Af-
ter reception, the calculation is repeated to obtain a
second check sequence. Two check sequences that do
not match indicate corrupt data.

NewRowFix
Guard Sometimes a guard interval is added to a symbol to
interval ensure that it does not get distorted due to interfer-
ence from other parts of the transmission. Typically
a “cyclic prefix” is added in the guard interval, which
means data is prefixed by a repetition of it’s end.

NewRowFix
MATLAB A MATLAB code generator which automatically con-
Coder verts MATLAB code directly to C code or C++ code.
It supports most of the MATLAB language and it also
supports many of the MATLAB toolboxes.
NewRowFix
NewRowFix
MATLAB A MATLAB toolbox which is useful when implement-
WLAN ing wireless LAN systems in MATLAB. For instance,
toolbox the toolbox provides functions that perform different
types of FEC encodings (“BCC encoding” and “LDPC
encoding”).

NewRowFix
OSI A model that standardises the communication func-
model tions of a telecommunication or a computing system.
The model is useful for developers when it comes to
understanding and discussing the technology.
NewRowFix
NewRowFix
Software- Abbreviated SDR. A radio communication system
defined used to transmit and receive radio signals, where com-
radio ponents that traditionally have been implemented in
hardware are implemented by means of software in-
stead.
 Introduction
1
The aim of this section is to provide a motivation for the project described in this
report and to clarify the purpose of it. Problem statements are defined, as well as
the limitations of the project.

1.1 Motivation
By following the IEEE 802.11 protocol for wireless local area network (WLAN)
implementations, WLANs can be implemented. The 802.11 protocol has devel-
oped a lot throughout the years and one of the later versions is 802.11n, which
was introduced in 2009 [1]. The 802.11n standard has many features, such as
orthogoal frequency-division multiplexing (OFDM) and multiple input multiple
output (MIMO) [2]. By following the standard, one can reach a transmission
speed up to 600 Mbps 1 [2].

IEEE 802.11n is not the latest version of the standard. IEEE 802.11ac was in-
troduced in 2013 and is therefore even more modern. However, most of the tech-
niques used in the 802.11ac version were already used in the 802.11n version.
The 802.11ac version can be considered a development of the 802.11n version,
rather than its own revolutionary departure [3]. In contrast to 802.11ac, which
only operates in the 5 GHz frequency band, 802.11n supports both 2.4 GHz and
5 GHz [3]. A list of earlier versions of IEEE 802.11, and their release years, can
be seen in table 1.1.

1 Megabits per second.

1
2 1 Introduction

Version 802.11a 802.11b 802.11g 802.11n 802.11ac

Release year 1999 1999 2003 2009 2013
Table 1.1: IEEE 802.11 release years [3, 4].

.
A device often used to test WLAN implementations is the software-defined radio
(SDR). A SDR is a programmable radio where components that traditionally have
been implemented in hardware can be implemented in software.

It is in the interest of the Swedish Defense Research Agency to obtain code (prefer-
ably in the coding language C) that records 802.11n signals on a SDR and then
restores the data on a computer. An image describing this arrangement can be
seen in figure 1.1.

802.11n SDR Computer

transmitter

Figure 1.1: A transmitter sending out 802.11n signals, which are captured
by a SDR and then sent to a computer for decoding.

1.2 Purpose
The purpose of this thesis is to propose a design for a receiver following the
802.11n standard, which will be useful for the Swedish Defense Research Agency
when it comes to decoding WLAN signals. The receiver will be implemented us-
ing a SDR and MATLAB, but it will be possible to compile the MATLAB code to
C code using MATLAB Coder. The type of SDR that will be used to capture trans-
mitted 802.11n signals is the universal software radio peripheral (USRP) B210
[5]. The SDR that will be used to transmit 802.11n signals during system tests is
the USRP B205 mini [6].

1.3 Problem statements

The following problem statements have been formulated for the project:

• What are the main characteristics of IEEE 802.11n?

• Can a USRP together with MATLAB be used to effectively implement the

physical layer of an IEEE 802.11n receiver?
1.4 Limitations 3

1.4 Limitations
IEEE 802.11n is fairly advanced and supports many types of configurations. One
of the 802.11n features is for instance multiple input multiple output (MIMO)
[1], meaning multiple antennas are used to make the radio signals take different
paths between transmitter and receiver. The implementation described in this
thesis will, however, not support all of these features. The receiver shall be able
to receive HT 2 frames from any transmitter following the protocol, no matter the
configuration of the transmitter, but the receiver itself will be limited in several
ways. These limitations are due to the extent of the project, which only has one
project member and is planned to go on for 5 months. It is also due to hardware
limitations. A list of the defined limitations can be seen below.

• The receiver is not expected to operate all layers of the OSI model, the re-
ceiver will only have the physical layer implemented.
• Functions from MATLAB WLAN toolbox are not to be used in the code of
the final version of the system.

• The receiver will only use one antenna, however it will be able to read sig-
nals from a multiple antenna transmitter. In other words, it will be a multi-
ple input single output (MISO) setup.
• Due to the system test arrangement, the speed of the WLAN will be limited.
Even though IEEE 802.11n supports a maximum speed of about 600 Mbps
[2], the receiver will record and recover the data packets at a lower rate.
• The receiver will work in the 2.4 GHz frequency band, but it is not expected
to successfully decode signals in the 5 GHz band. IEEE 802.11n supports
both frequency bands [2]. However, only the 2.4 GHz frequency band will
be used in the tests.

2 HT stands for high throughput and is the official name of the IEEE 802.11n physical layer [2].
 2
Theory

This section aims to clarify the theory behind the project. That is, it explains
the structure of IEEE 802.11n focusing on the physical layer. This includes the
structure of the preamble, which is sent before the data sequence and used for fea-
tures such as detection and channel estimation, but also the modifications done
to the actual data sequence before it is transmitted. This section also includes
information about the USRPs used in this project.

2.1 Supported bandwidths

When transmitting a signal according to the 802.11n version of the standard, one
has two bandwidths to choose from. The bandwidth can be either 20 MHz or 40
MHz [2]. Using a 40 MHz bandwidth allows higher transmission speed, however
it naturally requires twice as much bandwidth spectrum to be free compared to
when 20 MHz is used. This leads to the fact that less channels are often available
when transmitting with 40 MHz bandwidth [2].

2.2 OFDM and modulation constellation patterns

Orthogonal frequency-division multiplexing means a signal in the frequency spec-
trum is divided into equally spaced subcarriers. These subcarriers are orthogonal
to each other and each one of them carries a portion of the transmitted informa-
tion [7]. OFDM makes the signal more bandwidth efficient and the orthogonality
prevents the subcarriers from interfering with each other [7]. A representation of
orthogonal subcarriers can be seen in figure 2.1.

5
6 2 Theory

Angular frequency
Figure 2.1: Orthogonal subcarriers. When one subcarrier peaks the others
ones are zero, making them orthogonal.

.
In addition to modulating the signal in terms of frequency, the phase and the
amplitude are also adjusted in digital communication systems. By adjusting the
phase and amplitude, different modulations of constellation patterns can be cre-
ated [8]. The modulation constellation patterns for the subcarriers supported
by IEEE 802.11n are BPSK, QPSK, 16-QAM and 64-QAM [1]. In 16-QAM and
64-QAM the different constellation points are created by adjusting both phase
and amplitude of the signal. In BPSK and QPSK the constellation points have
the same amplitude but different phase [8]. In figure 2.2, 2.3, 2.4 and 2.5 the
constellation diagrams supported in the standard are illustrated.
 2.2 OFDM and modulation constellation patterns 7

BPSK constellation diagram QPSK constellation diagram

Q Q

I I

Figure 2.2: BPSK constellation diagram. Figure 2.3: QPSK constellation diagram.

16-QAM constellation diagram 64-QAM constellation diagram

Q Q

I I

Figure 2.4: 16-QAM constellation diagram. Figure 2.5: 64-QAM constellation diagram.

.
Constellations with fewer points can tolerate larger frequency errors, i.e. errors
where frequency has been shifted due to synchronization problems, and lower
SNR than large constellations [9]. However, there is still a reason to use con-
stellations with more points, such as 64-QAM, since this allows more bits to be
transmitted in a shorter period of time. To get as high throughput as possible the
size of the constellation diagram is chosen by taking the channel into considera-
tion. One wants to get as many correct packets as possible, in the shortest period
of time [8].
8 2 Theory

2.3 The 802.11n layers

To help out with orientation, a reference model with different layers has been
developed to describe WLAN systems. The purpose of having such a model is
to help the developers out when it comes to understanding and discussing the
technology [10]. In figure 2.6 the reference model is described.

Higher Layers

Logical Link Control (LLC)

Medium Access Control

(MAC)

Physical Layer (PHY)

Figure 2.6: Reference model for development of WLAN systems.

.
In the following subsections, the different layers of the reference model seen in
figure 2.6 are described briefly.

2.3.1 Physical layer

The physical layer, or the PHY layer, is the lowest layer in the OSI model. The
layer receives data from the layer above it, the MAC layer, and maps the data into
frames suitable for transmission and reception [10]. When the PHY layer receives
the data from the MAC layer, it has been mapped into MAC protocol data units
(“MPDUs”). The MPDUs are put into a physical layer frame, and become PHY
service data units (“PSDUs”) [10]. In figure 2.7 the mapping from MAC layer to
PHY layer is illustrated.

MPDU

MAC layer
PHY layer

PHY layer preamble PSDU

Framing of packet to be transmitted

Figure 2.7: The relationship between MAC and PHY layer. The MPDUs
created by the MAC layer become PSDUs and are handled by the PHY layer.
They are put into frames suitable for transmission.

The physical layer operates in terms of bits. The physical layer is where electri-
cal, mechanical and procedural specifications are defined [11]. This is described
further in section 2.4.
2.4 The 802.11n PHY layer 9

2.3.2 Medium access control

The MAC layer is in charge of making it possible for a group of wireless systems
to share the same space and frequencies. Two transmitters can not send data on
the same channel at the same time, if they operate in the same area. That would
make the transmissions distort each other. The MAC layer makes sure this does
not happen [11].

2.3.3 Logical link control and higher layers

The layer called “logical link control” is in charge of making sure that data is in-
tact and detecting possible errors. The higher layers are responsible for features
such as moving data to the correct destination and interacting with the used soft-
ware [11].

2.4 The 802.11n PHY layer

This subsection aims to clarify each part of the physical layer of the 802.11n ver-
sion of the standard. That is, to explain modifications done to the data before it
is transmitted and how the receiver recovers the data after it has been distorted
during the transmission.

There are several options for how to do the PLCP framing of the information to be
transmitted. PLCP stands for “physical layer convergence protocol” and refers to
how the physical layer maps the data into a frame suitable for transmission [10].
The options for the frames are “non-HT mode”, “mixed mode” and “greenfield
mode” [2]. The non-HT mode is compatible with prior versions of the standard,
but does not have any of the features that are exclusive to the 802.11n version of
the standard. The mixed mode contains the features that were new when IEEE
802.11n was introduced, but it can not be fully decoded by receivers following
the prior versions of the standard. The greenfield mode can only be used in en-
vironments where no other devices than 802.11n devices are used, the mode is
therefore optional and not commonly implemented [2]. Figure 2.8 describes the
PLCP framing for the non-HT mode and mixed mode, according to the standard
[1].

Non-HT mode
Non-
Non-HT Short Non-HT Long
HT Signal Data Field
Training Field Training Field
Field

Mixed mode
Non-
Non-HT Short Non-HT Long HT Signal HT Short HT Long
HT Signal Data Field
Training Field Training Field Field Training Field Training Field
Field

Figure 2.8: The PLCP framing for the non-HT mode and mixed mode,
according to IEEE 802.11n [2].
10 2 Theory

2.4.1 Non-HT short training field and non-HT long training field

The non-HT short training field, “L-STF”, consists of 10 short training symbols,
each one having a duration of 0.8 µs. The total duration of the L-STF is always 8
µs (0.8 µs · 10 = 8 µs) regardless of the channel bandwidth [1], provided that the
signal has been sampled correctly.

The non-HT long training field, “L-LTF”, consists of two long training symbol
periods and a guard interval. It has a total duration of 8 µs. The guard interval
has a duration of 1.6 µs and each training symbol 3.2 µs [12].

The L-STF and L-LTF are useful for the receiver in several ways. They can be
used for detection of an incoming 802.11n packet, synchronizing timers and for
antenna selection [2]. The antenna selection entails the use of multiple antennas
and it is performed by transmitting a packet containing no data field. The rece-
vier uses the preamble to decide the optimal receive and transmit antennas [13].
The training symbols are also useful for channel estimation [9].

At the receiver end, the detection implementation is important since it finds an

approximate of the start of an incoming signal. The main problem when it comes
to detection is the task of finding out whether there is a signal embedded in the
incoming noise, or if it is just noise that the receiver is detecting. By formulating
a simple binary hypothesis test, the detection problem can be described [14]. An
incoming packet is considered present if a decision variable exceeds a predefined
threshold [9]. In general it is better to detect an incoming signal a little bit too
often, rather than missing out on some of the incoming packets [9].

One technique used for detecting an incoming signal is the “delay and correlate"
technique. By looking at the periodicity of the L-STF, one can use the cross cor-
relation of an incoming signal and a delayed version of it. If they resemble each
other, it is likely that it is two following short training symbols that has been de-
tected [9].

Another technique used for detection is the “double-sliding window” method.

This method takes advantage of the fact that the received signal energy is in-
creased when a transmitted signal, instead of noise, is received. A change in the
received signal energy is being looked for. To reduce the impact of noise samples
that happen to have large signal energy, a window of certain length is defined.
The received signal energy is accumulated over the defined window length [9].
An incoming signal would lead to an increased signal energy in a long sequence
of samples, and the defined window verifies that this has happened. A noise
sample that happens to have large signal energy is thereby not mistaken for an
incoming signal. To improve the detection further, two windows are used. The
algorithm uses two consecutive windows when accumulating the received signal
energy and the ratio in signal energy between the two windows is taken under
consideration. When an incoming packet is covering the first window completely,
2.4 The 802.11n PHY layer 11

but has not yet reached the second window, the ratio peaks [9]. Figure 2.9 illus-
trates the double-sliding window method. .

Incoming packet

Window A Window B

Ratio between signal energy contained in

window A and B

Figure 2.9: In double-sliding window detection two windows of a certain

length are defined. When an incoming packet has covered window A, but
not window B, the ratio between the signal energy of the windows peak.
This peak is being looked for in the detection algorithm.

“Double-sliding window” and “delay and correlate” are just two examples of
methods used for detection. The engineer is also free to design own methods
at the receiver end, as long as the methods can handle a signal that has been mod-
ulated and transmitted according to the standard [9].

When the approximate start of an incoming signal has been detected using the
L-STF, the exact start can be found using symbol timing [9]. Symbol timing is the
task of finding the precise moment when individual OFDM symbols start and
end. Cross correlation is used in this case as well, by either using the end of L-
STF or the beginning of L-LTF [9].

Another important task for the receiver is the channel estimation, which means
the frequency response of the channel is estimated. To do so, the L-LTF can be
used [9]. By using the L-LTF one can get a good estimate of the channel frequency
response for all the subcarriers. Since the L-LTF is defined in the standard, and
therefore the same in all transmitted 802.11n signals, the receiver can use this
knowledge to estimate the channel. By comparing the received L-LTF sequence
with the known sequence for L-LTF, the receiver can estimate the channel fre-
quency response. The received long training symbols are equal to the product
of the correct sequence of the long training symbols and the channel frequency
response plus additive noise [9].
 12 2 Theory

2.4.2 Non-HT signal field

The non-HT signal field is abbreviated “L-SIG” and it describes the data rate
and length in bytes of the frame for IEEE 802.11a and IEEE 802.11g devices [2].
These versions of the 802.11 standard can not fully read a signal transmitted by a
802.11n receiver, but it is important that devices following these prior protocols
know when a 802.11n device is transmitting. The 802.11n device sets the data
rate to 6 Mbps in L-SIG and a length corresponding the time it will take to trans-
mit. Devices following the 802.11a and 802.11g protocols will read the L-SIG
field and thereby know when they are free to transmit themselves and when to
wait in order to not disturb present 802.11n transmitters [2]. In figure 2.10 the
legacy fields of the mixed mode frame are highlighted. The different physical
layer framings were described in section 2.4.

Mixed mode
Non-
Non-HT Short Non-HT Long HT Signal HT Short HT Long
HT Signal Data Field
Training Field Training Field Field Training Field Training Field
Field

Legacy fields

Figure 2.10: In the mixed mode frame, the first three fields are legacy fields.
Devices following the 802.11a or 802.11g protocols are able to decode the
legacy fields. The third legacy field, “L-SIG”, prevents 802.11a and 802.11g
transmitters from interrupting 802.11n transmitters.

2.4.3 HT signal field

The HT signal field, “HT-SIG”, is divided into HT-SIG1 and HT-SIG2 and both
HT-SIG1 and HT-SIG2 have several subfields [1]. The HT-SIG gives the receiver
information on how to read the transmitted 802.11n signal. The subfields of the
HT-SIG field are “Modulation and Coding Scheme”, “CBW 20/40”, “HT Length”,
“Smoothing”, “Not Sounding”, “Reserved”, “Aggregation”, “STBC”, “FEC Cod-
ing”, “Short GI”, “Number of extension spatial streams”, “CRC” and “Tail Bits”
[1]. A description of the purpose of each of these fields can be found in table 2.1.
An image describing the structure of the HT-SIG field can be seen in figure 2.11.

HT Signnal Field (HT-SIG)

Modulation
Number of e.
and Coding CBW 20/40 HT Length Smoothing Not Sounding Reserved Aggregation STBC FEC coding Short GI CRC Tail Bits
s. s.
Scheme

HT-SIG1 HT-SIG2

Figure 2.11: The subfields of HT-SIG, which is the fourth field of the PLCP
framing. The HT-SIG field carries information about the received signal,
such as the guard interval (GI) and aggregation [2].
 2.4 The 802.11n PHY layer 13

Name of HT-SIG
subfield Description
A field of 7 bits, which indicates the index of the MCS table used by the
Modulation and transmitter. The MCS table tells, among other things, how many spatial
Coding Scheme streams that has been used [1].
It is either 0 or 1. 0 indicates the use of 20 MHz bandwidth, whilst 1
CBW 20/40 indicates the use of 40 MHz bandwidth[1].
Indicates the number of octets of data in the PSDU, so that the
HT Length receiver knows what length the PSDU has. This field is 16 bits long [1].
This field is set to either 0 or 1, 1 means channel estimate smoothing
Smoothing is recommended and 0 means it is not [1].
Not Sounding It is set to 0 if the PPDU is a sounding PPDU, otherwise it is set to 1 [1].
Reserved This field is always set to 1 [1].
If this field is set to 1, it indicates that the packet has an aggregated
PSDU. Meaning several PSDUs are sent in the same packet [2]. If
Aggregation the packet is not aggregated, this field is set to 0 [1].
2 bits long and indicates the difference in the number of space-time
STBC streams and the number of spatial streams [1].
It is set to either 0 if BCC encoding is used or 1 if LDPC encoding is
FEC Coding used [1].
This field is set to 1 if only a short guard interval is used after the
HT training fields in the PLCP frame. If a long guard interval is
Short GI used this field is set to 0 [1].
This field contains two bits. They are set to either 00, 01, 10 or 11
Number of
extension depending on how many extension spatial streams are used (four
spatial streams transmission modes can be used by the transmitter) [1].
This field is 8 bits long and contains CRC (cyclic redundancy
check) of bits 0–23 in HT-SIG1 and bits 0–9 in HT-SIG2 [1]. The
CRC helps the receiver to detect if there are errors in the received
CRC HT-SIG [2].
Contains 6 bits which are all set to zero, needed for the convolutional
Tail Bits coder to work [1].
Table 2.1: The purpose of each subfield of the PLCP framing field HT-SIG.

2.4.4 HT short training field

The HT short training field, HT-STF, is used for similar reasons as the L-STF. The
HT-STF is implemented in order to help out when it comes to detection at the
receiver end and the field consists of a repeating pattern (the ten short training
symbols that were described in section 2.4.1) [2]. The HT-STF has a duration of
4 µs [1]. The actual sequence of the HT-STF is described further in the standard,
but it is different depending on whether 20 MHz or 40 MHz bandwidth is used. If
20 MHz bandwidth is used, the sequence used to generate the HT-STF is identical
to the L-STF one. The 40 MHz bandwidth case is similar to the 20 MHz one. It
origins from the 20 MHz version, but it is modulated in several ways [1]. Since
the HT-STF is half as long as the L-STF, only five (instead of ten) training symbols
14 2 Theory

fit into this field.

2.4.5 HT long training field

HT-LTF is the high throughput long training field. It has two parts. The first part,
“HT-DLTF”, is used when retrieving the data from the data field when mixed
mode or greenfield mode is used in the PLCP framing [1]. There are either one,
two or four HT-DLTFs. This depends on the number of space-time streams that
are used [1]. The number of space-time streams that are used can be decoded
from the HT-SIG field, which was described in section 2.4.3. The sum of the num-
ber of spatial streams and the number from the STBC subfield tells the number
of space-time streams [1]. The number of spatial streams used can be found from
the MCS part of the HT-SIG field [1]. In table 2.2 there is information about the
number of HT-DLTFs depending on the number of space-time streams in a trans-
mitted signal.
.

Number of space-time streams Number of HT-DLTFs

1 1
2 2
3 4
4 4
Table 2.2: The number of high troughput data long training fields, HT-
DLTFs, depending on how many space-time streams that are used. The num-
ber of HT-DLTFs is the same as the number of space-time streams, except for
when three space-time streams are used. Then four HT-DLTFs are needed
[2].

The second part of the HT-LTF is optional, it is called “HT-ELTF”. The HT-ELTF
part is not used to synchronize the data field, but to sound the beamforming
functionality [1]. Beamforming is a transmission technique which consists in
shaping a signal with specific amplitude and phase to direct it towards the in-
tended receiver [15]. The HT-ELTF is an optional part of the standard [1]. It is
not commonly implemented [2].

2.4.6 Data field

The last field of the PLCP framing is the data field. The data field contains the
PSDU, “PHY service data unit”, and this is where the actual data can be found [1].
In order to create the PSDU, the physical layer first needs to retrieve the MPDU,
“MAC protocol data unit”, from the MAC layer (the different layers of the 802.11
protocol were described briefly in section 2.3). The transmitter maps the MPDU
into a PSDU by doing modulations to it so that it is suitable for transmission [10].
The PSDU is appended to the other fields of the PLCP framing (such as the pre-
viously described L-STF and L-LTF, see figure 2.8) and together they make the
2.4 The 802.11n PHY layer 15

whole packet to be transmitted [10].

The different modulations done before a signal is transmitted are described in the
following paragraphs. The PSDU is not always modulated the same way, there
are plenty of alternatives when mixed mode or greenfiled mode is used. The
modulations depend on different factors, such as what type of FEC encoder has
been chosen or how many space-time streams the transmitter will create [1]. A
receiver can find information about how a signal was modulated by decoding the
HT signal field, as described in section 2.4.3.

Scrambling

To avoid long sequences of ones or zeros, the data is scrambled [2]. The scram-
bling is helpful for timing recovery at the receiver side [9].

Forward error correction encoding

The forward error correction encoding, or “FEC encoding”, is a way to compen-

sate for the fact that the channel adds noise to the transmission [16]. The theo-
retical capacity, C, of an AWGN channel is defined in Shannon’s limit [9]. The
definition of it can be seen in equation 2.1. The capacity of a channel is defined
as the amount of information that can be sent, per second, without errors occur-
ring [17]. The capacity depends on the signal-to-noise ratio, SNR. It also depends
on the available channel bandwidth W. Shannon’s limit defines how high the ca-
pacity of a channel can be, but actually reaching that capacity is not an easy task
[9].

C = W · log2 (1 + SNR)..[bits/s] (2.1)

.
By using FEC encoding, communication closer to the Shannon limit can be reached.
The 802.11n standard supports two different types of FEC encoding, these two
methods are called “BCC encoding” and “LDPC encoding” [1].

BCC, binary convolutional codes, encoding is a method where the input data and
delayed versions of it are combined. Parity-check bits are created which leads
to the possibility of correcting single bit errors if neighbouring bits are correct
[2]. The structure of a convolutional encoder is described in detail in the 802.11
protocol and an example of how a convolutional encoder can be structured is
shown in figure 2.12. At the receiver end it is recommended to use BCC decod-
ing based on the Viterbi algorithm [12]. The Viterbi algorithm is an algorithm
that implements a maximum likelihood decoding [9].
.
LDPC, low-density parity-check, codes are an alternative to the BCC encoding.
They work in a similar manner as the BCC encoding [2]. LDPC encoding is an
optional feature of the standard, but it generally works better than BCC since it
has a coding gain of 1.5 to 3 dB [13].
16 2 Theory

+ Output A

Input data Delay Delay Delay Delay Delay Delay

+ Output B

Figure 2.12: Example on how to, on binary level, structure a convolutional

encoder.

Stream parsing
When the data has been FEC encoded, by either using the BCC or the LDPC
method, it is divided and put into spatial streams. In other words, the data to
be transmitted is split up in order to transmit it on different antennas. The num-
ber of spatial streams varies depending on the setting of the transmitter, so the
stream parsing function needs to be adapted to this [2].

Interleaving and mapping

Interleaving is done to change the order of the bits to be transmitted. This is per-
formed to spread out the bit errors caused by a deep fading of the received signal.
This makes it easier for the system to correct the errors. Adjacent bits are split
up in different OFDM subcarriers [2].

After the interleaving has been done the bits are mapped into selected constel-
lation mapping. There are plenty of alternatives for how to map the subcarriers.
The selected constellation mapping can be found in the MCS table. The modula-
tion and coding scheme used by the transmitter is reported in the first subfield of
the HT-SIG field, as described in table 2.1. The different constellations supported
by IEEE 802.11n are BPSK, QPSK, 16-QAM, and 64-QAM [2].

Space-time block coding

Space-time block coding, “STBC”, is a transmission technique which improves
the robustness of the communication [13]. This is done by putting multiple
copies of a data sequence across multiple antennas according to a specific pattern,
determined by the so-called coding matrix. This makes it possible for a receiver
that misses out on information from one space-time stream (one transmission
path) to retrieve it from another one [2]. If the STBC functionality is deactivated,
each spatial stream will be mapped into a space-time stream. The number of
2.4 The 802.11n PHY layer 17

space-time streams will be equal to the number of spatial streams. When STBC
is activated, the number of space-time streams is larger than the number of spa-
tial streams [1]. More space-time streams than spatial streams means there are
multiples of the same spatial stream in the space-time streams.

Transmitter Receiver

Figure 2.13: MIMO system, with four data streams going out of the four
transmitter antennas. If the optional STBC is used two space-time streams
can contain the same data.

Spatial mapping
The spatial mapping is the process of mapping the data into transmit chains.
This can be done in different ways. If STBC is not in use, direct mapping is the
most common way of doing spatial mapping. Direct mapping means each spatial
stream is mapped into a space-time stream and then put into the transmit chain
[2].

Another way of doing spatial mapping is spatial expansion. This means that
space-time streams are retrieved from the STBC process and then spread across
all the transmit chains [2].

Inverse discrete Fourier transform and cyclic shift

To go from frequency domain to time domain the inverse discrete Fourier trans-
form is used and a cyclic shift is also added [1]. The IDFT can be found in equa-
tion 2.3. To go back to the frequency domain when the signal has been received,
the DFT can be found in equation 2.2. N is defined as the number of samples and
x is the signal [18]. The equations are defined as follows:
N
X −1
X(n) = x(k)e−j2πkn/N , (2.2)
k=0

N −1
1 X
x(k) = X(n)e j2πkn/N . (2.3)
N
n=0
.
The cyclic shift is included as a prevention of the multi-path fading. The cyclic
shift can be inserted either before (prefix) or after (suffix) the IDFT and there
18 2 Theory

are three different types to choose from [1]. They are described further in the
protocol for 802.11n.

Guard insertion and windowing

Guard interval and windowing are two ways of improving signal quality [2]. The
guard interval is added to the beginning of the data field and consists of a repe-
tition of the end of it. The windowing is an optional part of the standard and it
is performed on the beginning of the data field. When appending different fields
of a frame to be transmitted, time-domain discontinuities will occur at the edges
of fields. This causes problems when the Fourier transform is done. Window-
ing is performed to make the transition from one symbol to another smooth, and
thereby avoid this problem [1, 12].

2.5 USRP
The software-defined radio hardware called universal software radio peripheral,
USRP, is developed by Ettus Research. It is commonly used by research labs and
universities for tests related to wireless communications [19].

The USRP can be used for experimentation with signals such as FM broadcast,
TV broadcast, WLAN and more. It can cover frequencies from 70 MHz to 6 GHz
and bandwidths up to 56 MHz [5, 6].
 3
Method

This chapter describes how the project was carried out. The relationship between
the different parts of the system is explained. The implementation of each part
of the system is also described in detail.

3.1 Overview of the workflow of the receiver

The main approach when implementing the system was to work on decoding
each part of the preamble of an incoming packet one by one, until being able to
decode the data field. As mentioned in chapter 2, there are three different types of
physical layer framing supported in the standard. Since one of them, greenfield
mode, is optional and not commonly implemented, it has not been considered in
this project. The project mainly focuses on non-HT and mixed mode. The mixed
mode frames were the most important ones to be able to decode. The reason for
that was the fact that the mixed mode frames are the ones that define the func-
tionalities exclusive to the standard, whilst the non-HT ones are only used for
legacy purposes.

In figure 3.1 a flowchart that describes the system work flow of the final system
can be seen. Decoding of non-HT mode frames was tested during implementa-
tion but not integrated into the final system.

19
20 3 Method

Detection of
incoming packet

No packet Packet
detected detected

Termination of Synchronization of
process detected packet

Channel estimation

Decoding of
HT-SIG

Decoding of HT-SIG Decoding of HT-SIG

not successful successful

Termination of
Channel estimation
process

Decoding of mixed
mode data field

Information embedded in
HT-SIG used in this
process

Figure 3.1: Flowchart providing an overview of the system work flow. In

section 3.2.10 a flowchart describing the last step (“decoding of mixed
mode data field”) can be seen.

3.2 System model in detail

Initially a complete 802.11n communication chain was designed using the MAT-
LAB WLAN toolbox. This was done by following instructions from the WLAN
toolbox getting started guide and relying on an example provided therein. The
communication chain worked without errors, but could not be used as a complete
receiver. Important features, such as detection of an incoming signal and using
the information from HT-SIG, were not implemented. WLAN toolbox functions
3.2 System model in detail 21

were not to be used in the final implementation.

The two main parts in developing the final system were therefore to add the fea-
tures that were not implemented and to rewrite already implemented functions
to make them independent on WLAN toolbox. In the following subsections the
subsystems are described.

3.2.1 Detection
The double-sliding window method, described in section 2.4.1, was used as detec-
tion algorithm. The short training symbols forming the L-STF are being looked
for. Since the number of samples in each short training symbol depends on
whether 20 MHz or 40 MHz bandwidth has been used, the subsystem loops twice.

Initially, the detection algorithm looks for a pattern which repeats every 16th
sample. If such a pattern has been found, the short training symbols of a sig-
nal with 20 MHz bandwidth is considered detected. If no such pattern is found,
the subsystem goes on by looking for a pattern which repeats every 32nd sam-
ple. If such pattern is found, the short training symbols of a signal with 40 MHz
bandwidth is considered detected. Provided that the incoming signal has been
sampled correctly.

The subsystem provides a structure array containing the last index of all sub-
fields except for the HT-LTF and the data field. However, these indices are just
estimates. The detected start of an incoming packet is an estimate and the result
can therefore be a few samples away from the actual start.

3.2.2 Symbol timing

To get a more exact estimate of the start of an incoming packet, symbol timing
is done after the detection. The symbol timing uses the L-LTF, and therefore re-
quires that the correct sequence is known. The correct L-LTF sequence is used for
reference when performing symbol timing.

The L-LTF sequence is provided with the system in a MAT file. The file contains
two vectors. The vectors contain the correct L-LTF sequences for the 20 MHz and
40 MHz bandwidth case, respectively. Knowledge about whether 20 MHz or 40
MHz bandwidth has been used is provided to the symbol timing subsystem from
the detection algorithm described earlier.

3.2.3 Carrier frequency offset correction

To compensate for the induced frequency shift in the received signal, carrier fre-
quency offset estimation and correction was integrated into the system.

A coarse frequency offset estimation is done by looking at the average frequency

22 3 Method

offset of the subcarriers in the L-STF sequence. A fine offset estimation is done
by doing the same with the L-LTF sequence. Since one symbol in the L-LTF se-
quence contains more samples than a L-STF symbol, there is more information
to base the estimation of the offset on. It is therefore used for fine tuning, how-
ever the length of the symbols restrains the range of the estimation. If the carrier
frequency offset is too large, the fine estimation can not be used. The L-STF is
therefore used beforehand to do a coarse estimation and compensation, therafter
the carrier frequency offset is within range for the fine estimation to be used.

3.2.4 Channel estimation using L-LTF

In the later stages of the system work flow, an estimation of the channel is needed
to recover the information embedded in the L-SIG and HT-SIG fields. The chan-
nel estimation is performed using the L-LTF sequence.

Before the actual channel estimation is done the received L-LTF is demodulated.
OFDM demodulation is done to the sequence to recover the original state of it.

The demodulated L-LTF is compared to the actual L-LTF, defined in the IEEE
802.11n protocol, and a channel estimate is obtained by using the method of
least squares [20]. The equation solved by the subsystem is shown in 3.1. “Re-
cLLTF” is the received and demodulated L-LTF sequence whilst “LLTF” is the
correct one. “ChanEst” is the channel estimate, which is the unknown sequence
that the subsystem estimates. Equation 3.2 shows how the estimation is done.
“./” is the MATLAB command for right array division. “mean” stands for mean
value. The mean value is calculated along the second dimension, resulting in
a column vector corresponding to the channel estimate. The matrix containing
L-LTF sequences is a square matrix.

[ LLTF LLTF ... LLTF ] · ChanEst = RecLLTF (3.1)

mean(RecLLTF ./ [ LLTF LLTF ... LLTF ]) = ChanEst (3.2)

3.2.5 Noise variance estimation

The implemented square root of the noise variance was estimated as in equation
3.3. Std stands for standard deviation. “RecLLTF” is the received and demodu-
lated L-LTF sequence whilst “LLTF” is the correct one. “ChanEst” is the channel
estimation done by using the L-LTF.
√
NoiseVarEst = std(LLTF · ChanEst − RecLLTF) (3.3)

.
The noise variance was estimated to be used in the recovery of L-SIG, HT-SIG and
the transmitted data sequence.
3.2 System model in detail 23

3.2.6 Recovery of L-SIG

The recovery of the L-SIG field is crucial for receivers following prior standards.
As described in section 2.4.2, it is a “dummy” field used by prior standards to
calculate the length of a transmission.

L-SIG recovery functionality was however implemented. The implemented sys-

tem uses the channel estimation and noise variance estimation to recover the
L-SIG field. By recovering the L-SIG field one can make sure that the rate is set to
6 Mbps as specified in the standard.

3.2.7 Recovery of HT-SIG

By using the channel estimation and the noise variance estimation the bit se-
quence which makes up the HT-SIG field is recovered. BPSK demapping along
with BCC decoding is performed.

The information embedded in the obtained bit sequence is extracted with a func-
tion which uses the information described in table 2.1. A cyclic redundancy check
is done to make sure the information has been extracted correctly.

The number of space-time streams is needed by subsystems used later in the

receiver. The number of space-time streams could not be decoded straight away
from the recovered HT-SIG bit sequence. However it could be calculated by look-
ing at the information about STBC and MCS.

3.2.8 Deciding the length of HT-LTF

As mentioned in section 2.4.5, the length of HT-LTF in a received packet is differ-
ent depending on the number of space-time streams. The standard supports 1, 2,
3 or 4 space-time streams.

The number of space-time streams was decided when extracting the information
embedded in the HT-SIG field, which was described in section 3.2.7. The band-
width also had to be taken into account when deciding the length of HT-LTF.
This is due to the fact that the number of samples is twice as much when 40 MHz
bandwidth is used compared to when 20 MHz bandwidth is used.

3.2.9 Channel estimation using HT-LTF

A second channel estimation was done at this point in the receiving process.
Channel estimation by using the HT-LTF was done to recover the transmitted
data packet.

The channel estimation worked in similar manner as the one described in section
3.2.4. The number of space-time streams was taken into account when doing the
24 3 Method

estimation. If the transmitter transmitted only one space-time stream, the estima-
tion can be done straight away by using the method of least squares estimation. If
there were more than one space-time stream transmitted the number of training
symbols is increased.

3.2.10 Recovery of the transmitted data

The last process in the receiving chain is to decode the transmitted data sequence.
If the MAC layer would have been implemented, the MPDU would be extracted
at this stage. Since the MAC layer is not implemented, the receiver is extracting
a randomly generated bit sequence that has been transmitted for testing.

The input parameters to the subsystem are the remaining samples of the received
signal, the channel estimation done by using HT-LTF, the noise variance estimate
and the information from HT-SIG about how the data has been decoded.

The subsystem does OFDM demodulation to retrieve the original state of the
sequence, before it was put into different subcarriers and inverse Fourier trans-
formed into time domain by the transmitter. It equalizes the data sequence by us-
ing the channel estimation. Thereafter the subsystem demaps the data symbols
to the state of them before they were put in constellation patterns at the trans-
mitter side. Every step the standard uses to encode the data is done in reverse in
this subsystem, to finally retrieve it the transmitted bit sequence, in figure 3.2 a
flowchart providing the subsystem work flow is given. When the subsystem has
worked its way, the data has finally been recovered.

Equalization using channel

OFDM demodulation Constellation demapping
estimate

BCC or LDPC encoding

BCC LDPC
BCC or LDPC channel
Deinterleaving Stream deparsing
decoding

Descrambling Data sequence retrieved

Figure 3.2: Data recovery chain, done by the subsystem being responsible
for the data field.

3.3 Performed tests and simulations

The system was tested by transmission of packets generated in MATLAB from one
USRP acting as transmitter to another USRP acting as receiver. The USRP receiver
3.3 Performed tests and simulations 25

sent the packets to a computer running MATLAB to perform data decoding. After
decoding, the received bit sequence was compared to the transmitted one. The
arrangement can be seen below, in figure 3.3.

Computer

SDR transmitting SDR receiving

802.11n packets 802.11n packets

Figure 3.3: A SDR (USRP) transmitting 802.11n signals generated in

MATLAB. The signals are captured by a SDR and then sent back to the
computer for decoding by the implemented system.

.
The experimental tests were done using 20 MHz bandwidth, BCC encoding and
single input single output (one antenna on both transmitter and receiver). 100
packets were transmitted, received and decoded. The magnitude of the trans-
mitted packets was adjusted during the tests to obtain different SNR. This was
repeated for signals with all supported constellation patterns (BPSK, QPSK, 16-
QAM and 64-QAM). The MCS index used to obtain BPSK was 0, the index to
obtain QPSK was 1, the index to obtain 16-QAM was 3 and the index to obtain
64-QAM was 5.

Simulations were also done to evaluate the system. White gaussian noise was
added to the signal during the simulation tests to mimic a channel. The noise was
increased to decrease SNR, whilst the magnitude of the actual signal remained
constant.

In the simulations, the lowest and highest SNR had a noise variance of 0.6360
and 0.0064, respectively. A decreased noise variance leads to an increased SNR,
signal power being constant. The noise varied significantly in the USRP tests,
since nearby devices using the same frequencies distorted the tests. However, the
successful tests (where no distortions from nearby devices were detected) were
consistent in terms of noise floor and noise variance.
 4
Results

The results of the performed tests are presented in this chapter. These results
include both experimental tests performed by using a pair of USRPs, and tests
performed solely in MATLAB with a simulated channel.

4.1 Test set-up

As previously mentioned, all tests (including both USRP tests and tests done in
MATLAB using a simulated channel) were done with BCC encoded packets and
a 20 MHz bandwidth. The sample rate used for the experimental tests was 40
MHz, transmission in the 2.4 GHz frequency band. In the tests over computer-
simulated channels solely white gaussian noise was added to the signal to simu-
late a channel. All of the four supported constellations (BPSK, QPSK, 16-QAM
and 64-QAM) were tested and for each constellation 100 packets, including 8192
encoded bits each, were transmitted and received.

The transmitted bit sequences were semi-randomly generated from a seed. The
exact same sequences were used in the MATLAB tests as in the USRP tests.

4.2 Packets received on USRP

Due to the distortions in the air not being constant, the quality of the packets that
had been transmitted and received using the USRPs would vary a lot. Tests per-
formed during late office hours, when the office was less crowded, would yield
in less distorted packets. In the following two plots the same sequence of pack-
ets has been received at two different occasions. Figure 4.1 shows a received
sequence distorted due to interference caused by an unidentified device nearby.

27
28 4 Results

Whilst figure 4.2 shows the same sequence free of any interference. When per-
forming the tests, the received signals that had an obvious distortion added to
them were removed. However, is was complicated to sift out less obvious distor-
tions from nearby devices since they would not affect the magnitude that much.

Received packets, distorted

Magnitude

Time

Figure 4.1: Sequence of received packets, clearly subject to interference

caused by an unknown device using the same frequency band.

Received packets, not distorted

Magnitude

Time

Figure 4.2: Sequence of received packets, free of any interference.

4.3 USRP tests 29

4.3 USRP tests

Packet error rate (PER) and bit error rate (BER) versus SNR from the USRP tests
are presented in this section. Since only 100 packets were received, a PER equal
to 10−2 means an error-free packet delivery. Figure 4.3 shows the PER versus the
SNR. It can be observed that 64-QAM does not reach a SNR level that yields in a
PER equal to 10−2 . Increasing the SNR further would make the received signal
overdriven, causing a clip off at the peaks.

BPSK and QPSK requires the same signal power to work successfully. Apart
from this exception, advanced modulations require higher SNR level to achieve
the same PER. Advanced modulations requiring higher SNR is in line with the
theory.

In figure 4.4 the BER versus SNR can be seen. The same data was used in the
BER plot as in the PER plot. However, one received packet would yield in a total
of 8192 received bits. Thereby there were more bits than packets available. In
the BER plot, BPSK and QPSK still require the same SNR to work successfully.

PER vs SNR, USRP

10 0
64-QAM
16-QAM
QPSK
BPSK
PER

-1
10

-2
10
0 5 10 15 20 25 30 35 40
SNR

Figure 4.3: Packet error rate versus signal-to-noise ratio, tests performed
with USRPs.
30 4 Results

BER vs SNR, USRP

64-QAM
16-QAM
10 -1 QPSK
BPSK

10 -2
BER

10 -3

10 -4
0 5 10 15 20 25 30
SNR

Figure 4.4: Bit error rate versus signal-to-noise ratio, tests performed with
USRPs.

4.4 Simulations
For validation and comparison, the system was also tested in simulations. As
previously mentioned, the filter simulating a channel consisted of white gaussian
noise. The lowest and highest SNR had a noise variance of 0.6360 and 0.0064,
respectively. The higher the SNR, the lower the noise variance. In the simulations
one can clearly see that QPSK requires a higher SNR than BPSK. PER versus SNR
from the simulations can be seen in figure 4.5.

PER vs SNR, simulations

10 0
64-QAM
16-QAM
QPSK
BPSK
PER

-1
10

10 -2
4 6 8 10 12 14 16 18 20 22
SNR

Figure 4.5: Packet error rate versus signal-to-noise ratio, simulated tests. In
contrast to the USRP tests, 64-QAM achieved error-free communication in
this case. The fact that only white gaussian noise, and no other distortions,
was used to simulate the channel is probably one reason for this.
4.5 Comparison of USRP tests and simulations 31

4.5 Comparison of USRP tests and simulations

In this section, a comparison between the results of the USRP tests and simula-
tions are presented. In figure 4.6 the PER of both USRP tests and simulations are
plotted. One can see that the tests follow the same pattern in terms of needed
SNR, although the plots from the simulations are more reasonable. The expected
result was that a more advanced constellation pattern requires a higher SNR. This
is true for the simulations. However, BPSK requires as high SNR as QPSK in the
USRP tests.

PER vs SNR, simulations and USRPs

10 0
64-QAM USRPs
16-QAM USRPs
QPSK USRPs
BPSK USRPs
64-QAM simulations
16-QAM simulations
QPSK simulations
BPSK simulations
PER

10 -1

10 -2
0 5 10 15 20 25 30 35 40
SNR

Figure 4.6: Packet error rate versus signal-to-noise ratio, simulated tests
and USRP tests.

4.6 Reasons for unsuccessful packet decoding

When decoding signals, the system might fail the decoding for different reasons.
At low SNR the system would not only have a hard time decoding the data field.
There would also be a cyclic redundancy check failure occurring when decoding
the HT signal field. Problems detecting the signal at low SNR also occurred. A
bar diagram showing the rate of different reasons for system failure can be seen
in figure 4.7.
32 4 Results

Reason for failure when decoding signals with SNR 3.5

50
Error when decoding data field
45 Error when detecting signal
Error when decoding HT-SIG field
40

35

30
%

25

20

15

10

Figure 4.7: Different reasons for system failure at low SNR.

 Discussion
5
In this chapter the results that were presented in the previous chapter are dis-
cussed. This is done along with comments on the method used for the project,
which was described in chapter three. Ethical and society related aspects are also
taken under consideration, in the section about further context.

5.1 Result
Tests done with a simulated channel were successful. As described in the previ-
ous chapter, the signals received on the USRPs were often very distorted though.
This aspect probably had a lot of impact on the USRP tests and is discussed fur-
ther in subsection 5.1.2.

5.1.1 Tests done with simulated channel

In the tests done with a simulated channel, the resulting PER plot looked as ex-
pected. Depending on the complexity of the constellation pattern, a higher SNR
was needed to decode the packets correctly. Even though only 100 packets were
used to decide packet error ratio, the tests supported the theory stating that con-
stellation with fewer points can tolerate more distortion.

5.1.2 Tests done with USRPs

The results from the tests done with the USRPs did not come out as expected. It
is not likely that QPSK is as tolerant to errors as BPSK, since that tells against
the theory part about constellation diagrams. The lines of the plots are also very
uneven, compared to the plots of the simulation tests. A possible reason for this
result is the fact that the tests probably had quite a large margin of error.

33
34 5 Discussion

As mentioned in the theory chapter, the MAC layer is in charge of making it

possible for a group of wireless systems to share the same space and frequencies.
Since no MAC layer is implemented in the system, the lack of it is likely to cause
problems. The tests were preformed at the Swedish Defense Research Agency
and WLAN connection is not allowed there. However, the received signals were
clearly distorted by other devices operating on the same frequencies. These dis-
tortions could, for instance, origin from the wireless computer mice used at the
office or other devices nearby.

5.2 Method
The testing part of the project could have improved a lot. In general, the method
of developing the system design worked well though.

In terms of USRP testing, the main issue was probably the fact that only 100
packets were received for each PER calculation. Since the environment was very
unreliable in terms of distortions, tests including more packets would probably
have resulted in better plots.

If more time would have been assigned to the project, more transmit packets
could have been captured during the test phase. The USRP tests were automa-
tised in some ways, but could have been even more automatised. This would
have made the USRP tests more time effective.

Changing environment could have been another solution to avoid distortions and
thereby achieve better results. However, it is very hard to find an environment
free from signals in the 2.4 GHz frequency band since it is widely used by techni-
cal devices.

5.3 The project in further context

WLAN systems themselves are probably not an ethical dilemma. On the other
hand, the way a WLAN system is used could of course lead to ethical dilemmas.
Sensitive information could, for instance, get widely spread using a WLAN sys-
tem.

For whom different frequency bands should be available is also a society linked
issue related to WLAN systems. As mentioned in this thesis, IEEE 802.11n sup-
ports the 2.4 GHz and the 5 GHz frequency bands. The more technology develops,
the more pressure will be put on available channels.
 Conclusion
6
In this chapter the purpose of the project, together with the problem statements
are discussed. A section about future work is also included, which describes
further developments that can be done.

6.1 Purpose
The purpose of the project was to implement a system which decodes IEEE 802.11n
signals. A MATLAB design has been proposed. This MATLAB design can be com-
piled into C code using MATLAB Coder. For the implemented system, C code
is preferred by the Swedish Defense Research Agency and the possibility to use
MATLAB Coder was thereby important.

The tests performed using the USRPs were not completely successful. However,
the tests worked to some extent. Even though the resulting plots did not look
as expected, packets transmitted through the air were possible to decode. This
includes all of the four supported constellation patterns.

6.2 Problem statements

The defined problem statements were the following:
• What are the main characteristics of IEEE 802.11n?
• Can a USRP together with MATLAB be used to effectively implement the
physical layer of an IEEE 802.11n receiver?
To summarize, the main characteristics of IEEE 802.11n are the possibility of
using either 2.4 GHz or 5 GHz frequency bands, legacy compatibility and also

35
36 6 Conclusion

modern features that are not compatible with prior versions of the standard. This
includes QAM constellation patterns, support for both 20 MHz and 40 MHz band-
width and the possibility of using multiple input multiple output.

A USRP can be used to effectively test the implemented system. The proposed de-
sign was tested using two USRPs and decoding of IEEE 802.11n packets worked.
Although, errors occured regularly as discussed in the previous chapter.

6.3 Future work

This project itself could be worked on further, by performing more tests and re-
ceiving signals with multiple antennas (multiple output) since that is one of the
features supported by the standard. Other features suitable for further tests are
LDPC encoding, extension spatial streams and utilizing the 5 GHz frequency
band. Another future task is to compile the MATLAB code that the project re-
sulted in into C code, using MATLAB Coder.

Developments that could be done to the proposed design is to advance the system
by adding more layers of the OSI model. A MAC layer would be a useful devel-
opment. More features could also be added to the implemented PHY layer. For
instance, the possibility of sounding the beamforming functionality supported
by IEEE 802.11n.

A further development could also be to add features related to IEEE 802.11ac,

that are not included in IEEE 802.11n. Since IEEE 802.11ac can be considered a
development of the 802.11n protocol, it is a possible way to evolve the proposed
design.
 Bibliography

[1] I. C. Society, “802.11n-2009 - IEEE standard for information technology–

local and metropolitan area networks– specific requirements– part 11: Wire-
less LAN medium access control (MAC)and physical layer (PHY) specifi-
cations amendment 5: Enhancements for higher throughput,” IEEE Std
802.11-2009, Oct 2009.

[2] M. S. Gast., 802.11n: A Survival Guide. O’Rielly Media, 2012.

[3] M. S. Gast, 802.11ac: A Survival Guide. O’Rielly Media, 2013.

[4] I. C. Society, “802.11ac-2013 - IEEE standard for information technology–

telecommunications and information exchange between systems—local and
metropolitan area networks–specific requirements–part 11: Wireless LAN
medium access control (MAC) and physical layer (PHY) specifications–
amendment 4: Enhancements for very high throughput for operation in
bands below 6 GHz,” IEEE Std 802.11-2013, Dec 2013.

[5] Ettus Research, USRP B200/B210 Bus Series, 2019.

[6] Ettus Research, USRP B200mini Series, 2019.

[7] L. A. J. Zander and B. Slimane, Principles of Wireless Communications. Stu-

dentlitteratur, 2018.

[8] M. Olofsson and E. Björnsson, Introduction to Digital Communication.

Linköpings universitet, 2018.

[9] J. Heiskala and J. Terry, OFDM Wireless LANs: A Theoretical and Practical
Guide. Sams, 2002.

[10] B. W. S. Mangold and L. Berlemann, IEEE 802 Wireless Systems: Protocols,

Multi-hop Mesh/Relaying, Performance and Spectrum Coexistence. John
Wiley & Sons, 2006.

[11] J. Geier, Wireless LANs: Implementing high performance IEEE 802.11 net-
works. Sams, 2002.

37
38 Bibliography

[12] I. C. Society, “IEEE standard for information technology–

telecommunications and information exchange between systems-local
and metropolitan area networks—-specific requirements–part 11: Wireless
LAN medium access control (MAC) and physical layer (PHY) specifications,”
IEEE Std 802.11™-2016, Dec 2016.
[13] E. Perahia and R. Stacey, Next generation wireless LANs. Cambridge Univer-
sity Press, 2008.

[14] S. Kay, Fundamentals of Statistical Signal Processing, Volume II: Detection

Theory. Prentice-Hall PTR, 1998.
[15] D. Tse, Fundamentals of Wireless Communication. Cambridge University
Press, 2005.

[16] D. W. Bliss, Adaptive Wireless Communications: MIMO Channels and Net-

works. Cambridge University Press, 2013.
[17] E. G. Larsson, Signals, Information and Communications. LiU-Press, 2017.
[18] F. G. L. Ljung and M. Millnert, Signal Processing. Studentlitteratur, 2010.

[19] M. Yildirim, “OFDM based communication system using USRP,” Twelve

International Conference on Electronics Computer and Computation
(ICECCO), 2015.
[20] S. Kay, Fundamentals of Statistical Signal Processing, Volume I: Estimation
Theory. Prentice-Hall PTR, 1993.