CDMA discussed: CDMA and the Telecommunications Industry, How CDMA Signalling works, CDMA and diversity, CDMA compared to Analog FM, CDMA Variable Rate Speech Encoder, Ten mins in the life of a CDMA Mobile Station, CDMA Power Control, and more..
df3aecfa6330b4bc78280f00c0366f0a9d63bcb4f31b67203e496400ea9d3e7e½½½½½½½½½½½½½½½½½½½½½½½½½½½½½½
____ ____ _ _ ____
| o | |_ _| | \__/ | | o | PROBE INDUSTRIES MAGAZINE PHILES
| _| _||_ | | | _| ISSUE NUMBA 11
|__| |____| |_|\/|_| |__| RELEASED: 9/96
½½½½½½½½½½½½½½½½½½½½½½½½½½½½½½
øøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøø
ø ø
ø P.I.M.P. Members: ø
ø ------------------- ø
ø ø
ø fringe -chicago PIMP stickman -chicago PIMP ø
ø ø
ø subhuman -chicago PIMP qball -chicago PIMP ø
ø ø
ø jello biafra -chicago PIMP taz -chicago PIMP ø
ø ø
ø mastermind -microcosm PIMP luthor -strange days PIMP ø
ø ø
ø if yer one of the pimps, and i fergot to mention ya, lemme know ø
ø on one of the boards listed below.. ø
ø ø
øøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøøø
_ _ _______ _____ ___ ___ ____ _
/___/ /___/ / / /__) /_
_ __/ _/ \ _/__/ _/__) _/____ _ _ _ _ _ _ _
/ I N D U S T R I E S
/
(Written 9/9/96 - 9/22/96)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤ ¤¤
¤¤ Understanding Code Division Multiple Access Technology (CDMA) ¤¤
¤¤ ¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
This article does not tell you how to clone cdma fones, how to haxxor
into cdma cellsites,.. nothing in this tech manual should be thought
of as proprietary information, but moreso as information that is next
to impossible to find.. these are the basix on how cdma technology is
used. the information that people want for understanding, not just so
you can make 'leet calls. Most people will throw this aside and say
what the fuck is all that garbage.. but many people have told me
constantly that i should release some inpho, so here it is.. the only
info i could find that isn't considered proprietary.. and it's the
best overall view on CDMA technology.
Any and all other questions we might be able to answer
CDMA related should be directed to fringe @ any of the bbses listed
below.
A small glossary was added to the bottom on this phile to help those
trying to understand that aren't all familiar with the terms used.
«««««««««««««««««««««««««««««««««««««««««««««««««««««««««««
«« »»
«« This is divided into the following Chapters: »»
«« »»
«« 1. CDMA and the Telecommunications Industry. »»
«« 2. How CDMA Signalling works. »»
«« 3. CDMA and diversity. »»
«« 4. CDMA compared to Analog FM. »»
«« 5. CDMA Variable Rate Speech Encoder. »»
«« 6. Ten mins in the life of a CDMA Mobile Station. »»
«« 7. CDMA Power Control. »»
«« 8. Glossary of terms used. »»
«« »»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
+++++
+ +
+ 1 + CDMA and the Telecommunications Industry.
+ +
+++++
Presently, the tcom industry is facing problems.. they have an
ever increasing number of users sharing the same limited freq bands.
To expand the user base, the industry must find methods to increase
capacity without degrading the quality of service.
The current analog cellular system uses a complex system of
channelization with 30 kHz channels, commonly called FDMA (Frequency
Division Multiple Access). To maximize capactiy, FDMA cellular uses
directive antennas (cell sectoring in the hexagonal shape) and complex
frequency reuse planning.
To further increase system capacity, a digital access method is
being implemented called TDMA (Time Division Multiple Access). This
system uses the same frequency channelization and reuse as FDMA analog
and adds a time sharing element. Each channel is shared in time by
three users to effectively triple system capacity.
CDMA stands for Code Division Multiple Access and uses correlative
codes to distinguish one user from another. Frequency divisions are
still used, but in a much larger bandwidth (1.25 MHz). In CDMA, a
single user's channel consists of a specific frequency combined with a
unique code. CDMA also uses sectored cells to increase capacity. One
of the major difs in access is that any CDMA freq can be used in all
sectors of all cells.
The correlative codes allow each user to operate in the presence
of substantial interference. This can be compared to a large bunch of
people talkin.. differences between voices and the like can be sorted
by your brain, but eventually they all become less distinctive as more
voices are added.. the talk zone is growing smaller. CDMA is
similiar, but the recognition is based on the kode. The interference
is the sum of all other users on the same CDMA freq, both from within
and without the home cell and from delayed versions of these signals.
It also includes thermal noise and atmospheric disturbances. Delayed
signals caused by multipath are separately received and combined in
CDMA. This will be discussed moreso later on.
One of the major capacity gains with CDMA is due to it's freq
reuse patterns. The normal reuse pattern for analog and TDMA systems
employs only 1/7 of the available freqs in any given cell and it
essentially can be called frequency non-reuse.. but with CDMA, the
same freqs are used in all cells. When using sectored cells, the same
freqs can be used in all sectors of all cells. This is only possible
because CDMA technology is designed to decode the proper signal in the
presence of high interference.
+++++
+ +
+ 2 + How CDMA signalling works.
+ +
+++++
CDMA starts with a narrowband signal with a full data rate of
9600 bps. This is spread with the use of specialized codes to a
bandwidth of 1.23 MHz. When transmitted, a CDMA signal experiences
high levels of interference, dominated by the coded signals of other
CDMA users. This takes two forms, interference from other users in
the same cell and interference from adjacent cells. The total
interference also includes background noise and other spurious
signals. When the signal is received, the correlator recovers the
desired signal and rejects the interference. This is possible because
the interference sources are uncorrelated to the desired signal.
+++++
+ +
+ 3 + CDMA and Diversity.
+ +
+++++
An important aspect of CDMA is diversity. CDMA uses three types
of diversity:
- spartial diversity
- frequency diversity
- time diversity
Spatial Diversity: takes two forms:
- two antennas: the base station uses two receive antennas for
greater immunity to fading. this is a classic version of
spatial diversity.
- multiple base stations simultaneously talk to the mobile during
soft handoff.
During soft handoff, contact is made with two base stations
simultaneously. The signals from the base to mobile are treated as
multipath signals and are coherently combined at the mobile unit. at
the base stations, the signals are transmitted via the network to the
Mobile Telephone Switching Office (MTSO), where a quality decision is
made on a frame-by-frame basis, every 20 ms.
------------------------------------------------------------------
Vocoder / Selector
\\\\\
\[ MTSO ] <-- land link -->
/\ /\
/ \
/ \
/ \
Base Station one Base Station two
\ /
\ /
\ /
\/ \/
[ Subscriber / Mobile Phone user ]
Figure One - Spatial Diversity during soft handoff.
------------------------------------------------------------------
Frequency Diversity:
Frequency diversity is inherent in spread spectrum systems.
A fade of the signal is less likely than with narrow band systems.
Fading is caused by multipath and is a function of the time delays in
the alternate paths. In the freq doman, a fade appears as a notch
filter that moves across a band. As the user moves, the freq of the
notch changes. The width of the notch is on the order of one over the
difference in arrival time of two signals. For a 1 microsecond delay,
the notch will be approximately 1 MHz wide. The TIA CDMA system uses
a 1.25 MHz bandwidth, so only those multipaths of time less than 1
microsecond actually cause the signal to experience a deep fade. In
many environments, the multipath signals will arrive at the receiver
after a much longer delay. This means that only a narrow portion of
the signal is lost. Say there is a fade of 200 to 300 kHz.. this will
result in a power loss with a CDMA signal, but could result in a
complete loss of an analog or TDMA signal.
Time Diversity:
Time diversity is a technique common to most digital transmission
systems. Signals are spread in time by use of interleaving. Forward
error correction is applied, along with maximal likelihood detection.
The particular scheme used for CDMA is convolutional encoding in the
transmitter with Viterbi decoding using soft decision points in the
receiver. rake receiver: CDMA takes advantage of the multipath by
using multiple receivers and assigning them to the strongest signals.
The mobile receiver uses three receiving elements, and the base
station users four. This multiple correlator system is called a rake
receiver. In addition to the separate correlators, searchers are also
used to look for alternate multipaths and for neighboring base station
signals.
+++++
+ +
+ 4 + CDMA compared to analog FM.
+ +
+++++
For most people familiar with FM communications systems, a
paradigm shift is needed to properly discuss CDMA.
Here are some differences between CDMA and analog FM:
- Multiple users are on one frequency simultaneously
- A channel is defined by the correlative code in addition to the freq
- The capacity limit is soft. Capacity can be increased with some
degradation of the error rate or voice quality.
+++++
+ +
+ 5 + CDMA Variable Rate Speech Encoder.
+ +
+++++
CDMA takes advantage of quiet times during speech to raise
capacity. A variable rate vocoder is used; the channel is at 9600 bps
when the user is talking. When the user pauses, or is listening, the
data rate drops to only 1200 bps. 2400 and 4800 bps are also used,
though not as often as the other two. The data rate is based on
speech activity and a decision as to the appropriate rate is made
every 20 ms. Normal telephone speech has approximately a 40% activity
factor.
The mobile station lowers its data rate by turning off its
transmitter when the vocoder is operating at less than 9600 bps. At
1200 bps, the duty cycle is only { {1} \\over {8} } that of the full
data rate. The choice of time for this duty cycling is stochastic, so
the power is lowered at all times when averaged over many users.
Lowering the transmit power at the mobile reduces the level of
interference for all other users.
The base station uses a slightly different scheme. It repeats
the same bit patterns as many times as needed to get back to the full
rate of 9600 bps. The transmit power for that channel is adjusted to
reflect this repetition which allows the interference to be minimized.
Repeating the bits at lower power is more effective on the forward
link than it could be on the reverse link due to use of a coherent
phase reference called the pilot signal. (more on power later)
Walsh codes:
An important feature of the forward link is the use of Walsh
codes. These have the characteristic of being orthogonal to each
other and to the logikal NOT of each other. Two codes are defined to
be orthogonal if they have an exact zero cross product when summed
over the full period of codes. The TIA CDMA system uses a 64 by 64
Walsh matrix (each Walsh code is 64 bits long).
CDMA Forward Link Physical Layer:
Voice data at 9600 bps (full rate) is first passed through a
convolutional encoder, which doubles the data rate. It is then
interleaved, a process that has no effect on the rate, but does
introduce time delays in the final reconstruction of the signal. A
long code is XOR'ed with the data, which is a voice privacy function
and not needed for channelization. CDMA then applies a 64 bit Walsh
code which is uniquely assigned to a base to mobile link to form one
channel. This sets a physical limit of 64 channels on the forward
link. If the coded voice data is a zero, the Walsh sequence is
output; if the data is a one, the logikal not of the Walsh code is
sent. The Walsh coding yields a data rate increase of 64 times. The
data is then split into I and Q channels, and spread with short codes.
The final signals are passed through a low pass filter, and eventually
sent to an I/Q modulator.
Long Code Generation:
The Long Code is generated using a 42-bit linear feedback shift
register. This is the master clock and is synchronized in all CDMA
radios. A specific mask is applied to generate a unique long code.
Forward Link Channel Format:
The Base Station transmitter signal is the composite of many
channels ( with a minimum of four ). These four channels are the
Pilot channel, the Sync channel, the Paging channel, and the Traffic
channel.
- Pilot Channel
The Pilot channel is unmodulated; it consists of only the final
spreading sequence (short sequences). The Pilot Channel is used by
all mobiles linked to a cell as a coherent phase reference. The
other three channels, the Sync channel, the Paging channel, and the
Traffic Channel, use the same data flow, but different data are
sent on these channels.
- Sync Channel
The Sync channel transmits time of day information. This allows
the mobile and the base to align clocks which form the basis of the
codes that are needed by both to make a link.
- Paging Channel
The Paging channel is the digital control channel for the forward
link. Its complement is the access channel which is the reverse
link control channel. One base station can have multiple paging
channels and access channels if needed.
- Traffic Channel
The Traffic channel is equivalent to the analog voice channel.
This is where the actual conversations take place.
CDMA Reverse Link Physical Layer:
The CDMA reverse link uses a different coding scheme to transmit
data. Unlike the forward link, the reverse link cannot support a
pilot channel for synchronous demodulation (since each mobile station
would need its own pilot channel). Due to this limitation, the
reverse link has less capacity than the forward link. To aid reverse
link performance, the 9600 bps voice data uses a one-third rate
convolutional coded for more powerful error correction. Then six data
bits at a time are taken to point at one of the 64 available Walsh
codes. The data, which is at 307.2 kbps, is then XOR'ed with the long
code to reach the full 1.2288 Mbps data rate. This unique long code
is the channelization for the reverse link.
The modulation is Filtered QPSK in the base station, and Filtered
Offset QPSK in the mobile station.
- CDMA Modulation Formats
In normal operation, many channels are summed together and
transmitted on top of each other by the base station. O-QPSK is used
in the mobile stations because it avoids the origin and makes the
design of the output amplifier easier. For the base station, since
many channels are summed together, using O-QPSK would not always avoid
the origin. This is due to random nature of adding many signals
together.
- CDMA Multiplex Sublayer
Signalling is well structured in CDMA. The full data rate of 9600
bps can be shared between data for the user and signaling data. The
channel is effectively a modem that can be used for a variety of
services. Current standards exist for service option 1, the vocoder.
Service options 2 and 3 are under discussion at the standards
committee. These proposed options are for a test mode of data
loopback, and data services.
------------------------------------------------------------------
_____________________ ________________
| Service Options | | Signalling |
|___________________|_____|______________|
| Multiplex Sublayer |
|________________________________________|
| Channel Data - 9600 bps |
|________________________________________|
Figure Two - CDMA Multiplex Sublayer
----------------------------------------------------------------------
+++++
+ +
+ 6 + Ten mins in the life of a CDMA Mobile Station.
+ +
+++++
It all starts with the turn-on of the radio and system access.
It assumes the car is being driven and that the radio performs an idle
state handoff. It covers call initiation, soft handoff and call
termination.
- Turn On
System Access: When the mobile first turns on, it must find the
best base station. This is similiar to analog where the phone scans
all the control channels and selects the best one. In CDMA, the
mobile unit scans for available Pilot Signals, which are all on
different time offsets. This process is made easier because of the
fixed offsets. The timing of any base station is always an exact
multiple of 64 systen clock cycles (called chips) offset from any
other base station. The mobile selects the strongest pilot tone and
establishes a frequency and time reference off the signal. The mobile
then demodulates the sync channel which is always on Walsh 32. This
channel provides master clock information by sending the state of the
42 bit long code shift register 320 milliseconds in the future. The
sync channel also contains many other system parameters. The mobile
then starts listening to the paging channel, and waits for a Page that
is directed to its phone number. The mobile will often register with
the base station so that the base station can do location-based paging
rather than system wide paging.
- CDMA Idle State Handoff
The mobile has searchers scanning for alternative pilot tones at
all times. If a pilot tone is found from another base station that is
strong enough for a link, the mobile will request a soft handoff. In
this case, no call is in process, so it is an idle state handoff.
This is an active process that updates the location of the mobile to
the system.
- CDMA Call Initiation
The user then decides to make a call. The number is keyed in and
the send key is hit. This initiates an Access Probe. The mobile uses
the access channel and attempts to make contact with the serving base
station. As no link is yet established, closed-loop power control is
not active. The mobile uses open-loop control to guess an initial
level. Multiple tries are allowed with random times between the tries
to avoid collisions that can occur on the access channel. After each
attempt the mobile listens to the paging channel for a response from
the base station. The base station responds with an assignment to a
traffic channel. This is a Walsh code for the forward link. The
traffic channel uses different long codes than the paging channel.
The base station initiates the land link, and a conversation can take
place. When a call is initially processed, your ESN / MIN pair is
transferred through the EMX (Electronic Mobile eXchange), thus along
with that transfer, your ani is passed on to whatever line you call;
most cell sites do not support Caller ID though.
- CDMA Soft Handoff
During the call, the mobile finds yet another base station with
good power. The mobile makes a request from its serving cell to
initiate soft handoff with the additional cell. The base station
passes this request to the MTSO (Mobile Telephone Switching Office)
which contacts the second base station and gets a Walsh assignment.
This is sent to the mobile by the first base station. The land link
is connected to both base stations. The mobile combines the signals
from both base stations by using the two Pilot signals as coherent
phase references. At the MTSO, the signals are examined from each
base station and the better one is chosen for each 20 milliseconds
block. As the signal from the first base station degrades, the mobile
will ask that the soft handoff be terminated. At this point the
mobile is being power controlled by the second base station (since the
first cell probably has a very poor link). The request is passed from
the second cell through the MTSO, and the first cell stops
transmission and reception of the signal. The mobile is now only on
the second cell.
- CDMA End of Call
Finally, the call ends. This can be initiated either from the
mobile or land side. In either case, transmissions are stopped and
the land line connection is broken. Word has it, with the normal
analog cell sites used now,.. the EMX (Electronic Mobile eXchange)
will drop your call into default so that you won't be billed if for
any reason power cuts off to a phone call without you hitting the end
key.. so if you took off the battery during transmission, you
basikally shouldn't get billed, because certain termination tones
aren't sent to properly end the call.. i haven't tested this theory
myself, but let's just say i got this from an expert in the field..
and although i promised i wouldn't discuss how to make free fone
calls,.. i had to throw that in there.
+++++
+ +
+ 7 + CDMA Power Control.
+ +
+++++
One of the fundamental enabling technologies of CDMA is power
control. The power of all mobile units is controlled so that to
arrive at the base station with equal power levels. In this way, the
interference from one unit to another is held to a minimum.
Reverse Link Power Control:
Two forms of power control are used for the reverse link:
- open loop power control
- closed loop power control
- Open loop power control
Open loop power control is based on the similarity of the loss in
the forward path to the loss in the reverse path (forward refers to
the base-to-mobile link, while reverse refers to the mobile-to-base
link).
Open loop control sets the sum of transmit power and receive power
to a constant, nominally -73, if both powers are in dMb. A reduction
in signal level at the receive antenna will result in an increase in
signal power from the transmitter. For example, assume that the
received power of the composite signal from the base station is -85
dBm. The open loop transmit power setting would be +12 dBm.
- Closed loop power control
Closed loop power control is used to allow the power from the
mobile unit to deviate from the nominal as set by open loop control.
This is done with a form of delta modulator. The base station
monitors the power received from each mobile station and commands the
mobile to either raise power or lower power by a fixed step of 1 dB.
This process is repeated 800 times per second, or every 1.25
milliseconds.
Because the power of the mobile is controlled to be no more than is
needed to maintain the link at the base station, much less power is
typikally transmitted from the mobiles than is the case with analog.
The analog radio needs to transmit enough power to maintain a link
even in the presence of a fade. Most of the time it is transmitting
with excess power. The CDMA radio is controlled in real time and is
kept at low power. The has the benefit of longer battery life and
smaller, lower cost amplifier design. If recent health concerns over
cellular phone radiations are founded, CDMA will be preferred.
+++++
+ +
+ 8 + Cellular term glossary for this phile.
+ +
+++++
Bandwidth - can be thought of as the MAX Peak-to-Peak of a waveform.
^the range of hertz a signal can hold.
CDMA - Code Division Multiple Access
ESN - Electronic Serial Number
FDMA - Frequency Multiple Division Access
freq - I used this a lot, short for frequency (duh!)
Handoff - the process of a call changing from one hex (cellsite) to
another hex (cellsite).
MIN - Mobile Identification Number
TDMA - Time Division Multiple Access
Vocoder - Voice Coder, used to encrypt the call. All conversation
and transmission are encrypted with CDMA technology.
the rest that you may have questions on.. mail me or ask someone..
i just typed this whole file.. and although i type fast.. this fuckin
killed me.. i may type a phile later on cell switches.. which may be
more interesting..
[ END CDMA TECH 1 ]
¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,
_ _______ ______ ___ ___ ____ _
/___/ /___/ / / /__) /_
_ __/ _/ \ _/__/ _/__) _/____ _ _ _
/ I N D U S T R I E S
¬,¬,¬,¬,¬,¬,¬,¬,/¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬,¬, M A G A Z I N E
P H I L E S 1 9 9 6
§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§
the following boards listed hold true to the scene and if you are deep
into h/p and the likes, i suggest you give them a call. if your board
is on here, and you don't want it to be, let me know. if your board
isn't on here, but you think it should be.. let me know. i might
produce more CDMA philes,.. it all depends-fringe
greets (just like in the ol commodore daze) go out to the following
npa's, since posting hundreds of handles is outta the question:
207 (keep maine alive luthor!), 303 (i like the switch Haven),
312 (remember when we were ALL 312?!), 410 (where'd ad2 go?!),
416 (hidin' away), 514 (you guys have been diehards for years),
516 (peoples definately in the know), 619 (cellular is fun, no? :) ),
630 (my gnu npa,.. joy), 704 (yer scene's crashed hard w/o linoleum),
708 (what used to be my npa), 847 (iz all good),
904 (keep goin microcosm), +31 +44 +49 +62 (i'll be back overseas
soon, hopefully.. there is no stronger scene.. than overseas..)
§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§
Apocalypse 2000 - H/P/Punk/Ska/Rave/home of the PIMPS!
+1-847-676-9855 - *NO* ratio for LD callers. 1 gig online.
Poison Pen - H/P, *NO* ratio.
+1-847-251-3868
Moo 'n' Oink - H/P
+1-847-256-5928
Microcosm - H/P
+1-904-484-5548
Underworld 96
+1-514-683-1894
Aneurysm - H/P - NUP: Discipline
+1-514-458-9851
Last Territory - H/P
+1-514-565-9754
Linoleum - H/P
+1-704-gone, but will be remembered well..
Hacker's Haven - H/P
+1-303-343-4053
Digital Disturbance - H/P
+1-516-681-7437
Hacker's Hideaway - H/P
+1-416-534-0417
TOTSE - H/P and crazy other amounts of info
+1-510-935-5845
The Switchboard (priorly known as the coffee shop) - H/P
+011-31-703-584-868
Arrested Development - H/P
+011-31-773-547-477
**********************************************************
* *
* Probe Industries Magazine Philes 11 *
* *
* "Because I study P-I-M-P-ology, but logikally.." *
* *
* ` po pimp - do or die *
* *
**********************************************************
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed