GSM NETWORKS
INTRODUCTION MS AND SIM SS7 -Varun Ranjit Singh
EVOLUTION OF GSM GSM (Groupe Spe'ciale Mobile) began in 1982, a committee under CEPT. The task of GSM was to define a new standard for mobile comm in the 900MHz range. CEPT evolved into ETSI, but this didnt affect GSM In 1991, the first GSM system was introduced, GSM was changed to mean Global System for Mobile Communication. Derivatives of GSM also started to appear the same year, Digital Cellular System (1800 MHz) – DCS 1800. In the US, DCS 1800 was adapted to the 1900MHz range and was called the Personal Communication System, PCS 1900. GSM has proved to be a major commercial success for system manufacturers and network operators Current Tecnologies not under GSM and are growing are CDMA, DECT, PHS.
Factors for success of GSM Libralization of the monoply of telecomm in europe during the 1990's and the resulting competition, which lead to lower prices and more “market”. The knowledge-base and professional approach of GSM, together active support from the industry. Lack of competition, US and Japan started defining mobile communication standards after GSM had been well established.
System Architecture GSM utilizes a Cellular structure, the basic ideas for that are: Frequency reuse: Divide the available freq range, and assign a part of the frequency spectrum. Reduce range of the Base Station (BS) so that the same frequency can be reused. Attenuation: Alternatives were discarded because attenuation is ver high. Hence Ranges are limited to 5kms. Diadvatages Cost of Infrastructure. Handover Tracking – when Mobile Station (MS) is in motion Processing due to Signaling overheads
GSM Subsystem Public Land Mobile Network (PLMN) – consists of the whole GSM subsystem. Mobile Station (MS) – a PLMN contains as many MSs as possible. Available in various styles and power classes Subscriber Identity Module (SIM) – stores identity of Subscriber. The SIM is a chip, and communicates directly with VLR and indirectly with HLR Base Tranciever Station (BTS) - large no. of BTSs take care of the radio related tasks and provide connectivity using Air-interface between n/w and MS. Base Station Controller (BSC) – BTSs of an area are connected to the BSC via an Abis-interface. BSC takes care of central functions and control of the subsystem, BSS. BSS comprises of BSC and connected BTSs. Transcoding Rate and Adaptation Unit (TRAU) – data compression for better bandwidth management. TRAU is part of the BSS
GSM Subsystem contd... Mobile Service Switching Center (MSC) – large no. of BSCs are connected to the MSC via Air Interface.helps in routing of incoming and outgoing messages and assignmernt of user channels under A interface Home Location Register (HLR) – a repository that stores the data of large no. subscribers, each PLM needs atleast one HLR Visitor Location Register (VLR) – contains a part of subscribers data, but only of sunscribers in the VLRs area Equipment Identity Number (EIR) – a database which stores IMEI numbers of stolen mobiles
SIM SIMs are of two types – [no change in functionality except size] ID-1 SIM (credit card size) Plug-in SIM (1cm square) Except for emergency calls the SIM needs to be used. A mobile equipment only becomes a MS once the SIM is inserted. SIMs major task is to store data such as contacts etc GSM identifies the subscriber by his SIM and not the equipment hence, the SIM can be used in multiple equipments.
Mobile Station All functionality known from the BTS TRX (tranciever) like GMSK upto Channel coding are implemented in the MS. MS specific functionality such as DTMF Economical battery usage MS is not peer only to BS but communicates directly to MSC via Mobility Management (MM). VLR via Call Control (CC). Plus it has to provide transparent interface (TAF, Terminal adaptation function) for data and fax connections. 5 power classes were defined for GSM 900, 20W is now outdated, 8W is now the most powerful rating.
Mandatory features of a MS DTMF capability SMS capability Ciphering Algorithms such as A5/1 and A5/2 (what are they used for?) Display capability of SMS, dialled no.s and available PLMN Support emergency calls without SIM Burned on IMEI
Signaling Signaling is the language of telecommunication that machines and computers use to communicate with each other. Signaling is required between various elements of the GSM network PCM (Pulse Code Modulation), is used for signaling data and payload. A 2Mbps PCM link can be effeciently used by using TDMA with 32 channels with each capable of carrying 64kbps. Sinaling System Number 7 or SS7 is used in GSM networks
SS7 SS7 provides in OSI layers 1 to 3 for signaling traffic on all NSS interface and A-interface. User parts of SS7: SCCP (Signaling Connection Control Part) TCAP (Transaction Control Application Part) /MAP (Mobile Application Part). SS7 Network consists of Directly connected Signaling Points (SPs). SPs that are connected through Signaling Transfer Points (STPs). A combination of SPs and STPs. An SP is a network node that has user parts (e.g SCCP) that allows processing of messages addressed to it. (MSC, BSC, PSTN fall in this category) Functionality of STP is typically related to that of the SP, but with additional capability of being able to relay SS7 messages
Message Transfer Part (MTP) SS7 without its user parts is OSI Layer 1 to 3. Those 3 layers are represented by MTP. Parts of SCCP are also part of Layer 3. MTP performs: Provides all functionality to provide for a reliable transport of signaling data to various user parts. Takes necessary measures to ensure that the connection is maintained and prevent loss of data. MTP can be partitioned into 3 layers where MTP1 is responsible for transmission of single bits. MTP2 defines the basic frame structure for all message types.
FLAG
Ack Length Information field (op)
FCS*
FLAG
Message Types Definition of SS7 message types is another functionality of MTP2 In Layer 2, 3 different types are defined FISU, Fill-in Signal Unit. Length = 0 LSSU, Link Status Signal Unit. Length = 1 or 2 MSU, Message Signal Unit. Length > 2 Length is the length of the optional data field.
FISU Its used to supervise the link status when no traffic is available Both sides poll each other in this idle state. FSN, BSN, FIB and BIB dont change their value during polling. FSN: Forward Sequence Number. BSN: Backward Sequence Number. FIB: Forward Indicator Bit BIB: backward Indicator Bit. FISU can also be used to acknowledge reciept of an MSU 8 bit 7 1 7 1 6 (LI=0) 2* 16 8 FLAG
BSN
BIB FSN FIB
LI
FCS
FLAG
LSSU LSSU is used only to take the link into and out of service and during error situations.(e.g. Overload) To exchange status information between two SPs or STPs. Status can be 2 octet long but it occupies 1byte, of which only the first 3 bits contain the actual status message. The recipeint of the LSSU doesnt confirm its receipt SIO: Out of alignment – start of link alignment SIN: Normal alignment – conn. brought into service (8.2s) SIE: Emergency alignment – A conn brought into service (500ms) SIOS: Out of service – In case of error, the link is taken out of service SIPO: when layer 2 detects an error in layer 2 SIB: Signal overload, Acks cant be sent, link failure follows 8 7 1 7 1 6 (LI =1or2) 3+5 (spare) 16 8 FLAG
BSN
BIB FSN FIB
LI
Status
FCS
FLAG
MSU Used for any type of data transfer between 2 network nodes Only SS7 message to carry traffic data, used by all user parts (SCCP, ISUP, OMAP) as a platform particularly fo that task The Information field consists of the Service Information Octet (SIO), SIO is furture partitioned into SubService Field (SSF) and Service Indicator (SI) with 4 bits each. 2 MSBs of SSF are necessary to describe Network Indicator (NI). NI distinguishes b/w national and international messages SI indicates to which user part the MSU (data in SIF) belongs. Signaling Information Field (SIF) Unlike FISU and LSSU, MSU has to be ack'd to the peer entity whenever an MSU is received
Addressing and Routing MSUs arent necessarily exchanged b/w two adjacent SP/STP. SS7 uses so called Point Codes (PCs) for routing and addressing MSUs PCs are Unique IDs within an SS7 network Exactly one PC – Signaling Point Code (SPC) is assigned to every SP and STP. An MSU has a routing label that contains OPC (Originating PC) and DPC (Destination PC) The routing label is part of SIF. (Note: LSSU and FISU dont have a routing label as they are exchanged only b/w adj nodes) 14 14 4 = 32 bits (4bytes)
DPC
OPC
SLS
Commissioning of an SS7 Connection Bringing layer 2 in service: After layer1 is established, both sides send SIOS-LSSU. Layer2 comes into service starts with sending SIO-LSSU. The connection has to be established in both direction. Test period, both sides examine link quality, starts with sending LSSU-SIN / LSSU-SIE. Transmitted FISUs must not contain any errors during this test period. The difference between LSSU-SIE, LSSU-SIN is the surveillance time.
Bringing Layer 3 into Service After the test time is over and no errors were detected, layer 2 is considered to be in service, Layer3 then initiates further tests A Signaling Link Test Message (SLTM) is used for testing. If Signaling Link Test Acknowledge is received by the sender from the recipient then Layer3 is considered to be in Service . FLOW diagram SS7 (idle) -> LSSU–SIO (2 way) -> LSSU-SIOS ->LSSU-SIE/SIN -> (tests) -> MSU/SLTM -> MSU/SLTA (in service).
Error Detection and Correction Layer 2 is responsible for it. FSN, BSN, FCS. All messages not acknowledged within a certain time frame are retransmitted. Retransmit when NACK received.
FSN and FIN form the send sequence no, FSN is incremented when a MSU is sent. If a FISU or LSSU is sent its not inc. Similarly for BSN,BIN. All Acks can be sent in one message by sending the corresponding last received correct FSN/BSN In case of transmission error invert FIN/BIN.
SS7 Network Management and Test Major task in the operation of a big network is its management or administration. SS7 has dedicated user parts in layer3 that automatically detect error situations and able to correct them autonomously. Errors can be classified in 3 classes Overload on single SS7 line Outage/bringing into service an SP/STP Outage/bringing into service a link between SP/STP.
To differentiate between NM and NT, SI sends 00 and 01 respectively.
Error Cases Overload Situation: the affected STP informs its neighbors about the limited availability. The info is sent in TFC/TFR messages. Alternate routes are used by neighbors. The changeover procedure (COO message) is used for rerouting Once the link is up again it informs its neighbors using TFA link. The change back sequence is executed (CBD messages)
Outage/Bringing SP/STP into service All neighbors are informed immediately. TFP message is sent to all affected SPs, STPs
