<aside>

“My cell service didn’t return…It was like living in ancient times, with mead and beheadings and blacksmiths.” — Penny Reid

</aside>

INFRASTRUCTURE

Cellular refers to how mobile infrastructure mimics cellular structure. Mobile providers divide coverage areas into cells with a Base Transceiver Station (BTS or cell phone tower) at the center of each. This allows for frequency allocation in each cell using patterns that minimize interference.

img: web: demonstrates good map of how it works

• minimal interference is handled by assigning different frequency channels to adjacent cells, while non-adjacent ones reuse the same channels.
• spectrum allocation - cells use chunks of radio spectrum provided by the FCC to prevent overlap/interference, which are split into low, mid and high bands.

why do we need interference reduction? cellular infrastructure relies on radio frequencies, making it subject to many of the same challenges.

issues that interfere with radio waves:

1. reflection - when radio waves bounce off surfaces (water, ground)
2. diffraction/refraction - waves bending around/through mediums
   1. diffraction - around obstacles (hills, corners)
   2. refraction - through layers of density (atmosphere, ionosphere)
3. scattering - waves dispersing when hitting surfaces (foliage, cars)
4. absorption/attenuation - something soaks wave energy (concrete, rain)
   1. 5G (operates at higher frequencies), is especially vulnerable
5. doppler shifts - frequency shifts from motion bet. transmitter/receiver
6. multipath fading - mixture of reflection/diffraction/scattering
   • multiple copies of signals arrive at diff times/points (boost/cancel)
   • wifi/mobile: why MIMO (multiple-input multiple-output) exists

cellular interference:

1. co-channel - same-frequency transmitters overlap (reuse handles this)
2. adjacent channel - signals leak bet close frequency bands (radio)
3. cross-talk - signals from 1 channel bleed to another (walkie talkie)
4. intermodulation - 2/more signals mix/create new frequencies (ghosts)
5. electromagnetic - external sources with unwanted noise (microwaves)
6. inter-symbol - bits blurring from bandwidth limits (decoding errors)

how interference is reduced:

1. frequency reuse - splits area into cells, reusing frequencies
2. site surveying - detailed analyses of terrain/density to cell position
3. directional antennas - focusing signals in cells with different frequencies to minimize co-channel interference.

   1. fresnel zones - elliptical areas bet a transmitter/receiver

      

      diagram of the fresnel zone

   2. must be obstacle-free to reduce diffraction/boost signal strength

4. low-power transmitters - limits signal reach (prevents cell interference)
   1. base stations/devices can also adjust transmission power
5. coordinated multipoint - nearby base stations can work together to serve users at cell edges (jointly reduces interference)
6. sparse code multiple access (scma) - uses spreading codes to stop interference bet users in the same channel

HOW IT WORKS

<aside>

A cellular network is made of many cells that cover a specific area. These cells in turn contains multiple cell sites, or cellular towers in the area.

</aside>

Img depicting Tower/3 panels

cell towers (sites) - typically contain 3 panels per side, with one being a transmitter (usually the middle one), while the other two panels on the outside are receivers that listen for inbound signals.

• towers find your position by comparing signal diffs for handoffs - when users move between areas and phones have to swap towers.

transmission:

1. TDMA (Time Division Multiple Access) - divides 1 frequency into time slots called bursts so multiple callers can share it (small digital packets along a spectrum). voice data is digitized/placed in a single bit stream that users transmit consecutively, each in their assigned time slot.

The foundation of GSM used in 2G

1. CDMA (Code Division Multiple Access) - uses spread-spectrum techniques that distribute signal energy across wider bandwidth/provides more secure comms/better resistance to interference/jamming.
   • each transmitter gets a unique code allowing multiple users on the same frequency. CDMA tags convo parts with these codes to help reassemble calls at the base station through filtering.

GSM (Global System for Mobile Communications) - The globally dominant standard that enables international roaming, letting users make calls worldwide.

• SIM (Subscriber Identity Modules) - cards store user data, allowing info transfer between devices/carriers.
• used in 2G with time-based transmission, later adopting UMTS (Universal Mobile Telecoms System) and WCDMA (Wideband Code Division Multiple Access) for 3G.
• 4G uses HSPA+ (High Speed Packet Access Plus)/LTE (Long-Term Evolution) to enhance UMTS/WCDMA for faster data.

GLOBAL SYSTEM FOR MOBILE COMMUNICATIONS

1. mobile station - phone with SIM card used by subscribers
   1. mobile/SIM id’d by IMEI (International Mobile Equipment Identity)
   2. SIM cards store an International Mobile Subscriber Identity (IMSI) to id subscribers and use a secret key for auth with an Integrated Circuit Card Identifier (ICC-ID)
2. base station subsystem (BSS) - tower connecting mobile devices (controls frequency hopping/handoffs)
   • hard handoffs (GSM) - devices connect to 1 tower, so when moving, a device has to disconnect from the current one and reconnect to another closer tower.
   • soft handoffs (CDMA) - phones connect to multiple towers at once but use the strongest signal, while maintaining other connections. during congestion/movement, calls seamlessly transfer between towers.
3. network subsystem - core components handling call routing/user verification
   • central routing system - where in-out of network call info is moved through the system. info is moved to the Home Location Register (HLR), the Visitor Location Register (VLR), the Equipment Identity Register (EIR), and the Authentication Center.

<aside>

HLR/VLR/EIR/Auth Center - all databases maintained on provider servers

Home Location Register (HLR) - all administrative info of each subscriber

• Home address, IMSI, phone number, SIM card’s ICC-ID
• GSM services the subscriber requested/been given

Visitor Location Register (VLR) - key HLR data needed for call routing, service delivery for mobiles in the VLR's coverage area. Temp db storing info about subscribers roaming its coverage area, which includes:

• auth data, phone number, IMSI, GSM services allowed, HLR address of subscriber, current location, Temp Mobile Subscriber Id (TMSI)

1 HLR for each subscriber, many VLR’s (based on location)

Equipment Identity Register (EIR) - standard element that allows a network to check the type/serial number of a device to determine whether/not to offer service

• keeps list of phones (id’d by IMEI) banned or monitored from network
• tracking of stolen devices
• info about equipment id that prevents calls from stolen, unauth, defective mobile stations
• EIR’s can log mobile attempts/store info in a log file

white, grey and black list:

• white - all known/valid IMEI numbers
• grey - all IMEI numbers of devices under observation
• black - all defect/stolen devices

Authentication Center (AC) - secure db handling auth/encryption keys. It verifies each SIM card connecting to the network. After, the HLR manages the SIM/services. The system generates an encryption key to secure all wireless comms bet mobile device/network.

</aside>

SIM CARDS

SIM Cards store identity data. The (U)SIM is the CPU/memory chip containing user data and encryption keys, while the R-UIM (Removable User Identity Module) contains both GSM/CDMA provisioning.

SIM card pinout

Types of data on card:

• IMSI (International Mobile Subscriber Identity) - id for service provider
• ICC-ID (Integrated Circuit Card Identifier) - id of physical SIM
• ADN (Abbreviated Dialing Numbers) - phone book entries
• LND (Last Numbers Dialed) - recently dialed numbers stored
• SMS messages (including deleted texts pending overwrite)
• MSISDN (Mobile Subscriber ISDN Number) - actual phone number
• LOCI (Loc Info) - contains LAI (Location Area Id) last place phone powered down

data on cards is separated into master, dedicated, elementary files, akin to other file systems on various operating systems:

• master (MF) - similar to a root directory
• dedicated (DF) - like a folder in a file system
• elementary (EF) - files contained in dedicated file

<aside>

</aside>

<aside>

</aside>

================
SMS Status Flags 
================

value         interpretation
=====         ====================================
00000000      unused (deleted)
00000001      mobile terminated message (read)
00000011      mobile terminated message (unread)
00000101      mobile originated message (sent)
00000111      mobile originated message (not sent) 

SIM Tools: SIM-seizure-device, pysim, cardmanager, numberingplans