This is an old revision of the document!


Software Defined Radio

Software Defined Radio
founder: brmlab collective
depends on:
interested: sargon
biiter
niekt0
pasky
nephirus
ruza
sysop
kiki
tlapka
mrkva
software license: -
hardware license: -
status: active

Radiolab is being reconstructed. Some (or all) remote functionality might be unavailable

Calling to brmlab (e.g. in case of phone or internet disruption), brmlab calling channels:

  • first shared frequency in 2m band (172.650 MHz, NFM, 5W EIRP)
  • PMR CH7, no subtone (446.08125, NFM, 0.5W EIRP)
  • CB CH 32, band C (27.325 MHz, NFM, 4W EIRP)
  • OK0N Žižkov repeater (145.6 MHz DL, 145.0 MHz UL, 88.5 Hz CTCS)
  • HAM shortwave FIXME (CW)
  • It is not ensured someone will be listening, however CB station is powered on almost all the time.

Software Defined Radio is a computer peripheral that allows reception (and ideally also transmission) of arbitrary radio waves. Various peripherals have different frequency range, bandwidth and other capabilities. Best known are USRP (Universal Software Radio Peripherial) and RTL-SDR (extremely cheap DVB-T USB stick chipset).

On the software side, GNURadio is the most popular control software. Its modular design allows defining arbitrary signal decoding pathways visually.

Status

We have SDR station on the table near our library (RadioLab), and some antennas on the roof.

So far, we achieved for example:

  • FM broadcast listening =)
  • decoding of voice from unencrypted Tetra network (local traffic company and municipal police)
  • firemen, waterworks, civil security service, taxi RX (NFM)
  • Prague Subway RX (NFM)
  • POCSAG (Prague emergency service), ADSB and ACARS (planes) RX
  • NOAA RX
  • Radiosonde hunting and in-terrain recovery

Currently, we are running with rtl-sdr as RX and Baofeng as TX. We have collected most of money for BladeRF and it will be hopefully available in summer.

What is available

  • Several Linux computers with GnuRadio and rtl-sdr drivers installed and with SSH/VNC access.
  • TB of storage space for your captured signals :)
  • Helix and wire antennas on brmlab rooftop covering most of Prague.
  • 400MHz YAGI pointing on Ruzyně Václav Havel Airport.
  • CB transceiver.
  • Several PMR446 walkie-talkies.
  • Satellite card
  • HAM portable 2m/70cm transceiver upon request.
  • Portable 400MHz YAGI
  • advice related to Baofeng UV-5R device

Projects

Active: see status

Planned/magic wish

  • wideband radio scanner (there are lots of interesting unencrypted/weakly encrypted signals in Prague!)
  • OSS baseband for Tetra
  • DSP FPGA workshop wanted!
  • own GSM network (some experiments with osmocom TRX so far)
  • GNSS (GPS, GLONASS, GALILEO) RX and TX (signal faker)
  • RFID, KEELOQ, Mifare, BT, wifi hacking
  • BTS testing (tetra, DMR, APCO, D-star, matra, paging,… )
  • HAM HF CW and digimodes TRX

Hardware

Genius TVGo DVB-T03 USB dongle

rtlsdr-genius.jpg

Elonics E4000 tuner

E4K range: 53 to 2210 MHz
E4K L-band gap: 1106 to 1250 MHz

rtlsdr-elonics.jpg

New tuner

FIXME

Antennas

FIXME

TODO: Where/how to get a good antenna?

TODO: What are interesting frequencies to listen to without a super-strong antenna?

RadioLab

Undergoing reconstruction.

Remote listening - tune radio in brmlab, listen at home! Ask Jenda/Mrkva/TomSuch for access.

VNC:

xtightvncviewer -quality 7 -encodings tight 192.168.77.35:0

Maybe you will need to start a VNC server:

  • LightDM login in case machine rebooted and autologin got stuck :-(
root@radio-observer:~# x11vnc -display :0 -usepw -forever -auth /var/run/lightdm/root/\:0
  • Desktop access:
radio@radio-observer:~$ x11vnc -display :0 -usepw -forever
  • Audio: Vorbis compressed (for listening)
ssh radio@192.168.77.35 "parecord --channels=1 | oggenc -q "-1" -r -C 1 -" | ogg123 -

Uncompressed (e.g. for further processing)

ssh radio@192.168.77.35 "parecord --channels=1" | aplay -r 44100 -c 1 -f S16_LE

Average delay of this chain is 1-2 seconds.

Tunnel raw data - connect remote radio to your local receiver

ssh -A -L1234:192.168.77.35:1234 username@nat.brmlab.cz 'ssh radio@192.168.77.35 "killall rtl_tcp; rtl_tcp -a 0.0.0.0"'

Then start gqrx locally with

device="rtl_tcp=127.0.0.1:1234"

Works for me with 300000Hz bandwith.

HOWTOs

FM Radio

  • Get rtl-sdr tool, compile.
  • mkfifo /tmp/radio - we will use it to tunnel samples.
  • Install GNURadio. (Debian Unstable version works fine.)
  • Start gnuradio-companion and load http://al.robotfuzz.com/~al/rtl2832/rtl2832-fm.grc
  • Switch sink from file to audio, adjust source file to /tmp/radio.
  • As root, run ./rtl_sdr -f 94.6e6 - >/tmp/radio
  • In gnuradio-companion, execute the flow graph (click on gear icon).
  • You should hear CRo Radiozurnal. Quality of reception depends (hopefully) on the antenna.
  • http://nat.brmlab.cz/~sysop/rds_rx.grc - stereo FM receiver with RDS decoder (original source here)

Detection of pulses from kappi's geiger counter with a soundcard

geiger.c (inspiration: Geiger on a Plane

Cutting and timestamping based on silence detection

GnuRadio on RPi

GSM

First attempt: I was able to record GSM channel data with http://nat.brmlab.cz/~sysop/gsm.grc (recorded file here) and decode it with airprobe (gsm_receive.py with modified clock frequency here)

./gsm_receive_rtl.py -I dump.cfile -d 1 B0

SDR GUI

That nice QT GUI we are using is called GQRX. (build with qmake)

Satellites

Links

 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki