Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
project:sdr [2013/11/10 08:34]
jenda [Links] QAM fun
project:sdr [2016/04/20 04:53] (current)
jenda +fcl
Line 7: Line 7:
 hw=-| hw=-|
 founder=brmlab collective| founder=brmlab collective|
-interested=[[user:​sargon]]\\ [[user:​biiter]]\\ [[user:​niekt0]]\\ [[user:​pasky]]\\ [[user:​nephirus]]\\ [[user:​ruza]]\\ [[user:​sysop]]\\ [[user:​kiki]]\\ [[user:​tlapka]] \\ [[user:​mrkva]]|+interested=[[user:​sargon]]\\ [[user:​biiter]]\\ [[user:​niekt0]]\\ [[user:​pasky]]\\ [[user:​nephirus]]\\ [[user:​ruza]]\\ [[user:​sysop]]\\ [[user:​kiki]]\\ [[user:​tlapka]] \\ [[user:​mrkva]] \\ [[user:​jenda]] |
 status=active status=active
 }} }}
-<note important>​Radiolab is being reconstructed. Some (or all) remote functionality might be unavailable</​note>​ 
-<note important>​Calling to brmlab (e.g. in case of phone or internet disruption),​ brmlab calling channels: 
  
-  * first shared frequency ​in 2m band (172.650 MHz, NFM, 5W EIRP) +The goal of this project is to get education and experience ​in the complex field of SDR technology and build applications for reception and transmission of various signals.
-  * PMR CH7, no subtone (446.08125, NFM, 0.5W EIRP) +
-  * CB CH 32, band C (27.325 MHz, NFM, 4W EIRP) +
-  * OK0N Žižkov repeater (145.6 MHz DL, 145.0 MHz UL, 88.5 Hz CTCS) +
-  * HAM shortwave FIXME (CW) +
-  * It is not ensured someone will be listening, however CB station is powered on almost all the time.+
  
-</note>+//​Předmětem řešení projektu je vytvoření nástrojů programového a elektronického 
 +vybavení pro určení typu šifrované komunikace, její následné dekódování a vyvinutí nových 
 +metod a nástrojů pro odhalování a vyšetřování případů kybernetické kriminality a ochrany 
 +informačních systémů před kybernetickými hrozbami.//
  
-Software Defined Radio is a computer peripheral that allows reception (and ideally also transmission) of arbitrary radio waves. Various peripherals have different frequency range, bandwidth and other capabilities. Best known are USRP (Universal Software Radio Peripherial) and RTL-SDR (extremely cheap DVB-T USB stick chipset).+ --[[http://​www.pecina.cz/​files/​Informace_MV_bez_data.pdf|MVČR]]
  
-On the software sideGNURadio is the most popular control software. Its modular design allows defining arbitrary signal decoding pathways visually.+Equipment:​ 
 +  * rtl-sdr sticks 
 +  * bladeRF with USB3 
 +  * Several computers to provide reasonable DSP power 
 +  * Aim to build distributed receiving cluster. Currently radios in brmlabon brmlab rooftop and at Jenda'​s rooftop are available. 
 +  * Various antennas (HF, discone, 2m and 70cm Yagi, 2m and 70cm dipole) 
 +  * Satellite card and dish 
 +  * CB and PMR walkie-talkies 
 +  * advice related to Baofeng UV-5R radio
  
-===== Status =====+Ongoing activities:​ 
 +  * [[user:​jenda:​gnuradio|GnuRadio advice]] 
 +  * FM radio :) 
 +  * [[project:​gsm|GSM]] 
 +  * [[project:​sdr:​tetra|Tetra]] 
 +  * [[project:​metro|Subway]] 
 +  * [[project:​sdr:​tetrapol|Tetrapol]] 
 +  * pagers, planes… 
 +  * NOAA weather satellites 
 +  * [[project:​weathersonde:​start|hunting for falling radio sondes]] 
 +  * [[members:​mikrofony|Microphone eavesdropping]] 
 +  * [[project:​sdr:​fcl]]
  
-We have SDR station on the table near our library (RadioLab), and some antennas on the roof. +Wanted topics
- +  * DSP on GPGPU and FPGA 
-So far, we achieved for example+  * GNSS RX ant TX
-  * FM broadcast listening =) +
-  * decoding of voice from unencrypted Tetra network (local traffic company ​and municipal police) +
-  * firemen, waterworks, civil security service, taxi RX (NFM) +
-  * [[https://​brmlab.cz/​project/​metro|Prague Subway]] RX (NFM) +
-  * POCSAG (Prague emergency service), ADSB and ACARS (planes) RX +
-  * NOAA RX +
-  * Radiosonde hunting and in-terrain recovery +
-  * [[project:​gsm|GSM fun]] +
- +
-Currently, we are running with rtl-sdr as RX and Baofeng as TX. We have collected most of money for [[http://​www.nuand.com/​|BladeRF]] and it will be hopefully available in summer. +
- +
-===== What is available ===== +
- +
-  * Several Linux computers with GnuRadio and rtl-sdr drivers installed and with SSH/VNC access. +
-  * TB of storage space for your captured signals :) +
-  * Helix and wire antennas on brmlab rooftop covering most of Prague. +
-  * 400MHz YAGI pointing on <​del>​Ruzyně</​del>​ Václav Havel Airport. +
-  * CB transceiver. +
-  * Several PMR446 walkie-talkies. +
-  * Satellite card +
-  * HAM portable 2m/70cm transceiver upon request. +
-  * Portable 400MHz YAGI +
-  * advice related to Baofeng UV-5R device  +
- +
-===== Projects ===== +
- +
-Active: see [[#​status]] +
- +
-Planned/​magic wish +
- +
-  * wideband radio scanner (there are lots of interesting unencrypted/​weakly encrypted signals in Prague!) +
-  * OSS baseband for Tetra +
-  * DSP FPGA workshop wanted! +
-  * own GSM network (some experiments with [[http://​openbsc.osmocom.org/​trac/​wiki/​TRX|osmocom TRX]] so far) +
-  * GNSS (GPS, GLONASS, GALILEO) ​RX and **TX** (signal faker)+
   * RFID, KEELOQ, Mifare, BT, wifi hacking   * RFID, KEELOQ, Mifare, BT, wifi hacking
   * BTS testing (tetra, DMR, APCO, D-star, matra, paging,… )   * BTS testing (tetra, DMR, APCO, D-star, matra, paging,… )
   * HAM HF CW and digimodes TRX   * HAM HF CW and digimodes TRX
- +  ​Passive ​and multistatic radars 
-===== Hardware ===== +  * Coherent scanners 
- +  * TRBO cracker 
-=== Genius TVGo DVB-T03 USB dongle === +  * Ponnies
-    * Very cheap, [[http://​www.alza.cz/​genius-tvgo-dvb-t03-d163527.htm]] for 499CZK. Frequency range roughly 64MHz to 1700MHz, low bandwidth, reception only, but still interesting for many applications. +
-{{:​project:​rtlsdr-genius.jpg?​100}} +
- +
-=== Elonics E4000 tuner === +
-  E4K range: 53 to 2210 MHz +
-  E4K L-band gap: 1106 to 1250 MHz +
- +
-{{:​project:​rtlsdr-elonics.jpg?​400}} +
- +
-=== New tuner === +
- +
-FIXME +
- +
-==== Antennas ==== +
- +
-FIXME +
- +
-TODO: Where/how to get a good antenna? +
- +
-TODO: What are interesting frequencies to listen to without a super-strong antenna? +
- +
-===== RadioLab ===== +
- +
-Undergoing reconstruction. +
- +
-**Remote listening** - tune radio in brmlab, listen at home! Ask Jenda/​Mrkva/​TomSuch for access. +
- +
-VNC: <​code>​xtightvncviewer -quality 7 -encodings tight 192.168.77.35:​0</​code>​ +
- +
-Maybe you will need to start a VNC server: +
- +
-  ​LightDM login in case machine rebooted ​and autologin got stuck :-( +
-<​code>​root@radio-observer:​~#​ x11vnc -display :0 -usepw -forever -auth /​var/​run/​lightdm/​root/​\:​0</​code>​ +
- +
-  * Desktop access: +
-<​code>​radio@radio-observer:​~$ x11vnc -display :0 -usepw -forever</​code>​ +
- +
-  * Audio: Vorbis compressed (for listening) +
-<​code>​ssh radio@192.168.77.35 "​parecord --channels=1 | oggenc -q "​-1"​ -r -C 1 -" | ogg123 -</​code>​ +
-Uncompressed (e.g. for further processing) +
-<​code>​ssh radio@192.168.77.35 "​parecord --channels=1"​ | aplay -r 44100 -c 1 -f S16_LE</​code>​ +
- +
-Average delay of this chain is 1-2 seconds. +
- +
-**Tunnel raw data** - connect remote radio to your local receiver +
- <​code>​ssh -A -L1234:​192.168.77.35:​1234 username@nat.brmlab.cz 'ssh radio@192.168.77.35 "​killall rtl_tcp; rtl_tcp -a 0.0.0.0"'</​code>​ +
-Then start gqrx locally with <​code>​device="​rtl_tcp=127.0.0.1:​1234"</​code>​ +
-Works for me with 300000Hz bandwith. +
- +
-===== HOWTOs ===== +
- +
-==== FM Radio ==== +
- +
-  * Get rtl-sdr tool, compile. +
-  * mkfifo /tmp/radio - we will use it to tunnel samples. +
-  * Install GNURadio. (Debian Unstable version works fine.) +
-  * Start gnuradio-companion and load [[http://​al.robotfuzz.com/​~al/​rtl2832/​rtl2832-fm.grc]] +
-  * Switch sink from file to audio, adjust source file to /​tmp/​radio. +
-  * As root, run ./rtl_sdr -f 94.6e6 ​ - >/​tmp/​radio +
-  * In gnuradio-companion,​ execute the flow graph (click on gear icon). +
-  * You should hear CRo Radiozurnal. Quality of reception depends (hopefully) on the antenna. +
-  * [[http://​nat.brmlab.cz/​~sysop/​rds_rx.grc]] - stereo FM receiver with RDS decoder (original source [[https://​www.cgran.org/​wiki/​RDS|here]]) +
- +
-==== Detection of pulses from kappi'​s geiger counter with a soundcard ==== +
- +
-[[http://​jenda.hrach.eu/​brm/​geiger.c|geiger.c]] (inspiration:​ [[http://​shaddack.twibright.com/​projects/​experiment_GeigerOnAPlane/​|Geiger on a Plane]] +
- +
-==== Cutting and timestamping based on silence detection ==== +
- +
-[[project:​sdr:​squelchcut|Separate page]] +
- +
-==== GnuRadio on RPi ==== +
- +
-[[project:​sdr:​gnuradio-pi|Separate page]] +
- +
-==== GSM ==== +
- +
-First attempt: I was able to record GSM channel data with [[http://​nat.brmlab.cz/​~sysop/​gsm.grc]] (recorded file [[http://​nat.brmlab.cz/​~sysop/​dump.cfile|here]]) and decode it with airprobe (gsm_receive.py with modified clock frequency [[http://​nat.brmlab.cz/​~sysop/​gsm_receive_rtl.py|here]]) +
- +
-<​code>​ +
-./​gsm_receive_rtl.py -I dump.cfile -d 1 B0 +
-</​code>​ +
- +
-==== SDR GUI ==== +
- +
-That nice QT GUI we are using is called GQRX. (build with qmake) +
- +
-{{:​project:​gqrx.png?​350}}+
  
 ==== Satellites ==== ==== Satellites ====
Line 170: Line 62:
 ===== Links ===== ===== Links =====
   * [[http://​gnuradio.org/​redmine/​projects/​gnuradio/​wiki/​Download|Gnuradio]] - DSP/SDR toolkit   * [[http://​gnuradio.org/​redmine/​projects/​gnuradio/​wiki/​Download|Gnuradio]] - DSP/SDR toolkit
-  * [[http://​sdr.osmocom.org/​trac/​wiki/​rtl-sdr|rtl-sdr]] - library and commandline tool for RTL2832U 
-  * [[http://​sdr.osmocom.org/​trac/​wiki/​GrOsmoSDR|gr-osmosdr]] - Gnuradio (>= v3.5.3) sink for RTL2832U 
   * [[https://​github.com/​pinkavaj/​rtl-sdr/​tree/​gain|gain]] - patch for gr-osmosdr to set gain on F0012 tuner   * [[https://​github.com/​pinkavaj/​rtl-sdr/​tree/​gain|gain]] - patch for gr-osmosdr to set gain on F0012 tuner
   * [[http://​wiki.spench.net/​wiki/​Gr-baz|gr-baz]] - contains alternatiobe Gnuradio sink for RTL2832U   * [[http://​wiki.spench.net/​wiki/​Gr-baz|gr-baz]] - contains alternatiobe Gnuradio sink for RTL2832U
Line 177: Line 67:
   * [[https://​svn.berlin.ccc.de/​projects/​airprobe/​|airprobe]] - gnuradio based GSM decoding tool   * [[https://​svn.berlin.ccc.de/​projects/​airprobe/​|airprobe]] - gnuradio based GSM decoding tool
   * [[http://​www.kmitocty.cz/​zaklady/​tabulka2011.html]] - listening frequencies   * [[http://​www.kmitocty.cz/​zaklady/​tabulka2011.html]] - listening frequencies
-  * [[http://​metroweb.cz/​diskuze/​viewtopic.php?​p=64750#​p64750]] - frequencies used for FM communication in Prague subway 
   * [[http://​old.avc-cvut.cz/​avc.php?​id=3622]] - FEL ČVUT course on digital cellular network (czech)   * [[http://​old.avc-cvut.cz/​avc.php?​id=3622]] - FEL ČVUT course on digital cellular network (czech)
   * [[http://​sdr.martinmarinov.info]]   * [[http://​sdr.martinmarinov.info]]
Line 183: Line 72:
   * [[http://​www.ni.com/​white-paper/​13193/​en/​|Understanding RF Radio Broadcast]]   * [[http://​www.ni.com/​white-paper/​13193/​en/​|Understanding RF Radio Broadcast]]
   * [[https://​wiki.xiph.org/​Videos/​Digital_Show_and_Tell|Digital Show and Tell]]   * [[https://​wiki.xiph.org/​Videos/​Digital_Show_and_Tell|Digital Show and Tell]]
-  * [[http://​www.icrobotics.co.uk/​wiki/​index.php/​Turning_the_Raspberry_Pi_Into_an_FM_Transmitter|http://​www.icrobotics.co.uk/​wiki/​index.php/​Turning_the_Raspberry_Pi_Into_an_FM_Transmitter]] +  * [[http://​www.icrobotics.co.uk/​wiki/​index.php/​Turning_the_Raspberry_Pi_Into_an_FM_Transmitter]] 
-  *  [[https://​www.rtl-sdr.com/​signal-identification-guide/​]] RADIO SIGNAL IDENTIFICATION GUIDE+  * [[https://​www.rtl-sdr.com/​signal-identification-guide/​]] RADIO SIGNAL IDENTIFICATION GUIDE
   * [[http://​www.gnss-sdr.org/​documentation/​gnss-sdr-operation-realtek-rtl2832u-usb-dongle-dvb-t-receiver|GPS RX with rtl-sdr]]   * [[http://​www.gnss-sdr.org/​documentation/​gnss-sdr-operation-realtek-rtl2832u-usb-dongle-dvb-t-receiver|GPS RX with rtl-sdr]]
   * [[http://​lea.hamradio.si/​~s53mv/​navsats/​theory.html|GPS/​GLONASS RX with hardwired logic]]   * [[http://​lea.hamradio.si/​~s53mv/​navsats/​theory.html|GPS/​GLONASS RX with hardwired logic]]
Line 190: Line 79:
   * https://​www.youtube.com/​user/​2011HPS/​videos   * https://​www.youtube.com/​user/​2011HPS/​videos
   * [[http://​homepages.paradise.net.nz/​peterfr2/​QAMidea/​QAMidea.htm|The basic idea of digital QAM.]]   * [[http://​homepages.paradise.net.nz/​peterfr2/​QAMidea/​QAMidea.htm|The basic idea of digital QAM.]]
-  * [[http://​homepages.paradise.net.nz/​peterfr2/​QAMtiming/​QAMtiming.htm|http://​homepages.paradise.net.nz/​peterfr2/​QAMtiming/​QAMtiming.htm]]+  * [[http://​homepages.paradise.net.nz/​peterfr2/​QAMtiming/​QAMtiming.htm]]
   * [[http://​homepages.paradise.net.nz/​peterfr2/​QAM.htm|J-QAM]]   * [[http://​homepages.paradise.net.nz/​peterfr2/​QAM.htm|J-QAM]]
 +  * [[http://​www.irrational.net/​2014/​03/​02/​digital-atv/​|gr-dvbt]]
 +  * http://​www.sigidwiki.com/​wiki/​Signal_Identification_Guide
 +  * [[https://​github.com/​tejeez/​rtl_coherent|Coherent RLT-SDRs]]
 +  * [[https://​github.com/​mutability/​mlat-server|Free implementation of RAMONA radar]] (yes, really)
 +  * [[https://​github.com/​osqzss/​gps-sdr-sim|GPS network implementation]]
 +  * [[http://​www.sidlo.com/​ok1ufc/​articles_cz.htm|Antenna bible]] (Czech)
   * See also: [[:​event:​dsp#​Zdroje|Digital Signal Processing#​Zdroje]]   * See also: [[:​event:​dsp#​Zdroje|Digital Signal Processing#​Zdroje]]
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki