“MIMO” refers to a technique for sending and receiving more than one data signal on the same radio channel at the same time via multipath propagation.
802.11n/ac systems take advantage of multipath by sending multiple radio signals at the same time. Each of these signals, called a spatial stream, is sent from its own antenna using its own transmitter. Because there is some space between these antennas, each signal follows a slightly different and unique path to the receiver, a situation called spatial diversity. The receiver has multiple antennas as well, each with its own radio that independently decodes the arriving signals, and each signal is combined with the signals from the other receive radios. The result is that multiple data streams are received at the same time.
MIMO can be sub-divided into three main categories :-
precoding:
precoding is multi-stream beamforming. With this, same signal is emitted from each of the transmit antennas with appropriate phase and gain weighting such that the signal power is maximized at the receiver input.
- Precoding requires knowledge of channel state information (CSI) at the transmitter and the receiver.
spatial multiplexing:
Signal is split into multiple lower-rate streams and each stream is transmitted from a different transmit antenna in the same frequency channel. If these signals arrive at the receiver antenna array with sufficiently different spatial signatures, it can separate these streams into almost parallel channels. Spatial multiplexing can also be used for simultaneous transmission to multiple receivers, known as space-division multiple access or multi-user MIMO.
- Spatial multiplexing can be used without CSI at the transmitter, but can be combined with precoding if CSI is available.
diversity coding:
The signal is emitted from each of the transmit antennas with full or near orthogonal coding.
- Diversity coding can be combined with spatial multiplexing when some channel knowledge is available at the transmitter. Because there is no channel knowledge, there is no beamforming.
- Orthogonal Frequency Division Multiplexing (OFDM) is a modulation scheme that uses multiple subcarriers within the same single channel. Rather than transmit a high-rate stream of data with a single subcarrier, OFDM makes use of a large number of closely spaced orthogonal subcarriers (meaning that crosstalk between the subchannels is eliminated) that are transmitted in parallel.
- The advantages of using OFDM include reduced multipath effects in reception and increased spectral efficiency.
- OFDMA achieves multiple access by assigning subsets of subcarriers to individual users.
- multiple transmit antennas can be used for beamforming
- multiple receive antennas can be used for diversity
TxBF requires multiple copies of the same signal arriving in phase at the receiver.
- Implicit Feedback: AP detect from its multiple antennas the different phases of arrival of a signal from the client on each of the AP’s antennas. This is roughly analogous to the way human ears process sounds that arrive at each ear at different times and therefore give an indication of the direction from which the sound came.
- Explicit Feedback:
- it should be obvious that a system can do spatial multiplexing or phase-based beamforming, but not both at the same time.
Reference:
http://www.digitalairwireless.com/wireless-blog/t-80211n/transmit-beamforming-txbf-explained.html
http://theruckusroom.typepad.com/files/adaptive-antennas-txbf-wp-0521-1.pdf
http://rfmw.em.keysight.com/wireless/helpfiles/89600b/webhelp/subsystems/wlan-ofdm/Content/ofdm_basicprinciplesoverview.htm
28 December 2015
20 December 2015
OKC
A PMK identifier is defined as
PMKID = HMAC-SHA1-128(PMK, "PMK Name" || AA || SPA) PMK - PMK is derived at the end of successful 802.1X authentication or after PSK authentication AA - Authenticator Address / BSSID of AP SPA - Supplicant Address
-> AP1 forwards PMK1 and AA to AP2.
-> STA sends Reassociation request frame to AP2 with pmkid2 in the RSNIE.
-> AP2 calculates pnkid2 using pmkid1 + AA + SPA.
-> If pmkid2 is acceptable to AP2, it will send M1 frame and starts 4 way handshake.
Reference:
https://www.cwnp.com/uploads/802-11_rsn_ft.pdf
22 October 2015
Wireless Broadband in India
HSD - High Speed Data
EVDO - Evolution data optimized
In mobile broadband market we presently have only two technologies available – EVDO from CDMA operators (Tata Photon+, Reliance Netconnect Broadband+, MTS MBlaze, BSNL EVDO and Virgin vFlash) and 3G from GSM operators (BSNL and MTNL covering the nation).
Reliance Netconnect - CDMA 1x, speed up to 144kbps.
- Huawei EC 121
- ZTE MG 880
- LG LXU 800
Reliance Netconnect+ - CDMA EVDO
Relaince 3 (ZTE AC2739) - speed up to 3.1 Mbps data rate
Relaince Pro 3 (ZTE AC2791) - speed up to 14.7 Mbps data rate
- Huawei EC 168c/1260/1262/150/159
- ZTE AC 2726/273x/2791/8710
Reference:
http://telecomtalk.info/wireless-broadband-3g-or-evdo-what-is-the-choice/34759/
http://www.rcom.co.in/Rcom/personal/internet/wireless_internet.html
EVDO - Evolution data optimized
In mobile broadband market we presently have only two technologies available – EVDO from CDMA operators (Tata Photon+, Reliance Netconnect Broadband+, MTS MBlaze, BSNL EVDO and Virgin vFlash) and 3G from GSM operators (BSNL and MTNL covering the nation).
Reliance Netconnect - CDMA 1x, speed up to 144kbps.
- Huawei EC 121
- ZTE MG 880
- LG LXU 800
Reliance Netconnect+ - CDMA EVDO
Relaince 3 (ZTE AC2739) - speed up to 3.1 Mbps data rate
Relaince Pro 3 (ZTE AC2791) - speed up to 14.7 Mbps data rate
- Huawei EC 168c/1260/1262/150/159
- ZTE AC 2726/273x/2791/8710
Reference:
http://telecomtalk.info/wireless-broadband-3g-or-evdo-what-is-the-choice/34759/
http://www.rcom.co.in/Rcom/personal/internet/wireless_internet.html
14 August 2015
Mutex and Semaphore
Thread is a light weight process which shares the memory.
- Multiple threads allows the programmer to run particular job independent of all the others. ex:- spell check in wordpad.
- Multiple threads can run on multiple CPUs, providing a performance improvement.
Multithreaded applications requires synchronization.
- mutex - Only the thread that locks a mutex can unlock it.
- semaphore - Binary semaphore is equal to mutex, which can be unlocked by other threads. ex:- with semaphore, a thread to wait for other threads.
The pieces of code protected by mutex and semaphore is called Critical Section.
Implementing Semaphores on ARM Processors
- Semaphores are used to manage access to a shared resource. Unfortunately, semaphore themselves are shared resources. Who will protect semaphore? ha ha ha...
- In single core system, easy way to avoid the issue is, preventing any other interrupts from being served while we access (read–modify–write) the semaphore.
Reference:
http://softpixel.com/~cwright/programming/threads/threads.c.php
http://koti.mbnet.fi/niclasw/MutexSemaphore.html
https://www.doulos.com/knowhow/arm/Hints_and_Tips/Implementing_Semaphores/
- Multiple threads allows the programmer to run particular job independent of all the others. ex:- spell check in wordpad.
- Multiple threads can run on multiple CPUs, providing a performance improvement.
Multithreaded applications requires synchronization.
- mutex - Only the thread that locks a mutex can unlock it.
- semaphore - Binary semaphore is equal to mutex, which can be unlocked by other threads. ex:- with semaphore, a thread to wait for other threads.
The pieces of code protected by mutex and semaphore is called Critical Section.
Implementing Semaphores on ARM Processors
- Semaphores are used to manage access to a shared resource. Unfortunately, semaphore themselves are shared resources. Who will protect semaphore? ha ha ha...
- In single core system, easy way to avoid the issue is, preventing any other interrupts from being served while we access (read–modify–write) the semaphore.
MRS r12, CPSR ; read CPSR ORR r12, r12, #I_bit ; set I bit MSR CPSR_c, r12 ; write back CPSR
CPSID i ; disable IRQ- In multi core system, we need a mechanism to prevent the other core from accessing the system bus, while one task in one core carries out the read–modify–write sequence. SWP disables interrupt and blocks system bus, causing critical performance bottleneck.
LOCKED EQU 0 ; define value indicating LDR r1, <addr> ; load semaphore address LDR r0, =LOCKED ; preload "locked" value spin_lock SWP r0, r0, [r1] ; swap register value with semaphore CMP r0, #LOCKED ; if semaphore was locked already BEQ spin_lock ; retry- A new, non-blocking method is Exclusive load (LDREX) (reads and tags the memory) and Exclusive store (STREX) (stores data to memory only if the tag is still valid). With this mechanism, bus masters won't be locked out from memory access altogether, but only if they access the same memory.
LOCKED EQU 0 ; define value indicating LDR r12, <addr> ; preload semaphore address LDR r1, =LOCKED ; preload "locked" value spin_lock LDREX r0, [r12] ; load semaphore value CMP r0, #LOCKED ; if semaphore was locked already STREXNE r0, r1, [r12] ; try to claim CMPNE r0, #1 ; and check success BEQ spin_lock ; retry if claiming semaphore failed.
Reference:
http://softpixel.com/~cwright/programming/threads/threads.c.php
http://koti.mbnet.fi/niclasw/MutexSemaphore.html
https://www.doulos.com/knowhow/arm/Hints_and_Tips/Implementing_Semaphores/
13 August 2015
PCIE
PCIE consists of 3 layers:
1. The Transaction Layer -
- Transaction Layer Packet (TLP)
2. The Data Link Layer -
a. This layer adds DLL header (2 bytes) and CRC at the end.
Called Data Link Layer Packets (DLLPs).
- With CRC TLP’s integrity is assured.
- An ack-retransmit mechanism makes sure no TLPs are lost. ie. reliability is assured.
c. A flow control mechanism makes sure a packet is sent and received.
d. Makes sure NO TLP delivery fails.
e. Packet reordering
3. The Physical Layer -
- Most TLPs are routed by ID, which is a combination of Bus number, Device number and Function number.
- Bus mastering allows peripheral to exchange TLPs with peer peripherals.
- TLP on the bus generates PCIE interrupt. ie. a Write Request, with a special address, which the host has written into the peripheral’s configuration space during initialization.
- Vendors of FPGA devices provide a Transaction Layer front-end IP core to use with application logic.
- PCIE switch allow more devices to connect to a single Root Port.
- pCIE bridge provides an interface to other buses.
- PCIE BUS ENUMERATION
a. OS addresses PCI devises through PCIE controller, using IDSEL (Initialization Device Select) signal.
b. Bus enumeration is performed by attempting to read the vendor register and device ID register for each combination of bus number and device number at the device's function #0.
Initialization Device Select signal (IDSEL)
c. When a read to a specified B/D/F combination for the vendor ID register succeeds, OS knows that it exists; it writes all ones to its BARs and reads back the device's requested memory size in an encoded form.
d. Now OS programs the memory-mapped and I/O port addresses into the device's BAR configuration register.
e. If a PCI-to-PCI bridge is found, enumeration continues on that secondary bus.
- PCIE BUS ARBITRATION
Arbitration signals (REQ# and GNT#) are used to obtain permission for transaction.
PCIE requests with REQ# and should wait for GNT# from an arbiter located on the motherboard.
Reference:
http://www.xillybus.com/tutorials/pci-express-tlp-pcie-primer-tutorial-guide-1
http://www.xillybus.com/tutorials/pci-express-tlp-pcie-primer-tutorial-guide-2
http://www.xillybus.com/tutorials/pci-express-dma-requests-completions
http://rts.lab.asu.edu/web_438/CSE438_598_slides_yhlee/438_5_PCI_Architecture.pdf
https://en.wikipedia.org/wiki/Conventional_PCI
09 August 2015
AMBA
Different AMBA buses are:
1. AMBA 1 Advanced System Bus (ASB) [1996]
2. AMBA 1 Advanced Peripheral Bus (APB) [1996]
3. AMBA 2 High-performance Bus (AHB) - widely used on ARM Cortex-M based designs
4. AMBA 3 AMBA Extensible Interface (AXI) [2003]
5. AMBA 4 AMBA Extensible Interface 4 (AXI4) [2010]
6. AMBA 4 AXI Coherency Extensions (ACE) [2011]
7. AMBA 5 Coherent Hub Interface (CHI) [2013]
Reference:
https://en.wikipedia.org/wiki/Advanced_Microcontroller_Bus_Architecture
https://www.doulos.com/knowhow/
1. AMBA 1 Advanced System Bus (ASB) [1996]
2. AMBA 1 Advanced Peripheral Bus (APB) [1996]
3. AMBA 2 High-performance Bus (AHB) - widely used on ARM Cortex-M based designs
4. AMBA 3 AMBA Extensible Interface (AXI) [2003]
5. AMBA 4 AMBA Extensible Interface 4 (AXI4) [2010]
6. AMBA 4 AXI Coherency Extensions (ACE) [2011]
7. AMBA 5 Coherent Hub Interface (CHI) [2013]
Reference:
https://en.wikipedia.org/wiki/Advanced_Microcontroller_Bus_Architecture
https://www.doulos.com/knowhow/
24 June 2015
802.11ac
ADDTS => add traffic stream
TS => traffic stream
TSPEC => traffic specification
TCLAS => traffic classification
APSD => Automatic power save delivery
EDCA Admission Control
Admission control is negotiated by the use of a TSPEC.
A station specifies its traffic flow requirements (data rate, delay bounds, packet size, and others) and requests the AP to create a TSPEC by sending the ADDTS (add TSPEC) management action frame.
If the TSPEC is accepted, the high priority access category inside the STA is permitted to use the high priority access parameters.
Controlled Channel Access
Unscheduled Automatic Power Save Delivery (U-APSD). This is an asynchronous approach to power conservation defined in 802.11, and serves as the basis of WMM Power Save, allowing the client to request queued traffic at any time rather than waiting for the next beacon frame.
Reference:
http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-3600-series/white_paper_c11-713103.html
http://www.eetimes.com/document.asp?doc_id=1271987
http://community.arubanetworks.com/aruba/attachments/aruba/tkb%40tkb/37/1/U-APSD%20explained%20and%20debugged_i62_R2.pdf
TS => traffic stream
TSPEC => traffic specification
TCLAS => traffic classification
APSD => Automatic power save delivery
EDCA Admission Control
Admission control is negotiated by the use of a TSPEC.
A station specifies its traffic flow requirements (data rate, delay bounds, packet size, and others) and requests the AP to create a TSPEC by sending the ADDTS (add TSPEC) management action frame.
If the TSPEC is accepted, the high priority access category inside the STA is permitted to use the high priority access parameters.
Controlled Channel Access
Unscheduled Automatic Power Save Delivery (U-APSD). This is an asynchronous approach to power conservation defined in 802.11, and serves as the basis of WMM Power Save, allowing the client to request queued traffic at any time rather than waiting for the next beacon frame.
Reference:
http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-3600-series/white_paper_c11-713103.html
http://www.eetimes.com/document.asp?doc_id=1271987
http://community.arubanetworks.com/aruba/attachments/aruba/tkb%40tkb/37/1/U-APSD%20explained%20and%20debugged_i62_R2.pdf
23 June 2015
Using PEAP for wireless authentication
PEAP creates an encrypted TLS tunnel between the client and the authentication server. The keys for this encryption are transported using the server's public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping.
Use a trusted certificate for authentication: The RADIUS server must be configured with a digital certificate that is signed by a trusted certificate authority (CA), using a private or a public CA.
Validate the server certificate on all clients: All PEAP clients must validate the server certificate for authentication. A Trusted Root CA, that issued the server certificate, must be installed in client.
Reference:
http://www.networkworld.com/columnists/2007/042307-wireless-security.html
http://revolutionwifi.blogspot.com/2010/09/peapv0-packet-flow-reference.html
http://www.keyboardlife.net/2010/06/8021x-port-based-authentication-wired.html
Use a trusted certificate for authentication: The RADIUS server must be configured with a digital certificate that is signed by a trusted certificate authority (CA), using a private or a public CA.
Validate the server certificate on all clients: All PEAP clients must validate the server certificate for authentication. A Trusted Root CA, that issued the server certificate, must be installed in client.
Reference:
http://www.networkworld.com/columnists/2007/042307-wireless-security.html
http://revolutionwifi.blogspot.com/2010/09/peapv0-packet-flow-reference.html
http://www.keyboardlife.net/2010/06/8021x-port-based-authentication-wired.html
22 June 2015
SA Query
use case of SA Query procedure
A client might lose its encryption keys due to a card reset or reboot and needs to (re-)associate itself. Since he lost all his keys, he sends an unprotected Association Request Frame. The AP still has a valid association from the client with keys in his client table, so the AP will first of all reject the Association and tell the client to try again in “X” seconds. After that, the AP tries to find out if this is an attack and the actual client can still answer protected frames.
The mechanism for that check is the Source Address (SA) Query phase, which starts with a protected SA Query Request from the AP to the client. If the client is unable to answer them until the comeback timeout “X” expires, the AP will send out a protected Disassociate and discards the keys for the no longer valid association of the client. As of now, a new (unprotected) Association Request from the client will be accepted.
Reference:
https://wlan1nde.wordpress.com/2014/10/21/protected-management-frames-802-11w
A client might lose its encryption keys due to a card reset or reboot and needs to (re-)associate itself. Since he lost all his keys, he sends an unprotected Association Request Frame. The AP still has a valid association from the client with keys in his client table, so the AP will first of all reject the Association and tell the client to try again in “X” seconds. After that, the AP tries to find out if this is an attack and the actual client can still answer protected frames.
The mechanism for that check is the Source Address (SA) Query phase, which starts with a protected SA Query Request from the AP to the client. If the client is unable to answer them until the comeback timeout “X” expires, the AP will send out a protected Disassociate and discards the keys for the no longer valid association of the client. As of now, a new (unprotected) Association Request from the client will be accepted.
Reference:
https://wlan1nde.wordpress.com/2014/10/21/protected-management-frames-802-11w
19 June 2015
802.11n Aggregation
MPDU -> MAC protocol data unit
MSDU -> MAC service data unit
Reference:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps11983/white_paper_c11-713103.html
MSDU -> MAC service data unit
Reference:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps11983/white_paper_c11-713103.html
Subscribe to:
Posts (Atom)