GSM procedures

Last updated

GSM procedures are sets of steps performed by the GSM network and devices on it in order for the network to function. GSM (Global System for Mobile Communications) is a set of standards for cell phone networks established by the European Telecommunications Standards Institute and first used in 1991. Its procedures refers to the steps a GSM network takes to communicate with cell phones and other mobile devices on the network. IMSI attach refers to the procedure used when a mobile device or mobile station joins a GSM network when it turns on and IMSI detach refers to the procedure used to leave or disconnect from a network when the device is turned off.

Contents

IMSI attach

In a GSM network, when a Mobile Station (MS) is switched ON, the International Mobile Subscriber Identity (IMSI) attach procedure is executed. This procedure is required for the Mobile Switching Center (MSC) and Visitor Location Register (VLR) to register the MS in the network. If the MS has changed Location area (LA) while it was powered off, then the IMSI attach procedure will lead to a Location update.

When the MS is switched on, it searches for a mobile network to connect to. Once the MS identifies its desired network, it sends a message to the network to indicate that it has entered into an idle state. The Visitor Location Register (VLR) checks its database to determine whether there is an existing record of the particular subscriber.
If no record is found, the VLR communicates with the subscriber's Home Location Register (HLR) and obtains a copy of the subscription information. The obtained information is stored in the database of the VLR. Then an acknowledge message is sent to the MS. Steps for IMSI attach procedure are as follows:

  1. The MS will send a Channel Request message to the BSS (base station subsystem) on the RACH (random access channel).
  2. The BSS responds on the AGCH (access grant channel) with an Immediate Assignment message and assigns an SDCCH to the MS.
  3. The MS immediately switches to the assigned SDCCH (stand-alone dedicated control channel) and sends a Location Update Request to the BSS. The MS will send either an IMSI or a TMSI (Temporary Mobile Subscriber Identity) to the BSS.
  4. The BSS will acknowledge the message. This acknowledgement only tells the MS that the BTS has received the message, it does not indicate the location update has been processed.
  5. The BSS forwards the Location Update Request to the MSC/VLR.
  6. The MSC/VLR forwards the IMSI to the HLR and requests verification of the IMSI as well as Authentication Triplets (RAND, Kc, SRES).
  7. The HLR will forward the IMSI to the Authentication Center (AuC) and request authentication triplets.
  8. The AuC generates the triplets and sends them along with the IMSI, back to the HLR.
  9. The HLR validates the IMSI by ensuring it is allowed on the network and is allowed subscriber services. It then forwards the IMSI and Triplets to the MSC/VLR.
  10. The MSC/VLR stores the SRES and the Kc and forwards the RAND to the BSS and orders the BSS to authenticate the MS.
  11. The BSS sends the MS an Authentication Request message. The only parameter sent in the message is the RAND.
  12. The MS uses the RAND to calculate the SRES and sends the SRES back to the BSS on the SDCCH in an Authentication Response. The BSS forwards the SRES up to the MSC/VLR.
  13. The MSC/VLR compares the SRES generated by the AuC with the SRES generated by the MS. If they match, then authentication is completed successfully.
  14. The MSC/VLR forwards the Kc for the MS to the BSS. The Kc is NOT sent across the Air Interface to the MS. The BSS stores the Kc and forwards the Set Cipher Mode command to the MS. The CIPH_MOD_CMD only tells the MS which encryption to use (A5/X), no other information is included.
  15. The MS immediately switches to cipher mode using the A5 encryption algorithm. All transmissions are now enciphered. It sends a Ciphering Mode Complete message to the BSS.
  16. The MSC/VLR sends a Location Updating Accept message to the BSS. It also generates a new TMSI for the MS. TMSI assignment is a function of the VLR. The BSS will either send the TMSI in the LOC_UPD_ACC message or it will send a separate TMSI Reallocation Command message. In both cases, since the Air Interface is now in cipher mode, the TMSI is not compromised.
  17. The MS sends a TMSI Reallocation Complete message up to the MSC/VLR.
  18. The BSS instructs the MS to go into idle mode by sending it a Channel Release message. The BSS then unassigns the SDCCH.
  19. The MSC/VLR sends an Update Location message to the HLR. The HLR records which MSC/VLR the MS is currently in, so it knows which MSC to point to when it is queried for the location of the MS.

IMSI detach

IMSI detach is the process of detaching a MS from the mobile network to which it was connected. The IMSI detach procedure informs the network that the Mobile Station is switched off or is unreachable.

At power-down the MS requests a signaling channel. Once assigned, the MS sends an IMSI detach message to the VLR. When the VLR receives the IMSI detach-message, the corresponding IMSI is marked as detached by setting the IMSI detach flag. The HLR is not informed of this and the VLR does not acknowledge the MS about the IMSI detach.
If the radio link quality is poor when IMSI detach occurs, the VLR may not properly receive the IMSI-detach request. Since an acknowledgment message is not sent to the MS, it does not make further attempts to send IMSI detach messages. Therefore, the GSM network considers the MS to be still attached.

Implicit IMSI detach

The GSM air-interface, designated Um, transmits network-specific information on specific broadcast channels. This information includes whether the periodic location update is enabled. If enabled, then the MS must send location update requests at time intervals specified by the network. If the MS is switched off, having not properly completed the IMSI detach procedure, the network will consider the MS as switched off or unreachable if no location update is made. In this situation the VLR performs an implicit IMSI detach.

Location update

This procedure is used to update the location of the Mobile Station in the network and is described in more detail here.

Cancel location

When a mobile station registers in a new VLR, the subscriber's data is deleted from the previous VLR in a cancel location procedure. The HLR initiates the procedure when it receives an 'update location' message from a VLR other than the one in which the MS was located at the time when its location information was last updated in the HLR database. The cancel location procedure can also be initiated with MML commands, with those, for example, that are used for changing the area, or deleting the MS from the HLR.

Related Research Articles

GSM Cellular telephone network standard

The Global System for Mobile Communications (GSM) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets. It was first deployed in Finland in December 1991. By the mid-2010s, it became a global standard for mobile communications achieving over 90% market share, and operating in over 193 countries and territories.

The international mobile subscriber identity (IMSI) is a number that uniquely identifies every user of a cellular network. It is stored as a 64-bit field and is sent by the mobile device to the network. It is also used for acquiring other details of the mobile in the home location register (HLR) or as locally copied in the visitor location register. To prevent eavesdroppers from identifying and tracking the subscriber on the radio interface, the IMSI is sent as rarely as possible and a randomly-generated TMSI is sent instead.

SIM card Integrated circuit card for a mobile device

A SIM card, is an integrated circuit intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices. It is also possible to store contact information on many SIM cards. SIM cards are always used on GSM phones; for CDMA phones, they are needed only for LTE-capable handsets. SIM cards can also be used in satellite phones, smart watches, computers, or cameras.

Roaming Wireless telecommunication term

Roaming is a wireless telecommunication term typically used with mobile devices, such as mobile phones. It refers to a mobile phone being used outside the range of its native network and connecting to another available cell network.

The GPRS core network is the central part of the general packet radio service (GPRS) which allows 2G, 3G and WCDMA mobile networks to transmit IP packets to external networks such as the Internet. The GPRS system is an integrated part of the GSM network switching subsystem.

Mobility management is one of the major functions of a GSM or a UMTS network that allows mobile phones to work. The aim of mobility management is to track where the subscribers are, allowing calls, SMS and other mobile phone services to be delivered to them.

Network switching subsystem (NSS) is the component of a GSM system that carries out call out and mobility management functions for mobile phones roaming on the network of base stations. It is owned and deployed by mobile phone operators and allows mobile devices to communicate with each other and telephones in the wider public switched telephone network (PSTN). The architecture contains specific features and functions which are needed because the phones are not fixed in one location.

GSM services are a standard collection of applications and features available over the Global System for Mobile Communications (GSM) to mobile phone subscribers all over the world. The GSM standards are defined by the 3GPP collaboration and implemented in hardware and software by equipment manufacturers and mobile phone operators. The common standard makes it possible to use the same phones with different companies' services, or even roam into different countries. GSM is the world's most dominant mobile phone standard.

Signalling Connection Control Part (SCCP) subsystem numbers are used to identify applications within network entities which use SCCP signalling.

The Mobile Application Part (MAP) is an SS7 protocol that provides an application layer for the various nodes in GSM and UMTS mobile core networks and GPRS core networks to communicate with each other in order to provide services to users. The Mobile Application Part is the application-layer protocol used to access the Home Location Register, Visitor Location Register, Mobile Switching Center, Equipment Identity Register, Authentication Centre, Short message service center and Serving GPRS Support Node (SGSN).

IS-41, also known as ANSI-41, is a mobile, cellular telecommunications system standard to support mobility management by enabling the networking of switches. ANSI-41 is the standard now approved for use as the network-side companion to the wireless-side AMPS (analog), IS-136, cdmaOne, and CDMA2000 networks. It competes with GSM MAP, but the two will eventually merge to support worldwide roaming.

The Short Message Service is realised by the use of the Mobile Application Part (MAP) of the SS7 protocol, with Short Message protocol elements being transported across the network as fields within the MAP messages. These MAP messages may be transported using "traditional" TDM based signalling, or over IP using SIGTRAN and an appropriate adaptation layer.

CAVE-based Authentication is an access authentication protocol used in CDMA/1xRTT computer network systems.

Super-Charged network or Super-Charger network, is a telecommunications term that refers to a particular standardized implementation of a 3GPP 3G telecommunications network. 3GPP has standardized Super-Charger networks in TS 23.116, the Super-Charger technical realization, and defines a Super-Charged network as a "UMTS network in which the Super-Charger mechanism is being used to optimise mobility management signalling."

The Um interface is the air interface for the GSM mobile telephone standard. It is the interface between the mobile station (MS) and the Base transceiver station (BTS). It is called Um because it is the mobile analog to the U interface of ISDN. Um is defined in the GSM 04.xx and 05.xx series of specifications. Um can also support GPRS packet-oriented communication.

Control channel Central channel that controls other constituent radios

In radio communication, a control channel is a central channel that controls other constituent radios by handling data streams. It is most often used in the context of a trunked radio system, where the control channel sends various data which coordinates users in talkgroups.

Insert Subscriber Data is a Subscriber Data Handling procedure in LTE services. This procedure is used to manage the subscription data of subscriber in MME and SGSN over S6a/S6d interface. IDR is invoked by Home Subscriber Server for subscription data handling. IDR is MAP subscriber management service utilized in GSM/UMTS networks, standardized by 3GPP, and defined in the MAP specification, TS 29.002. This service is used to provide specific subscriber data in the following environments: by an HLR to update a VLR, by an HLR to update a SGSN, and by an HSS to update a MME via IWF in an EPS. This service is primarily used by the home subscriber management entity to update the serving subscriber management entity when there is either a change in a subscriber parameter, or upon a location updating of the subscriber.

The Mobile Telephone Switching Office (MTSO) is the mobile equivalent of a PSTN Central Office. The MTSO contains the switching equipment or Mobile Switching Center (MSC) for routing mobile phone calls. It also contains the equipment for controlling the cell sites that are connected to the MSC.

GSM radio frequency optimization is the optimization of GSM radio frequencies. GSM network consist of different cells and each cell transmit signals to and receive signals from the mobile station, for proper working of base station many parameters are defined before functioning the base station such as the coverage area of a cell depends on different factors including the transmitting power of the base station, obstructing buildings in cells, height of the base station and location of base station. Radio Frequency Optimization is a process through which different soft and hard parameters of the Base transceiver stations are changed in order to improve the coverage area and improve quality of signal. Besides that there are various key performance indicators which have to be constantly monitored and necessary changes proposed in order to keep KPIs in agreed limits with the mobile operator.

References

Moe Rahnema (April 1993). "Overview of the GSM system and protocol architecture" (PDF). IEEE Communications Magazine. Archived from the original (PDF) on 2011-07-20. Retrieved 2010-04-14.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.