Osmocom

Last updated
Osmocom
Original author(s) Harald Welte
Developer(s) Osmocom open source community
Repository git.osmocom.org
Written in C, C++
Type Telecommunication software
License Affero GPLv3 for all cellular software, GPLv2+ for some remaining software (libosmocore, OsmoPCU, OsmoSTP, OsmoGGSN) [1]
Website osmocom.org

Osmocom (open source mobile communications) is an open-source software project that implements multiple mobile communication standards, including GSM, DECT, TETRA and others. [2]

Contents

History and usage

Siemens BS11 BTS BS11 BTS.JPG
Siemens BS11 BTS

In 2008 Harald Welte and Dieter Spaar experimented with a base transceiver station from Siemens that was end-of-life and implemented the BSC side of the A-bis protocol, which eventually turned into OpenBSC. After attracting more interest, support for other BTS models was added. [3] The first release of the OpenBSC project took place at the 25th Chaos Communication Congress held in December 2008. [4]

In the following years, the software has been used at various hacker cons such as the Chaos Communication Congress, Chaos Communication Camp and Electromagnetic Field to provide a cellular network. [5] [6] [7]

In 2010, a telephone-side implementation of the GSM stack was developed, named OsmocomBB. Together with OpenBSC, these projects became part of the new Osmocom umbrella project. [3]

The Sysmocom GmbH company was founded by Welte and Holger Freyther [8] in 2011 to provide commercial support. [9] [10]

Since 2018 Osmocom software and Sysmocom hardware has been used in Villa Talea de Castro in Mexico to provide a cellular network to around 3500 people. [11] [12]

Osmocom software has been used in research projects. [13] [14]

Projects

OpenBSC

OpenBSC was a project to develop a free software implementation of GSM protocol stack and elements. It runs on Linux and requires an E1 interface (ISDN Primary Rate Interface, via mISDN). It is written in C and licensed using the GPL (≥v2) license.

The first version implemented the GSM specification 21.12 and 08.5x, and worked for a specific Base Transceiver Station (Siemens BS11 MicroBTS).

OpenBSC implemented several MSC components, including the A-bis protocol (the protocol between the BTS and the BSC), AUC, HLR, VLR (both using SQL tables), and a SMS Switching Center. OpenBSC can be accessed using telnet.

OpenBSC supported the following BTS devices:

OpenBSC is now considered legacy and the features have been split into different projects: OsmoBSC, OsmoMSC and OsmoHLR. [15]

SDR

rtl-sdr [16] was discovered by Steve Markgraf, who also created osmo-fl2k for radio transmissions. These projects deprecated the use of OsmoSDR. [17]

OsmoTETRA

The OsmoTETRA project implements the TETRA protocol. [18] [19] [20] Osmo-tetra implements the lower layer of the protocol. [21] Some conducted research revealed that some government traffic is not properly secured. [20]

OsmocomBB

OsmocomBB is a free firmware for the baseband processor of mobile phones which handles the encoding and radio communication of both voice and data. OsmocomBB is the only existing free implementation of baseband firmware, excluding failed projects like TSM30 from THC and MadOS. [22]

Motorola C123 with Calypso chipset running the OsmocomBB RSSI application in Spectrum view mode Motorola C123 OsmocomBB.jpg
Motorola C123 with Calypso chipset running the OsmocomBB RSSI application in Spectrum view mode

OsmocomBB implements the GSM protocol stack's three lowest OSI Layers of the client side GSM protocol and device drivers. The protocol layers forming the kernel exists on the baseband processor, typically consisting of an ARM processor and a digital signal processor.

Motorola C139, a model compatible with OsmocomBB Motorola C139 LCD screen glare.jpg
Motorola C139, a model compatible with OsmocomBB

It has support for the Calypso chipset produced by Texas Instruments. [23]

Karsten Nohl has extented OsmocomBB to be able to detect IMSI catchers. [24]

See also

Related Research Articles

<span class="mw-page-title-main">GSM</span> Cellular telephone network standard

The Global System for Mobile Communications (GSM) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets. GSM is also a trade mark owned by the GSM Association. GSM may also refer to the Full Rate voice codec.

<span class="mw-page-title-main">Software-defined radio</span> Radio communication system implemented in software

Software-defined radio (SDR) is a radio communication system where components that conventionally have been implemented in analog hardware are instead implemented by means of software on a personal computer or embedded system. While the concept of SDR is not new, the rapidly evolving capabilities of digital electronics render practical many processes which were once only theoretically possible.

<span class="mw-page-title-main">Base station subsystem</span> Section of cellular telephone network

The base station subsystem (BSS) is the section of a traditional cellular telephone network which is responsible for handling traffic and signaling between a mobile phone and the network switching subsystem. The BSS carries out transcoding of speech channels, allocation of radio channels to mobile phones, paging, transmission and reception over the air interface and many other tasks related to the radio network.

A base transceiver station (BTS) is a piece of equipment that facilitates wireless communication between user equipment (UE) and a network. UEs are devices like mobile phones (handsets), WLL phones, computers with wireless Internet connectivity, or antennas mounted on buildings or telecommunication towers. The network can be that of any of the wireless communication technologies like GSM, CDMA, wireless local loop, Wi-Fi, WiMAX or other wide area network (WAN) technology.

<span class="mw-page-title-main">Project 25</span> Set of Telecommunications Standards

Project 25 is a suite of standards for interoperable digital two-way radio products. P25 was developed by public safety professionals in North America and has gained acceptance for public safety, security, public service, and commercial applications worldwide. P25 radios are a direct replacement for analog UHF radios, but add the ability to transfer data as well as voice, allowing for more natural implementations of encryption and text messaging. P25 radios are commonly implemented by dispatch organizations, such as police, fire, ambulance and emergency rescue service, using vehicle-mounted radios combined with repeaters and handheld walkie-talkie use.

End-to-end encryption (E2EE) is a private communication system in which only communicating users can participate. As such, no one, including the communication system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to converse.

An international mobile subscriber identity-catcher, or IMSI-catcher, is a telephone eavesdropping device used for intercepting mobile phone traffic and tracking location data of mobile phone users. Essentially a "fake" mobile tower acting between the target mobile phone and the service provider's real towers, it is considered a man-in-the-middle (MITM) attack. The 3G wireless standard offers some risk mitigation due to mutual authentication required from both the handset and the network. However, sophisticated attacks may be able to downgrade 3G and LTE to non-LTE network services which do not require mutual authentication.

<span class="mw-page-title-main">C-DAC Thiruvananthapuram</span> Indian computing development centre

The Centre for Development of Advanced Computing, Thiruvananthapuram (C-DAC[T]) is a branch of the Indian Centre for Development of Advanced Computing based in Thiruvananthapuram.

<span class="mw-page-title-main">OpenBTS</span> Software-based GSM access point

OpenBTS is a software-based GSM access point, allowing standard GSM-compatible mobile phones to be used as SIP endpoints in Voice over IP (VoIP) networks. OpenBTS is open-source software developed and maintained by Range Networks. The public release of OpenBTS is notable for being the first free-software implementation of the lower three layers of the industry-standard GSM protocol stack. It is written in C++ and released as free software under the terms of version 3 of the GNU Affero General Public License.

<span class="mw-page-title-main">Etherstack</span>

Etherstack wireless telecommunication communications solutions for defence, emergency services and national security.

C-RAN (Cloud-RAN), also referred to as Centralized-RAN, is an architecture for cellular networks. C-RAN is a centralized, cloud computing-based architecture for radio access networks that supports 2G, 3G, 4G and future wireless communication standards. Its name comes from the four 'C's in the main characteristics of C-RAN system, "Clean, Centralized processing, Collaborative radio, and a real-time Cloud Radio Access Network".

<span class="mw-page-title-main">Baseband processor</span> In smartphones and other radio network interface devices

A baseband processor is a device in a network interface controller that manages all the radio functions ; however, this term is generally not used in reference to Wi-Fi and Bluetooth radios. A baseband processor typically uses its own RAM and firmware. Baseband processors are typically fabricated using CMOS or RF CMOS technology, and are widely used in radio-frequency (RF) and wireless communications.

Software-defined mobile networking (SDMN) is an approach to the design of mobile networks where all protocol-specific features are implemented in software, maximizing the use of generic and commodity hardware and software in both the core network and radio access network (RAN).

<span class="mw-page-title-main">Karsten Nohl</span> German cryptography expert and hacker (born 1981)

Karsten Nohl is a German cryptography expert and hacker. His areas of research include Global System for Mobile Communications (GSM) security, radio-frequency identification (RFID) security, and privacy protection.

RF CMOS is a metal–oxide–semiconductor (MOS) integrated circuit (IC) technology that integrates radio-frequency (RF), analog and digital electronics on a mixed-signal CMOS RF circuit chip. It is widely used in modern wireless telecommunications, such as cellular networks, Bluetooth, Wi-Fi, GPS receivers, broadcasting, vehicular communication systems, and the radio transceivers in all modern mobile phones and wireless networking devices. RF CMOS technology was pioneered by Pakistani engineer Asad Ali Abidi at UCLA during the late 1980s to early 1990s, and helped bring about the wireless revolution with the introduction of digital signal processing in wireless communications. The development and design of RF CMOS devices was enabled by van der Ziel's FET RF noise model, which was published in the early 1960s and remained largely forgotten until the 1990s.

The Qualcomm MSM Interface is a proprietary interface for interacting with Qualcomm baseband processors and is a replacement for the legacy cellular extensions of the Hayes command set. With mobile chipsets, communication between the application processor and the baseband processor happens through shared memory. On PCs with data cards, QMI is exposed through USB.

<span class="mw-page-title-main">M17 (amateur radio)</span> Open source amateur radio mode

M17 is a digital radio modulation mode developed by Wojciech Kaczmarski et al. M17 is primarily designed for voice communications on the VHF amateur radio bands, and above. The project received a grant from the Amateur Radio Digital Communications in 2021 and 2022. The protocol has been integrated into several hardware and software projects. In 2021, Kaczmarski received the ARRL Technical Innovation Award for developing an open-source digital radio communication protocol, leading to further advancements in amateur radio.

References

  1. "Software Licensing". Osmocom.org. Retrieved 27 May 2020.
  2. "Open Source Mobile Communications". osmocom.org. Retrieved 2020-05-25.
  3. 1 2 OsmoBSC User Manual (PDF).
  4. "25C3: Running your own GSM network". fahrplan.events.ccc.de. 2009-01-10. Retrieved 2020-05-27.
  5. By (2018-08-30). "GSM Phone Network At EMF Camp Built On Raspberry Pi And LimeSDR". Hackaday. Retrieved 2020-05-25.
  6. By (2019-08-30). "CCCamp: 5,000 Hackers Out Standing In Their Field". Hackaday. Retrieved 2020-05-25.
  7. "33C3: Hackerkongress endet mit Humba-Täterä im explodierenden Bällebad". heise online (in German). Retrieved 2020-05-25.
  8. "SysmoBTS: Harald Weltes Sysmocom verkauft freie GSM-Basisstation - Golem.de". www.golem.de (in German). Retrieved 2020-06-29.
  9. sysmocom (2016-02-28). "About sysmocom background and company culture". sysmocom.de. Retrieved 2020-05-25.
  10. "Sysmocom - Cellular Network Infrastructure - Open Source Mobile Communications". osmocom.org. Retrieved 2020-05-27.
  11. Herrmann, Boris. "Am Rande des Funklochs". Süddeutsche.de (in German). Retrieved 2020-05-27.
  12. "In defense of the right to communication (DeutscheWelle original video)". Vimeo. Retrieved 2020-05-27.
  13. Bosma, Jeffrey; Soeurt, Joris. "Eavesdropping on and decrypting of GSMcommunication using readily available low-costhardware and free open-source software in practice" (PDF). University of Amsterdam. Archived from the original (PDF) on 2018-10-21. Retrieved 2020-05-27.
  14. "ProjectRationale - OsmocomBB - Open Source Mobile Communications".
  15. "Overview - OpenBSC - Open Source Mobile Communications". osmocom.org. Retrieved 2020-05-27.
  16. By (2019-07-31). "RTL-SDR: Seven Years Later". Hackaday. Retrieved 2020-05-25.
  17. Markgraf, Steve (2019-07-31). "RTL-SDR: Seven Years Later". Hackaday. Retrieved 2020-05-27.
  18. "TETRA-Digitalfunk für jedermann". Heise Online (in German). Retrieved 2020-05-26.
  19. "Digitaler Behördenfunk: Hacker arbeiten an freier TETRA-Implementierung - Golem.de". www.golem.de (in German). Retrieved 2020-05-26.
  20. 1 2 "OsmocomTETRA - OsmocomTETRA - Open Source Mobile Communications". osmocom.org. Retrieved 2020-05-26.
  21. "Osmo-tetra - OsmocomTETRA - Open Source Mobile Communications". osmocom.org. Retrieved 2020-05-26.
  22. Pönsgen, François (2015). GSM and GPRS Security Using OsmocomBB (PDF) (M.Sc.). Norwegian University of Science and Technology. p. 5. Retrieved 2017-05-04.
  23. Cooper, T. A. (2012). Integration of Open-Source GSM Networks (Doctoral dissertation, Virginia Tech).
  24. "GSM-Hacking: Osmocom-Patch entdeckt stille SMS und Abhöraktionen - Golem.de". www.golem.de (in German). Retrieved 2020-06-29.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.