Académique Documents
Professionnel Documents
Culture Documents
by
Eduard Kuusmik
Masters Thesis
EX057/2004
September 2004
ACKNOWLEDGEMENTS
I deeply acknowledge Alfred Ots foundation for the scholarship, which gave me
an opportunity to study in Masters program at Chalmers University of
Technology. I am grateful to Mr. Tommi Lehtonen, CTO of Elcoteq Design
Center, for providing with an opportunity to do this thesis work. I also want to
thank Prof. Arne Svensson for being my examiner.
2
ABSTRACT
3
TABLE OF CONTENTS
ACKNOWLEDGEMENTS ...........................................................................................................2
ABSTRACT .................................................................................................................................3
GLOSSARY OF ACRONYMS.....................................................................................................6
1 INTRODUCTION ................................................................................................................8
1.1 Structure of the thesis ...............................................................................................9
4
5.3 Software development ............................................................................................37
5.4 Design verification...................................................................................................37
7 CONCLUSIONS ...............................................................................................................72
REFERENCES ..........................................................................................................................73
APPENDIX A.............................................................................................................................76
5
GLOSSARY OF ACRONYMS
6
LNA Low Noise Amplifier
MAC Media Access Control
OFDM Orthogonal Frequency Division Multiplexing
OS Operating System
OSI Open System Interconnection
PA Power Amplifier
PC Personal Computer
PCB Printed Circuit Board
PCF Point Coordination Function
PCS Personal Communication Services
PDA Personal Digital Assistant
QoS Quality of Service
RAM Random Access Memory
ROM Read Only Memory
RTS Ready-to-Send
SAW Surface Acoustic Waves
SDR Software Defined Radio
SNR Signal-to-Noise Ratio
SPI Serial Peripheral Interface
SW Software
TCP Transport Control Protocol
TKIP Temporal Key Integrity Protocol
UDP User Datagram Protocol
Unlicensed National Information Infrastructure, refers to 5 GHz
UNII
unlicensed frequency band
USB Universal Serial Bus
UWB Ultra Wide Band
VPN Virtual Private Network
VSWR Voltage Standing Wave Ratio
WCDMA Wideband CDMA
WEP Wired Equivalent Privacy
WLAN Wireless Local Area Network
WMAN Wireless Metropolitan Area Network
WPAN Wireless Personal Area Network
WWAN Wireless Wide Area Network
7
1 INTRODUCTION
The market of WLAN equipment based on the IEEE 802.11 standards has
grown enormously in recent years. Cost benefits, high data rates,
standardization, interoperability and strong worldwide support by industry are
resulting in broad deployment of this technology across enterprises, homes,
and service providers. Current 802.11 applications include laptop and desktop
computers, personal digital assistances (PDAs), consumer electronics, and
devices interconnecting WLAN and wired networks (access points, routers,
gateways). Mobile phones are seen by many market analysts as one of the
largest potential markets for 802.11 WLAN. For example, TechKnowledge
Strategies [1] forecasted 25 millions of mobile phones with WLAN capability in
2007, corresponding to about 17% market share of the total WLAN equipment
market in 2007.
In order to be better prepared for this emerging market, Elcoteq Design Center,
a subcontracting company offering wireless terminals design and development
services, has initiated a technical prestudy on integrating 802.11 WLAN into a
mobile phone. This prestudy was performed by the author and represented by
this thesis. The Raptor mobile phone, designed by Elcoteq Design Center, was
selected as a reference platform for this project. The Raptor phone is a triple
band GSM/DCS/PCS smartphone platform with GPRS, IrDA, GPS, and
Bluetooth capabilities and Symbian 7.0 operating system.
8
1.1 Structure of the thesis
Chapter 3 discusses the need and possible usage scenarios for 802.11 in a
mobile phone.
Chapter 4 describes the system architecture for 802.11 integrated into the
Raptor phone.
9
2 IEEE 802.11 STANDARDS OVERVIEW
IEEE 802.11 [2] is a standard for WLANs designed to provide high-speed data
communication between portable devices. It is intended to allow flexible
wireless networks to be created within local area without the need for the wired
infrastructure and it can be used as an extension of a wired LANs. As any IEEE
802.x standard, for instance 802.3 (Ethernet) and 802.5 (Token Ring) standards
for wired LANs, the 802.11 standard defines both the physical layer and the
Medium Access Control (MAC) layer. As shown in Figure 1, the 802.11
standard together with the IEEE 802.2 standard [3] defines two lowest layers of
the well-known seven-layer ISO Open System Interconnection (OSI) networking
model the physical layer and the data link layer. The IEEE 802.2 standard
defines the Logical Link Control (LLC) layer, which is common for the 802.x
family of standards.
The IEEE 802.11 standard was adopted in 1997. Since then, several
extensions to the standard have been developed, and more are emerging. The
complete family of the current and emerging 802.11 standards is listed in Table
1. This section provides an overview of the original 802.11 standard and its
extensions.
Application
Presentation
Upper
Session Layer
Protocols
Transport
Scope of
802.2
Network LLC
Medium Medium
Figure 1. IEEE 802.11 standard and OSI reference model. Adapted from [3]
10
Standard Description Status
802.11 Original standard Completed
802.11a Physical layer, 54 Mbps, 5 GHz Completed
802.11b Physical layer, 11 Mbps, 2.4 GHz Completed
802.11c Access Point bridging Completed
802.11d Regulatory extensions Completed
802.11e Quality of Service Estimated completion in 2004
802.11f Inter Access Point roaming Completed
802.11g Physical layer, 54 Mbps, 2.4 GHz Completed
Transmit power control, Dynamic
802.11h Completed
frequency selection
802.11i Enhanced security Completed
802.11j Japanese regulatory extensions Estimated completion in 2004
802.11k Radio resource measurement Ongoing
802.11m Maintenance Ongoing
Physical layer, high throughput study Estimated completion in 2006-
802.11n
group 100+ Mbps 2007
Table 1. Summary of IEEE 802.11 standards
The station is the most basic element of the 802.11 WLANs. A station is any
device that contains the functionality of the 802.11 protocol. The basic service
set (BSS) is the basic building block of 802.11 WLAN and consists of two or
more stations. Figure 2 illustrates the concept of the BSS when applied to two
types of networks defined in the IEEE 802.11 standard: independent and
infrastructure. The ovals used to depict a BSS illustrate the coverage area
within which the member stations of the BSS may remain in communication.
The Independent BSS, often referred as an ad-hoc, is stand-alone self-
configuring network, providing direct communication between stations. The
Infrastructure BSS uses fixed location access points (AP) to provide
connectivity to stations.
11
Other ESS
networks, e.g. BSS #1
Internet
Distribution system
BSS #2
BSS #3
In order to extend the operational range of a BSS, the 802.11 standard defines
an Extended Service Set (ESS), as illustrated in Figure 3. An ESS consists of
multiple BSS interconnected by distribution system, wired or wireless backbone
network. The 802.11 standard does not define the distribution system itself but
the distribution services only. ESS can be interconnected with other wired or
wireless networks, allowing stations within this ESS access to other networks
resources. Each BSS and ESS has its unique identification called BSSID and
ESSID respectively, which are required to implement addressing.
To join an Infrastructure BSS, a station must select an AP and associate with it.
The association service creates a mapping between the station and the AP that
can be provided to the distribution system. The station can then send and
receive messages via the associated AP. The dissociation service terminates
an existing connection. The reassociation service allows a station with an
established association with one certain AP to move its association to another
AP. A station uses the distribution service every time it sends MAC frames
across the distribution system. The integration service connects the 802.11
WLAN to other LANs, including one or more wired LANs or 802.11 WLANs. A
portal performs the integration service. The portal is an abstract architectural
concept that translates 802.11 frames to frames that may traverse another
network, and vice versa. The authentication service can be used by station to
12
establish the identity of the other station. Also the privacy service is available,
preventing the contents of messages from being read by anyone other than the
intended recipient stations.
The 802.11 physical layer defines three basic transmission techniques: Direct
Sequence Spread Spectrum (DSSS), Frequency Hopping Spread Spectrum
(FHSS), and Diffuse Infrared. FHSS and Diffuse Infrared have received little
attention and were not used in extensions of 802.11 standard, hence will be
neglected in this thesis.
The DSSS 802.11 system is aimed for globally available unlicensed 2.4 GHz
band, known also as the band designated for the ISM (Industrial, Scientist and
Medical) applications. By supporting different power levels allowed by different
countries regulations, it became possible to develop a wireless LAN standard
that could be used on a global basis, which was the most important reason for
choosing this band.
Two physical layer data rates are defined: 2 Mbps and 1 Mbps. The data is
modulated using DQPSK and DBPSK for the 2 Mbps and 1 Mbps data rates
respectively. The 802.11 system changes data rates to match the radio channel
conditions. As a station moves further away from another station or if
interference source is present, the highest data rate may not provide reliable
transmission of data. To coupe with that, the 802.11 system decreases the data
rate, since lower rates are more tolerant to the noise and thus more reliable
than higher data rates. The 802.11 standard does not define the criteria to use
to decide which data rate to use. The standard only requires that all compliant
products must support all specified data rates for compatibility purpose.
To create a DSSS signal, the data symbol is multiplied with the spreading
sequence. The following 11-chip Barker code has been chosen as the
spreading sequence due to good autocorrelation properties and relatively short
length: +1, 1, +1, +1, 1, +1, +1, +1, 1, 1, 1. After spreading operation, the
bandwidth of the transmitted signal is increased by a factor of 11. This provides
a spreading gain of 10*log10(11)=10.4 dB against narrowband interference
signals and makes a DSSS signal appear as background noise to a
narrowband receiver. On the receiver side, the received data is correlated with
the spreading sequence to obtain the originally sent data. As every user in the
network uses the same spreading sequence, no multiple access (as opposite to
more complex CDMA technique) or security is provided in the 802.11 DSSS
system by means of the data spreading.
13
The bandwidth of the transmitted signal is always about 22 MHz regardless of
the data rate. Therefore, the 2.4 GHz ISM band with bandwidth of 83.5 MHz
can accommodate up to three non-overlapping channels as shown in Figure 4.
The 802.11 standard defines totally fourteen partly overlapping channels in the
2.4 GHz ISM band.
Figure 5 shows the format of the DSSS physical layer frame. It starts with 128
synchronization bits that the receiver uses to detect the presence of the signal.
The 16-bit start delimiter is used for bit synchronization. The signal field
indicates the modulation that is to be used for transmission and reception of
payload data, 1 Mbps DBPSK or 2 Mbps DQPSK. The 8-bit service field is
reserved for future use. The 16-bit length field indicates the number of bytes in
the payload data. The CRC field, short for Cyclic Redundancy Check, is used
for error detection.
Figure 4. Three 802.11 non-overlapping channels in the 2.4 GHz ISM band
Figure 5. 802.11 DSSS physical layer frame format. Adapted from [2]
14
2.3 Physical layer extensions
2.3.1 802.11b
Ratified in 1999, the 802.11b standard [4] adds 5.5 Mbps and 11 Mbps data
rates to the original 1 Mbps and 2 Mbps 802.11 modes. Currently, 802.11b is
the most popular 802.11 technology.
The higher data rates are achieved by using complementary code keying (CCK)
DSSS technology. The CCK technology codes more data bits per 11 spread
bits, 4 bits and 8 bits for 5.5 Mbps and 11 Mbps respectively, than 1 or 2 bits in
the plain 802.11 standard while keeping the same bandwidth of the transmitted
signal. It does this by first using 8 bit spreading sequence instead of the original
11-bit sequence. However, this 8-bit sequence still runs at a rate of 11 Mbps,
which result in the same spreading factor of 11. Thus, the clock rate for data is
increased from 1 Mbps to 1.375 Mbps (8*1.375=11). The CCK encoding does
not use a static spreading sequence; six of the 8 bits are used to choose 1 of
64 complementary spreading codes. Different spreading codes are chosen
based on the incoming data. The same DQPSK is used to modulate spreaded
data.
Figure 6 shows the format of the physical layer frame. The frame header still
runs at 1 Mbps while payload data can run at four different rates depending on
the channel conditions.
2.3.2 802.11a
The 802.11a standard [4], introduced at the same time as 802.11b, is intended
for the 5 GHz license-free UNII band and provides data rates up to 54 Mbps.
The 5 GHz band has an advantage of large bandwidth allocated for the
unlicensed operations. There are 455 MHz available (5.15 5.35 MHz and
5.470 5.725 MHz) for use by WLAN systems in Europe. This allows 19 non-
overlapping channels in the 5 GHz band versus 3 non-overlapping channels in
the 2.4 GHz band.
15
The 802.11a is based on Orthogonal Frequency Division Multiplexing (OFDM)
modulation, which allows to achieve higher data rates within about the same
channel bandwidth as 802.11b. OFDM is a multicarrier transmission technique.
The OFDM signal consists of multiple subcarriers, each one being modulated
by a low rate data stream. Low rate data streams are formed by demultiplexing
one high data rate stream. Subcarriers are kept orthogonal, so data symbols
modulated on these subcarriers can be recovered without mutual interference.
Since the symbol rate on each subcarrier is slower than the original data rate,
the OFDM technique is particularly efficient in time dispersive environments.
2.3.3 802.11g
Adopted in 2003, the 802.11g [6] extension enables 54 Mbps data rates, the
same data rate as provided by the 802.11a standard, but now in the 2.4 GHz
band. This is achieved by using the same data rates and modulation formats as
used in the 802.11a standard. Additionally, the 802.11g standard is backward
compatible with the 802.11b standard, i.e. the 802.11b modulation formats and
data rates are supported.
16
2.3.4 802.11n
Frame formatting
Power management
Security
2.4.1 Beaconing
A beacon frame is sent periodically to synchronize the stations in the BSS and
to inform the stations of impending data. In an independent BSS, the
synchronization mechanism is distributed among the stations in the BSS. In an
infrastructure BSS, the AP is responsible for transmitting the bacon frames
regularly.
About thirty types of frames are defined for the MAC to provide management
and information data exchange between the stations. All stations are required
to decode and react to the information in the MAC header of every frame they
receive. Since wireless medium is not as reliable as wired, the basic frame
exchange consists of two frames: the frame sent and the frame
acknowledgement. If the source does not receive the acknowledgement, the
source attempts to retransmit the frame.
The basic MAC frame is shown in Figure 7. Some of the MAC packets do not
include all of the fields. Up to four addresses can be used depending on the
17
frame type. For example, if two stations communicating with each other are
associated with different APs, then the MAC addresses of both APs and both
stations will be present in the four address fields. Addresses are 48-bit IEEE
802 MAC address (common address space is shared between 802.11 WLAN,
802.3 Ethernet and other 802.x LAN standards). Each station has its own
unique MAC address.
802.11 MAC
Frame Duration / Address 1 Address 2 Address 3 Sequence Address 4 Frame body Frame Check
control ID control (payload data) (CRC)
2 bytes 2 bytes 6 bytes 6 bytes 6 bytes 2 bytes 6 bytes max 2312 bytes 2 bytes
18
occurs when a receiving station is in range of two transmitting stations, which
are not in range of one another. In this case attempting to detect if the medium
is free does not necessarily work because two transmitting stations, which are
not in range of one another, can not detect one anothers transmissions. Thus,
the packets from two transmitting stations will collide at the receiving station. In
RTS/CTS technique instead of transmitting a data packet after waiting for a free
medium, a station transmits a short ready-to-send (RTS) packet to request the
use of the medium. If this succeeds, the receiver will quickly reply with a short
clear-to-send (CTS) packet. After the successful exchange of an RTS/CTS pair
the actual transmission takes place. This method allows hidden terminals to
hear either CTS or RTS packets. It also means that if packets do collide only a
short RTS or CTS packet is lost, which is preferable than to have collisions of
long data packets. For example, RTS is 20 bytes and CTS is 14 bytes, whereas
data packets can be up to 2300 bytes long. If this optional function is available
at a station it is enabled in one of three modes: always on, always off, or on for
packet sizes above a certain threshold.
The 802.11 standard defines one more optional media access protocol, called
as Point Coordination Function (PCF). The PCF uses a polling procedure to
provide connection-oriented contention-free service. This function is performed
by an AP, which polls stations within the BSS and allows them to transmit. In
this way, delay-sensitive packets such as voice or video can be given priority
over other data.
19
indicates whether a station has frames to receive. Stations are not required to
wake up for each beacon frame. A station is required to inform an AP when the
station enters a low power mode and the number of beacon frames the station
will remain in a low power mode.
The 802.11e task group is currently working on two main QoS issues: to
improve the efficiency of the MAC protocol and differentiation between different
types of data traffic. Efficiency is an important issue in 802.11. For instance, a
current 11 Mbps 802.11b device in the best case (two communicating devices
in close proximity to each other, no interference) can provide to the network
layer the throughput, the actual data rates of about 5 Mbps. The reason for this
is overheads in the MAC protocol. Differentiation will enable enhanced
multimedia and voice capabilities by giving higher priority for time-sensitive data
packets (video and audio streaming, VoIP) over general data packets whose
delivery time is less critical (e-mail, http, ftp).
The recently ratified 802.11i security extension was probably the most awaited,
especially by enterprises, where security issues are at premium. Wireless
technologies release users from having to be physically attached to the
20
network, but using radio waves as a transmission medium makes wireless
networks susceptible to interceptions and attacks. The traffic can be captured at
any location as long as the signal reaches the receiver. The typical range of
802.11b/g APs is about 100 meters (indoor environment), which hackers can
extend well beyond 500 meters by using directional antennas. This enables so
call war driving or parking lot attack, where hackers can perform traffic
analysis and attacks in a car, by driving around or just by parking nearby.
802.11i is intended to fix the problems that are well known in the original 802.11
security protocol called Wired Equivalent Privacy (WEP) and address all known
attack. WEP is a single static symmetric shared key system in which 40-bit
(also called 64-bit) or 108-bit (also called 128-bit) encryption is applied to
packet transmissions. WEP was intended to protect wireless communication
from eavesdropping and prevent unauthorized access to a WLAN, so to make
WLAN communication as secure as wired LAN data transmission would be.
However, several security flaws have been found in the technique [13]. For
example, there are freely available tools to crack WEP keys, including AirSnort
[14] and Crack [15]. These applications perform statistical analyses on
encrypted packets to eventually determine the secret shared key. The current
implementations require about 500 Mbytes of data before the secret key can be
successfully derived.
The 802.11i standard can be viewed as consisting of three main parts. Two of
the parts are enhanced encryption algorithms in form of Temporal Key Integrity
Protocol (TKIP) and Advanced Encryption Standard (AES). Both of those
standards were specifically designed to fix the known flaws in WEP, with TKIP
being targeted at legacy equipment and AES as long-term replacement of
TKIP. Unlike TKIP, the encryption method based on AES was not designed for
backward compatibility. AES is considered state of the art in encryption
technology. It is stronger than TKIP and scales better to higher data speeds,
however requires significantly more computational power.
21
2.5 Other miscellaneous 802.11 standards
22
3 802.11 IN A MOBILE PHONE
The purpose of this section is to discuss the need for 802.11 in a mobile phone.
This section provides comparison of the 802.11 technology with other wireless
technologies, such as widely adopted in mobile phones but also new emerging,
and describes possible usage scenarios for 802.11 in a mobile phone.
Many wireless technologies destined for mobile phones have been developed,
and more standards are emerging. Table 3 provides comparison of the most
popular technologies (cellular systems are limited to implemented in Europe).
The technologies listed in Table 3 are divided into groups according to
distances they can cover:
23
spectrum much lower signal quality compared to licensed spectrum. Thus
unlike cellular systems, one WLAN system can undergo interference from other
WLANs, wireless systems or devices, and regulatory bodies will not help to
solve such kind of situations in unlicensed radio spectrum unless interfering
systems and devices exceed regulatory requirements.
Compared to Bluetooth and IrDA, 802.11 has the advantage of longer range
and in most cases higher data rates, but cannot compete with those
technologies in terms of power consumption and price. Thus, Bluetooth and
IrDA domination as a cable replacement technology will not be affected by
802.11 on the market of accessories and low power peripherals, such as
wireless headsets.
24
WPAN WLAN WMAN & WWAN
1000
802.11n
Data rate [Mbps]
100 UWB
802.11a 802.11g
10 802.11b Wi-Max/802.16e
IrDA
802.20
1 3G
Bluetooth
EDGE
GPRS
The following list illustrates the range of applications that can be covered by
using 802.11 in a mobile phone:
Web browsing
Push-to-talk
File up/downloading
25
Multiplayer gaming
Positioning
The possible usage scenarios in a mobile phone come from the advantages of
802.11. Three most perspective scenarios from the author point of view are
described below. In the first scenario, the 802.11 mode can be used for fast and
low cost Internet connectivity and low cost VoIP calls wherever the mobile
phone is within coverage of 802.11 WLANs, for example at homes, enterprises,
and public places. Thus, the 802.11 phone will be as a low cost replacement for
traditional wired, cordless and DECT phones at homes and enterprises, and
also will provide data services and will allow to have low-cost connection at
public places. The cellular mode, providing lower data rates at higher cost but
having advantage of the ubiquitous coverage of cellular systems, will be
employed as soon as the mobile phone moves out of the 802.11 WLANs
coverage. In the simplest case, 802.11 WLANs and cellular networks will be
completely separated, thus users will have to select manually the network they
prefer. In more complicated cases, there will be internetworking between
802.11 WLAN and cellular networks, providing an increased level of service for
users. 3GPP, an organization developing technical specifications for a 3rd
Generation Mobile System based on evolved GSM, has defined six 3GPP-
WLAN internetworking scenarios with increased technical complexity [18]:
3GPP system based access control and charging. This is the scenario
where authentication, authorization and accounting are provided by the
3GPP system. The user data traffic will remains completely separate in
both networks.
26
Additionally, many vendors are developing system solutions, which will allow
seamless handover between VoIP over 802.11 and GSM circuit switched voice.
One of the driving forces is that mobile operators have become involved into
this issue. This move of mobile operators would seem strange as one can think
that deployment of 802.11 WLANs will cut operators revenues. However, one
rationale for this is that operators will have possibility to use WLAN where it is
expensive for them to use traditional cellular networks to provide services
because of the expense of building additional infrastructure or buying additional
licensed spectrum.
27
3.4 Emerging technologies targeting mobile phones
WiMAX / IEEE 802.16e [10]. The IEEE 802.16 standard was designed for fixed
broadband wireless access network. However, the new emerging extension
802.16e is targeting mobile users. 802.16e is expected to provide data rates of
up to 15 Mbps for mobile users traveling at speeds up to 150 km/h. The base
station coverage is up to 5 kilometers. The standard is primary targeting
operation both in licensed and unlicensed frequency bands between 2 GHz and
6 GHz. The publication of the standard is expected in 2005. The second name
for this technology, WiMAX, came from the name of WiMAX Forum [11].
WiMAX Forum, short for Worldwide Interoperability for Microwave Access, is
an organization promoting deployment of broadband wireless access networks
based on IEEE 802.16 standards and certifying interoperability of products and
technologies.
IEEE 802.20 [12]. The IEEE 802.20 group is developing an IP-data optimized
mobile technology for WMAN and WWAN in licensed frequency bands below
3.5 GHz. The technology is expected to provide data rates up to 1 Mbps for
mobile users traveling at speeds up to 250 km/h. The standard targets spectral
efficiencies, user data rates and number of active users higher than achieved
by existing systems. The standard is in development stage and the final
ratification is expected in about two-three years.
3.5 Conclusions
From the all discussed in this section it can be concluded that the integration of
802.11 into a mobile phone is a logical and useful development because it
brings new benefits for users, specifically lower cost and higher data rates, and
802.11 is rather complementary than competing with current mobile phone
technologies - cellular, Bluetooth and IrDA. 802.11 supports wide range of
28
applications and can be employed in a broad range of mobile phones from
basic phones to smartphones. The emerging wireless technologies most likely
will not compete with 802.11 as those technologies are oriented in most of the
cases for different applications and usage scenarios. Even if those technologies
will be able to compete with 802.11 in some applications, the competition will be
very hard because 802.11 is a mature and very widespread technology, with
significant infrastructure deployed and numerous client devices in use. Thus, if
some of the emerging technologies described in this section become very
successful, they most probably will have to coexist within 802.11 in a mobile
phone.
29
4 SYSTEM ARCHITECTURE
This section describes the system architecture for 802.11 integrated into the
Raptor phone. The 802.11 protocol is physically implemented as the 802.11
module and the hardware and the software supporting this module in the mobile
phone. First, overview of the 802.11 module is given. Then overview of the
Raptor phone is presented. The Raptor phone is a smartphone platform
selected for this thesis work as a reference platform for integration of 802.11.
Finally, the proposed architectural concept of 802.11 integrated into the Raptor
phone is presented.
The 802.11 module typically can support up to two antennas: one antenna is
used for transmission and reception and the other antenna is used for diversity
reception to improve performance in the presence of multipath distortions (see
section 6.9.2 for further information on diversity reception).
Control
Downconverter, Security
Filters, A/D module,
T/R and LNA AGC Barker, MAC
Diversity Amplifiers CCK, Accelerator QoS, etc
Host I/F
Switch, OFDM ----------------
Filters Upconverter, Host I/F
PA Filters, D/A MAC
Processor controller
Amplifiers
30
The RF/IF is the analog portion of the transceiver. This includes the antenna
switches (transmission/reception and diversity reception), RF filters, RF low
noise amplifier (LNA), automatic gain control (AGC), RF power amplifier (PA),
RF power pre-amplifier with variable gain, frequency synthesizer, down/up-
converters, baseband amplifiers and filters.
There are two main techniques implemented for down- and up-conversion:
super-heterodyne and direct conversion. In the super-heterodyne technique,
the received signal is first converted to intermediate frequency (IF), then filtered
by using SAW filters to reject out-of-channel interference and achieve high
sensitivity and selectivity. The super-heterodyne receiver provides better
performance, however with the need for off-chip SAW filters in combination with
additional IF circuitry. Since SAW filters are fabricated using different material
technology, they cannot be integrated with the transceiver IC. The direct
conversion approach is used by many chipset vendors to eliminate expensive
SAW filters and IF circuitry. In this approach, the RF signal is converted directly
to the baseband frequency and then filtered by using low pass filters. Since
there is no IF stage, the direct conversion technique also is called as Zero-IF.
The direct conversation does not provide the same robust performance as the
super-heterodyne technique, however the direct conversation is simpler and
enables more cost efficient and smaller size solution. In addition, the
performance of direct conversation transceivers is continuously improving.
The MAC controller consists of the processor, memory with memory controller,
host interface controller, and various hardware accelerators. The memory is
used for the transmit/receive data buffering, MAC protocol operations, and for
the storage of the firmware, default configurations, transceiver calibration data,
and MAC address. Various combinations of different types of on-chip and off-
chip memory, such as RAM, ROM, Flash and EEPROM, are used by different
vendors to optimize the cost, size, and performance of the module. The
hardware accelerators perform time-sensitive or heavy computational MAC
functions such as such as checksum calculations, media sense, QoS,
encryption/decryption. The processor runs software that calls as firmware,
which does some time-tolerant MAC protocol functions, manages all other parts
31
of the module and communicates with the host system. The MAC protocol
functions, which are not implemented in the hardware or firmware, are
performed by the modules driver running on the host device. On the receive
path, the MAC controller processes MAC frames according to MAC protocol,
extracts and sends the payload data to the host device through the host
interface (see section 6.3 for further information on the host interface). On the
transmit path, the reverse process is performed.
The power manager is responsible for power supply for all parts of the module
and implementation of power management schemes (see Section 6.6.2).
Operating power is obtained by the power manager from the host device
through the host interface.
Currently, 802.11 modules are typically implemented in form of two ICs and
some tens of off-chip discrete components. One IC usually includes the analog
radio and the other IC includes the baseband and MAC circuitry. However, as
integration level is constantly increasing, solutions with higher integration are
coming to the market. Thus, Broadcom recently has introduced a single chip, or
actually a single die 802.11b solution [20]. Atheros followed this trend and
introduced a single chip 802.11g solution [21]. Other vendors, targeting
handheld device market, also have single chip (or single die) 802.11b or
802.11g solutions on their roadmaps.
The situation is different with 802.11a. The popular low-cost CMOS technology,
which is commonly used for the digital baseband and MAC ICs, can still be
used at 2.4 GHz allowing a single chip solution. However, this technology does
not well suitable work at 5 GHz yet. More expensive process technologies, such
as SiGe (silicon germanium) and GaAs (gallium arsenide), are required for the
5 GHz radio to obtain good performance. When two different process
technologies are used, two separate chips or single chip with two stacked dies
can only be implemented, which results in increased size and price. Dual band
802.11a/b/g solutions have been predicted to become an important part of the
802.11 market, however higher cost, complexity, and power consumptions put
the dual band 802.11a/b/g solution only to the long-term roadmaps for the
handheld devices.
32
Coexistence of multiple wireless technologies within single device drives the
integration further towards the software defined radio (SDR). In the SDR, which
is still under research, software controls a single transceiver and reconfigures it
to support various bands and standards, such as GSM, PCS, WCDMA,
802.11g, 802.11a, etc. [8], [22], [23].
The Raptor mobile phone, designed by Elcoteq Design Center, was selected as
a reference platform for this thesis project. The Raptor phone is a triple band
GSM/DCS/PCS smartphone platform with GPRS, IrDA, GPS, and Bluetooth
capabilities and Symbian 7.0 operating system. A block diagram of the Raptor
smart phone is shown in Figure 10. The heart of the Raptor smart phone is an
application processor. The presence of the powerful application processor,
allowing to run reach multimedia applications, distinguishes smart-phone from
traditional mobile phone. The application processor runs Symbian operating
system, drivers, user interface, and applications. It manages all resources of
the phone and hosts communication subsystems. Raptors wireless
communication subsystems include triple band GSM/GPRS transceiver
(GSM900, DCS1800, PCS1900), Bluetooth, GPS, and IrDA.
33
4.3 System architecture for 802.11 integrated into the Raptor phone
The systems architecture for 802.11 integrated into the Raptor phone is shown
in Figure 11. The solution consists of the 802.11 module and the hardware and
the software in the mobile phone to host the module and to perform 802.11
operation.
The 802.11 module and the mobile phone, or to be more precise the MAC
controller and the mobile phones application processor, are connected through
the host interface. This interface allows the firmware running on the MAC
controller and controlling the 802.11 module to communicate with the software
running on the mobile phones application processor.
Application programs (Web browser, e-mail, video player, VoIP etc.), TCP/IP
networking stack, operating system, and drivers are running on the mobile
phones application processor and providing user with access to 802.11
WLANs services through the module. The application programs interact with
the TCP/IP or UDP/IP networking stack, depending whether connection-
oriented or connection-less networking services are required. The TCP/IP
stack is a part of Symbian OS 7.0 [34].
The OS uses the driver to interface the 802.11 module to the networking stack.
The driver can be separated into three parts:
The host interface driver for standard interfaces (such as USB) and the 802.11
WLAN framework are embedded into the most types of modern operating
systems, including Symbian OS starting from version 7.0, allowing simpler
drivers and shorter development time.
34
MOBILE PHONE OSI REFERENCE
MODEL
Application layer
Application Presentation layer
Session layer
TCP UDP Transport layer
IP OS Network layer
Ethernet & WLAN
framework Logical link
control
WLAN & host Processor &
(LLC)
interface driver memory sublayer
Media access
Firmware MAC Memory control (MAC)
controller buffer sublayer
Antenna
Transceiver Baseband Physical layer
(analog) (digital)
WLAN MODULE
Control information flow
Data flow
Figure 11. Architectural concept of the 802.11 module integrated into the Raptor phone.
Seven-layer OSI model is shown on the right side as reference.
35
5 INTEGRATION PROCESS
This section describes how a complete 802.11 integration process falls in place.
Figure 12 shows the key stages of the integration process. In a high level
sense, the integration process includes four main areas: 802.11 solution
selection, hardware development, software development, and design
verification.
802.11 solutions
evaluation and 802.11 solution
selection selection
HW test
Functional test
Pre-certification
test
Certification
Design
verification
Volume
manufacturing
SW test
SW development SW build
and integration SW development
36
5.1 802.11 solution selection
This area includes the evaluation of the various 802.11 solutions on the market
in order to select one or two solutions that will be most suited to the Raptor
phone. The major factors that should be considered during the evaluation
process are described in section 6. Additionally, some specific customer
requirements can affect the decision about 802.11 solutions to be used in the
Raptor phone.
There are three main steps for the hardware development: circuit design for the
embedded 802.11 module, PCB design, and proto-series. In the proto-series,
components are assembled to PCB and design change proposals are made in
order to improve manufacturability of the product.
There are two main areas in the software development: integration of the
802.11 modules driver (provided by the modules vendor) and development
and integration of higher-level software (such as TCP/IP stack and applications,
see section 4.3).
The design verification for hardware and software is done separately and in
parallel. This will allow to avoid hardware and software defects to propagate
into the following testing and certification process and to make the development
time shorter.
The hardware test can be done by disconnecting the embedded 802.11 module
from the application processor and connecting it to the computer running
standard software provided by vendor, the same software that was used for the
stand-alone module evaluation. By doing various testing, the compliance within
the 802.11 and mobile phone specifications can be ensured and problems due
to the hardware integration can be identified and fixed separately from the
software bugs.
During the software test, the 802.11 driver and other software will be
downloaded into the mobile phone and the stand-alone 802.11 module will be
connected to the application processor. In this case, the software design and
debugging process will be independent from the hardware development
process.
37
After both the hardware and the software pass their tests, the functional test is
performed. During the functional test, the 802.11 driver will be downloaded into
the mobile phone. The embedded 802.11 module will be connected to and fully
controlled by the application processor. By doing various testing, the complete
compliance of the mobile phone with the 802.11 and mobile phone
specifications can be ensured.
GSM phones and 802.11 equipment has to pass various certifications before
they can be launched to the market as described in section 6.12. The pre-
certification test will allow to ensure that the mobile phone will pass the required
certifications. After the mobile phone pass pre-certification test, it can be
applied for the required certifications in the countries where it will be sold.
38
6 WLAN INTEGRATION ISSUES
This section describes the main issues to consider in the evaluation of 802.11
solutions, in order to discern which one will be most suited to the Raptor phone,
and in the integration of 802.11 into the Raptor phone.
Obviously, the 802.11 module must fit physically into the mobile phone,
preferably with as little modifications to mobile phone design and manufacturing
as possible. This strictly limits PCB space available for the 802.11 components.
The maximum available PCB space for the 802.11 components in a mobile
phone is usually less than 600 mm2. The weight issue is not a concern if only
the integrated 802.11 module will not require larger battery capacity.
The nominal voltage of the Raptor phones battery is 3.6 V. The mobile phone
will go into the shut down mode when the voltage drops below 2.7 V. Therefore,
2.7 V is the minimum required voltage level at which the 802.11 module has to
remain fully operational.
The host interface should provide required data transfer speed and be
compatible on both ends. USB, SPI, and SDIO interfaces are available in the
Raptor phone to interface the 802.11 module.
39
high-speed mode it provides a maximum data transfer speed of up to 100
Mbps, what is sufficient to support all current versions of the 802.11 standard.
The SDIO specification also includes SPI compatible communication mode.
SDIO is becoming very popular in mobile devices.
The 802.11 module must fully comply with the all corresponding current IEEE
802.11 standards and extensions. In addition, the 802.11 modules vendor
should have a clear roadmap to support the coming 802.11 extensions (see
section 2), especially the 802.11e QoS and 802.11i security extensions.
Power consumption is a major design concern since mobile phones are battery-
powered devices. The power consumption increase due to the 802.11 operation
is required to be minimal in order to have as little impact on the recharge
interval, weight, and size of the battery as possible.
When the 802.11 module is added to the mobile phone, the overall power
consumption increases due to the following two reasons:
40
6.6.1 Power consumption of the mobile phone
The following factors affect the power consumption of the 802.11 module:
Power management
The GSM specification was designed from the very beginning with power
management in mind and provides many features to help minimize GSM phone
power consumption. For example, in the idle mode a typical GSM phone is only
active for about 1% of the time. The rest of the time, only a 32kHz RTC crystal
41
and a counter are running [26]. The 802.11 standard provides optional power
management function that allows 802.11 stations to enter the low power mode
of operation while remain associated within the network (see section 2.4.5).
However, the 802.11 standard, originally conceived to provide wireless
connectivity for laptop computers, is not so focused on low power consumption
as the GSM standard. Therefore, many 802.11 chipset vendors are working on
proprietary aggressive power management solutions. The goal here is to
achieve as low power consumption as possible during all operational modes but
remain associated within the network and do not sacrifice data transfer
performance.
There are four operational modes that the 802.11 module can be in:
Listen. The 802.11 module is listening for the radio but is not passing
any data to the application processor
The 802.11 chipsets vendors do not always provide the power consumption
information for all modes. In order to obtain those values, the dynamic current
consumption measurements can be performed, such as shown in Figure 13.
The measurements were performed by the author for an 802.11b sample
module. NGMO2 power supply from Rohde & Schwarz [27] was used for the
measurements. Power supply voltage was set to 3.3 V. The measurements
were done for four typical data transfer modes. Power save mode represents
the 802.11 low power mode (see section 2.4.5). The beacon period was set to
41 ms. Big file reception represents large file reception by 802.11 module.
Big file transmission represents large file transmission by 802.11 module.
Music streaming represents MP3 music streaming over 802.11 connection.
The dynamic current measurements also can be used to analyze the peak
current consumption. This is an important to analyze in order to determinate if
the mobile phones battery will be able to handle it together with the peak
current consumption of the other systems within the mobile phone. The GSM
transceiver causes the largest current consumption peaks in a mobile phone as
illustrated in Figure 14. If the total current consumption will exceed
predetermined threshold for a certain period of time, then the protection circuit
of the mobile phones battery will shut down the mobile phone.
42
Additionally, the current consumption behavior and the functionality of the
802.11 module are worth to analyze under the minimum and the maximum
levels of the supply voltages and the environmental temperature.
43
Figure 13. Dynamic current consumption measurements of an 802.11b sample module under
different usage scenarios
44
Figure 14. Current consumption of a sample GSM phone in transmission mode
Table 4. Current consumption values of different modes, normalized with the time spent in
those modes
45
6.7 Performance
The IEEE 802.11 standard defines various raw data rates for different types of
physical layers, such as 1, 2, 5, and 11 Mbps for the 802.11b standard.
However, the actual throughput experienced by user is always less than the
physical layer data rates due to overheads introduced by the communication
protocols. Overhead can be defined as information and airtime used for
anything that is not data. Overhead in the 802.11 protocols includes:
Multiple access
Higher layer communication protocols, such as IP, TCP, UDP, etc., also add
their own overheads. The amount of overhead is different for various protocols.
Thus it should be noted, that care must be taken when the throughput values
are presented. The protocol level referred to, the protocols involved, and type of
data traffic being sent should be clear defined.
46
Path loss. As the transmitted radio waves propagate outwards spherically,
spreading energy over an ever-increasing area, very little part of the transmitted
energy reaches the receiver. This phenomenon is known as free space path
loss. The average free space path loss is depicted by
Pt G G 2
PL( d ) = 10 log = 10 log t r 2 (1)
Pr ( 4d )
The free space model assumes no obstacles between the transmitter and the
receiver. However, this is not the case for indoor and urban outdoor
environments, the most typical propagation environments for WLAN systems,
where numerous of physical obstructions that reflect, absorb, diffract, and
scatter the transmitted signal. Therefore the free space model in such
environments is relevant only for short distances of up to 1-2 meters. The
physical proprieties of the specific propagation environment are taken into
account by using a path loss exponent, n, that indicates the rate at which the
path loss increases with distance. Now, the path loss at some distance d is
depicted by
d
PL(d ) = PL(d 0 ) + 10n log (2)
d0
where d0 is the close-in reference distance for which free space path loss and
far field of the antenna conditions can be applied, and d is the transmitter and
receiver antennas separating distance. In free space, n is equal to two, and
when obstructions are present, n normally have a larger value.
Multipath fading. Reflection, diffraction, and scattering also result in the other
phenomenon, called multipath propagation, when multiple versions of the
transmitted signal, traveled along different paths, are combined at the receiving
antenna. The summation of many multipath components with random delays,
phases and amplitudes results in fluctuations of the received signal amplitude
as a function of location and frequency, referred to as multipath fading.
Multipath fading is crucial for the 802.11 WLANs as it produces a variable bit
error rate that may result in packets losses and even in interrupts of the
wireless link, even thought the received average SNR is well above the
required threshold.
47
The relative motions of transmitter, receiver, and surrounding objects result in
time-varying fading. A mobile phone with the 802.11 WLAN will be typically
used at pedestrian speeds. However surrounding objects could have much
higher velocity. For example, cars are the high speed reflecting objects for the
802.11 device located on the street resulting in faster changes in the fading
pattern.
Polarization loss. The polarization loss occurs when the polarizations of the
signal and the receiving antenna are different. The polarization loss is
proportional to the cosine of the angle between polarizations of the signal and
the receiving antenna. Two major factors lead to the polarization losses:
48
WLAN devices, such as power consumption, size, weight. In some
802.11 solutions, the provided maximum transmit power is lower than
actually allowed by regulatory requirements. This is mainly done in order
to decrease power consumption. However, as it is described in section
6.6, the transmit power does not affect much on the overall power
consumption by the 802.11 module. In fact, the reduced transmit power
may actually cause increase in power consumption. There will be link
quality degradation and more packets with errors due to the reduced
maximum transmit power. Retransmission of bad packets and switching
to the lower data rates (increased transmission time) will cause extra
power consumption. In addition, range and data rates will decrease
resulting in bad user experience. Instead of reducing the maximum
transmit power, the transmit power control should be used to decrease
power consumption (see section 6.6).
Two 802.11 devices from the same vendor typically provide much better
performance than two devices from different vendors can achieve. There is no
certification available for throughput verification between 802.11 devices from
different vendors. Wi-Fi organization does interoperability certification, however
49
this certification is optional and mainly verifies basic connectivity. Two Wi-Fi
certified products will interoperate with each other, however good performance
might not be achieved. 802.11 modules that provide good performance when
connected to a variety of different vendors devices are more preferred.
As has been previously said the most typical environment for the 802.11
module can be described as time-varying multipath indoor environment.
Additionally, 802.11 modules antenna orientation in space is generally random.
The test method proposed in [30] can be used to simulate such environment. In
this method, a rotating motor driving non-conducting table is used to create
time-varying environment and azimuthally random angular orientation between
the AP and the module under test. The test is conducted in typical indoor
environment.
The rotating speed and the radius of the table is selected to obtain the required
speed of the 802.11 module. If the 802.11 module is planned to be mainly used
in indoor environment then the speed is selected equal to the pedestrian speed.
If the 802.11 module will be also used in urban areas then the speed should be
higher. The radius of the table should be much larger than the wavelength, so
the 802.11 module will pass several fades in one rotation.
The throughput between an AP and the module under test is measured at five-
six different test points. The first test point is located close to the AP, about 3-5
meters apart, so the line-of-sign condition is hold. The remaining test locations
located incrementally further away with no line-of-sign to show throughput as a
function of distance. The last test point should be located at the edge of the AP
coverage area.
50
The measurements should be done at several different channels in order to
evaluate the performance over the whole band. For example, channels 1, 6 and
11 can be used in the 2.4 GHz band. Performance with different security
settings should be analyzed as well.
The test setup for the throughput measurements is shown in Figure 15. In order
to evaluate the interoperability performance, every module should be tested
with three or four different types of APs, each based on the most popular
802.11 chipsets on the market from different vendors.
51
Ethernet 100 Hub
Desktop running Laptop with WLAN card
Netperf client or under test, placed on
server rotating table and running
Netperf server or client
The test results show that the maximum achievable TCP throughput is much
lower than the raw data rates on the air; specifically 4.5 Mbps maximum TCP
throughput was achieved for 802.11b and about 23 Mbps for 802.11a and
802.11g. The throughput decreases gradually as distance increases. 802.11b/g
generally provides better coverage than 802.11a. The test results also show
that there are interoperability issues between different vendors chipsets and
product implementations. Thus, the test results difference due to interoperability
is comparable to the difference between 2.4 and 5 GHz radio propagation.
Generally, products based on the Broadcom chipset showed the best results in
this test followed by the Atheros and Texas Instruments chipsets.
52
Access Points Modules 802.11 type Chipset vendor
Dlink DWL2000AP+ b/g Texas Instruments
Dlink DWL2100AP b/g Atheros
Linksys WRT54G b/g Broadcom
3COM b Intersil
a Atheros
3COM PC card, a/b/g Atheros
3CRPAG175
Linksys PC card, b/g Broadcom
WPC54G
(3 meters) (40 meters) (80 meters) (100 meters) (120 meters) (140 meters)
53
6.8 Radio compatibility
Integration of the 802.11 module into the Raptor phone, that has already
several radio systems, brings a whole new set of mutual electromagnetic
interference problems as illustrate in Figure 17. The GSM/DCS/PCS, GPS,
Bluetooth, and 802.11 WLAN systems are required to operate simultaneously
and be collocated within less than ten centimeters in the mobile phone or even
share the same antenna. However, the specifications for those radio systems
were not designed with an assumption that the radio systems will have to work
in such proximity. Therefore, it is an important advantage if the 802.11 module
was designed from the start to work in the environment of the GSM phone.
GSM
33 dBm DCS PCS
~0.9 GHz 30 dBm 30 dBm
~1.8 GHz ~1.9 GHz
802.11b,g
20 dBm 802.11a
20 dBm
Transmit power
~2.4 GHz
~5.5 GHz
GPS Bluetooth
~1.5 4 dBm
GHz ~2.4 GHz
Frequency
Figure 17. Possible interference sources in the mobile phone. Adapted from [33]
54
802.11 coexistence with Bluetooth and PCS systems will be discussed in this
section as the most critical issues. This section is only considered on the radio
interference between systems through antennas. Other interference issues
such as switching noise, RF and baseband signals coupling between systems
through PCB or power supply are not discussed in this thesis work as those
problems can be solved through standard design methods: careful PCB design,
shielding, decoupling, etc.
Bluetooth uses a FHSS technique in which the transmission band hops over 79
pre-defined 1 MHz wide channels. The hopping rate is roughly 1600 hops per
second over a random pattern. In this way, Bluetooth spreads energy over the
entire band. However, since Bluetooth doesn't monitor the band before
transmitting, it can easily interfere with other systems trying to use the same
band. In this fashion, if 802.11 is transmitting or receiving when Bluetooth
begins transmission, both air interfaces can fail to operate properly. In contrast
to Bluetooth, 802.11 does monitor its transmission band for other traffic before
beginning to transmit. 802.11 employs DSSS and OFDM air interfaces, and
occupies roughly a quarter of the 83.5 MHz bandwidth available in the ISM
band. Since 802.11 will sense Bluetooth activity and not transmit if Bluetooth is
active, 802.11 service will be very seriously affected when Bluetooth is active.
55
has learned about the channel. AFH is the most effective when the Bluetooth
and 802.11 radios are not collocated, and progressively loses its effectiveness
when the isolation between two radios becoming less than 40 dB [35], i.e. when
the separation distance becomes less than one meter.
For shorter distances, and especially when both systems share the same
antenna, collaborative techniques are required. In the collaborative
coexistence, collisions are avoided through agreement between the 802.11b/g
and Bluetooth controllers on an arbitration scheme in advance. The arbitration
mechanism schedules (time multiplexing) packet traffic in both systems. The
collaborative technique should support QoS (e.g., real time voice packets
should be given higher priority than e-mail data packets), provide fairness
between systems and maximize both systems throughput. Collaborative
techniques presume direct communication interface to be implemented
between 802.11b/g MAC and Bluetooth controllers. Various collaborative
techniques and communication interfaces have been developed by different
802.11 and Bluetooth vendors. Therefore, it is important to ensure that the
selected 802.11b/g and Bluetooth modules are compatible and that the
supported coexistence techniques provide the required performance.
The possible test setup for the performance evaluation of the coexistence
techniques is shown in Figure 15. Two independent data streams are sent
simultaneously over 802.11 and Bluetooth connections and the performance of
the links can be evaluated by varying both data traffics. Also single data stream
can be sent between the PC 1 and PC 2. In this case the test software in PC 3
will route the data stream between the 802.11 and Bluetooth modules under
test, thus a usage case can be simulated when VoIP data is sent over 802.11
and then routed to the Bluetooth headset.
PC 1 running
test software
802.11& BT
PC 2 running coexistence
test software interface
BT reference BT module
device under test
Figure 18. Test system setup for the performance evaluation of the 802.11 and Bluetooth
coexistence techniques
56
6.8.2 802.11b/g and PCS coexistence
The RF coexistence of 802.11b/g and PCS systems is the second major issue.
PCS is the closest system to 802.11b/g in frequency, it has large transmit
power and there is limited isolation between PCS and 802.11b/g antennas due
to the small size of the mobile phone. An important question is whether those
two systems can be designed to operate simultaneously without complicated
scheduling as in the case of the 802.11b/g and Bluetooth coexistence.
6.8.2.1 Could the 802.11b/g transmitter emissions interfere with the PCS receiver?
57
1.9 GHz and 2.4 GHz bands. Now the interference at the input of the PCS
receiver is
That is 44 dB above the thermal noise floor. Hence, it is clear that the spurious
emissions by 802.11b transmitter can cause sensitivity degradation. Therefore
additional design requirements are certainly needed to provide the required
isolation between the systems, such as additional filtering of the transmit signal
on the 802.11b/g system side.
6.8.2.2 Could the PCS transmitter emissions interfere with the 802.11b/g receiver?
58
receiver side might be needed to prevent blocking when the PCS transmitter
works at the maximum power levels.
The PCS blocking performance for the Raptor PCS receiver is equal to 0 dB in
the frequency band 1.98 12.75 GHz. Thus, if 20 dB of isolation between the
802.11 transmitter and the PCS receiver is provided then the 20 dBm 802.11
transmit signal will not block the PCS receiver.
The testing method similar to the described in [37] can be used. Figure 19
shows possible test setup. The 802.11 module is placed in the desired place
inside of the mobile phone. Various positions of the 802.11 module inside of the
mobile phone can be evaluated in order to find the one providing the best
performance. The mobile phone test station, such as Agilent E5515 [46], is
used to setup and test the link to the mobile phone, and the 802.11 reference
device and two PCs running test software (typically provided by chipset
vendors) are used to do this for the 802.11 link.
The first step to test the performance of the 802.11 receiver in the presence of
the GSM/DCS/PCS transmission is to setup 802.11 link and to use FER
measurements (the standard values are 8% FER for 802.11b and 10%
802.11g) to set the reference sensitivity level. Then the GSM/DCS/PCS link is
established using the maximum transmit power and the FER of 802.11 is
evaluated. If the FER degradation is present the 802.11 transmit power is re-
adjusted to find the FER used to set the reference sensitivity level. The
difference in two power levels of the 802.11 transmitter when the required FER
is achieved with the GSM/DCS/PCS transmitter on and off is a measure of the
sensitivity degradation of the 802.11 receiver. A similar approach can be used
to determine the GSM/DCS/PCS receiver performance degradation due to the
802.11 transmitter.
59
Semi-anechoic test chamber
Mobile phone
test station
Figure 19. Test setup for the 802.11 and GSM/DCS/PCS coexistence evaluation
The antenna can be provided by a vendor together with the module, purchased
separately, or designed in-house. Whichever approach is chosen, it is important
to ensure that the antenna provides required performance and will be
appropriate for the mobile phone. None of the 802.11 standards regulates the
use of antennas and one is free to choose.
Small near field. This decreases the near field energy losses caused by
close proximity of the antenna to a human body.
Small dimensions
Small PCB area required for the ground plane of the antenna
60
6.9.1 Antenna polarization
There are two design goals to consider when the polarization of the 802.11
antenna is selected:
Thus, the decision about the polarization of the 802.11 antenna should be
made based on the required isolation between antennas (may be it can be
achieved through other techniques, such as filtering), typical usage scenario,
propagation environment, and the polarization properties of the antennas used
by network equipment. The performance of the antenna design can be tested
by using the testing methods described in section 6.8.2.4 (802.11 and cellular
coexistence) and in section 6.7.2 (throughput and range performance).
61
achieved. The diversity gain depends on the correlation of the fading among the
antennas. Higher diversity gain can be obtained when the correlation among
antenna signals is low. There are three independent methods to achieve low
correlation: space diversity, polarization diversity, and pattern diversity. In
pattern diversity, antennas with different radiation patterns are used. Since one
of the antennas in the 802.11 module is used for both transmission and
reception and its radiation pattern is required to be omnidirectional, pattern
diversity is not suitable for this particular application and will not be covered
here.
2d
e J 02 (3)
where e is the envelope correlation of two diversity antenna signals, J0 is the
Bessel function of the first kind with zero order, d is the antenna spacing, and
is the carrier wavelength. Figure 20 represents the relationship presented in (3).
Figure 21 illustrates the performance improvement that can be achieved by
using space diversity technique. To perform these measurements, the same
technique as described in section 6.7.2.1 was used by the author. Two
vertically polarized antennas were used at the Linksys AP. The antennas
separation distance was 13 centimeters (about one wavelength at 2.4 GHz).
Although such distance is not feasible for mobile phones, a low enough
correlation to obtain the most of diversity gain can be obtained already at a
quarter of a wavelength separation distance. This distance corresponds to 3.13
and 1.5 centimeters at 2.4 GHz and 5 GHz carrier frequencies respectively, the
distances feasible for mobile phones. Furthermore, it has been shown that the
mutual coupling effect between two closely located antennas can reduce the
envelope correlation of the antenna signals [40]. However, the effect of mutual
coupling can also change the antenna patterns from the free space pattern [42].
62
Figure 20. Envelope correlation versus antenna spacing
(3 meters) (40 meters) (80 meters) (100 meters) (120 meters) (140 meters)
Figure 21. TCP throughput comparison for spatial diversity, polarization diversity and no
diversity schemes
63
6.9.2.2 Polarization diversity
Scanning diversity dominates in the current 802.11 chipsets, and is the simplest
combining technique. In this method, the antennas are connected to a single
receiver through an RF switch. During the preamble (a priori know signal), the
receiver scans both antennas and selects the one with the best signal. The best
signal can be in terms of signal level or SNR. If during the packet the signal
from the selected antenna falls below the threshold then receiver just switches
to the second antenna. The diversity gain provided by this technique is the
lowest comparing to the other more advanced methods but the advantage with
this method is that only one receiver is required.
64
6.10 802.11 module placement
As it was discussed in section 6.8.2, good isolation between the 802.11 and
cellular antennas is important in order to minimize mutual interference between
two systems. Therefore, the 802.11 antenna is proposed to be placed as far as
possible from the cellular antenna. In order to keep RF losses at minimal the
802.11 antenna should be placed as close as possible to the 802.11 transceiver
and in the place where no metal parts, such as metal cover or battery, or users
hand will cover it.
Figure 22 shows possible placement. The 802.11 and Bluetooth modules share
the same antenna assuming that the collaborative coexistence technique is
implemented in the modules. The antenna can be located in ether position 1 or
2, depending on in which position better performance can be achieved and how
much free space is available.
The 802.11 and Bluetooth modules can be placed on the components side of
the mobile phone PCB (Position 1) if there is enough free PCB space available.
Another approach (Position 2) is to place the modules under the keypad and
LEDs, which can be achieved by placing the keypad and LEDs on the separate
PCB and lifting the PCB up to the required height (the height of the 802.11 and
Bluetooth components). A possible drawback of those two approaches is that
802.11 and Bluetooth components are located very close to the mobile phones
microphone and its associated low level signals, which might cause 802.11 and
Bluetooth circuits noise to be picked up. Bluetooth circuits should not cause
problems since Bluetooth and the microphone are typically exclusive in their
operations. However this is not the case for the 802.11, therefore additional
considerations might be required.
65
GSM antenna
GSM module,
application
processor &
memory
Keypad & LEDs PCB
Battery
WLAN & BT modules
Possible position 2
Figure 22. Possible placements of the 802.11 and Bluetooth antennas and modules inside of a
mobile phone
66
processor, where the GSM baseband controller performs all management and
application tasks, only the hardware MAC approach is feasible.
The test software is required for the testing of 802.11 module during design and
manufacturing phases. It is an important advantage if the vendor can provide
required test software together with the 802.11 module reference design.
Due to the Internet access through 802.11 WLAN, the mobile phone will
become open for hackers attacks as ordinary PCs. Therefore additionally to
low-level data security provided by the 802.11 standards, high-level data
security issues must be treated in the same way as it is currently done in the
PC world, e.g., firewall, antivirus, VPN software. Today not so many individuals
can write viruses for smartphones operating systems. However, due to rapidly
increasing popularity of smartphones and that more people get involved into the
software development, the data security problem will become more important.
6.12 Certification
Before being allowed onto the market, every mobile phone has to pass a variety
of certifications. When 802.11 technology is integrated into a mobile phone, the
list of certifications is extended to the certifications described below in this
section. Even if mobile phone and 802.11 module have passed their
certifications in a stand-alone mode, there is no guarantee that a mobile phone
with an integrated 802.11 module will also pass certifications. However, a
certification process is much simplified if the 802.11 module was pre-certified by
the vendor and the vendor also provides further certification support for the
integrated design.
67
6.12.2 Wi-Fi certification
6.13 Manufacturing
6.14 Price
The mobile phone market is very price sensitive. Any undervalued increase in
price could result in reduced sales. This results the tight requirement for the
integration cost. The main factors contributing the cost are following:
Hardware BOM cost. For today, the 802.11 feature makes sense in a
smartphone if the 802.11 hardware BOM cost is below $15.
Development cost. This includes costs for the hardware and software
development and the design verification.
68
Manufacturing costs. This includes costs for the production test systems
and the product manufacturing itself
One could argue against 802.11g and 802.11a that such high speeds are not
really needed for a mobile phone, and that 802.11g and especially 802.11a
modules are still more expensive, have larger size and consume more power
during transmit/receive mode than 802.11b modules. On the other hand, higher
speeds result in shorter transmission time, thus interference level will decrease,
the WLAN system capacity will increase, and higher power consumption will be
more or less compensated (also as it was mentioned in section 6.6, power
consumption in the idle mode is the most critical one). And technology
development and higher manufacturing volumes the difference between b and
g, a versions in terms of power consumption, size and price is gradually
vanishing, especially between b and g.
69
Standard Band, Raw data Average Additional attributes
GHz rates, indoor
Mbps range
802.11b 2.4 1, 2, 5.5, 100 m - Dominant WLAN technology
11 (90% of the market)
- Mature technology
- Low price
- Low power consumption
802.11g 2.4 1, 2, 5.5, 100 m - Backward compatible with
11; 6, 12, the 802.11b standard
24, 36, 48, - Moderate price
54 - Moderate power
consumption
802.11a 5 6, 12, 24, 50 m - Superior scalability (19 non-
36, 48, 54 overlapping channels vs. 3
non-overlapping channels in
the 2.4 GHz band)
- Clear spectrum (much less
interference sources than in
the 2.4 GHz band)
- High price
- High power consumption
- Not backward compatible
with the 802.11b standard
There are two approaches currently available for adding embedded 802.11
technology to a mobile phone:
Table 7 sums up most of the key issues in determining whether to use discrete
components or module.
70
The module approach is low risk, simplifies design and manufacturing, and
gives short time-to-market. However, the first approach allows greater degree
of design flexibility. Variations of those two options are also available. For
example, ICs vendors often provide complete reference designs, so the design
process can be much simplified.
The size and cost criteria are intentionally excluded from Table 7. By using
discrete components, one might be able to make the 802.11 solution smaller or
fit a unique layout that off-the-shelf modules can not provide. However, most
modules can be made very small because they often use bare ICs rather than
packaged ICs. As a result, a module may actually be smaller than most discrete
approaches. The cost of the module versus the discrete solution could also be
competitive, especially if overheads associated with purchasing, warehousing,
testing, and mounting the discrete components are taken into account.
71
7 CONCLUSIONS
While benefits for users are clear, the convergence of many wireless
technologies into such small form factor as a mobile phone with power and
weight constrains brings new design challenges. Size, power consumption,
coexistence with other wireless subsystems, and environmental requirements
for the 802.11 module in a mobile phone are unique. Not every 802.11 solution
on the market can meet those requirements. Therefore, very careful evaluation
of 802.11 solutions and proper integration design are essential.
8 FURTHER WORK
The next step in this project is to make practical evaluation of 802.11 modules
targeting mobile phone applications as soon as they are available. Then a basic
reference design for 802.11 integrated into the Raptor phone will be made by
using the selected 802.11 module(s), which is intended to provide a platform for
further software and hardware development.
72
REFERENCES
[2] ANSI/IEEE 802.11 Standard, 1999 Edition. ANSI/IEEE 802.11 standards are
available at: http://standards.ieee.org/getieee802
[13] Nikita Borisov, Ian Goldberg, David Wagner, (In)Security of the WEP
algorithm, http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html, Viewed:
December 2003
73
[20] Broadcom BCM4317 AirForce One, complete single-chip 802.11b solution,
http://www.broadcom.com/products/product.php?product_id=BCM4317,
Viewed: January 2004
[22] Kazuhiro Uehara, Katsuhiko Araki, Masahiro Umehira, Trends in research and
development of Software Defined Radio, NTT Technical Review, Vol.1 No.4,
July 2003.
[24] Universal Serial Bus Specification, Revision 2.0, April 27, 2000
[26] Andrew Fogg, GSM.11: Accessing the Wireless Web, TTPCom Ltd., The
Communication Design Conference Paper, 2004
[29] Jim Lansford, Working Towards the Peaceful Coexistence of Wireless PANs,
LANs, and WANs, September 2002
[30] Ted Edmonson, 802.11 Indoor Testing Methodology, Intersil Corp., April 2003
[33] Matthew B Shoemake, Designing for WLAN Integration into Handhelds, Texas
Instruments Inc., http://www.analogzone.com/nett0623.pdf, Viewed: January
2004
[35] Bluetooth and Wi-Fi coexistence overview, Silicon Wave Inc., May 2003
[37] Tim Masson, Successful Strategies for Integrating Bluetooth into a Cellular
Telephone, Agilent Technologies eSeminar, April 15, 2003
74
[38] MAX2820 SiGe Zero-IF Transceiver for 2.4GHz 802.11b WLAN,
http://www.maxim-ic.com, Viewed: April 2004
[40] Hon Tat Hui, W. T. Ow Yong, K. B. Toh, Signal Correlation Between Two
Normal-Mode Helical Antennas for Diversity Reception in a Multipath
Environment, IEEE transactions on antennas and propagation, Vol. 52, No. 2,
February 2004
[42] Carl B. Dietrich, Kai Dietze, J. Randall Nealy, Warren L. Stutzma, Spatial,
Polarization, and Pattern Diversity for Wireless Handheld Terminals, IEEE
transactions on antennas and propagation, Vol. 49, No. 9, September 2001
75
APPENDIX A
The documents listed below specify the current regulatory requirements for
various geographical areas. They are provided for information only, and are
subject to change or revision at any time. Operation in countries within Europe,
or other regions outside Japan or North America, may be subject to additional
or alternative national regulations. The information is taken from [2].
Europe:
France:
Spain:
Japan:
76
North America:
Documents: GL36
77