GSM Report Full

GSM- Global System for Mobile Communication
Hi Dear Readers!
In this revision of the document, new data has been added with
white color of words and black shading to make the readers feel
comfortable with new information in the document without reading all
pages again. Further more, a chapter “GSM SUBSCRIBERS DATA” has been
added as Chapter # 6. I hope you will continue to enjoy the Document.
Thanks and Regards!
Engr. Syed Muhammad Munavvar Hussain
Engr. Syed Muhammad Munavvar Hussain 1

Chapter 1
INTRODUCTION TO GSM

1.1 Introduction
GSM is not only the acronym of Global System for Mobile Communication;
it stands for an extraordinary successful stage of development in the modern
information age. GSM stands for a new dimension for more than 50 million users
worldwide; it stands for more than 100 countries and above 220 network
operators; it stands for complexity; it stands for versatility. Wireless
communication has become possible with GSM in any town, any county, and
even on any continent of the world. [114]
Global System for Mobile Communication (GSM) is a set of ETSI standards

specifying the infrastructure for a digital cellular service. The standard is used in
approx. 85 countries in the world including such locations as Europe, Japan and
Australia. [001]
Figure 1.1: The Simple Representation of GSM Network [065]
GSM is worldwide standard that allows users of different operators to

connect and to shares the services simultaneously. GSM has been the backbone

of the phenomenal success in mobile telecommunication over the last decade.

Now, at the dawn of the era of true broadband services, GSM continues to
evolve to meet new demands. One of GSM's great strengths is its international
roaming capability, giving consumers a seamless service in about 160 countries.
This has been a vital driver in growth, with around 300 million GSM subscribers
currently in Europe and Asia. In the Americas, today's 7 million subscribers are
set to grow rapidly, with market potential of 500 million in population, due to the
introduction of GSM 800, which allows operators using the 800 MHz band to
have access to GSM technology too. [002]
The Europeans realized this early on, and in 1982 the Conference of
European Posts and Telegraphs (CEPT) formed a study group called the Groupe
Spécial Mobile (GSM) to study and develop a pan-European public land mobile
system. The proposed system had to meet certain criteria:
• good subjective speech quality,

• low terminal and service cost,
• support for international roaming,
• ability to support handheld terminals,
• support for range of new services and facilities
• spectral efficiency, and
• ISDN compatibility. [003]
GSM is a standard for a Global System for Mobile communications. Global

System for Mobile communications, a mobile phone system based on multiple
radio cells (cellular mobile phone network). It has been agreed upon and is
completed by ETSI, the European Telecommunications Standards Institute.
GSM technology contains the essential “intelligent” functions for the supports
of the personal mobility, especially with regard to user identification and
authentication, and for the localization and administration of the mobile users.

GSM is mainly used for speech communication, but its use for mobile data
communication is growing steadily. The key technologies used in GSM are SMS,
General Packet Radio Service (GPRS), and Wireless Application Protocol
(WAP).
Here I am eager to mention the words of Mr. Chunk Parish, Founding
Member and Chairman (1998-1999) WAP Forum; “WAP is a major step in
building the Wireless Internet, where people on-the-go can access the internet
through their wireless devices to get information such as e-mails, news
headlines, stock reports, map directions, and sports scores when they need it
and where they need.” [115]
1.2 Two Main Standards of GSM

Two main standards are followed:
1. GSM 900 (global system for mobile communications in the 900 MHz band)
2. DCS 1800 (digital cellular system for the 1800 MHz band)
GSM 900 is a designed for extensive radio coverage even in rural areas.
DCS 1800 is designed for radio coverage in areas with very high subscriber
density.
GSM is a global standard, GSM 900 being used in most European, Asian and
pacific countries, GSM 1800 being used in the same place to increase the
capacity of the system, and GSM 1900 being used primarily in the US.
In its simplest form, Global System for Mobile Communication (GSM) is a set
of ETSI standards specifying the infrastructure for a digital cellular service. The
standard is used in approx. 85 countries in the world including such locations as
Europe, Japan and Australia.
The international designation of a public mobile radio network is PLMN
(Public Land Mobile Network), as opposed to the PSTN (Public Switched
Telephone Network).
Several PLMN, which are designed on the basis of same standards, are
compatible to each other. Therefore, a mobile subscriber can use the GSM/DCS

specific mobile equipment and services in these compatible networks.[]

Hutchison Whampoa Limited. [004]
1.3 GSM frequency bands
System Band Uplink (MHz) Downlink (MHz)
E-GSM-900 900 880.0–915.0 925.0–960.0
R-GSM-900 900 876.0–915.0 921.0–960.0
T-GSM-900 900 870.4–876.0 915.4–921.0
DCS-1800 1800 1710.0–1785.0 1805.0–1880.0
PCS-1900 1900 1850.0–1910.0 1930.0–1990.0
Table 1.1: Frequency range for different GSM standards [005]
Pictorial representation of the uplink and downlink frequencies is given as

follows:
Figure 1.2: GSM Frequency Bands [108]

1.4 Specifications and Characteristics for GSM
 Frequency band—the frequency range specified for GSM is 1,850 to
1,990 MHz (mobile station to base station).
 Duplex distance—the duplex distance is 80 MHz. Duplex distance is the
distance between the uplink and downlink frequencies. A channel has two
frequencies, 80 MHz apart.
 Channel separation—the separation between adjacent carrier
frequencies. In GSM, this is 200 kHz.
 Modulation—Modulation is the process of sending a signal by changing
the characteristics of a carrier frequency. This is done in GSM via
Gaussian minimum shift keying (GMSK).
 Transmission rate—GSM is a digital system with an over-the-air bit rate
of 270 kbps.
 Access method—GSM utilizes the time division multiple access (TDMA)
concept. TDMA is a technique in which several different calls may share
the same carrier. Each call is assigned a particular time slot.
 Speech coder—GSM uses linear predictive coding (LPC). The purpose of
LPC is to reduce the bit rate. The LPC provides parameters for a filter that
mimics the vocal tract. The signal passes through this filter, leaving behind
a residual signal. Speech is encoded at 13 kbps. [006], [007], [008], [009],
[010]

The next generation of the mobile communication is known as Universal Mobile
Telecommunication System (UMTS) in Europe and as International Mobile
Telecommunication System 2000 (IMT-2000) worldwide. [114]

Chapter 2
GSM NETWORK AREAS
PLMN Service Area
MSC/VLR Service Area
Location Area
Cell

2.1 GSM Network Areas
The GSM network is made up of geographic areas. As shown in Figure,

these areas include cells, location areas (LAs), MSC/VLR service areas, and
public land mobile network (PLMN) areas.
Figure 2.1: Network Areas [011]
2.1.1 Cell
Cell is the basic service area. The cell is the area given radio coverage by
one base transceiver station. The GSM network identifies each cell via the cell
global identity (CGI) number assigned to each cell.
2.1.2 Location Area
The location area is a group of cells. It is the area in which the subscriber
is paged. Each LA is served by one or more base station controllers, yet only by
a single MSC. Each LA is assigned a location area identity (LAI) number.

Figure 2.2: Location Areas
2.1.3 MSC/VLR Service Area
An MSC/VLR service area represents the part of the GSM network that is
covered by one MSC and which is reachable, as it is registered in the VLR of the
MSC (see Figure).
Figure 2.3: MSC/VLR service area [011], [012]
2.1.4 PLMN Service Area
The area covered by one network operator is called PLMN. A PLMN can
contain one or more MSCs. [013]

2.2 Cell-Detailed Description

In a cellular system, the communication area of the service provider is divided
into small geographical areas called cells. Each cell contains following
components:
• An antenna
• Solar or AC power network station
The solar or AC powered network station is called the Base Station (BS).
[109]
Figure 2.4: Cells [014]
A cell simply corresponds to the covering area of a transmitter or a small

collection of transmitters used for the area. The size of the cell may typically
range between 1 to 12 miles. The size of the cell is determined by many factors,
but the two important factors are:
• The transmitter power

• The population of the geographical region

2.2.1 Why Hexagonal Shaped Cells are better?
Cells are drawn in hexagonal shape because the hexagonal shaped cells
have no gaps or overlaps between them. It causes no interruption to the
communication of a mobile subscriber moving from one cell to another. It is
obvious from the figure that other shapes of the cells are leaving gaps where no
coverage is provided to the mobile users. On the other hand, there is no such
problem in hexagonal cells.
Figure 2.5: Types of Cells
2.2.2 Types of Cells

Due to the uneven changes in the population density of different countries
and regions in the world, there are different types of cells used according to the
best results in uninterruptible communication. These are listed as:
• Macro Cells
• Micro Cells
• Pico Cells
• Umbrella Cells
• Selective Cells [015], [016]

a) Macro Cells
Macro cells can be regarded as cells where the base station antenna is
installed on a mast or larger building structures that are taller than an average
roof-top level. [017]
A macro cell is a cell in a mobile phone network that provides radio
coverage served by a power cellular base station (tower). Generally, macro cells
provide coverage larger than micro cell such as rural areas or along highways.
The antennas for macro cells are mounted on ground-based masts, rooftops and
the other existing structures, at a height that provides a clear view over the
surrounding buildings and terrain. Macro cell base stations have power outputs of
typically tens of watts. [018], [019], [020]
b) Micro Cells
A micro cell is a cell in a mobile phone network served by a low power

cellular base station (tower), covering a limited area such as a mall, a hotel, or
a transportation hub. A micro cell is usually larger than a Pico cell, though the
distinction is not always clear. Typically the range of a micro cell is less than a
mile wide. [021]
The antennas for micro cells are mounted at street level. Micro cell
antennas are smaller than macro cell antennas and when mounted on existing
structures can often be disguised as building features. Micro cells provide radio
coverage over distances up to, typically, between 300m and 1000m. Micro cell
base stations have lower output powers than macro cells, typically a few watts.
[022], [026]
c) Pico Cells
Pico cells are small cells whose diameter is only few dozen meters; they
are used mainly in indoor applications. It can cover e.g. a floor of

a building or an entire building, or for example in shopping centres or airports.

[023] Pico cells provide more localized coverage than micro cells, inside
buildings where coverage is poor or there are high numbers of users. [024], [026]
d) Umbrella Cells
A layer with micro cells is covered by at least one macro cell, and a micro
cell can in turn cover several pico cells, the covering cell is called an umbrella
cell. If there are very small cells and a user is crossing the cells very quickly, a
large number of handovers will occur among the different neighboring cells. The
power level inside an umbrella cell is increased compared to the micro cells with
which it is formed. This makes the mobile to stay in the same cell (umbrella cell)
causing the number of handovers to be decreased as well as the work to be
done by the network. [025], [026]
e) Selective Cells
The full coverage of the cells may not be required in all sorts of
applications, but cells with limited coverage are used with a particular shape.
These are named selective due to the selection of their shape with respect to the
coverage areas. For example, the cells used at the entrance of the tunnels are
selective cells because coverage of 120 degrees is used in them. [026]
2.2.3 Clusters
A rectangular repetition of frequencies results in a clustering of cells. The

clusters generated in this way can comprise the whole frequency band. [115]. A
cluster is a group of cells. No channels are reused within a cluster. Figure 4
illustrates a seven-cell cluster. [027]
For each cluster following holds true:

 A cluster can contain all the frequencies of the mobile radio system.
 Within a cluster, no frequency can be reused. The frequencies, however,
may be used at the earliest of the neighboring cluster.
 The larger the cluster, the larger the values of frequency reuse factor ‘k’;
smaller the number of channels and the number of active subscribers per
cell.
Figure 2.6: cluster [028]
2.3 Frequency Reuse Concept

The concept of cellular systems is the use of low power transmitters in
order to enable’s the efficient reuse of the frequencies. If the transmitters of high
power are used, there will be interference between the user at the boundaries of

the cells. However, the set of available frequencies is limited and that is why
there is a need for the reuse of the frequencies. [029]
A frequency reuse pattern is a configuration of N cells, N being the reuse
factor, in which each cell uses a unique set of frequencies. When the pattern is
repeated, the frequencies can be reused. There are several different patterns,
but only two are shown below to clarify the idea.
Figure 2.7: Frequency Reuse [030]

The numbers in the cells define the pattern. The cells with the same
number in the pattern can use the same set of frequencies. In the pattern with
the reuse factor of 4, only one cell separates the cells using the same set of
frequencies. In the pattern with the reuse factor of 7, two cells separate the
reusing cells.
The distance between the cells using the same frequency must be
sufficient to avoid interference. The frequency reuse increases the capacity in the
number of users of a service provider.
For the proper function of the cellular system, following two conditions must
be satisfied:

• The power level of the transmitter within the single cell must be limited in
order to reduce the interference with the transmitters of the neighboring cells.
The distance of about 2.5 times the diameter of a cell must be maintained
between transmitters of the neighboring cells to avoid any damage to the
system.
• Neighboring cells can not share the same channels. In order to reduce the
interference, the frequencies must be reused only within a certain pattern.
It is required to maintain several radio channels for signaling in order to

exchange information needed to maintain the communication links within the
cellular networks. [031]

Chapter 3
HISTORY OF GSM

3.1 The Beginning of GSM
1980: In the early 1980s, as business was becoming increasingly international,

the communications industry focused exclusively on local cellular solutions, with
very few compatible systems. Nevertheless, it was clear there would be an
escalating demand for a technology that facilitated flexible and reliable mobile
communications. The problem was lack of capacity. By the early 1990s, it was
clear that analog technology would not be able to keep up with demand.
3.2 Groupe Speciale Mobile

1982: Conference Europeenne des Postes et Telecommunications began

specifying a European digital telecommunications standard; in the 900MHz
frequency band. The CEPT was formed in 1982 by the Conference Des
Administrations Europeans Des Posts et Telecommunications. In turn, the CEPT
established the Groupe Speciale Mobile (GSM) to develop the specification for a
pan-European mobile communications network capable of supporting the many
millions of subscribers likely to turn to mobile communications in the years
ahead. These standards later become known as Global System for Mobile
Communication (GSM).
3.3 Digital Technology
1985: West Germany, France and Italy signed an agreement for the
development of GSM. The United Kingdom joined in the following year, and the
group decided that digital technology would become the future of global wireless
communication. Digital technology offered an attractive combination of
performance and spectral efficiency. In addition, such a system would allow the
development of advanced features like speech security and data
communications. Digital also was compatible with Integrated Services Digital
Network (ISDN) technology, which was being developed by land-based.
Telecommunications systems throughout the world, and which would be

necessary for GSM to be successful
3.4 The ‘Memorandum of Understanding’ (MoU)
1986: the GSM Permanent Nucleus (headquartered in Paris) was formed to

assume overall responsibility for coordinating the development of GSM.
3.5 Vision becomes a reality

1986: the GSM Permanent Nucleus held a series of validation trials in Paris.
They tested eight or nine different designs in the quest for an appropriate radio
path, because at the heart of developing a new digital standard was the
resolution of questions relating to reliability and error correction. One of the most
important conclusions from the early tests of the new GSM technology was that
the new standard should employ Time Division Multiple Access (TDMA)
technology. The choice was TDMA or FDMA. [032]
1988: CEPT began producing GSM specifications for a phased implementation.
3.6 The European Telecommunication Standards Institute
1990: GSM responsibility was transferred to the European Telecommunication

Standards Institute (ETSI), and phase I of the GSM specifications were published
in 1990.
Phase I specifications were frozen to allow manufacturers to develop network
equipments.
3.7 Rapid Growth
1991: The GSM 1800 standard was released. Commercial service was started in
mid1991.
1993: Australia becomes the first non-European country to sign the MoU. First
commercial DCS 1800 system was launched in United Kingdom (UK).
There were 36 GSM networks in 22 countries, with 25 additional countries having
already selected or considering GSM. [033] This is not only a European standard
– South Africa, Australia, and many Middle and Far East countries have chosen
GSM.
1994: By the beginning of 1994, there were 1.3 million subscribers worldwide.
[034] the acronym GSM now (aptly) stands for Global System for Mobile
telecommunications. [035]

1995: The specification for the Personal Communication Services (PCS) was
developed in the USA. This version of GSM operates at 1900MHz
1996: The first GSM 1900 systems become available. Those comply with the
PCS 1900 standard. [036]
Finally, the history of GSM is summarized in the form of a simple table
given below:
Year Mobile System

1981 Nordic Mobile Telephone (NMT) 450
1983 American Mobile Phone System (AMPS)
1985 Total Access Communication System (TACS)
1986 Nordic Mobile Telephony (NMT) 900
1991 American Digital Cellular (ADC)
1991 Global System for Mobile Communication (GSM)
1992 Digital Cellular System (DCS) 1800
1994 Personal Digital Cellular (PDC)
1995 PCS 1900-Canada
1996 PCS-United States
Table 3.1: History of GSM, a quick overview [037]
Chapter 4
GSM RADIO ASPECTS

MS
4.1 Radio Transmission Aspects
For the GSM-900 system, two frequency bands have been made available:
• 890 - 915 MHz for the uplink (direction MS to BS)

• 935 - 960 MHz for the downlink (direction BS to MS).
The 25 MHz bands are then divided into 124 pairs of frequency duplex
channels with 200 kHz carrier spacing using Frequency Division Multiple Access

(FDMA). Since it is not possible for a same cell to use two adjacent channels, the
channel spacing can be said to be 200 kHz interleaved.
Figure 4.1: Mobile Radio Propagation [039]
One or more carrier frequencies are assigned to individual Base Station (BS)
and a technique known as Time Division Multiple Access (TDMA) is used to split
this 200 kHz radio channel into 8 time slots (which creates 8 logical channels). A
logical channel is therefore defined by its frequency and the TDMA frame time
slot number. By employing eight time slots, each channel transmits the digitized
speech in a series of short bursts: a GSM terminal is only ever transmitting for
one eighth of the time. [038]
4.2 Aspects of Radio Propagation
Types of signal strength variations:

4.2.1 Macroscopic variations
Macroscopic variations are due to local mean, long term, or log-normal

fading. Its variation is due to the terrain contour between the BTS and the MS.
The fading effect is caused by shadowing and diffraction (bending) of the radio
waves.
4.2.2 Microscopic variations
Microscopic variations are due to multipath, short-term, or Rayleigh fading.

It is caused by the fact that as the MS moves, radio waves from many different
reflection paths will be received.
4.2.3 Digital TDMA Implementation
Advantages of digital transmission
The analog cellular system is known as the first-generation system.

Second generation cellular systems are digital. GSM systems are second-
generation systems.
The digital transmission over the air interface Um has a number of

advantages over analog transmission:
• Better speech quality

• Speech privacy and security (improved through encryption)
• High spectral efficiency (traffic density per MHz bandwidth, due to
extensive frequency reuse)
• Better resistance to interference (also by frequency hopping)
• Data services and ISDN compatibility
• Efficient use of battery power by RF power control [040]
4.2.4 Access methods

Cellular radio as a network does not specify how the individual subscribers
have access to the network. The two main access methods are: analog and
digital.
a) Analog access
Analog systems use the familiar single channel per user concept, known
as Frequency Division Multiple Access (FDMA). World-wide there are up to six
incompatible analog cellular standards, such as NMT. The available spectrum is
divided into channels A, B, C, D, and so on. During the call, a single user will
occupy completely one channel of e.g. 25 kHz bandwidth irrespective whether
the modulation is analog or digital. The signaling over the network is digital, the
speech is modulated analog narrow-band FM
b) Digital access
The aim of digital networks is to have:
• Better compatibility with the network supporting the cellular radio system
• Alternative access method to achieve a better spectral efficiency
Digital systems let each user have access to the frequency band for a short
time (traffic burst), during which time the user transmits data at a high rate.
4.2.5 Time division multiple access
Time Division Multiple Access (TDMA) is used in GSM-900 and GSM-

1800 digital cellular radio. In TDMA, the user's frequency allocation is shared with
other users (seven in case of GSM) who have time slots allocated at other times.
Hence, there are eight physical channels per frequency carrier.
In fact, the GSM system uses a mix of:

• TDMA (time slots on one carrier)

• FDMA (a number of carriers within the band), although frequency hopping
makes the FDMA somewhat more complex
4.2.6 Transmitting/ receiving processes
There are two major processes involved in transmitting and receiving

information over a digital radio link; coding and modulation.
From Source Data to Digital Radio Transmission:
Figure 4.2: Digital Radio Transmission System
4.3 Carrier Frequencies
GSM uses TDMA within a FDMA structure. As a result, different users can
transmit using the same frequency, but they can't transmit at the same time. A
25MHz frequency band is divided using an FDMA scheme into 124 one-way
carrier frequencies. Each base station is assigned one or more carriers to use in
its cell. A 200 kHz frequency band separates the carrier frequencies from each

other. Normally, a 25MHz band should be divisible into 125 carrier frequencies
but in GSM the 1st carrier frequency is used as a guard band between GSM and
other services that might be working on lower frequencies.
Figure 4.3: Frequency Division in the Uplink Spectrum
4.4 Bursts
Each carrier frequency is then divided according to time using a TDMA

scheme. Each of the carrier frequencies is divided into a 120ms multiframe. A
multiframe is made up of 26 frames. Two of these frames are used for control
purposes, while the remaining 24 frames are used for traffic.

Figure 4.4: Structure of a Multiframe
4.4.1 Burst Structure

In GSM, there are 4 different types of bursts. A normal burst is used to
carry speech and data information. The structure of the normal burst is shown
below. Each burst consists of 3 tail bits at each end, 2 data sequences of 57-bits,
a 26-bit training sequence for equalization, and 8.25 guard bits. There are 2
stealing bits (1 for each data sequence) that are used by Fast Access Control
Channels.
The frequency correction burst and synchronous burst have the same
length as normal burst. They have different internal structures to differentiate
them from normal bursts. The frequency correction burst is used in Frequency
Correction Channels (FCCH) and the synchronous burst is used in
Synchronization Channels (SCH). The random access burst is shorter than a
normal burst, and is only used on Random Access Channels (RACH).
Figure 4.5: Burst Structure
4.4.2 Burst types
The different types of bursts are defined in GSM
• Normal burst
• Dummy burst
• Access burst

• Synchronization burst
• Frequency correction burst [041]
Figure 4.6: The TDMA frame structure [042]

Figure 4.7: Organization of bursts, TDMA frames, and multiframes for speech
and data [046]
4.4.3 Burst parts
Examples of burst parts are: training sequence, encrypted bits, tail bits,
guard period and stealing flag bits.
a) Training sequence
A fixed bit pattern, called the TSC (training sequence code) is known by
both the MS and the BTS. It is used to train the MS in predicting and correcting
the signal distortions (due to Doppler and multipath effects) in the demodulation
process. The TSC has a 26, 41 or 64 bit pattern.
b) Encrypted bits
The encrypted bits represent the useful bits serving for speech, data
transmission, or signaling.
c) Tail bits
The tail bits (TB) at the beginning define ("flag") the start of a burst. The
tail bits at the end define the end of a burst.
d) Guard period
The guard period (GP) between to consecutive bursts is necessary for

switching the transmitter on and off. The transmitted amplitude is ramped up from
zero to a constant value over the useful period of a burst and then ramped down
to zero again. This is always required for the MS, and the BTS may do so if the

adjacent burst is not emitted. Switching off will reduce interference to other RF
channels.
e) Stealing flag bits
The network has the option to use the information bits in the normal burst
to send signaling data as needed. By setting a flag, using the stealing flag bits,
the receiver can distinguish between traffic (user data) and signaling information.
The stealing flag bits indicate whether the adjacent 57 bits in the
associated data field contain speech/data information or are "stolen" from the
traffic channel for carrying pre-emptive FACCH (fast associated control channel)
signaling information. The FACCH is used for sending signaling data if the
capacity of the SACCH (slow associated control channel) is not sufficient. [043]
4.5. Channels
A channel relates to the recurrence of one burst in every frame. The
channel is characterized by both its frequency and its position within the TDMA
frame. This characterization is cyclical, and the channel pattern repeats every 3
hours.
There are two major categories of channels in GSM: traffic channels, and
control channels. Channels can also be classified as being dedicated or
common. Dedicated channels are assigned to a mobile station, while common
channels are used by idle mobile stations.
4.5.1 Traffic Channels

Traffic channels transport speech and data information. A traffic channel
using a group of 26 TDMA frames called 26-Multiframe. In this standard, traffic
channels for uplinks and downlinks are separated by 3 bursts. Because of this,

the mobile station does not need to transmit and receive at the same time. A full
rate traffic channel uses 1 time slot in each of the traffic frames in a multiframe.
4.5.2 Control Channels

Control channels deal with network management messages and channel
maintenance tasks. These channels can be used by either idle or dedicated
mobile stations. Some of the common channel types are:
• Broadcast Control Channels

• Frequency Correction Channels
• Synchronization Channels
• Random Access Channels
• Paging Channels [044], [045]
4.5.3 Broadcast Control Channel (BCCH)

Continually broadcasts, on the downlink, information including base
station identity, frequency allocations, and frequency-hopping sequences.
4.5.4 Frequency Correction Channel (FCCH) and Synchronization Channel
(SCH)
It is used to synchronize the mobile to the time slot structure of a cell by
defining the boundaries of burst periods, and the time slot numbering. Every cell
in a GSM network broadcasts exactly one FCCH and one SCH, which are by
definition on time slot number 0 (within a TDMA frame).
4.5.5 Random Access Channel (RACH)

Slotted Aloha channel used by the mobile to request access to the network.
4.5.6 Paging Channel (PCH)

It is used to alert the mobile station of an incoming call. [047]

4.5.7 Access Grant Channel (AGCH)

It is used to allocate an SDCCH to a mobile for signaling.
4.6 Frequency hopping

The mobile station already has to be frequency agile, meaning it can move
between transmit, receive, and monitor time slot within one TDMA frame, which
normally are on different frequencies. GSM makes use of this inherent frequency
agility to implement slow frequency hopping, where the mobile and BTS transmit
each TDMA frame on a different carrier frequency. The frequency hopping
algorithm is broadcast on the Broadcast Control Channel. Since multipath fading
is dependent on carrier frequency, slow frequency hopping helps alleviate the
problem. In addition, co-channel interference is in effect randomized.
4.7 Discontinuous Transmission

Minimizing co-channel interference is a goal in any cellular system, since it
allows better service for a given cell size, or the use of smaller cells, thus
increasing the overall capacity of the system. Discontinuous transmission (DTX)
is a method that takes advantage of the fact that a person speaks less that 40
percent of the time in normal conversation. [048]
By turning the transmitter off during silence periods, an added benefit of
DTX is that power is conserved at the mobile unit.
The most important component of DTX is, of course, Voice Activity

Detection. It must distinguish between voice and noise inputs, a task that is not
as trivial as it appears, considering background noise. If a voice signal is
misinterpreted as noise, the transmitter is turned off and a very annoying effect
called clipping is heard at the receiving end. If, on the other hand, noise is
misinterpreted as a voice signal too often, the efficiency of DTX is dramatically
decreased. Another factor to consider is that when the transmitter is turned off,
there is total silence heard at the receiving end, due to the digital nature of GSM.
To assure the receiver that the connection is not dead, comfort noise is created

at the receiving end by trying to match the characteristics of the transmitting

end's background noise.
4.8 Discontinuous reception
Another method used to conserve power at the mobile station is

discontinuous reception. The paging channel, used by the base station to signal
an incoming call, is structured into sub-channels. Each mobile station needs to
listen only to its own sub-channel. In the time between successive paging sub-
channels, the mobile can go into sleep mode, when almost no power is used.
4.9 Power control

There are five classes of mobile stations defined, according to their peak
transmitter power, rated at 20, 8, 5, 2, and 0.8 watts. To minimize co-channel
interference and to conserve power, both the mobiles and the Base Transceiver
Stations operate at the lowest power level that will maintain an acceptable signal
quality. Power levels can be stepped up or down in steps of 2 dB from the peak
power for the class down to a minimum of 13 dBm (20 milliwatts).
The mobile station measures the signal strength or signal quality (based
on the Bit Error Ratio), and passes the information to the Base Station Controller,
which ultimately decides if and when the power level should be changed. Power
control should be handled carefully, since there is the possibility of instability.
This arises from having mobiles in co-channel cells alternatively increase their
power in response to increased co-channel interference caused by the other
mobile increasing its power.
4.10 From Speech to Radio Waves
Figure below depicts the sequence of operations from speech to radio

waves and from radio waves to speech. These operations are described in the
following sections.

Figure 4.8: Speech Conversion sequence of operations [049]
Chapter 5
GSM ARCHITECTURE

5.1 Basic Architecture
A GSM system is basically designed as a combination of four major subsystems:

1. Radio subsystem (RSS)
2. Network (switching) subsystem (SSS)
3. Operation and maintenance subsystem (OMS) [050], [051]

Figure 5.1: Main Components of GSM Network
Before exploring the GSM architecture in depth, it is better to have a quick

overview of the above components, starting with the MS (the mobile station). As
we shall precede through our discussion on these components the architecture,
other parts of the entire network will elaborate automatically.
5.2 Radio Subsystem (RSS)
The Radio Subsystem (RSS) consists of:

• Mobile Station (MS)
• Base Station (BS)
• Radio Interface (Um)
5.2.1 Mobile station
Mobile station (MS) is a portable data and/or voice communications statio

which acts as a normal telephone whilst being able to move over a wide area. A
mobile station is typically made up of:
• an antenna

• an amplifier
• a receiver
• a transmitter and
• similar hardware and software for sending and receiving signals and
converting between RF waves and audio signals [052]
The mobile station (MS) comprises all user equipment and software needed
for communication with a Wireless telephone network. MS refers to the Mobile
Phone i.e. the handset held by the users in the mobile network. This is the
terminology of 2G systems like GSM. In the 3G systems, MS (mobile station) is
now referred as User Equipment UE. The MS includes radio equipment and the
man machine interface (MMI) that a subscribe needs in order to access the
services provided by the GSM PLMN. MS can be installed in Vehicles or can be
portable or handheld stations. The MS may include provisions for data
communication as well as voice. A mobile transmits and receives message to
and from the GSM system over the air interface to establish and continue
connections through the system. [053], [064]
In GSM, the Mobile Station consists of four main components:
• Mobile Terminal (MT)- offers common functions that are used by all the
service the Mobile Station offers. It is equivalent to the network termination
of an ISDN access and is also the end-point of the radio interface.
• Terminal Equipment (TE) - is a peripheral device of the Mobile Station
and offers services to the user. It does not contain any functions specific in
GSM.
• Terminal Adapter (TA) - hides radio-specific characteristics.
• Subscriber Identity Module (SIM) - is a personalization of the Mobile
Station and stores user specific parameters (such as mobile number,
contacts etc). [054]

Figure 5.2: components of the MS [055]
Each MS is identified by an IMEI that is permanently stored in the mobile

unit. Upon request, the MS sends this number over the signaling channel to the
MSC. The IMEI can be used to identify mobile units that are reported stolen or
operating incorrectly.
Just as the IMEI identities the mobile equipment, other numbers are used
to identity the mobile subscriber. Different subscriber identities are used in
different phases of call setup. The Mobile Subscriber ISDN Number (MSISDN) is
the number that the calling party dials in order to reach the subscriber. It is used
by the land network to route calls toward an appropriate MSC. The international
mobile subscribe identity (IMSI) is the primary function of the subscriber within
the mobile network and is permanently assigned to him.
5.2.1.1 Functions of a Mobile Station
The Mobile Station (MS) performs the following:
• Radio transmission termination

• Radio channel management
• Speech encoding/decoding
• Radio link error protection

• Flow control of data

• Mobility management
• Performance measurements of radio link [064], [065]
The MS has two very important entities, each with its own identity:
• Subscriber Identity Module (SIM)

• Mobile equipment [066]
5.2.1.2 Subscriber Identity Module (SIM)
Figure 5.3: Subscriber’s Identity Module
GSM subscribers are provided with a SIM (subscriber identity module)

card with its unique identification at the very beginning of the service. By
divorcing the subscriber ID from the equipment ID, the subscriber may never
own the GSM mobile equipment set. The subscriber is identified in the system
when he inserts the SIM card in the mobile equipment. This provides an
enormous amount of flexibility to the subscribers since they can now use any
GSM-specified mobile equipment.
The SIM is a removable, the size of a credit card, and contains an
integrated circuit chip with a microprocessor, random access memory (RAM),
and read only memory (ROM). The subscriber inserts it in the MS unit when he
or she wants to use the MS to make or receive a call. As stated, a SIM also
comes in a modular from that can be mounted in the subscriber’s equipment.

When a mobile subscriber wants to use the system, he or she mounts

their SIM card and provide their Personal Identification Number (PIN), which is
compared with a PIN stored within the SIM. If the user enters three incorrect PIN
codes, the SIM is disabled. The service provider if requested by the subscriber
can also permanently bypass the PIN. Disabling the PIN code simplifies the call
setup but reduces the protection of the user’s account in the event of a stolen
SIM. [067], [068]
5.2.1.3 Functions of a SIM
The functions of the Subscriber Identity Module (SIM) are:
• Authentication of the validity of the MS when accessing the network

• User authentication
• Storage of subscriber-related information, which can be: data fixed during
administrative phase (e.g., subscriber identification), and temporary
network data (e.g., cell location identity).
5.2.1.4 Mobile Equipment (ME)

The mobile equipment is also called the terminal and is responsible for
communication with the GSM system and converting the radio signals in to
human voice and reverse is also true.
According to the power and applications of it, M.E. is divided into different
types:
• Fixed Terminals
• Portable Terminals
• Handheld terminals
a) Fixed Terminals
These MEs are installed in cars having the maximum power output of 20 W.

b) Portable Terminals
Portable terminals are also installed in the vehicles. Their maximum
allowed output power is 8 W.
c) Handheld terminals
The handheld terminals are most popular because of their smaller size
and weight, which are decreasing continuously. These terminals can emit up to 2
W of power. With evolution in technology, the maximum allowed power is
reduced to 0.8 W.
5.1.2.5 Mobile subscriber identities in GSM
It would be better to discuss some of the important subscriber identities in
the GSM, which make the use of this technology safer for every person whether
he/she is a subscriber of GSM or not.
1) International Mobile Subscriber Identity (IMSI)
An IMSI is assigned to each authorized GSM user. It consists of a mobile
country code (MCC), mobile network code (MNC) (to identify the PLMN), and a
PLMN unique mobile subscriber identification number (MSIN). The IMSI is the
only absolute identity that a subscriber has within the GSM system. The IMSI
consists of the MCC followed by the MNC and MSIN and shall not exceed 15
digits. It is used in the case of system-internal signaling transactions in order to
identify a subscriber. The first two digits of the MSIN identify the HLR where the
mobile subscriber is administrated. [069]
2) Temporary Mobile Subscriber Identity (TMSI)

A TMSI is a MSC-VLR specific alias that is designed to maintain user
confidentiality. It is assigned only after successful subscriber authentication. The
correlation of a TMSI to an IMSI only occurs during a mobile subscriber’s initial
transaction with an MSC (for example, location updating). Under certain condition

(such as traffic system disruption and malfunctioning of the system), the MSC
can direct individual TMSIs to provide the MSC with their IMSI.
3) Mobile Station ISDN Number

The MS international number must be dialed after the international prefix
in order to obtain a mobile subscriber in another country. The MSISDN numbers
is composed of the country code (CC) followed by the National Destination Code
(NDC), Subscriber Number (SN), which shall not exceed 15 digits. Here too the
first two digits of the SN identify the HLR where the mobile subscriber is
administrated.
4) The Mobile Station Roaming Number (MSRN)

The MSRN is allocated on temporary basis when the MS roams into
another numbering area. The MSRN number is used by the HLR for rerouting
calls to the MS. It is assigned upon demand by the HLR on a per-call basis. The
MSRN for PSTN/ISDN routing shall have the same structure as international
ISDN numbers in the area in which the MSRN is allocated. The HLR knows in
what MSC/VLR service area the subscriber is located. At the reception of the
MSRN, HLR sends it to the GMSC, which can now route the call to the MSC/VLR
exchange where the called subscriber is currently registered.
5) International Mobile Equipment Identity

The IMEI is the unique identity of the equipment used by a subscriber by
each PLMN and is used to determine authorized (white), unauthorized (black),
and malfunctioning (gray) GSM hardware. In conjunction with the IMSI, it is used
to ensure that only authorized users are granted access to the system.
The Base Station (BS) terminates the radio interface (Um) on the stationary
network side. The BS has a modular design and includes the:

• Base Transceiver Station (BTS)

• Base Station Controller (BSC)
• Transcoding and Rate Adaptation Unit (TRAU) [070], [071]
5.2.2 Base Station System (BSS)
In GSM, the Base Station System is a term given to a BSC (Base Station
Controller) and the BTS (Base Transceiver Station) associated with it. The
number of BTS associated with a BSC is dependent on the manufacturer.
Although not mandatory, through interpretation of the Abis interface standard
BTS and BSC employed within a BSS will always be supplied by the same
manufacturer. [072], [073]
Figure 5.4: BSS Structure

The BSC, the TRAU and BTS form a unit, which is called Base Station
System (BSS) in the GSM terminology. A BSC can control several BTS. Every
BSC contained in the network controls one BSS. The interface between BSC and
BTS is called Abis - interface. An interface is the entity responsible for
communicating with MSs in a certain area. The radio equipment of a BSS may
be composed of one or more cells. A BSS may consist of one or more BS.
The base station subsystem (BSS) is the section of a traditional cellular

telephone network which is responsible for handling traffic and signaling between

a mobile phone and the network switching subsystem. The BSS carries out
transcoding of speech channels, allocation of radio channels to mobile phones,
paging, quality management of transmission and reception over the air interface
and many other tasks related to the radio network. [074]
Figure 5.5: Detailed BSS Components
5.2.2.1 Base Station Controller (BSC)
A BSC is a network component in the PLMN that function for control of

one or more BTS. It is a functional entity that handles common control functions
within a BTS. BSC within a mobile network is a key component for handling and
routing information. The BSC provides all the control functions and physical links
between the MSC and BTS. It is a high-capacity switch that provides functions
such as handover, cell configuration data, and control of radio frequency (RF)

power levels in base transceiver stations. A number of BSCs are served by an

MSC.
The BSC is connected to the MSC on one side and to the BTS on the
other. The BSC performs the Radio Resource (RR) management for the cells
under its control. It assigns and releases frequencies and timeslots for all MSs in
its own area. The BSC performs the intercell handover for MSs moving between
BTS in its control. It also reallocates frequencies to the BTSs in its area to meet
locally heavy demands during peak hours or on special events. The BSC controls
the power transmission of both BSSs and MSs in its area. The minimum power
level for a mobile unit is broadcast over the BCCH.
The BSC provides the time and frequency synchronization reference
signals broadcast by its BTSs. The BSC also measures the time delay of
received MS signals relative to the BTS clock. If the received MS signal is not
centered in its assigned timeslot at the BTS, The BSC can direct the BTS to
notify the MS to advance the timing such that proper synchronization takes place.
The BSC may also perform traffic concentration to reduce the number of
transmission lines from the BSC to its BTSs. [074]
A BSC is often based on a distributed computing architecture, with

redundancy applied to critical functional units to ensure availability in the event of
fault conditions. Redundancy often extends beyond the BSC equipment itself and
is commonly used in the power supplies and in the transmission equipment
providing the A-ter interface to PCU.
The databases for all the sites, including information such as carrier
frequencies, frequency hopping lists, power reduction levels, receiving levels for
cell border calculation, are stored in the BSC. This data is obtained directly from
radio planning engineering which involves modeling of the signal propagation as
well as traffic projections. [075], [076]

5.2.2.2 Packet control unit
The packet control unit (PCU) is a late addition to the GSM standard. It
performs some of the processing tasks of the BSC, but for packet data. The
allocation of channels between voice and data is controlled by the base station,
but once a channel is allocated to the PCU, the PCU takes full control over that
channel.
The PCU can be built into the base station, built into the BSC or even, in
some proposed architectures, it can be at the SGSN site. In most of the cases,
the PCU is a separate node communicating extensively with the BSC on the
radio side and the SGSN on the Gb side.
5.2.2.3 Base Terminal Station (BTS)
The BTS handles the radio interface to the mobile station. The BTS is the
radio equipment (transceivers and antennas) needed to service each cell in the
network. A group of BTSs are controlled by a BSC.
A BTS is a network component that serves one cell and is controlled by a

BSC. BTS is typically able to handle three to five radio carries, carrying between
24 and 40 simultaneous communication. Reducing the BTS volume is important
to keeping down the cost of the cell sites.

Figure 5.6: BTS with its antennae [076]
A BTS compares radio transmission and reception devices, up to and including

the antennas, and also all the signal processing specific to the radio interface. A
single transceiver within BTS supports eight basic radio channels of the same
TDM frame.
There are two categorize in which, BTS may be arranged in the cells depending
upon the circumstances of the region in which they are to be used. The two
arrangements are shown in figure below.
Collocated BTS

Remote BTS
Star BTS
Figure 5.7: Two types of BTS arrangements [077]
5.2.2.4 Functions of BTS
The primary responsibility of the BTS is to transmit and receive radio

signals from a mobile unit over an air interface. To perform this function
completely, the signals are encoded, encrypted, multiplexed, modulated, and
then fed to the antenna system at the cell site. Transcoding to bring 13-kbps
speech to a standard data rate of 16 kbps and then combining four of these
signals to 64 kbps is essentially a part of BTS, though; it can be done at BSC or

at MSC. The voice communication can be either at a full or half rate over logical
speech channel. In order to keep the mobile synchronized, BTS transmits
frequency and time synchronization signals over frequency correction channel
(FCCH and BCCH logical channels. The received signal from the mobile is
decoded, decrypted, and equalized for channel impairments.
Random access detection is made by BTS, which then sends the
message to BSC. The channel subsequent assignment is made by BSC. Timing
advance is determined by BTS. BTS signals the mobile for proper timing
adjustment. Uplink radio channel measurement corresponding to the downlink
measurements made by MS has to be made by BTS. [078], [079]
5.2.2.5 Sectorization
By using directional antennas on a base station, each pointing in different

directions, it is possible to sectorize the base station so that several different cells
are served from the same location. Typically these directional antennas have a
beam width of 65 to 85 degrees. This increases the traffic capacity of the base
station (each frequency can carry eight voice channels) whilst not greatly
increasing the interference caused to neighboring cells (in any given direction,
only a small number of frequencies are being broadcast). Typically two antennas
are used per sector, at spacing of ten or more wavelengths apart. This allows the
operator to overcome the effects of fading due to physical phenomena such as
multipath reception. Some amplification of the received signal as it leaves the
antenna is often used to preserve the balance between uplink and downlink
signal.

Figure 5.8(a): Site Sectorization-Omni Cell site [056]
Figure 5.8(b): Site Sectorization-Tri Cell site [056]
Figure 5.8(c): Site Sectorization-Hex Cell site [056]
5.2.2.6 BTS-BSC Configurations

There are several BTS-BSC configurations: single site, single cell; single
site, multicell; and multisite, multicell. These configurations are chosen based on
the rural or urban application. These configurations make the GSM system
economical since the operation has options to adapt the best layout based on the
traffic requirement. Thus, in some sense, system optimization is possible by the
proper choice of the configuration.
These include omni-directional rural configuration where the BSC and
BTS are on the same site; chain and multidrop loop configuration in which
several BTSs are controlled by a single remote BSC with a chain or ring
connection topology; rural star configuration in which several BTSs are
connected by individual lines to the same BSC; and sectorized urban
configuration in which three BTSs share the same site and are controlled by
either a collocated or remote BSC. In rural areas, most BTSs are installed to
provide maximum coverage rather then maximum capacity.
5.2.2.7 Transcoder and Rate Adaptation Unit (TRAU)
An important component of the BSS that is considered in the GSM

architecture as a part of the BTS is the Transcoder/Rate Adaptation Unit (TRAU).
The TRAU is the equipment in which coding and decoding is carried out as well
as rate adaptation in case of data. Although the specifications consider the TRAU
as a subpart of the BTS, it can be sited away from the BTS (at MSC), and even
between the BSC and the MSC. The TRAU adapts the 64 Kbps from the MSC to
the comparatively low transmission rate of the radio interface of 16 Kbps.
The interface between the MSC and the BSS is a standardized SS7
interface (A-interface) that, as stated before, is fully defined in the GSM
recommendations. This allows the system operator to purchase switching
equipment from one supplier and radio equipment and the controller from
another. The interface between the BSC and a remote BTS likewise is a
standard the Abis. In splitting the BSS functions between BTS and BSC, the main

principle was that only such functions that had to reside close to the radio
transmitters/receivers should be placed in BTS. This will also help reduce the
complexity of the BTS.
5.2.2.8 Transcoder (XCDR)
Depending on the relative costs of a transmission plant for a particular

cellular operator, there may be some benefit, for larger cells and certain network
topologies, in having the transcoder either at the BTS, BSC or MSC location. If
the transcoder is located at MSC, they are still considered functionally a part of
the BSS. This approach allows for the maximum of flexibility and innovation in
optimizing the transmission between MSC and BTS.
Figure 5.9: Transcoder Interfacing
The transcoder is the device that takes 13-Kbps speech or 3.6/6/12-Kbps

data multiplexes and four of them to convert into standard 64-Kbps data. First,
the 13 Kbps or the data at 3.6/6/12 Kbps are brought up to the level of 16 Kbps
by inserting additional synchronizing data to make up the difference between a
13-Kbps speech or lower rate data, and then four of them are combined in the

transcoder to provide 64 Kbps channel within the BSS. Four traffic channels can
then be multiplexed on one 64-Kbps circuit. Thus, the TRAU output data rate is
64 Kbps. Then, up to 30 such 64-Kbps channels are multiplexed onto a 2.048
Mbps if a CEPT1 channel is provided on the Abis interface. This channel

can carry up to 120-(16x 120) traffic and control signals. Since the data rate to
the PSTN is normally at 2 Mbps, which is the result of combining 30-Kbps by 64-
Kbps channels, or 120- Kbps by 16-Kbps channels. [080]
5.2.3 The Interfaces in the GSM
5.2.3.1 Um-interface
It is the air interface between the mobile station (MS) and the BTS. This
interface uses LAPDm protocol for signaling, to conduct call control,
measurement reporting, handover, power control, authentication, authorization,
location update and so on. Traffic and signaling are sent in bursts of 0.577 ms at
intervals of 4.615 ms, to form data blocks each 20 ms.
Figure 5.10: Simple description of Interfaces [057]
5.2.3.2 Abis-interface

It is the interface between the BTS and BSC, generally carried by a DS-1, ES-1,
or E1 TDM circuit. Uses TDM sub-channels for traffic (TCH), LAPD protocol for
BTS supervision and telecom signaling, and carries synchronization from the
BSC to the BTS and MS.
The Abis interface uses multiplexing (Mult) or rate adaptation (RA) on its
links. The first option means that four 16 kbit/s links are multiplexed into one 64
kbit/s channel. The latter option means that no multiplexing of the 16 kbit/s
channels takes place. [058]
5.2.3.3 A-interface
It is the interface between the BSC and MSC. It is used for carrying traffic
channels and the BSSAP user part of the SS7 stack. Although there are usually
transcoding units between BSC and MSC, the signaling communication takes
place between these two ending points and the transcoder unit doesn't touch the
SS7 information, only the voice or CS data are transcoded or rate adapted.
5.2.3.4 Ater-interface
It is the interface between the BSC and transcoder. It is a proprietary
interface whose name depends on the vendor (for example Ater by Nokia), it
carries the A interface information from the BSC leaving it untouched.
5.2.3.5 Gb-interface
It connects the BSS to the SGSN in the GPRS core network . [059]

Figure 5.11: Signaling protocol structure in GSM

In the figure: Layer 1 is the physical layer, Layer 2 is the data link layer, and Layer 3 is the GSM
signaling protocol. [060]
5.3 Switching Subsystem (SSS)

The Switching Subsystem (SSS) comprises of:
• Mobile services Switching Centre (MSC)

• Home Location Register (HLR)
• Visitor Location Register (VLR)
• Authentication Centre (AuC)
• Equipment Identification Register (EIR) [061]
Figure 5.12: The NSS [081], [083]

The network and the switching subsystem together include the

main switching functions of GSM as well as the databases needed for
subscriber data and mobility management (VLR). The main role of the
MSC is to manage the communications between the GSM users and other
telecommunication network users. The basic switching function is performed by
the MSC, whose main function is to coordinate setting up calls to and from GSM
users. The MSC has interface with the BSS on one side (through which MSC
VLR is in contact with GSM users) and the external networks on the other
(ISDN/PSTN/PSPDN). The main difference between a MSC and an exchange in
a fixed network is that the MSC has to take into account the impact of the
allocation of RRs and the mobile nature of the subscribers and has to perform, in
addition, at least, activities required for the location registration and handover.
The Network Switching Subsystem, also referred to as the GSM core

network, usually refers to the circuit-switched core network, used for traditional
GSM services such as voice calls, SMS, and circuit switched data calls.
There is also an overlay architecture on the GSM core network to provide

packet-switched data services and is known as the GPRS core network. This allows
mobile phones to have access to services such as WAP, MMS, and Internet
access.
All mobile phones manufactured today have both circuit and packet based
services, so most operators have a GPRS network in addition to the standard
GSM core network. [062]
5.3.1 Mobile Switching Center (MSC)
An MSC is the point of connection to the network for mobile subscribers of

a wireless telephone network. It connects to the subscribers through base
stations and radio transmission equipment that control the air interface, and to
the network of other MSCs and wireless infrastructure through voice trunks and

SS7. An MSC includes the procedures for mobile registration and is generally co-
sited with a visitor location register (VLR) that is used to temporarily store
information relating to the mobile subscribers temporarily connected to that MSC.
The MSC performs the telephony switching functions of the system. It controls
calls to and from other telephone and data systems. It also performs such
functions as toll ticketing, network interfacing, common channel signaling, and
others.
5.3.1.1 Other GSM core network elements connected to MSC
The MSC connects to the following elements:
• The home location register (HLR) for obtaining data about the SIM and mobile
services ISDN number (MSISDN; i.e., the telephone number).
• The UMTS terrestrial radio access network (UTRAN) which handles the radio
communication with 3G mobile phones.
• The visitor location register (VLR) for determining where other mobile
subscribers are located.
• Other MSCs for procedures such as handover.
5.3.1.2 Other network elements of MSC
a) Billing Center
Each MSC writes call accounting records to local disk memory. Billing
Center periodically polls the disk records of each MSC to collect the billing data
for the PLMN.
b) Service Center
The Service Center interfaces with the MSCs to provide special services,
such as the Short Message Service (SMS), to mobile subscribers in the PLMN.

The Billing Center and Service Center are not a basic part of the GSM system.
[083]
c) Tasks of the MSC
The main tasks of the MSC include:
• Delivering calls to subscribers as they arrive based on information from the

VLR.
• Connecting outgoing calls to other mobile subscribers or the PSTN.
• Delivering SMSs from subscribers to the short message service centre (SMSC)
and vice versa.
• Arranging handovers from BSC to BSC.
• Carrying out handovers from this MSC to another.
• Supporting supplementary services such as conference calls or call hold.
• Generating billing information. [084]
5.3.1.3 Functions-based Types
There are various different names for MSCs in different contexts which
reflects their complex role in the network, all of these terms though could refer to
the same MSC, but doing different things at different times.
1) Gateway MSC (G-MSC)
The gateway MSC (G-MSC) is the MSC that determines which visited
MSC the subscriber who is being called is currently located. It also interfaces
with the PSTN. All mobile to mobile calls and PSTN to mobile calls are routed
through a G-MSC. The term is only valid in the context of one call since any MSC
may provide both the gateway function and the Visited MSC function; however,
some manufacturers design dedicated high capacity MSCs which do not have

any BSSs connected to them. These MSCs will then be the Gateway MSC for
many of the calls they handle.
2) Visited MSC (V-MSC)
The visited MSC (V-MSC) is the MSC where a customer is currently

located. The VLR associated with this MSC will have the subscriber's data in it.
3) Anchor MSC
The anchor MSC is the MSC from which a handover has been initiated.
The target MSC is the MSC toward which a Handover should take place. A
mobile switching centre server is a part of the redesigned MSC concept starting
from 3GPP Release 5. [084]
4) Short Message Service Center (SMSC)
Finally, the MSC serves as a SMS gateway to forward SMS messages

from Short Message Service Centers (SMSC) to the subscribers and from the
subscribers to the SMSCs. It thus acts as a message mailbox and delivery
system
The SMSC is a store-and-forward device used to provide peer-to-peer text

messaging services in mobile networks. Any text message issued from a
mobile handset is forwarded to the SMSC, where the location of the called
subscriber is determined by consulting the appropriate HLR. If the subscriber is
currently connected to a reachable network, the location is determined and the
text message is transmitted. If not, the message is stored for later transmission
once the subscriber becomes available. The SMSC also includes back-end
interfaces for the connection of enhanced service platforms that can be used to

implement a variety of SMS services such as televoting and premium rate data
services (e.g., weather, traffic, sports, and news). [085]
5.3.2 Home location register (HLR)
'Home Location Register' The home location register (HLR) is a central

database that contains details of each mobile phone subscriber that is authorized
to use the GSM core network. There can be several logical, and physical, HLRs
per public land mobile network (PLMN), though one international mobile subscriber identity
(IMSI)/MSISDN pair can be associated with only one logical HLR (which can
span several physical nodes) at a time.
The HLR stores details of every SIM card issued by the mobile phone operator.
Each SIM has a unique identifier called an IMSI which is the primary key to each
HLR record.
The next important items of data associated with the SIM are the
MSISDNs, which are the telephone numbers used by mobile phones to make
and receive calls. The primary MSISDN is the number used for making and
receiving voice calls and SMS, but it is possible for a SIM to have other
secondary MSISDNs associated with it for fax and data calls. Each MSISDN is
also a primary key to the HLR record. The HLR data is stored for as long as a
subscriber remains with the mobile phone operator.
5.3.2.1 Data stored in the HLR
• GSM services that the subscriber has requested or been given.

• GPRS settings to allow the subscriber to access packet services.
• Current location of subscriber (VLR and serving GPRS support node/SGSN).
• Call diverts settings applicable for each associated MSISDN.

The HLR is a system which directly receives and processes MAP transactions
and messages from elements in the GSM network, for example, the location
update messages received as mobile phones roam around.
5.3.2.2 Other GSM core network elements connected to HLR
The HLR connects to the following elements:
• The G-MSC for handling incoming calls

• The VLR for handling requests from mobile phones to attach to the network
• The SMSC for handling incoming SMS
• The voice mail system for delivering notifications to the mobile phone that a
message is waiting
• The AUC for authentication and ciphering and exchange of data (triplets)
5.3.2.3 Functions of HLR
The main function of the HLR is to manage the fact that SIMs and phones
move around a lot. The following procedures are implemented to deal with this:
• Manage the mobility of subscribers by means of updating their position in

administrative areas called 'location areas', which are identified with a LAC.
The action of a user of moving from one LA to another is followed by the HLR
with a Location area update while retrieving information from BSS as base
station identity code (BSIC).
• Send the subscriber data to a VLR or SGSN when a subscriber first roams
there.
• Broker between the G-MSC or SMSC and the subscriber's current VLR in
order to allow incoming calls or text messages to be delivered.
• Remove subscriber data from the previous VLR when a subscriber has
roamed away from it. [086], [087], [088]

5.3.3 Visitor location register (VLR)
The visitor location register is a temporary database of the subscribers

who have roamed into the particular area which it serves. Each base station in the
network is served by exactly one VLR; hence a subscriber cannot be present in
more than one VLR at a time.
The data stored in the VLR has either been received from the HLR, or
collected from the MS. In practice, for performance reasons, most vendors
integrate the VLR directly to the V-MSC and, where this is not done, the VLR is
very tightly linked with the MSC via a proprietary interface.
5.3.3.1 Data stored in VLR
• IMSI (the subscriber's identity number).

• Authentication data.
• MSISDN (the subscriber's phone number).
• GSM services that the subscriber is allowed to access.
• Access point (GPRS) subscribed.
• The HLR address of the subscriber.
5.3.3.2 Other GSM core network elements connected to VLR
The VLR connects to the following elements:
• The V-MSC to pass needed data for its procedures; e.g., authentication or
call setup.
• The HLR to request data for mobile phones attached to its serving area.
• Other VLRs to transfer temporary data concerning the mobile when they roam
into new VLR areas. For example, the temporal mobile subscriber identity (TMSI).
5.3.3.3 Functions of VLR

The primary functions of the VLR are:
• To inform the HLR that a subscriber has arrived in the particular area covered
by the VLR.
• To track where the subscriber is within the VLR area (location area) when no
call is ongoing.
• To allow or disallow which services the subscriber may use.
• To allocate roaming numbers during the processing of incoming calls.
• To purge the subscriber record if a subscriber becomes inactive whilst in the
area of a VLR. The VLR deletes the subscriber's data after a fixed time period
of inactivity and informs the HLR (e.g., when the phone has been switched off
and left off or when the subscriber has moved to an area with no coverage for
a long time).
• To delete the subscriber record when a subscriber explicitly moves to
another, as instructed by the HLR. [086], [087], [088]
5.3.4 Authentication centre (AUC)
The authentication centre (AUC) is a function to authenticate each SIM card

that attempts to connect to the GSM core network (typically when the phone is
powered on). Once the authentication is successful, the HLR is allowed to
manage the SIM and services described above. An encryption key is also
generated that is subsequently used to encrypt all wireless communications
(voice, SMS, etc.) between the mobile phone and the GSM core network.
If the authentication fails, then no services are possible from that particular
combination of SIM card and mobile phone operator attempted. There is an
additional form of identification check performed on the serial number of the
mobile phone described in the EIR section below, but this is not relevant to the
AUC processing.

Proper implementation of security in and around the AUC is a key part of

an operator's strategy to avoid SIM cloning.
The AUC does not engage directly in the authentication process, but
instead generates data known as triplets for the MSC to use during the
procedure. The security of the process depends upon a shared secret between
the AUC and the SIM called the Ki. The Ki is securely burned into the SIM during
manufacture and is also securely replicated onto the AUC. This Ki is never
transmitted between the AUC and SIM, but is combined with the IMSI to produce
a challenge/response for identification purposes and an encryption key called Kc
for use in over the air communications. [088]
5.3.5 Equipment Identity Register (EIR)
The EIR is a database that contains information about the identity of

mobile equipment that prevents calls from stolen, unauthorized, or defective
mobile stations. The AUC and EIR are implemented as stand-alone nodes or as
a combined AUC/EIR node.
EIR is a database that stores the IMEI numbers for all registered ME units.
The IMEI uniquely identifies all registered ME. There is generally one EIR per
PLMN. It interfaces to the various HLR in the PLMN. The EIR keeps track of all
ME units in the PLMN. It maintains various lists of message. The database stores
the ME identification and has nothing do with subscriber who is receiving or
originating call. There are three classes of ME that are stored in the database,
and each group has different characteristics:
White List: contains those IMEIs that are known to have been assigned to valid
MS’s. This is the category of genuine equipment.
Black List: contains IMEIs of mobiles that have been reported stolen.

Gray List: contains IMEIs of mobiles that have problems (for example, faulty
software, and wrong make of the equipment). This list contains all MEs with
faults not important enough for barring. [088]
5.4 Operation and Maintenance Subsystem (OMS)
The Operations and Maintenance Center (OMC) is the centralized

maintenance and diagnostic heart of the Base Station System (BSS). It allows
the network provider to operate, administer, and monitor the functioning of the
BSS. An OMS consists of one or more Operation & Maintenance Centre (OMC).
Figure 5.13: The OMC [089]
The operations and maintenance center (OMC) is connected to all

equipment in the switching system and to the BSC. The implementation of OMC
is called the operation and support system (OSS). The OSS is the functional
entity from which the network operator monitors and controls the system. The
purpose of OSS is to offer the customer cost-effective support for centralized,
regional and local operational and maintenance activities that are required for a
GSM network. An important function of OSS is to provide a network overview

and support the maintenance activities of different operation and maintenance

organizations.
The OMC provides alarm-handling functions to report and log alarms

generated by the other network entities. The maintenance personnel at the OMC
can define that criticality of the alarm. Maintenance covers both technical and
administrative actions to maintain and correct the system operation, or to restore
normal operations after a breakdown, in the shortest possible time.
The fault management functions of the OMC allow network devices to be

manually or automatically removed from or restored to service. The status of
network devices can be checked, and tests and diagnostics on various devices
can be invoked. For example, diagnostics may be initiated remotely by the OMC.
A mobile call trace facility can also be invoked. The performance management
functions included collecting traffic statistics from the GSM network entities and
archiving them in disk files or displaying them for analysis. Because a potential to
collect large amounts of data exists, maintenance personal can select which of
the detailed statistics to be collected based on personal interests and past
experience. As a result of performance analysis, if necessary, an alarm can be
set remotely.
The OMC provides system change control for the software revisions and
configuration data bases in the network entities or uploaded to the OMC. The
OMC also keeps track of the different software versions running on different
subsystem of the GSM. [090], [091]

Chapter 6
GSM SUBSCRIBERS
DATA

GSM Subscribers’ Data

Different addresses and service-specific data exist in GSM network.
Addresses serve to identify, authenticate, and localize subscribers, or switch
connections to subscribers. Service-specific data are used to parameterize and
personalize the supplementary services. The association of most important
identifiers and their storage locations are summarized in figure below.

SPC: Signaling Point Code

Figure 6.1: “Subscribers Data in GSM”
Further data about the subscribers and their contractual agreement with
the service provider is tabulated on next page.
Subscribers and Subscription Data Tracking and Routing Information

1. International Mobile Subscriber’s 1. Mobile Station Roaming Number
Identity (IMSI) (MSRN)
2. International Mobile Subscriber’s 2. current VLR Address (if
ISDN number (MSISDN) available)
3. Bearer and Teleservice 3. current MSC Address (if
Subscription available)
4. Service 4. Local Mobile Service Identity
Restrictions (e.g. Roaming (LMSI), (if available)

Restrictions)
5. Parameters for additional
services
6. Information on Subscriber’s
Equipment (if available)
7. Authentication Data (Subject to
Implementation)
Table 6.1: “Mobile Subscribers’ Data in HLR”
Subscribers and Subscription Data Tracking and Routing Information

1. International Mobile Subscriber’s 1. Mobile Station Roaming Number
Identity (IMSI) (MSRN)
2. International Mobile Subscriber’s 2. Temporary MS Identity (TMSI)
ISDN number (MSISDN) 3. LMSI
3. Parameters for Supplementary 4. Local Area Identity of Location
Services Area, where Ms was Registered
4. Information on Subscriber-used (used for paging and cell setup)
Equipment (if available)
5. Authentication Data (Subject to
Implementation))
Table 6.2: “Mobile Subscribers’ Data in VLR”
Chapter 7
GSM SERVICES

7.1 GSM Subscriber Services
There are two basic types of services offered through GSM:
1. Telephony (also referred to as teleservices)
2. Data (also referred to as bearer services)
Telephony services are mainly voice services that provide subscribers with
the complete capability (including necessary terminal equipment) to

communicate with other subscribers. Data services provide the capacity

necessary to transmit appropriate data signals between two access points
creating an interface to the network.
GSM Teleservices include:
• Speech (telephone, emergency call)
• Fax transmission
• SMS (short messaging service)
• MHS access (access to Message Handling System)
• Videotext access
• Teletext transmission [115]
In addition to normal telephony and emergency calling, the following

subscriber services are supported by GSM:
• Dual-tone multi-frequency (DTMF) —DTMF is a tone signaling scheme

often used for various control purposes via the telephone network, such as
remote control of an answering machine. GSM supports full-originating
DTMF.
• Facsimile group III —GSM supports CCITT Group 3 facsimile. As

standard fax machines are designed to be connected to a telephone using
analog signals, a special fax converter connected to the exchange is used
in the GSM system. This enables a GSM–connected fax to communicate
with any analog fax in the network.

• Short message services —a convenient facility of the GSM network is

the short message service. A message consisting of a maximum of 160
alphanumeric characters can be sent to or from a mobile station. This
service can be viewed as an advanced form of alphanumeric paging with
a number of advantages. If the subscriber's mobile unit is powered off or
has left the coverage area, the message is stored and offered back to the
subscriber when the mobile is powered on or has reentered the coverage
area of the network. This function ensures that the message will be
received.
• Cell broadcast —a variation of the short message service is the cell

broadcast facility. A message of a maximum of 93 characters can be
broadcast to all mobile subscribers in a certain geographic area. Typical
applications include traffic congestion warnings and reports on accidents.
• Voice mail —this service is actually an answering machine within the

network, which is controlled by the subscriber. Calls can be forwarded to
the subscriber's voice-mail box and the subscriber checks for messages
via a personal security code.
• Fax mail —with this service, the subscriber can receive fax messages at
any fax machine. The messages are stored in a service center from which
they can be retrieved by the subscriber via a personal security code to the
desired fax number. [091], [92], [93], [097]

Figure 7.1: “Bearer and Teleservices”
In this figure, note the following aspects carefully:
 All components from TE (MS) to TE (MS) are named Teleservices
 GSM Network and Interworking Function form the PLMN Section
 Components between the two TE (MS) makes the Bearer Services [115]
7.2 Supplementary Services
GSM supports a comprehensive set of supplementary services that can

complement and support both telephony and data services. Supplementary
services are defined by GSM and are characterized as revenue-generating
features. A partial listing of supplementary services follows.
• Call forwarding —this service gives the subscriber the ability to forward
incoming calls to another number if the called mobile unit is not reachable,
if it is busy, if there is no reply, or if call forwarding is allowed
unconditionally.
• Barring of outgoing calls —this service makes it possible for a

mobile subscriber to prevent all outgoing calls.

• Barring of incoming calls —this function allows the subscriber to prevent

incoming calls. The following two conditions for incoming call barring exist:
baring of all incoming calls and barring of incoming calls when roaming
outside the home PLMN.
• Advice of charge (AoC) —The AoC service provides the mobile

subscriber with an estimate of the call charges. There are two types of
AoC information: one that provides the subscriber with an estimate of the
bill and one that can be used for immediate charging purposes. AoC for
data calls is provided on the basis of time measurements.
• Call hold —this service enables the subscriber to interrupt an ongoing call
and then subsequently reestablish the call. The call hold service is only
applicable to normal telephony.
• Call waiting —this service enables the mobile subscriber to be notified of

an incoming call during a conversation. The subscriber can answer, reject,
or ignore the incoming call. Call waiting is applicable to all GSM
telecommunications services using a circuit-switched connection.
• Multiparty service —the multiparty service enables a mobile subscriber

to establish a multiparty conversation—that is, a simultaneous
conversation between three and six subscribers. This service is only
applicable to normal telephony.
• Calling line identification presentation/restriction —these services

supply the called party with the integrated services digital network (ISDN)
number of the calling party. The restriction service enables the calling
party to restrict the presentation.

• Closed user groups (CUGs) —CUGs are generally comparable to a

PBX. They are a group of subscribers who are capable of only calling
themselves and certain numbers. [091], [93], [94], [95], [097]
Note: Bearer and teleservices are carried under the umbrella term “telecommunication
services”.
Chapter 8
GSM FUNCTIONS

8.1 Network operations GSM functions
In this chapter, the description of the GSM network is focused on the different
functions to fulfill by the network and not on its physical components. In GSM,
five main functions can be defined:
• Transmission

• Radio Resources Management (RRM).

• Mobility Management (MM).
• Communication Management (CM).
• Operation, Administration and Maintenance (OAM).
8.2 Transmission
Transmission means sending and receiving of data and signaling bits. Not
all the components of the GSM network are strongly related with both types of
types of Tx. While the MSC, BTS and BSC, among others, are involved with data
and signaling, components such as HLR, VLR or EIR registers, are only
concerned with signaling. The GSM standard also provides separate facilities for
transmitting digital data. This allows a mobile phone to act like any other
computer on the Internet, sending and receiving data via the Internet Protocol.
[097]
8.3 Radio Resources Management (RRM)
The role of the RR function is to establish, maintain and release

communication links between mobile stations and the MSC. The elements that
are mainly concerned with the RR function are the MN and the BTS. However,
since the RR component performs connection management also during cell
handoffs, it also affects the MSC which is the handoff management component.
The RR is also responsible for the management of frequency resources as well

as varying radio interface conditions. Main component operations are:
• Channel assignment, change and release.

• Handoff
• Frequency hopping.
• Power-level control.

• Discontinuous transmission and reception.

• Timing advance. [099], [100]
8.3.1 Handoff
The user movements may result a change in the channel/cell, when the
quality of the communication is degrading; this is known as handoff. Handoffs
occur between:
• between channels within a cell

• between cells controlled by the same BSC
• between cells under the same MSC but controlled by different BSCs
• between cells controlled by different MSCs.
Handoffs are mainly controlled by the MSC. However to avoid unnecessary

signalling, the first two types of handoffs are managed by the respective BSC
(thus, the MSC is only notified of the handoff).

Figure 8.1: Inter-BTS, Intra-BSC [101]
To perform the handoff the mobile station controls continuously its own signal
strength and the signal strength of the neighboring cells. The list of cells that
must be monitored by the mobile station is given by the base station. Power
measurements allow deciding which the best cell is in order to maintain the
quality of the communication link. Two basic algorithms are used for handoffs:
• The `minimum acceptable performance' algorithm. When the quality of the

transmission degrades, the power level of the mobile is increased, until
the increase of the power level has no effect on the quality of the signal.
Upon this link layer hint, a handoff is initiated.
The `power budget' algorithm: Here the handoff pre-empts the power
increase, to obtain a good SIR.

8.4 Mobility Management (MM)
The MM component handles:
• Location Management: Location is managed through periodically or on-

demand. At power-on time, the MH signals an IMSI attach. On-demand
location updates are signaled when the MN moves to a different PLMN or
new location area (LA). The signal is sent to the new MSC/VLR, which
forwards it to the subscriber's HLR. Upon authorization in the new
MSC/VLR, the subscriber's HLR removes the registration entry of the MN
at the old MSC/VLR. If after the update time interval, the MN has not
registered, it is then deregistered. On power-off, the MN performs an IMSI
detach.
8.5 Security and authentication
Authentication involves the SIM card and the Authentication Center. A

secret key, stored in the SIM card and the AuC together with a ciphering
algorithm called A3, are used to authenticate the user. The MN and the AuC
computes a SRES through A3 using the secret key and a nonce generated by
the AuC. If the two computed SRES are the same, the subscriber is
authenticated.
The different services to which the subscriber has access are also
checked. Next the security check is performed in the equipment identity (IMEI). If
the IMEI number of the mobile is authorized in the EIR, the mobile station is
allowed to connect the network. To assure user confidentiality, the user is
registered with a Temporary Mobile Subscriber Identity (TMSI) after its first
location update procedure. Enciphering is another option to guarantee a very
strong security. [100], [102]

8.6 Communication Management (CM)
The CM component manages:
1. Call control (CC): it controls call setup, management and tear-down in

relation to management of type of service. Call routing is the primary task
for this component. To reach a mobile subscriber, a user dials the Mobile
Subscriber ISDN (MSISDN) number which includes:
• a country code
• a national destination code; this identifies the subscriber's operator
• a code mapping to the subscriber's HLR.
• The call is then passsed to the GMSC (if the call is originated from a
fixed network) that 'knows' the HLR corresponding to the particular
MSISDN number. The GMSC signals the HLR for call routing
information. The HLR requests this information from the subscriber's
current VLR. This VLR allocates temporarily a Mobile Station Roaming
Number (MSRN) for the call. The MSRN number is the information
returned by the HLR to the GMSC. It is latter that routes the call
through the MSRN number, to the subscriber's current MSC/VLR. In
the subscriber's current LA, the mobile is paged.
2. Supplementary Services management: This involves the MN and the

HLR.
SMS management: Here the GSM network contacts the Short Message
Service Center through the two following interfaces:
• SMS-GMSC for Mobile Terminating Short Messages (SMS-MT/PP). It

has the same role as the GMSC.
• SMS-IWMSC for Mobile Originating Short Messages (SMS-MO/PP).
[103], [104]

8.7 Operation, Administration and Maintenance (OAM)
The OAM component allows the operator to monitor and control the
system as well as modify the configuration of the elements of the system. Not
only the OSS is part of the OAM, but also the BSS and NSS participate in
functions such as:
• Provide the operator with all the information it needs. This information is
forwarded to the OSS to control the network.
• Perform self-test tasks in addition to the OAM functions.
• Control of multiple BTSs by the BSS. [105]
8.8 Mobile Subscriber Roaming
When a mobile subscriber roams into a new location area (new VLR), the
VLR automatically determines that it must update the HLR with the new location
information, which it does using an SS7 Location Update Request Message. The
Location Update Message is routed to the HLR through the SS7 network, based
on the global title translation of the IMSI that is stored within the SCCP Called
Party Address portion of the message. The HLR responds with a message that
informs the VLR whether the subscriber should be provided service in the new
location.

Figure 8.2: Call routing for a mobile terminating call [106]
8.9 Mobile Subscriber ISDN Number (MSISDN) Call Routing
When a user dials a GSM mobile subscriber's MSISDN, the PSTN routes
the call to the Home MSC based on the dialed telephone number. The MSC must
then query the HLR based on the MSISDN, to attain routing information required
to route the call to the subscribers' current location.
The MSC stores global title translation tables that are used to determine
the HLR associated with the MSISDN. When only one HLR exists, the translation
tables are trivial. When more than one HLR is used however, the translations
become extremely challenging; with one translation record per subscriber (see
the example below). Having determined the appropriate HLR address, the MSC
sends a Routing Information Request to it.

When the HLR receives the Routing Information Request, it maps the
MSISDN to the IMSI, and ascertains the subscribers' profile including the current
VLR at which the subscriber is registered. The HLR then queries the VLR for a
Mobile Station Roaming Number (MSRN). The MSRN is essentially an ISDN
telephone number at which the mobile subscriber can currently be reached. The
MSRN is a temporary number that is valid only for the duration of a single call.
The HLR generates a response message, which includes the MSRN, and
sends it back across the SS7 network to the MSC. Finally, the MSC attempts to
complete the call using the MSRN provided. [107]

Chapter 9
ADVANTAGES &
DISADVANTAGES OF
GSM

9.1 Advantages of GSM
• GSM is mature; this maturity means a more stable network with robust
features
• Less signal deterioration inside buildings
• Ability to use repeaters
• Talk-time is generally higher in GSM phones due to the pulse nature of
transmission
• The availability of Subscriber Identity Modules allows users to switch
networks and handsets at will
• GSM covers virtually all parts of the world so international roaming is not a
problem.
• The subscriber can enjoy the broadest international coverage. It is
possible with the GSM roaming service. [110]
• Good coverage indoors on 850/900 MHz. Repeaters possible. 35 km hard limit.
• Very good due to simple protocol, good coverage and mature, power-efficient chipsets.
[111], [112]
9.2 Disadvantages of GSM
• Pulse nature of TDMA transmission used in 2G interferes with some

electronics, especially certain audio amplifiers. 3G uses W-CDMA now.
• Intellectual property is concentrated among a few industry participants,
creating barriers to entry for new entrants and limiting competition among
phone manufacturers.
• GSM has a fixed maximum cell site range of 35 km, which is imposed by
technical limitations. [110], [111

Chapter 10
CONCLUSIONS

From our discussion on the GSM technology in this report, it may be

concluded that GSM is a very complex standard for the telecommunications. it
may be considered as the first attempt to create a global and universal
communication system involving all the countries of the world. Then the GSM
technology was used as the basis for developing the Universal Mobile
Telecommunication System (UMTS). Today, 160 different countries are using the
GSM, and the growth is much rapid with increase in the GSM subscriber in
millions a year. The GSM provides continuous and uninterruptible communication
to all its subscribers with strong signal quality. The marvelous and awe-inspiring
feature of roaming in GSM increases the attraction of this technology, making it
more popular among people than any other technology. Actually, GSM has many
features for its users which require much space to cover in depth.
The GSM architecture is quite amazing as it employs the modular

structure. The advantage associated with this type of modular structure is that it
becomes easy to work with and understand each of the modules separately
without causing the functionality of remaining modules to be interrupted. The
main three parts involved are; Radio subsystem (RSS), Network (switching)
subsystem (SSS), and Operation and maintenance subsystem (OMS). The RSS
consists of; Mobile Equipment (ME), Base Station (BS), and Radio Interface
(Um). The SSS has five main parts; Mobile services Switching Centre (MSC),
Home Location Register (HLR), Visitor Location Register (VLR), Authentication
Centre (AuC), Equipment Identification Register (EIR). Finally, an OMS, the heart
of the BSS, consists of one or more Operation & Maintenance Centre (OMC).
The services provided by the GSM are divided into three categories; the
teleservices, Bearer services, and supplementary services. Its functions include;
Transmission, Radio Resources Management (RRM), Mobility Management
(MM), Communication Management (CM), Operation, Administration and
Maintenance (OAM).

There are many advantages of GSM technology, but few of them are;
GSM more stable network with robust features, there is less signal deterioration
inside buildings etc., the availability of SIMs allows users to switch networks and
handsets at will, GSM covers virtually all parts of the world so international
roaming is not a problem, the subscriber can enjoy the broadest international
coverage. It is possible with the GSM roaming service, Very good due to simple
protocol, good coverage and mature, power-efficient chipsets.
Nothing in this world is ideal, drawbacks are always there. The
disadvantage associated with the GSM is that pulse nature of TDMA
transmission used interferes with some electronics, especially certain audio
amplifiers. GSM has a fixed maximum cell site range of 35 km, which is imposed
by technical limitations.
Overall, GSM is really a great and efficient technology bringing world
together and making every place as our homes due to a communication with
people anywhere anytime.

Appendix A
FDMA and TDMA
There are three common technologies used by 2G cell-phone networks for

transmitting information (we'll discuss 3G technologies in the 3G section):
• Frequency division multiple access (FDMA)
• Time division multiple access (TDMA)
• Code division multiple access (CDMA)
Although these technologies sound very intimidating, you can get a good
sense of how they work just by breaking down the title of each one. The first
word tells you what the access method is. The second word, division, lets you
know that it splits calls based on that access method.
FDMA puts each call on a separate frequency.

TDMA assigns each call a certain portion of time on a designated frequency.
CDMA gives a unique code to each call and spreads it over the available
frequencies.
The last part of each name is multiple access. This simply means that
more than one user can utilize each cell.
FDMA
FDMA separates the spectrum into distinct voice channels by splitting it into
uniform chunks of bandwidth. To better understand FDMA, think of radio stations:
Each station sends its signal at a different frequency within the available band.

FDMA is used mainly for analog transmission. While it is certainly capable of

carrying digital information, FDMA is not considered to be an efficient method for
digital transmission.
Figure A1: In FDMA, each phone uses a different frequency. [113]
TDMA
TDMA is the access method used by the Electronics Industry Alliance and
the Telecommunications Industry Association for Interim Standard 54 (IS-54) and
Interim Standard 136 (IS-136). Using TDMA, a narrow band that is 30 kHz wide
and 6.7 milliseconds long is split time-wise into three time slots. Narrow band
means "channels" in the traditional sense. Each conversation gets the radio for
one-third of the time. This is possible because voice data that has been
converted to digital information is compressed so that it takes up significantly less

transmission space. Therefore, TDMA has three times the capacity of an analog
system using the same number of channels. TDMA systems operate in either the
800-MHz (IS-54) or 1900-MHz (IS-136) frequency bands.
Figure A2: TDMA splits a frequency into time slots [113]

Appendix B
Difference between GSM and CDMA
In cellular service, there are two chief competing network technologies:

Global System for Mobile Communications (GSM) and Code Division Multiple
Access (CDMA). Understanding the difference between GSM and CDMA will
permit you to choose a carrier that uses the preferable network technology for
your needs.
The GSM Association is an international organization founded in 1987,

dedicated to providing, developing, and overseeing the worldwide wireless
standard of GSM. CDMA, a proprietary standard designed by Qualcomm in the
United States, has been the dominant network standard for North America and
parts of Asia. However, GSM networks continue to make inroads in the United
States, as CDMA networks make progress in other parts of the world. There are
camps on both sides that firmly believe either GSM or CDMA architecture is
superior to the other. The fanatical reader who simply wants bottom line
information to make a choice, the following considerations may be helpful.
Coverage
The most important factor is getting service in the areas you will be using
your phone. Upon viewing competitors' coverage maps you may discover that
only GSM or CDMA carriers offer cellular service in your area. If so, there is no
decision to be made, but most people will find that they do have a choice.

Data Transfer Speed
With the advent of cellular phones doing double and triple duty as
streaming video devices, podcast receivers and email devices, speed is
important to those who use the phone for more than making calls. CDMA has
been traditionally faster than GSM, though both technologies continue to rapidly
leapfrog along this path. Both boast "3G" standards, or 3rd generation
technologies.
EVDO, also known as CDMA2000, is CDMA's answer to the need for

speed with a downstream rate of about 2 megabits per second, though some
reports suggest real world speeds are closer to 300-700 kilobits per second
(kbps). This is comparable to basic DSL.
GSM's answer is EDGE (Enhanced Data Rates for GSM Evolution), which
boasts data rates of up to 384 kbps with real world speeds reported closer to 70-
140 kbps. With added technologies still in the works that include UMTS
(Universal Mobile Telephone Standard) and HSDPA (High Speed Downlink
Packet Access), speeds reportedly increase to about 275—380 kbps. This
technology is also known as W-CDMA, but is incompatible with CDMA networks.
An EDGE-ready phone is required.
In the case of EVDO, theoretical high traffic can degrade speed and
performance, while the EDGE network is more susceptible to interference. Both
require being within close range of a cell to get the best speeds, while
performance decreases with distance.
Subscriber Identity Module (SIM) cards
In the United States only GSM phones use SIM cards. The removable SIM
card allows phones to be instantly activated, interchanged, swapped out and

upgraded, all without carrier intervention. The SIM itself is tied to the network,
rather than the actual phone. Phones that are card-enabled can be used with any
GSM carrier. The CDMA equivalent, a R-UIM card, is only available in parts of
Asia but remains on the horizon for the U.S. market. CDMA carriers in the U.S.
require proprietary handsets that are linked to one carrier only and are not card-
enabled.
To upgrade a CDMA phone, the carrier must deactivate the old phone
then activate the new one. The old phone becomes useless.
Roaming
For the most part, both networks have fairly concentrated coverage in
major cities and along major highways. GSM carriers, however, have roaming
contracts with other GSM carriers, allowing wider coverage of more rural areas,
generally speaking, often without roaming charges to the customer. CDMA
networks may not cover rural areas as well as GSM carriers, and though they
may contract with GSM cells for roaming in more rural areas, the charge to the
customer will generally be significantly higher.
International Roaming
If you need to make calls to other countries, a GSM carrier can offer
international roaming, as GSM networks dominate the world market. If you travel
to other countries you can even use your GSM cell phone abroad, providing it is
a quad-band phone (850/900/1800/1900 MHz). By purchasing a SIM card with
minutes and a local number in the country you are visiting, you can make calls
against the card to save yourself international roaming charges from your carrier
back home. CDMA phones that are not card-enabled do not have this capability.
According CDG.org, CDMA networks support over 270 million subscribers

worldwide, while GSM.org tallies up their score at over 1 billion.

Citations
“When something can be read without effort,

Great effort has gone into its writing.”

001:
http://pt.com/page/tutorials/gsm-tutorial
002:
http://www.palowireless.com/gsm/tutorials.asp
003:
http://user.cs.tu-berlin.de/~jutta/gsm/js-intro.html
004:
www.hutchison-whampoa.com/eng/telecom/htil/htil.htm - 67k
005:
http://en.wikipedia.org/wiki/GSM_frequency_ranges
006:
www.hutchison-whampoa.com/eng/telecom/htil/htil.htm - 67k
007:
http://www.iec.org/online/tutorials/gsm/topic05.asp]
008:
http://www.telecomspace.com/gsm-specifications.html
009:
http://www.tutorialspoint.com/gsm/gsm_specification.htm
010:
http://www.visualtron.com/gsm_topic05.htm
011:
012:
http://www.cs.ucl.ac.uk/staff/t.pagtzis/wireless/gsm/arch.html
013:
www.tutorialspoint.com/gsm/gsm_architecture.htm
014:
http://www.sitefinder.ofcom.org.uk/jargon.htm]

015:
Javier Gozálvez Sempere, Research Engineer in Mobile Communications,
University of Strathclyde, Glasgow, Scotland
016:
http://paginas.fe.up.pt/~mleitao/CMOV/Tecnico/GSM_Sempere.html
017:
in.answers.yahoo.com/question/index?qid=20080824235013AA8MYFA - 24k -
018:
http://www.sitefinder.ofcom.org.uk/jargon.htm
019:
http://en.wikipedia.org/wiki/Macrocell#cite_note-0
020:
http://www.mpirical.com/companion/mpirical_companion.html#GSM/Macro_Cell.
htm
021:
http://en.wikipedia.org/wiki/Microcell
022:
023:
024:
025:
026:
http://www.cs.ucl.ac.uk/staff/t.pagtzis/wireless/gsm/cellular.html
027:
http://www.cs.ucl.ac.uk/staff/t.pagtzis/wireless/gsm/cellular.html

028:
http://www.gsmfavorites.com/documents/introduction/gsm/
029:
http://www.mobiledia.com/glossary/108.html
030:
http://www.telecomabc.nl/c/plaatjes/cel-cluster.gif
031:
http://wireless.per.nl/reference/chaptr04/cellplan/reuse.htm
032:
http://www.emory.edu/BUSINESS/et/P98/gsm/history.html
033:
C. Déchaux and R. Scheller. What are GSM and DCS. Electrical Communication,
2nd Quarter 1993.
034:
Torbjorn Nilsson. Toward a New Era in Mobile Communications
035:
http://user.cs.tu-berlin.de/~jutta/gsm/js-intro.html
036:
http://www.indiabroadband.net/mobile-phone-service-providers/16433-history-
gsm.html
037:
038:
http://www.tns.lcs.mit.edu/~turletti/gsm-overview/node4.html
039:
http://www.geocities.com/gsmmobilereport/gsmradiolink.htm
040:
041:

042:
http://www.privateline.com/PCS/GSM06.html
043:
044:
http://www.azizi.ca/gsm/ma/index.html
045:
http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html
046:
047:
http://www.hit.bme.hu/~mihaly/mobil.hir/gsmbase.pdf
048:
C. B. Southcott et al. Voice control of the pan-European digital mobile radio
system. In IEEE GLOBECOM 1989, November 1989.
049:
050:
Performance Enhancements in a Frequency Hopping GSM Network, By Thomas
Toftegaard Nielsen, Jeroen Wigard, Edition: illustrated, Published by Springer,
2000
051:
http://www.cs.ucl.ac.uk/staff/t.pagtzis/wireless/gsm/arch.html
052:
http://www.electronics-manufacturers.com/products/wireless-
communication/mobile-station/
053:
Hutchison Whampoa Limited Company manual
054:
http://en.wikipedia.org/wiki/Mobile_station

055:
santos.ee.ntu.edu.tw/mobile/2_2%20GSM.pdf
056:
Motorola Training manual
057:
http://www.radio-
electronics.com/info/cellulartelecomms/gsm_technical/gsm_interfaces.php
058:
http://www.mpirical.com/companion/mpirical_companion.html#GSM/AbisInterfac
e.htm
059:
http://en.wikipedia.org/wiki/Base_Station_Subsystem
060:
http://www.pulsewan.com/data101/gsm_basics.htm
061:
http://www.radio-
electronics.com/info/cellulartelecomms/gsm_technical/gsm_architecture.php
062:
http://en.wikipedia.org/wiki/GPRS_Core_Network
063:
www.tcil-india.com/new/new_site/white%20paper/RK-3%20GSM%20Network.ppt
064:
065:
http://www.tutorialspoint.com/gsm/gsm_mobile_station.htm
066:
http://www.pulsewan.com/data101/gsm_basics.htm
067:
Hutchison Whampoa Limited manual
068:

http://waridtel.net/?p=7
069:
http://www.mpirical.com/companion/mpirical_companion.html#Generic/IMSIIdenti
ty.htm
070:
http://en.wikipedia.org/wiki/IMEI
071:
http://www.gsm-security.net/faq/imei-international-mobile-equipment-identity-
gsm.shtml
072:
http://www.wicomtech.com/html/bss.asp
073:
http://www.mpirical.com/companion/mpirical_companion.html#GSM/BSS.htm
074:
http://en.wikipedia.org/wiki/Base_Station_Subsystem
075:
communication/base-station-controller/
076:
http://www.tutorialspoint.com/gsm/gsm_base_station_subsystem.htm
077:
http://d.scribd.com/docs/1c3diyhjursdmjkxn406.ppt
078:
http://www.webschool.co.in/telecom/gsm/arch/functions_of_bts.php
079:
communication/base-transceiver-station/
080:
http://www.scribd.com/doc/4757109/Gsm

081:
www.urtracked.com/gsm.htm
082:
http://en.wikipedia.org/wiki/File:Gsm_network.png
083:
www.geocities.com/.../architecture.htm
084:
http://en.wikipedia.org/wiki/GPRS_Core_Network
085:
Nokia SYSTRA Training Material
086:
http://www.m-indya.com/gsm/gsmarchitecture.php
087:
http://www.tutorialspoint.com/gsm/gsm_architecture.htm
088:
http://www.tutorialspoint.com/gsm/gsm_network_switching_subsystem.htm
089:
http://www.tutorialspoint.com/gsm/gsm_operation_support_subsystem.htm
090:
http://www.telecomspace.com/gsm.html
091:
http://www.tutorialspoint.com/gsm/gsm_network_switching_subsystem.htm
092:
http://e-articles.info/e/a/title/Features-and-Services-of-GSM/
093:
http://www.ewh.ieee.org/r10/bombay/news5/GSM.htm
094:
http://en.wikipedia.org/wiki/GSM_services
095:

096:
http://www.aws.cit.ie/personnel/dpesch/notes/msc_sw/GSM_services.pdf
097:
http://en.wikipedia.org/wiki/GSM_services
098:
http://en.wikipedia.org/wiki/Radio_resource_management
099:
http://en.wikipedia.org/wiki/Radio_resource_management
100:
http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html#5.2
101:
http://www.gsmfavorites.com/documents/introduction/gsm/
102:
http://www.pulsewan.com/data101/gsm_basics.htm#Mobility%20Management%
20
103:
http://ccnga.uwaterloo.ca/~jscouria/GSM/gsmreport.html#5.2
104:
http://www.privateline.com/mt_gsmhistory/2006/01/communication_management
.html
105:
106:
107:
http://pt.com/page/tutorials/gsm-tutorial
108:
http://www.azizi.ca/gsm/ma/index.html#ref2
109:

110:
http://ezinearticles.com/?Several-Advantages-of-World-GSM-Cellular-
Phones&id=2024801
111:
http://en.wikipedia.org/wiki/Comparison_of_mobile_phone_standards
112:
http://in.answers.yahoo.com/question/index?qid=20070202053500AA6OrQt
113:
http://electronics.howstuffworks.com/cell-phone7.htm
114:
R. Steele, C.C. Lee, “GSM, cdmaOne and 3G Systems”, John Wiley & Sons Ltd.
2001.
115:
Jörg Eberspächer, Vögel, Bettsteller, “GSM: Switching, Services, and Protocols”,
John Wiley & Sons Ltd. 2003.

GSM Report Full

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

GSM Report Full

Transféré par

Droits d'auteur :

Formats disponibles

GSM- Global System for Mobile Communication

Thanks and Regards!

Engr. Syed Muhammad Munavvar Hussain

Engr. Syed Muhammad Munavvar Hussain 1

Engr. Syed Muhammad Munavvar Hussain 2

Global System for Mobile Communication (GSM) is a set of ETSI standards

Figure 1.1: The Simple Representation of GSM Network [065]

GSM is worldwide standard that allows users of different operators to

Engr. Syed Muhammad Munavvar Hussain 3

of the phenomenal success in mobile telecommunication over the last decade.

• good subjective speech quality,

GSM is a standard for a Global System for Mobile communications. Global

Engr. Syed Muhammad Munavvar Hussain 4

1.2 Two Main Standards of GSM

Engr. Syed Muhammad Munavvar Hussain 5

specific mobile equipment and services in these compatible networks.[]

1.3 GSM frequency bands

System Band Uplink (MHz) Downlink (MHz)

E-GSM-900 900 880.0–915.0 925.0–960.0

R-GSM-900 900 876.0–915.0 921.0–960.0

T-GSM-900 900 870.4–876.0 915.4–921.0

DCS-1800 1800 1710.0–1785.0 1805.0–1880.0

PCS-1900 1900 1850.0–1910.0 1930.0–1990.0

Table 1.1: Frequency range for different GSM standards [005]

Pictorial representation of the uplink and downlink frequencies is given as

Figure 1.2: GSM Frequency Bands [108]

Engr. Syed Muhammad Munavvar Hussain 6

1.4 Specifications and Characteristics for GSM

 Frequency band—the frequency range specified for GSM is 1,850 to

1,990 MHz (mobile station to base station).

 Duplex distance—the duplex distance is 80 MHz. Duplex distance is the

frequencies, 80 MHz apart.

 Channel separation—the separation between adjacent carrier

frequencies. In GSM, this is 200 kHz.

 Modulation—Modulation is the process of sending a signal by changing

the characteristics of a carrier frequency. This is done in GSM via

Gaussian minimum shift keying (GMSK).

 Transmission rate—GSM is a digital system with an over-the-air bit rate

 Access method—GSM utilizes the time division multiple access (TDMA)

concept. TDMA is a technique in which several different calls may share

the same carrier. Each call is assigned a particular time slot.

 Speech coder—GSM uses linear predictive coding (LPC). The purpose of

a residual signal. Speech is encoded at 13 kbps. [006], [007], [008], [009],

Engr. Syed Muhammad Munavvar Hussain 7

The next generation of the mobile communication is known as Universal Mobile

Telecommunication System (UMTS) in Europe and as International Mobile

Telecommunication System 2000 (IMT-2000) worldwide. [114]

Engr. Syed Muhammad Munavvar Hussain 8

GSM NETWORK AREAS

PLMN Service Area

MSC/VLR Service Area

Engr. Syed Muhammad Munavvar Hussain 9

2.1 GSM Network Areas

The GSM network is made up of geographic areas. As shown in Figure,

Figure 2.1: Network Areas [011]

2.1.2 Location Area

Engr. Syed Muhammad Munavvar Hussain 10

Figure 2.2: Location Areas

2.1.3 MSC/VLR Service Area

Figure 2.3: MSC/VLR service area [011], [012]

2.1.4 PLMN Service Area

Engr. Syed Muhammad Munavvar Hussain 11