PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA

PRN and GPS decoding using Software Defined Radio

Spectrum spreading Lab session PSK SDR decoding of GPS

J.-M Friedt, C. Fluhr, G. Cabodevila, E. Rubiola FEMTO-ST Time & Frequency department, Besan¸con, France

From acquisitin to tracking (NAV messages) Pulse compression

[email protected]

Link budget

slides and references at jmfriedt.free.fr June 27, 2018

1 / 35

PRN and GPS decoding using Software Defined Radio

Outline

J.-M Friedt & al.

1 Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS

2 3 4

Spectrum spreading for timing capability Cross-correlation computation and relation to Fourier transform Orthogonal coding for Code Division Multiple Access GPS decoding: Doppler frequency offset + PRN detection • • • •

can I see satellites ? (autocorrelation) what is the coarse frequency offset ? (squaring the signal) PRN-Doppler chart (which satellite is where) navigation message

From acquisitin to tracking (NAV messages) Pulse compression Link budget

USB

ADC

2 0..40 dB LO

active antenna +5V

Software Defined Radio receiver applied to GNSS 2 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

Introduction: GNSS GNSS: • Spaceborne atomic clocks • Aim: use of ultrastable time references beyond positioning ... • ... eg. tide gauge 1 , moisture detection 2 , phase monitoring (TEC) • Requires at least phase recovery. • Educational purpose: detailed understanding of the steps needed to complete a GPS receiver low phase noise LO ! • Towards software defined radio GNSS receivers for improved security and safety (spoofing attacks) Use a low cost DVB-T receiver for acquisition: • 8 bit-resolution • poor sensitivity ⇒ pre-amplified antenna • 2.4 MHz measurement bandwidth limited by USB bandwidth (I, Q components) 1 K.M.

Larson: spot.colorado.edu/~kristine/Kristine_Larson/Home.html et. al., West African Monsoon observed with ground-based GPS receivers ..., J. Geophysical Research 113, D21105 (2008), at http://onlinelibrary.wiley.com/doi/10.1029/2008JD010327/pdf 2 Bock

3 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al.

CDMA: decoding GPS GPS signal encoding principle

3

:

Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

• the carrier is generated by an atomic clock (1575.42 MHz) ... • ... is phase modulated at 1.023 MHz with a unique satellite identifier ... • ... and again phase-modulated with the navigation message (50 bps) 3 K. Borre et al., A Software-Defined GPS and Galileo Receiver – A Single-Frequency Approach, Birkh¨ auser Boston, 2007

4 / 35

PRN and GPS decoding using Software Defined Radio

Spectrum spreading numerical experiments

J.-M Friedt & al. Outline

Carrier frequency and bandwidth are two unrelated quantities which can be tuned independently for matching each sensor spectral characteristics

Spectrum spreading

Binary Phase shift keying: ϕ ∈ [0; π] for spectrum spreading

SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

60000 50000 40000 30000 20000 10000 0

200

400

600

800

1000

1200

time (no unit)

time=[0:0.02:1023];time=time(1:end-1); signal=exp(j*2*pi*time); f=linspace(-1,1,length(time)); plot(f,abs(fftshift(fft(signal))));

pure sine -1

-0.5

0

0.5

1

normalized frequency (no unit) power (no unit)

PSK

25000

indices=[1:100:length(signal)-50]’... *[ones(1,50)]+[0:49]; signal(indices)=-signal(indices);

20000 15000 200

10000

400

600

800

1000

1200

time (no unit)

periodically modulated sine

5000 0 -1

-0.5

0

0.5

1

normalized frequency (no unit) power (no unit)

Lab session

power (no unit)

GNSS & CDMA

4000 3500 3000 2500 2000 1500 1000 500 0

c=cacode(11,50)*2;c=c-mean(c); signal=signal.*c; 200

400

600

800

1000

1200

time (no unit)

pseudo randomly modulated sine -1

-0.5

0

normalized frequency (no unit)

0.5

1

5 / 35

PRN and GPS decoding using Software Defined Radio

Spectrum spreading numerical experiments

J.-M Friedt & al. Outline

Carrier frequency and bandwidth are two unrelated quantities which can be tuned independently for matching each sensor spectral characteristics

Spectrum spreading

Binary Phase shift keying: ϕ ∈ [0; π] for spectrum spreading

From acquisitin to tracking (NAV messages) Pulse compression Link budget

1.15 1.1 1.05 1 0.95 0.9 0.85

pure sine (xcorr(signal, ’unbiased’))

0

20000

40000

60000

80000

100000

80000

100000

delay (no unit) 1.4 1.2 1 0.8 0.6 0.4 0.2 0

periodically modulated sine

0

20000

40000

60000

delay (no unit) 60000 50000 40000 30000 20000 10000 0

pseudo randomly modulated sine

autocorr (no unit)

SDR decoding of GPS

autocorr (no unit)

PSK

autocorr (no unit)

Lab session

autocorr (no unit)

GNSS & CDMA

1 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0 50

100

150

200

delay (no unit)

0

20000

40000

60000

delay (no unit)

80000

100000

6 / 35

PRN and GPS decoding using Software Defined Radio

Spectrum spreading numerical experiments

J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session

From convolution to correlation: • Convolution:

From acquisitin to tracking (NAV messages) Pulse compression

Z s(t)r (τ − t)dt

• Practical computation of convolution:

PSK SDR decoding of GPS

conv (s, r )(τ ) =

• Correlation:

FT (conv (s, r )) Z= FT (s) · FT (r ) corr (s, r )(τ ) =

s(t)r (t + τ )dt

• Convolution → correlation: time reversal • since exp(jωt)∗ = exp(−jωt), we conclude FT (corr (s, r )) = FT (s) · FT ∗ (r )

Link budget

7 / 35

PRN and GPS decoding using Software Defined Radio

Lab session: hardware PRN

J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

• Clock (carrier) feeds two PRN generators • XOR/low pass filter as correlator • Offset clock frequencies to sweep one PRN over the other • Observe correlator dip when PRN sequences match (1 XOR 1=0 XOR 0=0) • Introduction to the processing technique used to detect GPS a signal

8 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session

Phase modulation • • • •

PSK : Phase Shift Keying ϕ = arctan(Q/I ): output of the I/Q demodulator local oscillator stability – constellation diagram GPS: BPSK (Binary Phase Shift Keying) – demonstration using a saturated mixer controlled by the bits to be transmitted

PSK 1

SDR decoding of GPS From acquisitin to tracking (NAV messages)

0.5

Link budget

tension (u.a.)

Pulse compression

0

-0.5

-1 0

500

1000 temps (u.a.)

1500

2000

9 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline

Phase demodulation Requires accurate reproduction of the unmodulated carrier exp(j(∆ωt + ϕ))N = exp(j(N∆ωt + Nϕ)) = exp(jN∆ωt) if ϕ = 2π · n/N

GNSS & CDMA Spectrum spreading

1

Lab session

signal2 (u.a.)

−0.5 −1 0

1

0.6 0.4 0.2 0

500

1000 1500 temps (u.a.)

2000

0

500

1000 1500 temps (u.a.)

500

BPSK^2 emission 1.21 GHz source

reception

IF

BPSK modulated RF signal

cos(ϕ)2 ∝ cos(2ϕ) ϕ ∈ [0; π] ⇒ 2ϕ = 0[2π]

300 200

1000

modulation

100

LO, −43 dBm

100 kHz

400

DVB−T

0 800 850 900 950 1000 1050 1100 1150 1200 frequence(u.a.)

2000

FFT 800

porteuse

FFT

Pulse compression Link budget

signal (u.a.)

BPSK carrier

0

FFT(signal2) (u.a.)

From acquisitin to tracking (NAV messages)

2

0.8

porteuse (absente)

SDR decoding of GPS

FFT(signal) (u.a.)

PSK

X

0.5

600 400 200 0 800 850 900 950 1000 1050 1100 1150 1200 frequence(u.a.)

Carrier recovery by squaring BPSK

Find N by raising the I/Q signal to various powers until modulation sidebands disappear: try with the Meteor M2 signal: jmfriedt.free.fr/extrait_acq.bin

10 / 35

power (a.u.)

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al.

100 80 60 40 20

1

-600000

-400000

-200000

0

200000

400000

600000

power (a.u.)

freq (Hz)

Outline GNSS & CDMA

2e-11 1.5e-11 1e-11 5e-12

From acquisitin to tracking (NAV messages)

-200000

0

200000

400000

600000

4

-600000

PSK SDR decoding of GPS

-400000

freq (Hz) power (a.u.)

Lab session

2

-600000

0.00025 0.0002 0.00015 0.0001 5e-05

power (a.u.)

Spectrum spreading

0.4 0.3 0.2 0.1

-400000

-200000

0

200000

400000

600000

freq (Hz)

Meteor M2 x=r e a d c o m p l e x b i n a r y ( ’ extrait_acq . bin ’ ) ; f s =11025∗64∗2; % 1 . 4 1 1 2 MHz N=300 e3 ; f=l i n s p a c e (− f s / 2 , f s / 2 ,N) ; f o r m=0:3 s u b p l o t ( 4 , 1 ,m+1) ; p l o t ( f , f f t s h i f t ( a b s ( f f t ( x ( 1 : N) . ˆ ( 2 ˆm) ) ) ) ) ; axis tight ; x l a b e l ( ’ freq ( Hz ) ’ ) ; y l a b e l ( ’ power ( a . u .) ’ ) ; l e g e n d ( n u m 2 s t r ( 2 ˆm) ) end

8

-600000

-400000

-200000

0

freq (Hz)

200000

400000

600000

Tune N depending on SNR (e.g. Wifi – IEEE 802.11)

Pulse compression Link budget

11 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline

Phase demodulation Software defined carrier recovery (feedback loop not allowed between GNURadio blocks): use the ready made Costas loop block:

GNSS & CDMA Spectrum spreading

(3)

(4) centrage sur 0 Hz = boucle asservie

(3)

(4) pas de centrage sur 0 Hz = boucle non asservie

phase du signal transposé de la porteuse corrigée

phase du signal masquée par l’écart de fréquences

Lab session PSK SDR decoding of GPS (1)

(2) signal recu : porteuse décallée p.r à 0 Hz modulation

(1) carré du signal = elimine la modulation porteuse ∆f 20 dB

Pulse compression

correction de fréquence

30 dB

From acquisitin to tracking (NAV messages)

(2) signal recu : porteuse trop décallée

modulation

Link budget porteuse

Locked Costas loop

porteuse

Unlocked Costas loop

Carrier offset: ∆ω + Modulation: ϕ = [0; π] → sin(∆ω · t + ϕ) | {z } separate

12 / 35

PRN and GPS decoding using Software Defined Radio

Example of GPS (BPSK)

J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading

Squaring a BPSK signal gets rid of modulation and collects all the energy in the carrier (requires averaging multiple Fourier transforms to get the squared signal spectrum out of the noise)

Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

Coarse estimate of (twice) the Doppler shift+frequency offset4 4 P.

Boven, Observe, Hack, Make: GPS (2013): used in Vaisala RS80 radiosonde 13 / 35

PRN and GPS decoding using Software Defined Radio

Example of GPS (BPSK)

J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading

Squaring a BPSK signal gets rid of modulation and collects all the energy in the carrier (requires averaging multiple Fourier transforms to get the squared signal spectrum out of the noise)

Lab session PSK

-0.092

SDR decoding of GPS From acquisitin to tracking (NAV messages)

Doppler shift (Hz)

-0.09

Pulse compression

-0.088

Link budget

-0.086

0

2

4

6

8

10

12

14

time (hour)

Coarse estimate of (twice) the Doppler shift+frequency offset4 4 P.

Boven, Observe, Hack, Make: GPS (2013): used in Vaisala RS80 radiosonde 14 / 35

PRN and GPS decoding using Software Defined Radio

CDMA: software decoding of GPS

J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session

• GPS: 31-satellite fleet 5 orbiting Earth at a distance of 20000 km • Time reference (Cs+Rb and then Rb only) • Time of flight computation for positioning

From acquisitin to tracking (NAV messages)

• Offsets introduced by electromagnetic wave velocity fluctuations (ionosphere, troposphere) impossible to compensate for if a single frequency carrier is monitored • Satellite ephemeris + time of flight = position of receiver on Earth

Pulse compression

• Multiple applications beyond positioning

PSK SDR decoding of GPS

6 7

Link budget

All satellites transmit on the same carrier frequency 5 http://spaceflightnow.com/2014/10/13/ gps-modernization-continues-with-quick-pace-of-launches/ 6 J.-M Friedt, G. Cabodevila, Exploitation de signaux des satellites GPS re¸ cus par r´ ecepteur de t´ el´ evision num´ erique terrestre DVB-T, OpenSilicium 15, Juil.-Sept. 2015 7 L. Lestarquit et al., Reflectometry With an Open-Source Software GNSS Receiver: Use Case With Carrier Phase Altimetry, IEEE Journal of Selected Topics in Applied Earth Observations and Remote Sensing 9 (10), pp. 4843–4853 (2016) 15 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

Objectives • a modulator generates the information, here encoded in the phase of the carrier • the information is carried on a signal whose frequency varies (Doppler, thermal drift of LO) • recovering the transmitted information is a matter of eliminating carrier information • two degrees of freedom (carrier frequency and CDMA for satellite identification) will require two feedback loops to recover the information ⇒ carrier recovery and code position (delay) recovery 1575.42 MHz ±df feedback loop NAV

NAV (50 bps) PRN (1.023 Mbps)

PRN feedback loop 16 / 35

PRN and GPS decoding using Software Defined Radio

Outline GNSS & CDMA Spectrum spreading Lab session

CDMA: decoding GPS Cross-correlation: search for a (known) pattern m(t) in the received signal s(t). Z +∞ xcorr (τ ) = s(t) × m(t + τ )dt −∞

becoming for discrete time

PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

xcorr (n) =

+∞ X

s(k) × m(k + n)

k=−∞ 10

Searching for a known pattern in an apparently random sequence:

3 codes 2 codes 1 code aleatoire

8

6 xcorr (u.a.)

J.-M Friedt & al.

aleat=rand(1000,1);aleat=aleat-mean(aleat); 4 code=rand(100,1);code=code-mean(code); 2 aleat(1:100)=aleat(1:100)+code; plot(xcorr(code,aleat)) 0 aleat(end-99:end)=aleat(end-99:end)+code; -2 plot(xcorr(code,aleat)) aleat(end-500-99:end-500)= \ -4 0 200 400 600 800 aleat(end-500-99:end-500)+code; temps (u.a.) plot(xcorr(code,aleat)) + magnitude of the cross-correlation indicates whether a bit is found

17 / 35

10

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session

CDMA: decoding GPS Cross-correlation: search for a (known) pattern m(t) in the received signal s(t). Z +∞ xcorr (τ ) = s(t) × m(t + τ )dt −∞

becoming for discrete time

PSK SDR decoding of GPS

xcorr (n) =

+∞ X

s(k) × m(k + n)

k=−∞ 4

From acquisitin to tracking (NAV messages)

Searching for a known pattern in an apparently random sequence:

-0.8 rad

Link budget

a=rand(1000,1);a=a-mean(a); code=rand(800,1);code=code-mean(code); a2=a;P=[101:900]; a2(P)=a(P)+10*code*exp(j*0.8); r=angle(xcorr(code,conj(a2))); r(800) a3=a; a3(P)=a(P)+10*code*exp(-j*0.8); r=angle(xcorr(code,conj(a3))); r(800)

2

angle(xcorr) (no unit)

Pulse compression

+0.8 rad 3

1

0

-1

-2

-3

-4 0

500

1000

1500

20

time (a.u.)

+ phase of the complex signal is transferred to the cross-correlation

18 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session

CDMA: decoding GPS Modulation steps: • the carrier is binary-phase shift keying modulated with the satellite identifier at a rate of 1.023 MHz (phase rotations 0-180◦ ) • the message is additionnally binary-phase shift keying modulated over the previous signal (50 bps)

PSK SDR decoding of GPS

20 ms NAV0

NAV1

NAV2

NAV3

From acquisitin to tracking (NAV messages)

arg(xcorr(signal,code)) abs(xcorr(signal.code))

Pulse compression

NAV

1 ms code

Link budget

LO

1/1.023 us

• when demodulating; first eliminate the code, ... • ... to identify and eliminate the carrier, • in order to recover the message. The carrier frequency is not accurately known (Doppler shift): what LO offset is acceptable for demodulating the message ? 19 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK

CDMA: decoding GPS Even if we did not know the GPS encoding scheme, knowing that this code repeats is enough to assess whether a GPS signal is usable: autocorr´ elation f=f o p e n ( ’ fichier . bin ’ ) ; d=f r e a d ( f , i n f , ’ uchar ’ ) ; f c l o s e ( f ) ; d=d ( 1 : 2 : end )−127+ i ∗ ( d ( 2 : 2 : end ) −127) ; time =[ −10000:10000]; dx=a b s ( x c o r r ( d−mean ( d ) , d−mean ( d ) ) ) ; p l o t ( t ime , dx ( 2 e6 −10000:2 e6 +10000) ) ; y l i m ( [ 0 1 e6 ] ) % 2 MHz

SDR decoding of GPS

300000

From acquisitin to tracking (NAV messages)

250000

Pulse compression 200000 autocorr (a.u.)

Link budget 150000

100000

50000

0 5000

10000

15000

20000

25000

30000

time (500 ns/sample)

20 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression

CDMA: decoding GPS • Decoding GPS is only possible if the carrier frequency is accurately known ... • ... whcih can only be identified after removing the code from the received signal ! • Initial exaustive (Acquisition) search of all possible codes and frequency offsets (brute force) for later only tracking satellites known to be visible. • What frequency offset should we look for ? Doppler shift: (R + r ) = 20000 + 6400 km in ~v 90 − ϑ 12 h (T 2 /R 3 = cst) ⇒ |~ v | = 3830 m/s R H H ~v ϑ P Since sin(θ) = r +R or R ' 6400 km R R ⇒ |~v// | = |~v | cos(90 − θ) = |~v | sin(θ) = |~v | r +R R +r 0

//

Link budget

Earth

Result: |~v// | ∈ [±4880] Hz + local oscillator contribution (bias and random fluctuations) ! Application: decode an acquired signal, using the GPS pseudo-random code generator available at fr.mathworks.com/ matlabcentral/fileexchange/14670-gps-c-a-code-generator/ 21 / 35 orbit

r

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline

Observed Doppler shift Record Doppler offset provided by gnss-sdr as a function of time for all visible satellites

GNSS & CDMA Spectrum spreading Lab session

4000

SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

Doppler shift (Hz)

PSK

2000 0

-2000 -4000 0

5

10

15 time (h)

20

25

Doppler indeed ∈ [±4000] Hz accounting for minimum elevation for detectable signal

22 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA

On the need for high stability LO: offset v.s Doppler Recording a 100 MHz carrier referenced to a Cs clock:

Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

-75 ppm offset or 120 kHz at 1.57 GHz ⇒ rather than 20 Doppler frequencies (±5 kHz with 500 Hz steps) we must probe ≥ 500 Doppler frequencies 23 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline

Doppler analysis frequency step How accurately should the Doppler shift be known ? 300 PRN2,PRN1 PRN1,PRN1

GNSS & CDMA

250

Spectrum spreading

200

PSK

PRN1,1.003*PRN1 PRN1,1.01*PRN1

|xcorr| (a.u.)

Lab session

PRN1,1.001*PRN1

150

100

SDR decoding of GPS

50

From acquisitin to tracking (NAV messages) Pulse compression

0

-50

0

500

1000

1500

2000

2500

sample offset (no unit) 300 PRN2,PRN1

Link budget

PRN1,PRN1 250

PRN1,1.001*PRN1 PRN1,1.003*PRN1

200

|xcorr| (a.u.)

PRN1,1.01*PRN1

150

• 1023 kb/s ' 1 µs/bit • 1 ms long sentence: if the last bit mismatches: dt/t = 10−6 /10−3 = 10−3 • df /f = dt/t ⇒ df = 10−3 × 1023 kb=1 kHz • to be safe, we select df=500 Hz

100

50

0

-50 1000

1010

1020

1030

1040

1050

sample offset (no unit)

1060

1070

1080

24 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK

CDMA: decoding GPS • CDMA basics: each useful bit (navigation data) is transmitted with its associated satellite identifier (SV PRN). • All satellites transmit on the same carrier (1575.42 MHz), only their unique identifier allows differentiating each source. • Each identifier is repeated every millisecond, NAV is at 50 bps so 20 samples/bit.

SDR decoding of GPS

85

From acquisitin to tracking (NAV messages) 90

Link budget

frequency (kHz)

Pulse compression

95

100

105 5

10

15 PRN

20

25

30

GNU/Octave v.s. gnss-sdr SV 15, 18, 26 are visible 25 / 35

PRN and GPS decoding using Software Defined Radio

CDMA: decoding GPS

J.-M Friedt & al. Outline

Why do we need accuracte oscillators ? 85

−115

90

−110

GNSS & CDMA Spectrum spreading

SDR decoding of GPS From acquisitin to tracking (NAV messages)

frequency (kHz)

PSK

frequency (kHz)

Lab session

95

100

−105

−100

Pulse compression −95

105

Link budget

5

10

15 PRN

20

25

30

5

10

15 PRN

20

25

30

R820T DVB-T E4000 DVB-T -68 ppm bias +59 ppm bias =-107 kHz at 1575.42 GHz =+91 kHz at 1575.42 GHz Instead of searching a ±5 kHz range (Doppler) with 500 Hz steps, we must search ±150 kHz range ⇒ computation time8 multiplied by 30 ! 8 20 kHz range with 500 Hz steps on 2 · 105 samples: 302 seconds with Matlab R2010, 342 seconds with GNU/Octave 3.8.2 26 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline

SDR v.s U-Blox

GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression

SV 10, 20, 27, 32 best visible with both receivers recording at the same time

Link budget

27 / 35

PRN and GPS decoding using Software Defined Radio

CDMA: decoding GPS

J.-M Friedt & al.

• Cross-correlating the received RF signal with orthogonal codes allows for identifying the source of the signal, but the message is lost • once the acquisition phase is completed, tracking by controlling LO on the received carrier • challenge: the phase is used both to encode the message and track the carrier • how to eliminate the phase modulation to control the frequency ? • N-PSK : ϕN = 0[2π] but reduction by a factor N of the allowed frequency offset

GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression

40

1

FFT freq estimate manual correction: +100 Hz unwrapped manual corr.

0.5 atan (rad)

Outline

Link budget 20

0 -0.5 -1 -1.5 0

500

1000 time (ms)

1500

2000

0

500

1000 time (ms)

1500

2000

0

500

1000 time (ms)

1500

2000

6 0 phase (rad)

freq (Hz)

4 2 0 -2

-20

angle (rad)

-4

-40

-60 0

500

1000

1500

2000 time (ms)

2500

3000

3500

4000

6 5 4 3 2 1 0 -1

28 / 35

PRN and GPS decoding using Software Defined Radio

Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

1

Q

0.5

(1,1)=(−1,−1)

atan (rad)

GNSS & CDMA

• Cross-correlating the received RF signal with orthogonal codes allows for identifying the source of the signal, but the message is lost • once the acquisition phase is completed, tracking by controlling LO on the received carrier • challenge: the phase is used both to encode the message and track the carrier • how to eliminate the phase modulation to control the frequency ? • atan(Q/I ) v.s atan2(Q, I ): Q/I cannot detect 180◦ phase rotation, while atan2 provides NAV.. 0 -0.5 -1 -1.5 0

500

1000 time (ms)

1500

2000

0

500

1000 time (ms)

1500

2000

0

500

1000 time (ms)

1500

2000

6 4 freq (Hz)

Outline

CDMA: decoding GPS

2 0 -2 -4

I angle (rad)

J.-M Friedt & al.

(−1,1)=(1,−1)

6 5 4 3 2 1 0 -1

29 / 35

PRN and GPS decoding using Software Defined Radio

Pulse compression basics

J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages)

• The longer the code (T ), the longer the time during which the integral of xcorr accumulates energy and smoothes noise, • but long pulse induces loss of time resolution ⇒ cross-correlation is a broad peak • strong variation of code over time ⇒ increased bandwidth B ⇒ cross correlation peak width 1/B pulse compression ratio (PCR) = B · T

Pulse compression

1 kHz sin

noise

1

Link budget

signal+noise

5

5

0

0

0 -5

-5

-0.5

-10

-10

-1 0 0.0020.0040.0060.0080.01

0 0.0020.0040.0060.0080.01

1-5 kHz chirp

0 0.0020.0040.0060.0080.01

noise

1

signal+noise 10

5

0.5

5

0

0

-0.5

-5

-5

-10

-10

0 0.0020.0040.0060.0080.01

0

0 0.0020.0040.0060.0080.01

sin Noise chirp Noise

2000 0 -2000 -4000 5000

10000

x=chirp(time,1e3,time(end),1e3); noise=20*rand(length(x),1)’; noise=noise-mean(noise); xx=xcorr(x,x); xb=xcorr(x,noise); plot(xx,’b-’);hold on;plot(xb,’r-’);

0 0.0020.0040.0060.0080.01

4000 xcorr

time=[0:1e-6:1e-2]; %samp. rate=1 us

10

0.5

15000

20000

x=chirp(time,1e3,time(end),5e3); xx=xcorr(x,x); xb=xcorr(x,noise); plot(xx,’k-’);hold on;plot(xb,’m-’); 30 / 35

PRN and GPS decoding using Software Defined Radio

Pulse compression basics

J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages)

• The longer the code (T ), the longer the time during which the integral of xcorr accumulates energy and smoothes noise, • but long pulse induces loss of time resolution ⇒ cross-correlation is a broad peak • strong variation of code over time ⇒ increased bandwidth B ⇒ cross correlation peak width 1/B pulse compression ratio (PCR) = B · T

Pulse compression

sin 3 kHz chirp 3-3.5 kHz chirp 3-10 kHz

4000

time=[0:1e-6:1e-2]; %samp. rate=1 us

Link budget

x=chirp(time,1e3,time(end),1e3); noise=20*rand(length(x),1)’; noise=noise-mean(noise); xx=xcorr(x,x); xb=xcorr(x,noise); plot(xx,’b-’);hold on;plot(xb,’r-’);

xcorr

2000

0

-2000

-4000

5000

10000

15000

20000

x=chirp(time,1e3,time(end),5e3); xx=xcorr(x,x); xb=xcorr(x,noise); plot(xx,’k-’);hold on;plot(xb,’m-’);

delay 31 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK

Pulse compression basics • The longer the code (T ), the longer the time during which the integral of xcorr accumulates energy and smoothes noise, • but long pulse induces loss of time resolution ⇒ cross-correlation is a broad peak • strong variation of code over time ⇒ increased bandwidth B ⇒ cross correlation peak width 1/B

SDR decoding of GPS

Link budget

2

1.5

code

Pulse compression

pulse compression ratio (PCR) = B · T Remember: GPS is designed for timing signals with better than one “chip” resolution. 1

0.5 0

-0.5 0

200

400

600 sample number

800

1000

300 200 100 xcorr

From acquisitin to tracking (NAV messages)

0 -100 -200

noise=rand(1023,1)’*7; noise=noise-mean(noise); b=[1:1023]; b=mod(b,2);b=b-mean(b); plot(xcorr(b+noise,b),’r’);hold on

-300 0

500

1000 delay

1500

2000

a=cacode(1,1);a=a-mean(a); plot(xcorr(a+noise,a)); plot(a+1.5);hold on;plot(b,’r’); 32 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression Link budget

Link budget • a radiofrequency (electrical) power is emitted, either isotropically or in a directional pattern with an antenna gain G1 : PE × G1 • this power spreads on a sphere centered on the emitter: in the case of isotropic emitter, the area of this sphere is, at a distance d, 4πd 2 • if G1 > 1, then only a fraction 4πd 2 /G1 of the sphere is illuminated • this sphere intersects the receiver, which can detect any incoming signal on a 4π-steradian sphere on a typical area of λ2 • this receiver might exhibit a reception antenna gain G2  2 λ PR = G1 G2 : Friis 9 equation PE 4πd or Free Space Propagation Loss (FSPL), since 20 log10 (c/4/π) = 147.5 dB

FSPL = 20 log10 (f ) + 20 log10 (d) − 147.55 dB

9 H.T.

Friis A Note on a Simple Transmission Formula, Proc. I.R.E. 254-–256

33 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression

Link budget • a radiofrequency (electrical) power is emitted, either isotropically or in a directional pattern with an antenna gain G1 : PE × G1 • this power spreads on a sphere centered on the emitter: in the case of isotropic emitter, the area of this sphere is, at a distance d, 4πd 2 • if G1 > 1, then only a fraction 4πd 2 /G1 of the sphere is illuminated • this sphere intersects the receiver, which can detect any incoming signal on a 4π-steradian sphere on a typical area of λ2 • this receiver might exhibit a reception antenna gain G2  2 λ PR = G1 G2 : Friis equation PE 4πd

Link budget

Application: 1 a GPS satellite emits 50 W (17 dBW=47 dBm) at 1575.42 MHz with an antenna gain of 13 dBi and flies at 20000 km over the Earth 2 FSPL = 182 dB⇒ PR = −152 dBW= −122 dBm 3 receiver sensitivity: typically around -159 dBm (usglobalsat.com/store/download/53/et312_ug.pdf) 4 DVB-T: detection limit around -95 dBm (10 dB SNR) + 27 dB antenna gain = -122 dBm detection limit 34 / 35

PRN and GPS decoding using Software Defined Radio J.-M Friedt & al. Outline GNSS & CDMA Spectrum spreading Lab session PSK SDR decoding of GPS From acquisitin to tracking (NAV messages) Pulse compression

Link budget • a radiofrequency (electrical) power is emitted, either isotropically or in a directional pattern with an antenna gain G1 : PE × G1 • this power spreads on a sphere centered on the emitter: in the case of isotropic emitter, the area of this sphere is, at a distance d, 4πd 2 • if G1 > 1, then only a fraction 4πd 2 /G1 of the sphere is illuminated • this sphere intersects the receiver, which can detect any incoming signal on a 4π-steradian sphere on a typical area of λ2 • this receiver might exhibit a reception antenna gain G2  2 λ PR = G1 G2 : Friis equation PE 4πd

Link budget

What is the thermal noise power ? 6 1 1 MHz bandwidth (1023 kHz) so that 10 log10 (10 ) = 60 dB 2 −174 + 60 = −114 dBm> -122 dBm ! 3 but 30 dB=1023 kHz/1 kHz pulse compression: −122 + 30 = −92 > 114 dBm (SNR ' 22 dB after compression) 4 the cross-correlation brings the signal out of the noise: a spectral analysis (FFT) cannot display the GPS signal ! 35 / 35