Home > Articles > Networking > Wireless/High Speed/Optical

  • Print
  • + Share This
This chapter is from the book

This chapter is from the book

3.4 Second-Generation Mobile Networks

Second-generation mobile networks are a step up in technology evolution. 2G networks, as they are commonly refered to, are digital networks. There are several 2G technologies that have been deployed across the world. The most widespread deployment is, of course, the TDMA-based GSM system and the CDMA-based IS-95 system. Other 2G technologies that have been deployed include DECT (Digital European Cordless Telephone), IS-136, and the PDC-based personal handyphone system (PHS) in Japan.

The following sections will take a closer look at the GSM and CDMA networks and technology.

3.4.1 -GSM (Global System for Mobile Communication)

GSM is a TDMA-based wireless communications system. Work on the GSM specifications started in the 1980s in Europe as a result of the capacity limits being experienced by analog networks such as NMT.

The GSM 900 system uses two 25-MHz bands for the uplink and downlink, and within this spectrum 200-KHz channels are allocated. The uplink and downlink are separated by a 45-MHz spacing. GSM 1800 uses two 75-MHz bands for the uplink and downlink. Again 200-KHz channels are allocated within those bands and are separated by a 95-MHz spacing. The 1900-MHz systems use two 60-MHz bands for the uplink and downlink using 200-MHz channels within those bands and separated by 80-MHz spacing.


Europe felt the need for a common mobile telephony standard since different countries had differing analog networks, and as a result roaming of subscribers between these networks was not possible. CEPT (Conference European des Postes et Telecommunications) is a standardization arena in Europe. A new group called GSM (Groupe Special Mobile) was formed within CEPT in 1982 whose task was to specify a unique radio communication system for Europe at 900 MHz. The timeline in Figure 3–6

Figure 6Figure 3–6 GSM standards timeline.


The topology and network architecture of GSM is shown in Figure 3–7.

Figure 7Figure 3–7 GSM network architecture.

The mobile station (MS) is the terminal (phone, PDA mobile unit) provided to the subscriber. It is essentially a GSM two-way radio that conforms to the air interface specifications.

The base station subsystem is functionally subdivided into the base station controller (BSC) and the base transceiver station (BTS). A single BSC normally controls a large number of BTSs. BTSs contain the radio equipment and are connected to cell site antennas. The BTS is essentially a layer two bridge if viewed from a high-level perspective. It provides an entry point for the subscribers who are present in the cell, allowing them to make or receive calls. Some of the base station functions are radio transmission in GSM format, use of frequency hopping techniques, coding and decoding of radio channels, and measurement of quality and received power on traffic channels.

The BSC is a much more complex system. It is responsible for managing the radio resources in the network as well as control handovers. So the BSC has functionality of mobility management, radio resource management, call control, management of intercell handovers, and other housekeeping tasks.

Table 3–1 MAPInterfaces

Network Elements Connected
























The mobile switching center (MSC) is the centrallized controller of the network. The MSC is a switch that provides call control capability. It also interfaces to the PSTN. An MSC that interfaces to the PSTN is called a gateway MSC (GMSC). The MSC also is responsible for tracking the user as he or she moves between networks. So it plays a role in mobility management as well.

GSM uses two databases, called the home location register (HLR) and the visitor location register (VLR). The HLR contains the subscriber's profile information (which is static) as well as the current location of the subscriber (i.e., it knows the reachability information of the subscriber). The VLR stores the current location or point of attachment to the network and the state of the mobile terminal. For mobile terminated calls, the HLR is the initial signaling contact point in the mobile network, whereas the VLR is the initial signaling contact when the call originates from the mobile.

The authentication center (AuC) is a database that stores confidential information, such as keys associated with valid subscribers. The AuC is responsible for authenticating a subscriber. When subscribers attach to the network, the network performs an authentication procedure for the subscriber. The keys associated with the subscriber are utilized in conconjunction with an algorithm to validate the authenticity. The secret key associated with the subscriber is stored on the subscriber identity module (SIM).

Frequency Hopping Spread Spectrum (FHSS)

Frequency hopping is one of the spread spectrum techniques used in the IEEE 802.11 standard. This is one of the transmission mechanisms of the physical layer. The technique involves the breakup of a wide band of frequency into smaller bands. Then the transmitter "hops" in each of the smaller bands, in a predetermined pattern. The receiver knows this hopping sequence and can lock on to the frequency to receive information. The transmitter and the receiver constantly change patterns using the agreed-on hop sequence; thus, interference is avoided as the transmitter and receiver keep hopping around the smaller bands of frequency over a wide range of frequencies. Interference from narrowband applications (such as garage door openers) will occur only in a specific band for a certain period of time.

The 2.4-GHz frequency spectrum that is available for use is divided into several 1-MHz frequency bands. The transmitter and receiver hop from one 1-MHz frequency band to another, in a near-random sequence. The transmitter will send data in each of the 1-MHz frequency bands, and if the receiver is locked onto the appropriate 1-MHz band, it should be able to receive the information from the transmitter.

The amount of time spent by the transmitter or the receiver in a 1-MHz band is referred to as the dwell time. Typically, any narrowband interference is limited to the dwell time in each band.

Direct Sequence Spread Spectrum

In DSSS the transmitter and the receiver agree on a digital code. The transmitter takes the typically narrowband input signal and spreads or transforms it into wideband by applying the selected code. Each input bit is replaced by the code, resulting in wideband. The receiver applies the same digital code to the received signal and, when properly synchronized, retrieves the input bits transmitted.

DSSS systems are complex to build and provide inherent security due to the transformations performed (i.e., codes used). They have the ability to provide higher data rates when compared to FHSS systems, as most of the FHSS systems are required to use around 1-MHz of bandwidth at any time. In the IEEE 802.11 DSSS system, an 11-bit code called a Barker sequence is used to transform the original data bits. The resulting transformed bits are modulated to send over a carrier frequency using one of two modulation techniques: differential binary phase shift keying (DBPSK) or differential quadrature phase shift keying (DQPSK).


Four main interfaces are defined in GSM networks:

  • Um Interface—Between the MS and the BTS

  • Abis Interface—Between the BTS and the BSC

  • A Interface—Between the BSC and the MSC

  • MAP-x—Between the MSCs as well as between MSC and HLR/ VLR/AuC.

The Um interface uses a combination of FDMA and TDMA access techniques. One hundred twenty-four full-duplex channel pairs are defined that operate with different carrier frequencies. Each of these FDM channels uses TDMA slots.

The Abis interface connects the BTSs with a BSC. The Abis interface has normally been implemented as a proprietary interface. The physical layer is defined by a 2-Mbps PCM link, and the datalink uses LAPD.

The A interface is an open interface that connects the radio access network (RAN) to the core network. The A interface links multiple BSCs to an MSC. It is the open nature of this interface that makes it possible to connect equipment made by different vendors. The A interface functions include call control and mobility signaling.


The SIM is a personalized part of the mobile station and operates along with a memory card. The SIM identifies the subscriber. The mobile station is simply a piece of radio equipment and becomes associated with a subscriber only as a result of the SIM being inserted into the terminal. The SIM provides the security needs of the operator and the subscriber.

With the SIM concept, a subscriber is not tied to any specific mobile terminal. A subscriber can use different terminals. As far as the network operator is concerned, a subscriber is identified by the SIM. It identifies the account owner and can be modified or subscription options changed. The key functionalities afforded by SIM are subscriber authentication, secure location for secret keys at the subscriber end, processing capability for executing the authentication, and ciphering algorithms.


MAP is a protocol used in GSM core networks on various interfaces. MAP can be denoted as MAP-x, where x can determines the interface. The interfaces where MAP is used are shown in Table 3–1. Functionalities associated with each of these interfaces are defined in the specifications for MAP in GSM 09.02.

3.4.2 CDMA IS-95

CDMA is a relatively new technology in the mobile cellular industry. Commercial networks were first deployed in the mid-1990s. However, they are growing rapidly and they account for about 25% of the wireless networks globally.

The CDMA standard referred to as IS-95 is specified by TIA/EIA.


The wireless spectrum is a scarce resource, with tight regulations in terms of usage and power radiated along with licenses required to operate. This is true for most of the wireless systems in place. Interference is an issue that wireless networks must contend with.

Spread spectrum is one of the techniques employed that inherently is less sensitive to interference. Spread spectrum techniques typically use more bandwidth than necessary to transmit and receive bits.

Spread spectrum techniques inherently offer more privacy than narrowband techniques, as they are more difficult to intercept or spy on. They use a code, which is known only to the transmitter and the receiver. Spread spectrum techniques can also coexist with other technologies as the transmitter and receiver can obtain information as long as they are decoding with the same code.

There are two popular spread spectrum techniques. The first is frequency hopping spread spectrum (FHSS), where the transmitter and the receiver hop in a predetermined sequence through a wide band of frequencies.

The second technique is direct sequence spread spectrum (DSSS), a mechanism in which data bits are transformed by codes, which in turn occupy a wide band of frequencies. This technique is already in use in public wireless networks such as IS-95 (or CDMA, as it is popularly known). DSSS is a technique wherein the carrier is modulated by a digital code in which the code bit rate is much larger than the information signal bit rate.

The DSSS system is a wideband system in which the entire bandwidth of the system is available to the user. The user data is spread using a spreading signal refered to as the code signal. The code signal or the spreading signal has a much higher data rate than the user data rates; for example, the 1.2288 MCPS in CDMA vs. user data rates that are much lower. At the receiving end, despreading is accomplished by the cross corelation of the signal with a synchronized replica of the same signal used to spread the data. In CDMA systems pseduorandom noise (PN) sequences are used to spread the bandwidth and distinguish among various users' signals. PN sequences, as the name suggests, are not random but rather deterministic.


The CDMA architecture is based on the reference model from the cellular standards group TR-45. Structure of the standards organization is discussed in Chapter 16. The main elements of the reference architecture are as follows:

  • Base station—The base station is the BSS equivalent in GSM networks. The BS consists of the BTS and the BSC. The functionality of the BTS and BSC is similar to the functionality of these elements as described in "GSM Topology" (p. 53).

  • Mobile station—The mobile station is the terminal that is a transmitter and receiver.

  • Mobile switching center (MSC)—The MSC is the switch that provides call control functionality, mobility, and the trunking interface to the PSTN.

  • Home location register (HLR)—The HLR is attached to an MSC and maintains the subscriber's profile information as well as the current location of the user in the network from an attachment perspective.

  • Vistied location register (VLR)—The VLR is attached to an MSC and stores the subscriber information that is obtained from the HLR on a dynamic basis or as long as the user remains within the area served by that MSC.

  • Authentication center (AC)—The AC is responsible for maintaining the keys associated with a subscriber and performs authentication of subscribers when they register with the network.

  • Operations support, billing systems, interworking function—Other elements that have the same functionality as described in Section 3.2.2.

IS-95 channels can be segmented into physical channels and logical channels:

  • Physical channels—Physical channels are defined in terms of an RF frequency and a code sequence. There are 64 Walsh codes available for the forward link (BS-MS) providing 64 logical channels. On the reverse link channels are identified by long PN code sequences. In IS-95, CDMA carrier band center frequencies are denoted by AMPS channel numbers. One CDMA carrier requires 41 30-KHz AMPS channels to provide a CDMA carrier bandwidth of 1.23 MHz. The 1.23-MHz bandwidth of a CDMA carrier makes the minimum center frequency separation between two carriers at 1.23 MHz.

  • Logical channels—Logical channels can be further subdivided into control and traffic channels. The control channels and traffic channels in IS-95 are as follows:

    Pilot channel (downlink)—The pilot channel is transmitted continuously by the base station on each CDMA frequency and is used to provide a reference to all mobile stations.

    Paging channel (downlink)—The paging channel is used to transmit control information to the mobile station. In order to terminate a call, the network pages the mobiles in an area on the paging channel.

    Sync channel (downlink)—The sync channel is used along with the pilot channel to acquire initial time synchronization.

    Access channel (uplink)—The access channel is used by the mobile to transmit control information to the base station. Many messages can be carried on the access channel. When a mobile originates a call, it uses the access channel to inform the base station. This channel is also used to respond to a page.

    Forward traffic channels—These channels are grouped into rate sets. Rate sets identify the voice coding scheme that can be used on any channel.

    Reverse traffic channels—User traffic on the reverse channel is identified by a user-specific long code sequence based on the user's ESN.


IS-95 uses the following interfaces:

  • A Interface (BSC-MSC)—This interface is between the BSC and the MSC. It supports both the control plane and user plane.

  • Abis Intreface (BTS-BSC)—This is the interface between the BSC and the BTS. This is an internal interface and generally proprietary.

  • B Interface (MSC-VLR)—This interface is defined in TIA IS-41.

  • C Interface (MSC-HLR)—This interface uses IS-41 messaging as well.

  • D Interface (HLR-VLR)—HLR-VLR signaling is based on IS-41 as well. It sits on top of SS7.

  • E Interface (MSC-MSC)—Inter MSC signaling is defined in IS-41.

  • H Interface (HLR-AC)—The interface that is used for authenticating a subscriber is defined in IS-124.

  • L Interface (MSC-IWF)—This interface allows the ability for circuit switched data in second generation networks.

  • Um Interface (BS-MS)—This is the air interface between the mobile and the network.


IS-41 is standardized by the Telecommunications Industry Association (TIA). Revision C is the latest version of the protocol and is called IS-41C. IS-41 is the core networking protocol that supports mobility, authentication, and roaming. IS-41 allows network equipment to be multivendor. Since the equipment has to conform to the standard interface, it is possible to have an environment wherein MSCs are from vendor A and the BSC/radio network is from vendor B.

IS-41C is an application-layer protocol. IS-41 normally is operated over SS7 networks, which provide the reliability required for signaling.

Roaming between networks that use GSM MAP and IS-41 requires the use of gateway functions that convert messages from one protocol to another. Such gateways can be considered protocol translators.

3.4.3 GPRS (2.5G Network)

General Packet Radio Service (GPRS) is an enhancement to GSM networks with support for packet radio. GPRS overlays a packet-based air interface on the existing circuit switched network. It also introduces a packet core aspect primarily for data applications. Packet switching allows radio resources to be shared efficiently by a large number of users since radio resources are allocated if there are data to send or receive. GPRS network architecture as well as the enhancements to the air interface are covered in Chapter 8.

  • + Share This
  • 🔖 Save To Your Account