Software-defined radio (SDR) has been a hot topic for many years. Software-defined radio (SDR) is a radio communication system where components that have been typically implemented in hardware (e.g. mixers, filters, amplifiers, modulators/demodulators, detectors, etc.) are instead implemented by means of software on a personal computer or embedded system.
There has been many even free software implementations of SDR (for example Gnu Radio), but to use them you have needed some special hardware that has been quite expensive. But now there are also inexpensive hardware options for receiving: rtl-sdr is a creative form of using consumer-grade DVB-T USB receivers, turning them into fully-fledged software defined radios. At a street price of about 20 Euros/USD they are undoubtedly the most capable low-cost SDR hardware that can be bought.
RTL-SDR: Inexpensive Software Defined Radio article gives an introduction how to built software radio this way. Hare is a good picture from that article the gives overview of the hardware.
Those DVB-T receivers supported by rtl-sdr are based on the Realtek RTL2832U chipset plus a tuner IC like the Elonics E4000 (can tune from 54-2200 MHz with gap at 1100-1250 MHz). The RTL2832U is a high-performance DVB-T COFDM demodulator that supports a USB 2.0 interface. It has some undocumented commands/registers, by which it can be placed into a mode where it simply forwards the unprocessed raw baseband samples (up to 2.8 MS/s 8-bit I+Q) via high-speed USB into the PC so they can be routed to suitable receiving program.
Of course you need suitable software to decode those samples. Suitable Windows Software for the application is the very nice, fast and open source SDR#. It can natively support RTLSDR hardware. Other option to connect to SDR hardware is through TCP connection: The Osmocom RTLSDR utilities include the program rtl_tcp. This allows you to run the dongle on one PC (be it Windows or Linux) or an embedded ARM/MIPS board and pump the ADC data over a TCP connection to another computer running a compatible client such as SDR#.
To test software defined radio I got quite many months ago suitable rtl2832u-sdr hardware: Ezcap EZTV645 DVB-T Digital TV USB 2.0 Dongle with FM/DAB/Remote Controller. Here is a picture of dongle and the antenna that comes with it.
Here is what the USB dongle looks like inside. As you can see there are not too many components in it.
Here is a close-up of the tuner and receiving chips.
To make the software to work the hardware, the original USB drivers for the dongle needs to be replaced with Zadig WinUSB drivers. WinUSB is a generic USB driver aimed at simple devices that are accessed by only one application at a time directly through a simple software library.
I had some problems in installing Zadig drivers to my systems. That slowed down staring to use the hardware quite a bit. The official driver instructions say to select “Bulk-In, Interface (Interface 0)” from the drop down list, but on my system the device I had showed on my system system as REALTEK 2832U (0). Zadig needed to be “run as administrator” to work as well Zadig needed to be “run as administrator” (quite slow and needed reboot).
Replacing the original driver it with Zardig (zadig_v.2.0.1.161.exe) made it work with SDR# (old Nightly built of SDR# with built-in REALTEK 2832U drivers). Here is the screen-shot of the software in use listening to FM radio (SDR# v1.0.0.357 Nighly with RTL-SDR/RTL2832U).
SDR# seemed to work well in listening to FM stations. I could also easily use it to listen to the transmissions from different 433 MHz RF remote controllers as well. The software can decode AM, NFM, LSB, USB, WFM, DSB, CW-L and CW-U signals.
The spectrum and waterfall displays give a good overview on the received signal. The spectrum display shows around 2 MHz frequency band (+-1 MHz from center frequency).
As you can see on the spectrum, the dynamic range between the noise floor and strongest signals is quite limited (due to 7 or 8 bits resolution of samples), which means you can listen to strong signals but weaker stations can easily be lost under the sample noise. Because the E4000 is a Direct Conversion Receiver, it has an Image Rejection problem. By switching on Correct IQ in SDR# a more or less acceptable 50dBs are reached. The E4000 shows many signals actually not present at its input (“birdies”).
I got pretty cheaply pretty nice radio receiver that can receive very many radio signals and do spectrum analysis for radio signals.
243 Comments
Tomi Engdahl says:
Color TV Broadcasts are ESP8266’s Newest Trick
http://hackaday.com/2016/03/01/color-tv-broadcasts-are-esp8266s-newest-trick/
The ESP8266 is well known as an incredibly small and cheap WiFi module. But the silicon behind that functionality is very powerful, far beyond its intended purpose. I’ve been hacking different uses for the board and my most recent adventure involves generating color video from the chip. This generated video may be wired to your TV, or you can broadcast it over the air!
The coolest part of using the chip’s I2S bus is the versatile DMA engine connected to it. Data blocks can be chained together to seamlessly shift the data out, and interrupts can be generated upon a block’s completion to fill it in with new data. This allows the creation of a software defined bitstream in an interrupt.
Why NTSC? If I lived in Europe, it would have been PAL. The question you’re probably thinking is: “Why a dead standard?” And there’s really three reasons.
Conveniently, NTSC is also particularly easy to broadcast. It’s just AM modulation.
Thanks to algebra, we can directly synthesize both the main signal (61.25 MHz) and the chroma signal (64.83 MHz) at varying intensities and phases. The program created a table with several “colors” or repeating 1408 bit samples of “sync” “black” white” “red”, etc. Now, at any point in time we can select a specific color out of this table to be transmitted. Voilà. Now, the ESP can control the signal output.
Using the interrupt on the I2S meant we can just plan out the video line we want to transmit and hand it over to the DMA engine to get it transmitted in sync.
NTSC is probably my favorite standard. Its surprising robustness, ubiquity, and simplicity provides the ability to output, transfer and view video in so many ways it hardly matters that the standard is “dead.”
Tomi Engdahl says:
Build Your Own GSM Base Station For Fun And Profit
http://hackaday.com/2016/04/08/build-your-own-gsm-base-station-for-fun-and-profit/
Over the last few years, news that police, military, and intelligence organizations use portable cellular phone surveillance devices – colloquially known as the ‘Stingray’ – has gotten out, despite their best efforts to keep a lid on the practice. There are legitimate privacy and legal concerns, but there’s also some fun tech in mobile cell-phone stations.
Off-the-shelf Stingray devices cost somewhere between $16,000 and $125,000, far too rich for a poor hacker’s pocketbook. Of course, what the government can do for $100,000, anyone else can do for five hundred. Here’s how you build your own Stingray using off the shelf hardware.
[Simone] has been playing around with a brand new BladeRF x40, a USB 3.0 software defined radio that operates in full duplex. It costs $420. This, combined with two rubber duck antennas, a Raspberry Pi 3, and a USB power bank is all the hardware you need. Software is a little trickier, but [Simone] has all the instructions.
[Simone]’s build is only good at receiving/tapping/intercepting unencrypted GSM signals
How To Build Your Own Rogue GSM BTS For Fun And Profit
https://evilsocket.net/2016/03/31/how-to-build-your-own-rogue-gsm-bts-for-fun-and-profit/
The last week I’ve been visiting my friend and colleque Ziggy in Tel Aviv which gave me something I’ve been waiting for almost a year, a brand new BladeRF x40, a low-cost USB 3.0 Software Defined Radio working in full-duplex, meaning that it can transmit and receive at the same time ( while for instance the HackRF is only half-duplex ).
In this blog post I’m going to explain how to create a portable GSM BTS which can be used either to create a private ( and vendor free! ) GSM network or for GSM active tapping/interception/hijacking … yes, with some (relatively) cheap electronic equipment you can basically build something very similar to what the governments are using from years to perform GSM interception.
Tomi Engdahl says:
Listen to Meteors Live
http://hackaday.com/2016/04/09/listen-to-meteors-live/
When the big annual meteor showers come around, you can often find us driving up to a mountaintop to escape light pollution and watching the skies for a while. But what to do when it’s cloudy? Or when you’re just too lazy to leave your computer monitor? One solution is to listen to meteors online! (Yeah, it’s not the same.)
The trick is to find a strong signal broadcast from the earth that’s in the 40-70 MHz region where the atmosphere is most transparent so that you get a good signal.
http://livemeteors.com/
When a meteor enters the Earth’s upper atmosphere it excites the air molecules, producing a streak of light and leaving a trail of ionization (an elongated paraboloid) behind it tens of kilometers long.
marketing co lexington says:
Excellent write-up. I absolutely appreciate this site.
Keep it up!
Tomi Engdahl says:
LimeSDR: Flexible, Next-generation, Open Source Software Defined Radio has been launched on Crowd Supply.
http://limesdr.org/
LimeSDR is a low-cost software defined radio through which apps can be programmed to support any type of wireless standard, e.g. UMTS, LTE, LoRa, Bluetooth, Zigbee, RFID, Digital Broadcasting, etc.
The problem at the moment is there exists a closed ecosystem of suppliers that provides the hardware, which forms today’s wireless infrastructure. Only these particular suppliers can make, program, deploy and maintain this infrastructure. This means that operators are locked in, no matter the cost or functionality and the pace of innovation is slow.
The Solution – lies in introducing flexibility into the system.
LimeNet is an ecosystem that utilises commodity chipsets and hardware to form highly programmable solutions based on open source and a wide community of developers.
Now Launched on Crowd Supply
http://www.limemicro.com/
The LimeSDR is a low cost apps-enabled software defined radio (SDR) platform that can be programmed to support just about any type of wireless standard – putting significant power at the disposal of anyone who wants to innovate in the world of wireless.
Tomi Engdahl says:
LimeSDR: Flexible, Next-generation, Open Source Software Defined Radio
https://www.crowdsupply.com/lime-micro/limesdr
You no longer have to be a large corporation to be an innovator in wireless communications.
A Software Defined Radio for Everyone
LimeSDR is a low cost, open source, apps-enabled (more on that later) software defined radio (SDR) platform that can be used to support just about any type of wireless communication standard. LimeSDR can send and receive UMTS, LTE, GSM, LoRa, Bluetooth, Zigbee, RFID, and Digital Broadcasting, to name but a few.
While most SDRs have remained in the domain of RF and protocol experts, LimeSDR is usable by anyone familiar with the idea of an app store – it’s the first SDR to integrate with Snappy Ubuntu Core. This means you can easily download new LimeSDR apps from developers around the world. If you’re a developer yourself, you can share and/or sell your LimeSDR apps through Snappy Ubuntu Core as well.
The LimeSDR platform gives students, inventors, and developers an intelligent and flexible device for manipulating wireless signals, so they can learn, experiment, and develop with freedom from limited functionality and expensive proprietary devices.
From Radio Astronomy to Personal Telcos
Here are just some of the applications that are possible with the LimeSDR:
Radio astronomy
RADAR
2G to 4G cellular basestation
Media streaming
IoT gateway
HAM radio
Wireless keyboard and mice emulation and detection
Tire pressure monitoring systems
Aviation transponders
Utility meters
Drone command and control
Test and measurement
Many more…
Tomi Engdahl says:
Software Defined Radio App Store
http://hackaday.com/2016/05/07/software-defined-radio-app-store/
Software defined radios (SDRs) can–in theory–do almost anything you need a radio to do. Voice? Data? Frequency hopping? Trunking? No problem, you just write the correct software, and you are in.
That’s the problem, though. You need to know how to write the software. LimeSDR is an open source SDR with a crowdfunding campaign. By itself, that’s not anything special. There are plenty of SDR devices available. What makes LimeSDR interesting is that it is using Snappy Ubuntu Core as a sort of app store. Developers can make code available, and end-users can easily download and install that code.
https://www.crowdsupply.com/lime-micro/limesdr
https://github.com/myriadrf/LimeSDR-USB
What you really need is components that you can easily integrate. This is the idea behind GNU Radio (we’ve covered GNU Radio before). Granted, LimeSDR supports GNU Radio, too. However, an app store that can bundle GNU Radio applications and also allow installation of modules easily would be widely applicable and useful.
We have talked a lot about SDRs over the last few years, especially the RTL-SDR dongles. LimeSDR is a big step up in price and performance from an RTL-SDR dongle, though.
Tomi Engdahl says:
VITA 49: The Future of Software Radio
http://pentek.com/pipeline/25_2/VITA490.cfm
The use of software radio technology has spread to almost every commercial, consumer, government, industrial, and military platform across the entire radio frequency spectrum during the technology’s 25-year lifespan. Innovations in data converter technology, DSP devices, system interconnects, processors, software, design tools, and packaging techniques have improved performance levels and reduced the size, weight, and power consumption of software radio systems. However, the rapid surge in software radio applications spawned ad hoc, proprietary interfaces between the elements in these systems.
More than ten years ago, government and military customers realized this complexity was undermining software radio’s reliability and maintainability as well as hindering feature upgrades and technology refresh cycles. They also wanted to improve compatibility between vendors and reuse software radio hardware platforms for different types of signals and new applications in the future. So those interested in addressing these issues started work on VITA 49.0, which became known as VRT, for VITA Radio Transport.
This article describes the challenges inherent in traditional software radio architectures, how the VRT protocol addresses those challenges, and how additions and refinements to VRT will provide even more benefits to software radio technology.
Traditional Software Radio Architecture
The essence of software radio is the replacement of analog radio functions with digital signal processing. But, because all software radio systems ultimately need some analog RF connection to an antenna, they always include some analog circuitry between the antenna and the digitizer.
This critical link provides gain, filtering, frequency translation, and other operations to ensure that the digitizer responsibly captures the signal band of interest while minimizing aliasing, distortion, and noise.
Because ADCs with the highest resolution operate at lower input signal frequencies, high frequency RF signals are usually translated to lower IF frequencies before digitizing to maximize dynamic range. These digitized signals are then exploited by the appropriate DSP hardware and software to meet the tasks at hand.
A Better Way: VRT-Enabled Software Radio
Figure 2 shows the system concept for VRT. Notice the critical RF analog connections to the antennas remain essentially the same, but the transceivers now incorporate the analog RF signal conditioning, translation to IF, and the ADC and DAC functions.
So far, this architecture is fully consistent with the essential blocks of a conventional software radio receiver. Transforming it into a VRT receiver consists of organizing the IF output data samples into structured packets, which also contain header information for stream ID and a time stamp, thus forming the VRT IF Data Packets.
VRT Benefits Key Applications
Software radio SIGINT and COMINT systems attempting to locate, identify, and monitor a wide range of unknown signals can extract many useful facts from the VRT Information Stream. These can include the azimuth and elevation of a directional antenna, the reference power level of the RF signal, the bandwidth and tuning frequencies of the RF tuner and DDC, the sample rate of the ADC, the frequency accuracy RF tuner and sample clock, a signal ID tag, and the time stamp.
VRT Evolves and Improves via VITA 49.2
Approved as an ANSI standard in 2007, VITA 49.0 represented the first official standard for VRT, but it only defined receiver functions using the VRT IF Data and Context packets, as shown in Figure 4. After demonstrating its usefulness by early adopters, system designers wanted to extend its scope to encompass even more elements of software radios. The original VITA 49.0 standard omits support for transmitters, control and status functions, and any signals other than digital IF.
Gaining Control
Another deficiency of VITA 49.0 was its lack of control of software radio resources
VITA 49.2 adds a new packet class called Control Packets, which allow the VRT System Processor to deliver operating parameters to each element using standardized fields and formats. This supports a consistent control interface across a wide class of hardware, ranging from antenna positioning systems to transmit power amplifiers.
Putting VRT to Work
Many vendors are now delivering VITA 49.0 compliant products. Fortunately, adding VRT features to a legacy software radio product is a reasonable effort, especially if it contains an FPGA.
Tomi Engdahl says:
Hackaday Prize Entry: Sniffing Defibrillator Data
http://hackaday.com/2016/05/22/hackaday-prize-entry-sniffing-defibrillator-data/
There’s a lot of implantable medical technology that is effectively a black box. Insulin pumps monitor blood sugar and deliver insulin, but you can’t exactly plug in a USB cable and download the data. Pacemakers and cardiac defibrillators are the same way. For these patients, data is usually transmitted to a base station, then sent over the Internet to help doctors make decisions. The patient never gets to see this data, but with a little work and a software defined radio, a team on Hackaday.io is cracking the code to listen in on these implanted medical devices.
The implant communicates via 402-405MHz radio, a region of the spectrum that is easily accessible by a cheap RTL-SDR TV Tuner dongle.
ICeeData
https://hackaday.io/project/11323-iceedata
Making heart implant collected data accessible to the patients by sniffing RF transmissions
Sniffing data transmissions between Implanted Cardiac Defibrillator to get data inaccessible for patients. Why? Because patients want it and can improve their lives using that data.
As for now, we’re using RTL-SDR and GNU/Radio to collect the data, and Python for processing. Want to know more? Scroll to the details =)
Tomi Engdahl says:
Identify Your Devices by Their Unintentional Radiation
http://hackaday.com/2016/05/22/identify-your-devices-by-their-unintentional-radiation/
EM-ID: Tag-less Identification of Electrical Devices via Electromagnetic Emissions
https://www.disneyresearch.com/publication/em-id/
Radio Frequency Identification technology has greatly improved asset management and inventory tracking. However, for many applications RFID tags are considered too expensive compared to the alternative of a printed bar code, which has hampered widespread adoption of RFID technology. To overcome this price barrier, our work leverages the unique electromagnetic emissions generated by nearly all electronic and electromechanical devices as a means to individually identify them. This tag-less method of radio frequency identification leverages previous work showing that it is possible to classify objects by type (i.e. phone vs. TV vs. kitchen appliance, etc). A core question is whether or not the electromagnetic emissions from a given model of device, is sufficiently unique to robustly distinguish it from its peers.
Tomi Engdahl says:
Hacking Rolling Code Keyfobs
http://hackaday.com/2014/03/17/hacking-rolling-code-keyfobs/
Most keyfobs out there that open cars, garage doors, and gates use a rolling code for security. This works by transmitting a different key every time you press the button. If the keys line up, the signal is considered legitimate and the door opens.
[Spencer] took a look into hacking rolling code keyfobs using low cost software-defined radio equipment. There’s two pars of this attack. The first involves jamming the frequency the keyfob transmits on while recording using a RTL-SDR dongle. The jamming signal prevents the receiver from acknowledging the request, but it can be filtered out using GNU Radio to recover the key.
Jam Intercept and Replay Attack against Rolling Code Key Fob Entry Systems using RTL-SDR
http://spencerwhyte.blogspot.fi/2014/03/delay-attack-jam-intercept-and-replay.html
For the past 6 months I have been developing a proof of concept attack against rolling code key fob entry systems. Some examples of affected systems would be the key fob you use to unlock your car.
Or even open the garage door.
The oscillators used in these key fobs are typically low cost, meaning that they may not operate at exactly their design frequency throughout the full temperature range. For this reason, the receiver in the car, or home security system is designed to accept signals within a certain pass band. The trick of the attack is for the adversary to jam at some frequency within the receivers passband, but not too close to the frequency of the remote.
If you jam in this manor, when the victim presses the unlock button on their key fob, nothing will happen because the receiver is being jammed by an adversary. The adversary can then use a SDR such as the RTL-SDR, to record the whole transaction.
GNURadio makes it easy to filter out the jamming signal and obtain the authorized remote signal.
The signal obtained is the Nth rolling code, it is still valid because the receiver has not yet received the Nth rolling code. Therefore the adversary can replay the signal at a later time and unlock the car. But how does one replay the signal on the cheap?
The demodulated signal was then played back through the audio interface of the computer.
The signal was then fed into a LM386 op amp to bring the signal from line level (~1V), up to TTL (~3V). The TTL signal was then fed into an ASK RF module operating at the same frequency as the authorized remote.
A 315 MHz ASK module was used, but this module is inexpensive and could easily be swapped out for say a 400 MHz FSK module.
The attack was successful against all three rolling code secured automobiles.
Janis says:
The majority of people have this idea of branding as limited
only to firms and also business.
Tomi Engdahl says:
Hackaday Dictionary: Software Defined Radio (SDR)
http://hackaday.com/2016/05/30/hackaday-dictionary-software-defined-radio-sdr/
We are entering a new era of radio technology. A new approach to building radios has made devices like multi-band cell phones and the ubiquitous USB TV receivers that seamlessly flit from frequency to frequency possible. That technology is Software Defined Radio, or SDR.
A idealized radio involves a series of stages.
more sophisticated radios will add features like filters that remove unwanted frequencies or additional stages that will process the signal to create the output that you want.
If you want to receive multiple frequency bands or different types of signals, you need to have separate pathways for each band or type of signal, physically switching the signal between them. That’s why you have physical AM/FM switches on radios: they switch the signal from an AM radio processing path to an FM one.
Software Defined Radios remove that requirement. In these, the resonator and demodulator parts of the radio are replaced by computerized circuits, such as analog to digital converters (ADCs) and algorithms that extract the signal from the stream of data that the ADCs capture. They can change frequencies by simply changing the algorithm to look for another frequency: there is no need for a physical change in the circuit itself. So, an SDR radio can be tuned to any frequency that the ADC is capable of sampling
This idea was first developed in the 1970s, but it didn’t really become practical until the 1990s
Most modern SDRs don’t just use a single chip, though. Rather than directly converting the signal to digital, they use an analog front end that receives the raw signal, filters it and converts it down to a fixed frequency (called the intermediate frequency, or IF) that the ADCs in the FPGA can more easily digitize. This makes it cheaper to build
This flexibility means that SDR devices can handle a huge range of signals at relatively low cost.
by hacking a $20 USB TV receiver that contains an SDR, you can get a radio that can, with a suitable antenna, do things like track airplanes or receive satellite weather images.
Tomi Engdahl says:
Stealing secret crypto-keys from PCs using leaked radio emissions
AM radio + HTC HTC EVO 4G smartphone = snooping rig
http://www.theregister.co.uk/2015/06/20/tempest_radioshack/
Your encryption keys can accidentally leak from your PC via radio waves, computer scientists have reminded us this week. This is a well-understood risk, but as these guys have demonstrated, it can be done cheaply with consumer-grade kit, rather than expensive lab equipment.
Tel Aviv University researchers Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer have built on Genkin’s earlier work on capturing 4096-bit RSA keys using the sound emitted by a computer while it runs a decryption routine.
The latest research involved extracting private decryption keys from GnuPG on laptops within seconds by measuring the electromagnetic emanations during the decryption of a chosen cipher text. The researchers used the Funcube Dongle Pro+, hooked up to a small Android embedded computer called the Rikomagic MK802 IV, to measure emissions within 1.6 and 1.75 MHz. It may even be possible to pull off the attack with a standard AM radio with the output audio recorded by a smartphone.
“Any device close to a computer can pick up RF signals – put your phone close to the car radio and listen to it chatting,” Armstrong explained. “The key thing of this attack will the the required proximity. If they can do it at 10 metres in a different room, I would be impressed; if the device needs to be within 20cm, I am not.”
http://www.funcubedongle.com/
Tomi Engdahl says:
Hackaday Prize Entry: Reverse GPS
http://hackaday.com/2016/06/22/hackaday-prize-entry-reverse-gps/
There are now hundreds of these 10 cm satellites in orbit, and SatNogs, the winner of the Hackaday Prize a two years ago, gives all these cubesats a global network of ground stations.
There is one significant problem with a global network of satellite tracking ground stations: you need to know the orbit of all these cubesats.
[hornig] is working on a solution to the problem of tracking hundreds of cubesats that is, simply, reverse GPS. Instead of using multiple satellites to determine a position on Earth, this system is using multiple receiving stations on Earth’s surface to determine the orbit of a satellite.
The hardware for [hornig]’s Distributed Ground Station Network is as simple as you would expect. It’s just an RTL-SDR TV tuner USB dongle, a few antennas, a GPS receiver, and a Raspberry Pi connected to the Internet.
The Distributed Ground Station Network
tracking CubeSats faster, anywhere and anytime for everybody!
https://hackaday.io/project/10743-the-distributed-ground-station-network
The Distributed Ground Station Network (DGSN) is a novel network concept of small ground-stations and connected via the internet for performing automatic scans for cubesats and other beacon signals. By correlating the received signal with the precise, GNSS synchronized reception times of at least 5 ground stations, it enables the positioning of the signal’s origin. Thus a global tracking of small satellites becomes possible in this “reverse GPS” mode. It allows mission operators to position and track their small satellites faster after piggy-back commissioning, when the final orbit is yet undefined and could differ from the specified orbit. Furthermore it allows permanent communication in “data-dump” mode. In this mode, DGSN ground-stations relay the received data to the servers and thus to the operator.
Let’s track everything, together!
Tomi Engdahl says:
A checklist for designing RF-sampling receivers
http://www.edn.com/design/analog/4442261/A-checklist-for-designing-RF-sampling-receivers?_mc=NL_EDN_EDT_EDN_analog_20160623&cid=NL_EDN_EDT_EDN_analog_20160623&elqTrackId=8bce205bad954d1a924d0f7c40062b31&elq=631c228ccb254eca8cd79952b15c7565&elqaid=32798&elqat=1&elqCampaignId=28647
Home> Analog Design Center > How To Article
A checklist for designing RF-sampling receivers
Thomas Neu -June 22, 2016
inShare
Save Follow
PRINT
PDF
EMAIL
The modern, advanced CMOS direct radio frequency (RF)-sampling data converter has been eagerly awaited by system design engineers for several major end-equipment manufacturers. This includes manufacturers of communications infrastructure, software-defined radios (SDRs), radar systems, or test and measurement products. Recently introduced data converters are delivering the high dynamic range comparable to high-performance intermediate frequency (IF)-sampling data converters. Additionally, these converters integrate on-chip digital filtering (DDC), which reduces the output data rate from 3-4 GSPS sampling rate to something more manageable similar to traditional IF-sampling data converters.
Two major factors are driving the quick adoption of these ultra-high-speed data converters. The ever increasing demand for wider bandwidth naturally requires faster sampling rates, while higher density and integration is accomplished by removing one down conversion stage from the receiver, for example. Modern SDRs or cellular base stations need to be able to cover multiple frequency bands simultaneously, for example, to support carrier aggregation across multiple licensed Long-Term Evolution (LTE) bands to enable faster data traffic. Rather than expending one radio-per-band system, designers want to shrink the product form factor and build a multiband- capable radio. The RF sampling data converter removes the intermediate frequency (IF) stage saving printed circuit board (PCB) area and power consumption, while its wide Nyquist zone enables sampling multiple bands simultaneously.
System designers who are considering switching from IF- to RF-sampling need to solve four primary challenges on their checklist:
Receiver sensitivity
Radio performance in presence of in-band interferer
Filter requirements for out-of-band blocker
Performance of the sampling clock source
One basic performance metric of the receiver is its sensitivity, which means what is the weakest signal power that it can successfully recover and process.
In-band blocking performance
Sometimes interferers manage to get within the front-end filter passband. The receiver in-band blocking performance is a measure of how well the receiver can demodulate weak signals in the presence of such an in-band interferer. The automatic gain control (AGC) of the receiver ensures that the interferer power level stays below the ADC input full scale to avoid saturation.
Independent of architecture, the ADC input must be protected from large, out-of-band interferers because that would either alias the in-band to exceed the ADC full scale and saturate the receiver, or generate harmonics that would overlap with a small, in-band wanted signal.
Intermediate frequency-sampling systems have a relatively small Nyquist zone, therefore, the alias bands and mixing images are fairly close by.
Summary
The availability of high dynamic range RF-sampling converters, such as the ADC32RF45, enables direct RF-sampling receiver implementations for a wide range of applications. When transitioning from a traditional heterodyne design to a direct RF conversion, the designer should not have to compromise on radio performance. However, attention still needs to be given to the four major design challenges
Tomi Engdahl says:
GPS And SDR Combine Forces
http://hackaday.com/2016/06/25/gps-and-sdr-combine-forces/
Software-defined radio (or SDR) is a relatively new (to average tinkerers, at least) way of sending and receiving radio signals. The interest in SDR exploded recently with the realization that cheap USB TV tuner cards could be used to start exploring the frequency spectrum at an extremely reduced cost. One of the reasons that this is so advantageous is because of all of the options that a general-purpose computer opens up that go beyond transmitting and receiving, as [Chris] shows with his project that ties SDR together with GPS.
The goal of the project was to automatically tune a radio to the local police department’s frequency, regardless of location. To do this, a GPS receiver on a computer reports information about the current location. A JavaScript program feeds the location data to the SDR, which automatically tunes to the local emergency services frequencies.
GPS Enabled SDR Police Scanner
https://hackaday.io/project/12321-gps-enabled-sdr-police-scanner
When your driving wouldn’t you like to listen to the LEO’s (law enforcement organization) or Public Safety in your general geographic area?
Tomi Engdahl says:
Hackaday Prize Entry: MyComm Handheld Satellite Messenger
http://hackaday.com/2016/06/27/hackaday-prize-entry-mycomm-handheld-satellite-messenger/
We live in a connected world, but that world ends not far beyond the outermost cell phone tower. [John Grant] wants to be connected everywhere, even in regions where no mobile network is available, so he is building a solar powered, handheld satellite messenger: The MyComm – his entry for the Hackaday Prize.
The MyComm is a handheld touch-screen device, much like a smartphone, that connects to the Iridium satellite network to send and receive text messages. At the heart of his build, [John] uses a RockBLOCK Mk2 Iridium SatComm Module hooked up to a Teensy 3.1. The firmware is built upon a FreeRTOS port for proper task management.
2016 will be an interesting year for the Iridium network since the first satellites for the improved (and backward-compatible) “Iridium NEXT” network are expected to launch soon.
Yet, it’s still there, with maker-friendly modems being available at $250 and pay-per-use rates of about 7 ct/kB (free downstream for SDR-Hackers).
MyComm
https://hackaday.io/project/11802-mycomm
A portable, solar powered, handheld device that provides truly global messaging when you have no alternative.
Iridium Hacking
please don’t sue us
https://media.ccc.de/v/camp2015-6883-iridium_hacking
Tomi Engdahl says:
Emulating A Remote Control Ceiling Fan Transmitter In An FPGA
http://hackaday.com/2016/07/04/emulating-a-remote-control-ceiling-fan-transmitter-in-an-fpga/
[Joel] has a remote control ceiling fan. It’s nothing special, the controller has a low-power 350MHz transmitter and a Holtek encoder to send commands by keying the transmitter’s output. Desiring something a little better, he set about reverse engineering the device’s protocol and implementing it on a Lattice iCE40 FPGA.
To decode the device’s packets he reached for his RTL-SDR receiver and took a look at it in software. GQRX confirmed the presence of the carrier and allowed him to record a raw I/Q file, which he could then supply to Inspectrum to analyse the packet structure. He found it to be a simple on-off keying scheme, with bits expressed through differing pulse widths. He was then able to create a Gnu Radio project to read and decode them in real time.
350MHz FPGA Ceiling Fan Remote
https://airwebreathe.org.uk/doku.php?id=350mhz_fpga_ceiling_fan_remote
Tomi Engdahl says:
Data Exfiltration With Broadcast Radio And CD-ROM Drives
http://hackaday.com/2016/07/05/data-exfiltration-with-broadcast-radio-and-cd-rom-drives/
The first music played on personal computers didn’t come out of fancy audio cards, or even a DAC. the first audio system in a personal computer was simply holding an AM radio up to the case and blinking address pins furiously. This worked wonderfully for homebrew computers where EMC compliance hadn’t even become an afterthought, but the technique still works today. [Chris] is playing music on the radio by sending bits over the system bus without using any wires at all.
Playing .wav file via the system bus using PDM
https://www.youtube.com/watch?v=xSj5skknXWg&feature=youtu.be
Tomi Engdahl says:
Wideband testing of satellites
http://www.edn.com/electronics-blogs/out-of-this-world-design/4442301/Wideband-testing-of-satellites?_mc=NL_EDN_EDT_EDN_today_20160705&cid=NL_EDN_EDT_EDN_today_20160705&elqTrackId=07a0f3fc04ca4e69991e228f16d71f0b&elq=ea3cd78c37fc481dbd2eaea7b34d6afe&elqaid=32939&elqat=1&elqCampaignId=28766
To deliver the next generation of satellite services, spacecraft operators are increasingly using larger bandwidths at higher frequencies. Characterising transponder performance such as SNR, SFDR, and flatness over hundreds of MHz or several GHz, can be very difficult for OEMs and equally challenging for suppliers of test and measurement equipment.
Wide bandwidths are sometimes split into multiple channels and dynamic range problems occur when non-linearities, e.g. amplifiers, ADCs, and DACs, generate intermodulation products between the input frequencies. These new frequencies can appear within the bandwidths of other channels causing distortion.
Tomi Engdahl says:
LuaRadio Brings More Options to SDR
http://hackaday.com/2016/07/06/luaradio-brings-more-options-to-sdr/
GNURadio is the swiss-army-knife of software-defined radio suites: it does everything and anything. It has a great GUI overlayer that makes creating radio flows fairly simple. There are only two areas where we could quibble with the whole system — it’s a gigantic suite of software, and it’s a lot harder to code up in Python than it is to use the GUI.
[Vanya Sergeev] started up his LuaRadio project to deal with these shortcomings. If you’re looking for the full-GUI experience, you’re barking up the wrong tree here. LuaRadio is aimed at keeping things easy to code and keeping the codebase small and tidy.
http://luaradio.io/
LuaRadio is a lightweight, embeddable flow graph signal processing framework for software-defined radio. It provides a suite of source, sink, and processing blocks, with a simple API for defining flow graphs, running flow graphs, creating blocks, and creating data types. LuaRadio is built on LuaJIT, has a small binary footprint of under 750 KB (including LuaJIT), has no external hard dependencies, and is MIT licensed.
LuaRadio can be used to rapidly prototype software radios, modulation/demodulation utilities, and signal processing experiments. It can also be embedded into existing radio applications to serve as a user scriptable engine for processing samples.
LuaRadio blocks are written in pure Lua, but can use LuaJIT’s FFI to wrap external libraries, like VOLK, liquid-dsp, and others, for computational acceleration, more sophisticated processing, and interfacing with SDR hardware.
Comparison to GNU Radio
http://luaradio.io/docs/comparison-gnuradio.html
rtlsdr_wbfm_mono.lua
http://luaradio.io/examples/rtlsdr-wbfm-mono.html
This example is a mono Wideband FM broadcast radio receiver. It can be used to listen to FM Broadcast stations. It uses the RTL-SDR as an SDR source, plays audio with PulseAudio, and shows two real-time plots: the demodulated FM spectrum and the L+R channel audio spectrum.
Tomi Engdahl says:
Amazing SDR Built by 16 Year Old
http://hackaday.com/2016/07/28/amazing-sdr-built-by-16-year-old/
[Lukas] started his epic SDR-from-scratch build when he was 16. Projects like this aren’t completed overnight. (He’s now 18. We’re impressed.)
The project itself is a Software-Defined Radio built on top of the 12-bit Analog Devices AD9364 transceiver IC. A big fat FPGA takes the data and runs it off to a USB 3.0 interface, which is necessary for the amount of data this thing will be producing — he’s got it receiving 56 MHz of bandwidth. In short, this is an SDR peripheral that’s in the big leagues.
After two years of work and (only!) three revision, [Lukas] got the thing working.
[Lukas] is now working on the software. He’s already got a hacked osmocom driver working, so it plays nice with GNURadio.
Building an SDR from scratch
http://electronics.kitchen/misc/freesrp/
The FreeSRP is an affordable software-defined radio (SDR) I decided to design because there were no existing options that filled the gap between the $300 and relatively narrow bandwidth and low resolution HackRF and the better performing USRPs you can get for about $700.
The FreeSRP is based on the Analog Devices AD9364 transceiver. Some key specifications are:
56 MHz bandwidth
70 MHz to 6 GHz center frequency
Full duplex operation
To interface with the FreeSRP, I have written a small C++ library, libfreesrp. It uses libusb and is very easy to use as it is quite simple itself
Conveniently, the FreeSRP now also works with all gr-osmosdr based utilities, such as grgsm_scanner. grgsm_scanner is a little program that will scan different frequencies looking for GSM base stations, reporting what it finds
Gqrx uses the osmocom block, too, and also works flawlessly with the FreeSRP.
Recently I came across luaradio. Should be easy to add FreeSRP support to that as well!
Here’s an 802.15.4 transceiver made in GNURadio Companion, using some gr-ieee802-15-4 blocks
Tomi Engdahl says:
The Problem with Software Defined Radio
http://hackaday.com/2016/07/29/the-problem-with-software-defined-radio/
There’s a problem with software defined radio. It’s not that everyone needs to re-learn what TEMPEST shielding is, and it’s not that Bluetooth is horribly broken. SDR’s biggest problem is one of bandwidth and processing. With a simple USB TV Tuner, you can listen in on aircraft, grab Landsat images from hundreds of miles up, or sniff the low-power radios used in Internet of Things things. What you can’t do is make your own WiFi adapter, and you can’t create your own LTE wireless network. This is simply a problem of getting bits from the air to a computer for processing.
At HOPE last weekend, the folks behind the very capable LimeSDR and a new company working with Lime’s hardware laid out the possibilities of what software defined radio can do if you make a link to a computer very fast, and add some processing on the SDR itself.
The key feature of the LimeSDR, and all boards derived from Lime Micro’s tech is the LMS7002M. It’s a Field Programmable RF transceiver with coverage from 100kHz to 3.8GHz, a programmable IF filtering from 600kHz to 80MHz, and — this one is important — on-chip reconfigurable ‘signal processing’ and a fast USB 3.0 interface to a computer.
Aside from the Lime, another company was also at HOPE showing off the latest SDR wares they have to offer. Fairwaves was there with the XTRX, a software defined radio built around the same Lime Micro LMS7002M chip in a miniPCIe form factor.
This tiny card uses the same tech found in the LimeSDR with one key difference. Instead of a USB 3.0 port, the XRTX connects to a computer through the PCI bus, sending data to RAM at 8Gb/s. That’s fast.
The miniPCIe form factor also has another interesting application.
Tomi Engdahl says:
Ohjelmistoradio syntyy kätevästi kehitysalustalla
http://etn.fi/index.php?option=com_content&view=article&id=4828:ohjelmistoradio-syntyy-katevasti-kehitysalustalla&catid=26&Itemid=140
(Software Defined Radio) on määritelty IEEE P1900.1-työryhmässä ’radioksi, jossa kaikki tai osa fyysisen kerroksen toiminnoista on määritelty ohjelmallisesti’.
Tomi Engdahl says:
Citizen Scientist Radio Astronomy (and More): No Hardware Required
http://hackaday.com/2016/08/30/citizen-scientist-radio-astronomy-and-more-no-hardware-required/
We sometimes look back fondly on the old days where you could–it seems–pretty easily invent or discover something new. It probably didn’t seem so easy then, but there was a time when working out how to make a voltage divider or a capacitor was a big deal. Today–with a few notable exceptions–big discoveries require big science and big equipment and, of course, big budgets. This probably isn’t unique to our field, either. After all, [Clyde Tombaugh] discovered Pluto with a 13-inch telescope. But that was in 1930. Today, it would be fairly hard to find something new with a telescope of that size.
However, there are ways you can contribute to large-scale research. It is old news that projects let you share your computers with SETI and protein folding experiments. But that isn’t as satisfying as doing something personally. That’s where Zooniverse comes in.
Their latest project is Radio Meteor Zoo. The data source for this project is BRAMS (Belgian Radio Meteor Stations). The network produces a huge amount of readings every day showing meteor echoes. Detecting shapes and trends in the data is a difficult task for computers, especially during peak activity such as during meteor showers. However, it is easy enough for humans.
Help us identify meteors in radio data
https://www.zooniverse.org/projects/zooniverse/radio-meteor-zoo
BRAMS (Belgian RAdio Meteor Stations) is using forward scattering of radio waves off meteor ionization trails to detect and study the meteoroid population entering the Earth’s atmosphere.
Tomi Engdahl says:
Meet USBee, the malware that uses USB drives to covertly jump airgaps | Ars Technica
http://www.epanorama.net/newepa/2016/08/30/meet-usbee-the-malware-that-uses-usb-drives-to-covertly-jump-airgaps-ars-technica/
The software works on just about any storage device that’s compliant with the USB 2.0 specification. Some USB devices such as certain types of cameras that don’t receive a stream of bits from the infected computer, aren’t suitable. USBee transmits data at about 80 bytes per second, fast enough to pilfer a 4096-bit decryption key in less than 10 seconds.
Radio signal are read by a GNU-radio-powered receiver and demodulator 26 feet away.
Tomi Engdahl says:
Open Hardware RC Radios
http://hackaday.com/2016/09/15/open-hardware-rc-radios/
A decade ago, RC transmitters were clunky, expensive and PCM. A decade before that, everything was analog. Now, RC transmitters are completely digital, allowing for hundreds of aircraft to take to the sky. They’re also cheap, thanks to engineers in China. Now, they’re open hardware, too.
Like the Turnigy 9x radio, this barebones radio module uses RF modules — backpacks that contain the radio. This is also Open Hardware, and it’s compatible with just about every radio protocol out there. It’ll talk to everything from a Hubsan quadcopter to a Spektrum DSM2 receiver, and it’s simple enough that it can be built on stripboard.
DIY-Multiprotocol-TX-Module
https://github.com/pascallanger/DIY-Multiprotocol-TX-Module
Multiprotocol is a 2.4GHz transmitter which enables any TX to control lot of different models available on the market.
AR Universal board
http://www.rcgroups.com/forums/showthread.php?t=2570260
ARUni and accessory set are available at http://ar9x.net
name of board has changed from “AR9x Universal” to “AR Uni”.
It has all the features from AR9x;
- Latest Ersky9x, OpenTx firmware operated
- ARM 32bit mcu
- USB, SDcard, Audio
- more detail, please refer AR9x thread.
One difference from AR9x is the size of board.
It is very small and expected to be fit into most TX’s body.
Tomi Engdahl says:
An SDR For The Rest Of Them
http://hackaday.com/2016/11/15/an-sdr-for-the-rest-of-them/
If you are a radio enthusiast it is very likely that you will own at least one software defined radio. With the entry point into the world of SDRs starting with the ultra-cheap RTL2382 based USB receiver sticks originally designed for digital TV, it’s a technology that passed long ago into the impulse purchase bracket.
If you are not a radio enthusiast, or not even a Hackaday reader, you may not have heard of SDR technology.
It is interesting to see an attempt to market a consumer device that is unashamedly an SDR, indeed that is its unique selling point. The Titus II SDR bills itself as the “World’s First Consumer Ready SDR Package”, and is based around an Android tablet mated with a 100 kHz to 2 GHz SDR tuner and a pair of speakers in a portable radio styled case. It will support all modes including digital broadcasting through software plugins, and there will be an open plugin API for developers. They are taking pre-orders, and claim that the launch price will be under $100.
It sounds like an exciting product, after all who wouldn’t want a radio with those capabilities at that price! However it leaves us wondering whether the price point is just a little too ambitious for the hardware in question, and we’ll reluctantly say we’ll believe it when we see real devices on the market. A $100 consumer price doesn’t get you much in the tablet world
http://titusradio.com/
It should remind anyone that building one yourself is hardly a difficult task. Take an RTL2382 stick with or without the HF modification, plug it into a tablet with an OTG cable, install an app like SDR Touch, and away you go.
http://sdrtouch.com/
Tomi Engdahl says:
The world’s first fully digital radio
Fully software-based radio in the so-called. software radio communications are considered as some sort of Holy Grail. English design house Cambridge Consultants is now saying that it had completed the first fully digital radio as an affiliate launched last year, Pizzicato transmitter has been developed to fully digital receiver.
Consultant Company fully digital radios big challenge so far has been the fact that the conversion between analog and digital radio frequencies requires a billion calculations per second that achieves the calculation. Until now, silicon-based chips have been impossible.
CC now says it has developed technology that will reach 78 billion decrease in delivery of less than one square millimeter-sized silicon chip. When the circuit in addition to take advantage of parallelism, the conversion can be done in time, in which light travels only a few centimeters distance.
When the radio is completely digital, it will revolutionize communication in many ways. Radio performance increase in practice in accordance with Moore’s Law.
Source: http://etn.fi/index.php?option=com_content&view=article&id=5428:maailman-ensimmainen-taysin-digitaalinen-radio&catid=13&Itemid=101
Tomi Engdahl says:
Cache Shortwave Signals for Later with this SDR Spectrum Grabber
http://hackaday.com/2016/11/18/cache-shortwave-signals-for-later-with-this-sdr-spectrum-grabber/
Shortwave listening has always been a mainly nocturnal hobby. To get the real DX, one had to wait for favorable ionospheric conditions after sunset and spend hours twisting knobs while straining to pick voices from half a planet away out of the noise. But who has time for that in today’s world? And what of the poor city-dwelling SWL, with antenna limitations and often elevated noise floor in the urban jungle?
[London Shortwave] came up with a solution to both problems – a briefcase SDR capture rig. With a wide-band SDR receiver and an HF up-converter, a Windows tablet, a 12-meter dipole antenna, and a few bits and bobs, [London Shortwave] can now nip to the low-noise environment of the local park and capture large swaths of spectrum to an SD card.
Portable shortwave spectrum capture for the urban city dweller
http://london-shortwave.blogspot.fi/2016/11/portable-shortwave-spectrum-capture-for.html
Hardware
1. Toshiba Encore 8″ Tablet (Windows 8), 2014 Model ($169)
I bought this tablet in July 2014, based on the following criteria: the device had to have a reasonably powerful Intel processor, running the Windows 8 operating system. I believe that there are currently models on the market that are at least as powerful and are substantially cheaper (<$100).
2. On The Go USB Adapter ($15)
3. AirSpy R2 SDR ($169)
Owing to its unique hardware design, the AirSpy SDR can monitor large parts of the radio spectrum (up to 10 MHz in bandwidth) while offering a high dynamic range and robustness to overloading, with almost no mixing/imaging products.
4. SpyVerter HF UpConverter ($49)
This additional device enables AirSpy to cover the shortwave bands (in fact, the entire frequency range between 0 khz and 30 MHz) and must be connected in-line between the AirSpy's front end and the antenna feed line
Tomi Engdahl says:
Building A LoRa PHY With SDR
http://hackaday.com/2016/11/18/building-a-lora-phy-with-sdr/
The Internet of Things is terrible when it’s your toaster. The real fun happens when you have hundreds or thousands of sensors sending data back to a base station every day. That requires low power, and that means LPWAN, the Low Power Wide Area Network.
There are a lot of options for LPWAN, but few are a perfect fit. LoRa is one of the rare exceptions, offering years of operation on a single AA cell, and range measured in miles. Layers two and three of LoRa are available as public documentation, but until now layer one has been patented and proprietary. At the GNU Radio Conference, [Matt Knight] gave a talk on reverse engineering the LoRa PHY with a software defined radio. Now, LoRa is open to everyone, and anyone can decode the chirps transmitted from these tiny, low power devices.
This time, though, there’s a complete, open source solution for a LoRa PHY. The experimental setup consisted of a Microchip RN2903 module, and an Ettus B210 SDR, Python, GNURadio, and Baudline. The end result is a GNU Radio module implementing the LoRa PHY.
GRCon16 – Reversing and Implementing the LoRA PHY with SDR, Matt Knight
https://www.youtube.com/watch?v=-YNMRZC6v1s&feature=youtu.be
Tomi Engdahl says:
Five-Watt SDR Transciever for Hams
http://hackaday.com/2016/11/20/five-watt-sdr-transciever-for-hams/
The availability of cheap SDR hardware created a flourishing ecosystem for SDR software, but a lot of the hardware driving the revolution was still “cheap”. In the last few years, we’ve seen quality gear replacing the TV dongles in many setups, and down-converters designed for them to allow them to work on the ham bands.
But something that’s purpose-built might be a better option if ham radio, particularly the shortwave portion thereof, is your goal. First off, you might want to transmit, which none of the TV dongles allow. Then, you might want a bit of power. Finally, if you’re serious about short-wave, you care more about the audio quality than you do immense bandwidth, so you’re going to want some good filters on the receiving end to help you pull the signal out of all the noise.
The RS-HFIQ 5 W SDR transciever might be for you. It’s up on Kickstarter right now, and it’s worth looking at if you want a fully open source (schematics, firmware, and software) shortwave SDR rig. It’s also compatible with various open frontends.
The single-board radio isn’t really a full SDR in our mind — it demodulates the radio signal and sends a 96 kHz IQ signal across to your computer’s soundcard where it gets sampled and fully decoded. The advantage of this is that purpose-built audio rate DACs have comparatively high resolution for the money, but the disadvantage is that you’re limited to 96 kHz of spectrum into the computer.
https://sites.google.com/site/rshfiqtransceiver/
Tomi Engdahl says:
Portable Classroom Upgrade: Smaller, Cheaper, Faster
http://hackaday.com/2016/11/20/portable-classroom-upgrade-smaller-cheaper-faster/
DIY Raspberry Pi Outernet Satellite Receiver Assembly & Testing | #EduCase Project Build
https://www.youtube.com/watch?v=24HBmRKHULs
Setting up the Raspberry Pi as a DIY software defined radio satellite down link.
Setting up the Iridium L-Band system for receiving news, content, tutorials, weather and files anywhere in the world completely FREE via the Outernet satellite system routed through a Raspberry Pi and a software defined radio.
Tomi Engdahl says:
An Amateur Radio Repeater Using An RTL-SDR And A Raspberry Pi
http://hackaday.com/2016/12/05/an-amateur-radio-repeater-using-an-rtl-sdr-and-a-raspberry-pi/
An amateur radio repeater used to be a complex assemblage of equipment that would easily fill a 19″ rack. There would be a receiver and a separate transmitter, usually repurposed from commercial units, a home-made logic unit with a microprocessor to keep an eye on everything, and a hefty set of filters to stop the transmitter output swamping the receiver. Then there would have been an array of power supply units to provide continued working during power outages, probably with an associated bank of lead-acid cells.
More recent repeaters have been commercial repeater units.
If you are [Anton Janovsky, ZR6AIC], you make your own low-powered repeater using an RTL-SDR, a low-pass filter, and a Raspberry Pi.
[Anton]’s repeater is a clever assemblage through pipes of rtl_sdr doing the receiving, csdr demodulating, and [F5OEO]’s rpitx doing the transmitting.
With only a 10 mW output this repeater is more of a toy than a useful device, and we’d suggest any licensed amateur wanting to have a go should read the small print in their licence schedule before doing so.
Creating a 2m Fm Repeater with a Raspberry Pi (B) and a RTL dongle.
http://zr6aic.blogspot.fi/2016/11/creating-2m-fm-repeater-with-raspberry.html
Tomi Engdahl says:
Using SDR to Take Control of Your Home Security System
http://hackaday.com/2017/02/06/using-sdr-to-take-control-of-your-home-security-system/
[Dan Englender] was working on implementing a home automation and security system, and while his house was teeming with sensors, they used a proprietary protocol which was not supported by the open source system he was trying to implement. The problem with home automation and security systems is the lack of standardization – or rather, the large number of (often incompatible) standards used to ensure consumers get tied in to one specific system. He has shared the result of his efforts at getting the two to talk to each other via his project decode345.
The result enabled him to receive signals from Honeywell’s 5800 series of wireless products and interface them with OpenHAB — a vendor and technology agnostic open source automation software.
The hardware used is plain vanilla – a cheap SDR dongle connected to a Raspberry Pi 3. His code, available on Github, along with OpenHAB, are lightweight enough to run comfortably on the Pi 3.
Despite trying a lot, he could not get gnuradio to demodulate the transmissions received from his sensors, so he rolled out his own decoder in Python, which makes for some interesting reading about how he reverse-engineered the protocol. Once over the hill, the final part of sending the received data via the Paho MQTT broker to OpenHAB was pretty simple.
Honeywell 345 Mhz decoding
https://github.com/denglend/decode345
This project decodes the 345 Mhz signals used by Honeywell 5800 series wireless security system components. See the decode345 project writeup for more background and technical operation of the project.
Tomi Engdahl says:
Baofeng Handy Talkie Meets GNU Radio
http://hackaday.com/2017/02/11/baofeng-handy-talkie-meets-gnu-radio/
There was a time when just about every ham had a pricey VHF or UHF transceiver in their vehicle or on their belt. It was great to talk to friends while driving. You could even make phone calls from anywhere thanks to automatic phone patches. In 1980 cell phones were uncommon, so making a call from your car was sure to get attention.
Today, ham radio gear isn’t as pricey thanks to a flood of imports from companies like Baofeng, Jingtong, and Anytone. While a handheld transceiver is more of an impulse buy, you don’t hear as much chat and phone calls, thanks to the widespread adoption of cell phones.
He was working on a traffic light project and wanted to send an RF signal when the light changes. He realized the Baofeng radio was cheap and cheerful solution. He only needed a way to have the PC generate an audio signal to feed the radio. His answer was to design a UDP packet to audio flow graph in GNU Radio. GNU Radio then feeds the Baofeng. The radio’s built-in VOX function handles transmit switching.
Baofeng for Digital Modes
https://www.bastibl.net/baofeng-digi-modes/
Tomi Engdahl says:
How To Receive Pictures From Spaaace!
http://hackaday.com/2017/02/13/how-to-receive-pictures-from-spaaace/
The International Space Station, or ISS, has been in orbit in its various forms now for almost twenty years. During that time many of us will have stood outside on a clear night and seen it pass overhead, as the largest man-made object in space it is clearly visible without a telescope.
Most ISS-watchers will know that the station carries a number of amateur radio payloads. There are voice contacts when for example astronauts talk to schools, there are digital modes, and sometimes as is happening at the moment for passes within range of Moscow (on Feb. 14, 11:25-16:30 UTC) the station transmits slow scan television, or SSTV.
Tomi Engdahl says:
Simple and Effective Car Lock Jammer Detector
http://hackaday.com/2017/02/25/simple-and-effective-car-lock-jammer-detector/
Operating on the principle that most remote locks work at 433MHz, [Nohawk] describes how criminals ‘jam’ the frequency by holding down the lock button on another device, hoping to distort or outright interrupt the car from receiving the signal to lock the doors. [Nohawk] picked up a cheap 433MHz receiver (bundled with a transceiver), tossed it on a breadboard with an LED connected to the data channel of the chip on a 5V circuit, and voila
Remote jamming “detector” on the cheap
http://andrewmohawk.com/2017/02/14/remote-jamming-detector-on-the-cheap/
Tomi Engdahl says:
Android RF Spectrum Analyzer 50-2000MHz for $10
https://www.youtube.com/watch?v=zu-K1Sslw1Q
RF Analyzer
https://play.google.com/store/apps/details?id=com.mantz_it.rfanalyzer
Use an OTG (on-the-go) USB cable to connect your HackRF/RTL-SDR to an Android phone/tablet and this app will visualize the RF spectrum (frequency magnitude and waterfall plot)!
Browse through the frequency spectrum just by using scroll and zoom touch gestures. Additional features as of today are:
- Many settings: FFT size, averaging, peak holding, color scheme, …
- read samples from a file (generated by hackrf_transfer tool or by rtl_sdr)
- AM/FM/SSB audio demodulation
- adjust squelch and channel width
- Record to a raw IQ file compatible with hackrf_transfer, …
- Bookmarks
- rad1o support
Tomi Engdahl says:
RTL SDR Front End Filter Demonstration
https://www.youtube.com/watch?v=WDE8ho0uee8
In this video I demonstrate the function of front end filters that I constructed for use with my RTL 2832 SDR to reduce intermod from strong local AM and FM stations.
Tomi Engdahl says:
SDR With Upconverter Build – RTL 2832 820T Dongle + Ham It Up Upconverter
https://www.youtube.com/watch?v=4zWsDq-Bmvg
This vidoes shows my build of my low-cost SDR plus upconverter and demonstrates some of the signals you can receive with this setup.
Round-Up of RTLSDR Upconverter Choices
https://retrovoltage.com/2012/09/14/round-up-of-rtlsdr-upconverter-choices/
The RTLSDR is designed for higher frequency operation, so if you’d like your RTLSDR to be able to access many of the amateur, short, medium and longwave bands you’re going to need an upconverter. There are quite a few choices for an HF converter / up-converter are now available to shift signals into the tuner’s frequency range. These range from schematics up through built boards, and will cost you between about $25-75 depending on features.
Tomi Engdahl says:
Ham It Up HF Coverter
https://www.youtube.com/watch?v=Rnof4xGkdAo
ow to setup the Ham It Up HF Converter with a RTL2832U DVB-T stick with SDR Sharp or HDSDR for use as a very good HF receiver.
Tomi Engdahl says:
Digital Ding Dong Ditch Prank – hacking wireless doorbells w/Arduino and RTL-SDR
https://www.youtube.com/watch?v=BnwBdeQB7vQ
Digital Ding Dong Ditch is a device to hack into and ring my best friend’s wireless doorbell whenever I send a text message to the device.
In this project, we’ll learn not only how to create this device, but how to reverse engineer radio frequencies we know nothing about using RTL-SDR (a ~$14 software defined radio), as well as creating hardware and software using Arduino, the Adafruit FONA (GSM/SMS/2G board), an RF (radio frequency) transmitter to transmit custom signals, and even how to reverse engineer a proprietary radio signal we know nothing about!
More details: http://samy.pl/dingdong
Tomi Engdahl says:
See Satellites with a Simple Radio Telescope
http://hackaday.com/2017/03/23/see-satellites-with-a-simple-radio-telescope/
Have you got a spare Dish Network antenna lying about? They’re not too hard to come by, either curbside on bulk waste day or perhaps even on Freecycle. If you can lay hands on one, you might want to try this fun radio telescope build.
Now, don’t expect much from [Justin]’s minimalist build. After all, you’ll be starting with a rather small dish and an LNB for the Ku band, so you won’t be doing serious radio astronomy
How to build a radio telescope (and see satellites 35,000km away!)
https://www.youtube.com/watch?v=aeah3fFYlnA
Tomi Engdahl says:
The Tiny Radio Telescope
https://hackaday.com/2016/07/31/the-tiny-radio-telescope/
The NRAO published a radio telescope design a few years ago for use mainly as an educational tool, the Itty Bitty Telescope. It used a satellite TV dish and LNB feeding a signal meter as a simple telescope to detect the Sun, and black body radiation from the surrounding objects. It’s a simple design for kids to get their heads around, and [Scott] and [Allen] have set out to turn it into something more useful with an RTL-SDR instead of a signal meter and a motorised mount for automated observations.
Tomi Engdahl says:
Some interesting looking related products:
100KHz-1.7GHz Full-Band Software Radio HF FM AM RTL-SDR Receiver Radio Frequency Modulation Kit
http://www.banggood.com/100KHz-1_7GHz-Full-Band-Software-Radio-HF-FM-AM-RTL-SDR-Receiver-Radio-Frequency-Modulation-Kit-p-1120249.html?p=27131452996820140438
€ 20.88
Using RTL2832U + R820T program , taking advantage of the Q channel RTL2832U on adding support for the frequency of 100KHz-24MHz , to achieve the reception of 100KHz-1.7GHz .
You can use the SDR software receives support 100KHz-1.7GHz waves AM, FM (NFM, WFM), CW, DSB, LSB, USB demodulation.
Listen to AM , shortwave radio, FM radio, amateur radio communications, SSB , intercom calls, aviation and other bands
100KHz-1.7GHz VHF UHF Full Band RTL.SDR+UpConverter SDR USB Tuner Receiver NFM FM DSB LSB CW
http://www.banggood.com/100KHz-1_7GHz-VHF-UHF-Full-Band-RTL_SDRUpConverter-SDR-USB-Tuner-Receiver-NFM-FM-DSB-LSB-CW-p-1070964.html?p=27131452996820140438
€ 67.06
100KHz-1.7GHz VHF UHF Full Band RTL.SDR+UpConverter SDR USB Tuner Receiver NFM FM DSB LSB CW
The RTL-SDR is an extremely cheap software defined radio which is based on DVB-T TV (Digital HD TV) USB receiver dongles that have the RTL2832U chip in them. It was discovered by hardware hacker Eric Fry, Linux driver developer Antti Palosaari and the Osmocom team who were developing their own SDR that the RTL2832U chip had a mode which enabled SDR. Today, by using custom software drivers, a commonly used cheap RTL2832U can then be turned into a sophisticated SDR with features that would have until recently cost in the hundreds to thousands of dollars. Of course, the performance of these dongles will not match a dedicated SDR, but they perform extremely well for the price, and almost all hobbyist projects that can be done with expensive radios or SDRs can also be done with the rtl-sdr. A wideband SDR opens up many interesting possible projects and avenues to explore. Some applications of the RTL-SDR include the following, some of which will be discussed in more depth in the project tutorials chapter.
Fully assembled and ready to use.
Uses R820T2 chip set.
100KHz to 1766MHz, operating frequency.
Covers all HF amateur bands.
Covers VHF & UHF bands from 24-1766MHz.
Up to 3.2 M Sample rate. (~2.8 MHz stable).
Receiver modes NFM,FM,DSB,USB,LSB & CW.
Note: depends upon the SDR software used with the receiver.
8-bit ADC giving ~50 dB dynamic range.
50 Ohm input impedance.
Double SMA golden antenna connectors.
40MHz local oscillator for HF conversion.
DBM balance ring mixer.
Free software.
Independent antenna inputs for Shortwave and VHF.
USB computer connection ( mini usb) Powered by common USB.
Tomi Engdahl says:
Spektrum: New RTL-SDR Spectrum Analyzer Software
http://www.rtl-sdr.com/spektrum-new-rtl-sdr-spectrum-analyzer-software/
Recently a reader of RTL-SDR.com, Pavel wrote in to let us know about a new program called “Spektrum” which he has written. Spektrum runs on Windows and Linux and turns an RTL-SDR dongle into a spectrum analyzer in a similar way to rtl_power GUI front ends and RTLSDR Scanner. However one key improvement is that it is based on a version of rtl_power that has been modified by Pavel in order to make it more responsive and remove the need to wait until a full sweep is completed before you can see any results. The modified version of rtl_power can be found at https://github.com/pavels/rtl-sdr
Tomi Engdahl says:
New RTL-SDR Panoramic Spectrum Analyzer
http://www.rtl-sdr.com/new-rtl-sdr-panoramic-spectrum-analyzer/
A Ukrainian developer has released his new RTL-SDR Panoramic Spectrum Analyzer software. The software utilizes the command line rtl_power software for its backend processing, so it is essentially a GUI for rtl_power.
https://sourceforge.net/projects/guiforrrtlpower/
Tomi Engdahl says:
https://github.com/pavels/spektrum/releases