Over on YouTube FairlawnARC.org have uploaded a talk about SDRs and ham radio by Ria Jairam (N2RJ0). The talk is a good overview of the current state of SDRs for ham radio use, and she discusses the various hardware and software options as well as giving many tips for improving your ham station. The blurb reads:
Our speaker was Ria Jairam (N2RJ), a world class contest operator and member of the Frankford Radio Club. Ria discussed the latest technology and offerings from Flex Radio, the HPSDR project (Ananradios), RTL SDR and others, as well as practical tips for contesting, DXing and rag chewing using your SDR. This presentation was held on Friday, October 20, 2017, 1900 hours at the Fair Lawn Senior Center, 11-05 Gardiner Road, Fair Lawn, NJ. The event was open to the public & refreshments were served.
Ria Jairam, N2RJ YLs, SDR & Setting Up A World Class Station
Part 2 - Ria Jairam, N2RJ YLs, SDR & Setting Up A World Class Station
Over on his site rtl-sdr.ru, Vasilli has been back at work creating new plugins for SDR#. The latest plugin is a TCP server that takes the demodulated mono audio stream from SDR# and sends it over TCP (note that the site is in Russian but the Google translate button on the right can be used). This can be used to easily stream audio over the internet or a network, or even locally on the same PC to another program. If enough programs support TCP audio streams, then the plugin could potentially replace the need for software like Virtual Audio Cable or VBCable by allowing another method for piping the audio from SDR# into a decoding program.
Installing the plugin is the same as usual. Just extract the SDRSharp.TcpServer.dll file to the SDRSharp folder, open plugins.xml with a text editor and paste in the 'magic line' specified in MagicLine.txt.
To test the server you can connect to it with VLC media player. Some special commands need to be specified to VLC in order for it to understand the audio format. To enter them go to Media->Open Network Stream and make sure 'Show more options' is checked. Enter the network URL as 'TCP://127.0.0.1:20022' (without quotes), and enter the Edit Options field as ':demux=rawaud :rawaud-channels=1 :rawaud-samplerate=48000 :rawaud-fourcc=s16l' (without quotes). Ensure the first colon in the line is copied over properly. Then enable the TCP server in the SDR# plugin, and click Play in VLC. Ensure the SDR# is muted, and the volume in VLC turned up. Audio should now begin streaming through TCP.
Hopefully in the future we can see some audio compression algorithms and more decoding software supporting TCP audio connections.
Vasilli has also updated many of his other plugins too, including creating a DSD_TCP plugin which allows you to transmit the digital audio directly to DSD+ via a TCP connection.
He uses a FlightAware dongle, which is an RTL-SDR optimized for best ADS-B reception when placed directly at the mast/antenna. For an antenna he uses the FlightAware ADS-B antenna, which we've reviewed in the past and found to be one of the best value ADS-B antennas available on the market. To process the data, a Raspberry Pi is used and it is powered via power over Ethernet (POE). If you didn't already know, power over Ethernet (not to be confused with Ethernet over powerline) is simply running power through unused wires inside an Ethernet cable. It is a convenient method of powering remote devices and giving them a network connection at the same time. The whole package is enclosed in a waterproof case, and the antenna attached to the top.
Putting the RTL-SDR and computing device at the antenna removes any loss from long coax runs, and the POE connection provides a tidy cabling scheme. The FlightAware dongle is a good choice for mounting directly at the mast or antenna because it has a built in low noise figure LNA. If using coax cabling instead, and keeping the RTL-SDR and Raspberry Pi inside, then it would be better to mount an LNA at the mast and power it through the coax via a bias tee.
Back in April and July of last year we posted about Philip Hahn and Paul Breed's experiments to use an RTL-SDR for GPS logging on their high powered small rockets. Basically they hope to be able to use an RTL-SDR combined with a computing platform like a Raspberry Pi or Intel Compute stick and software like gnss-sdr to record GPS data on their rocket. Using an RTL-SDR would get around the COCOM limits that essentially stop GPS from working if it measures faster than 1,900 kmph/1,200 mph and/or higher than 18,000 m/59,000 ft.
In the past they've been able to get usable data from the flights, but have had trouble with reliability and noise. That said they also tried commercial GPS solutions which have also failed to work properly even on flights travelling under the COCOM limits, whereas the RTL-SDR actually got data that could still be post processed.
If you are interested in a full summary of Phillip and Paul's experiments, then the GNU Radio blog has a nice summary written by Phillip that explains their full journey of trying to get a working RTL-SDR based GPS system for their rockets.
Rocket Trajectory as measured by the RTL-SDR based GPS receiver.
Over on YouTube user Evariste Okcestbon has uploaded a video showing his simple pocket DATV system that consists of a LimeSDR running on a Raspberry Pi Zero transmitting live camera images via DATV which is received by an RTL-SDR running on a Raspberry Pi 3.
If you didn't already know, DATV stands for Digital Amateur Television and is a digital mode somewhat similar to digital over the air TV signals that can be used by hams for transmitting their own TV signals on the ham bands. The LimeSDR Mini is a $139 US transmit and receive capable SDR that is currently crowdfunding and available for pre-order on Crowdsupply. It is expected to ship at the end of February 2018.
Evariste uses a range of software packages on each Raspberry Pi. He writes the following in the video description:
Description of a minimal Digital Tv chain : Transmitter and Receiver.
Hardware used on Tx : PiZero,Picam,LimeSDR Mini
Hardware used on Rx : Raspberry Pi 2, RTL-SDR,Monitor
Software used on Tx : avc2ts,dvb2iq,limetx
Software used on Rx : rtl_sdr,leandvb,kisspectrum,ts2es,hello_video
Evariste is also the author of Rpidatv which allows you to transmit DATV directly from the GPIO pins of a Raspberry Pi without the need for any transmit capable SDR.
Thanks to PhD student Lucas Riobó of the University of Buenos Aires, Argentina for submitting his very interesting work on creating a "High-speed real-time heterodyne interferometer" with a low cost RTL-SDR dongle. This is a new application for the RTL-SDR that we have not yet seen.
Interferometers are tools that combine two separate electromagnetic waves (e.g. radio or light) and analyze the interference pattern created by their combination. One usage for example is creating a radio telescope interferometer using multiple small radio dishes. The result is that you can get the same resolution as a much larger dish without the cost of needing to build a huge dish. This has been done before with RTL-SDR's and Pulsar detection.
The paper and concept is fairly complex for someone without a background in optical science, but basically it seems that Lucas has created an optical interferometer that interfaces with an RTL-SDR dongle via a wideband optoelectronic front-end. This allows the optical data to be translated into an RF signal which can then easily be analysed with the low cost RTL-SDR. A system like this reduces costs and allows for much easier data acquisition and processing on the PC. He writes:
As you may know, optical Interferometry is a family of techniques in which the superposition of electromagnetic waves (in the optical range of the spectrum), cause the phenomenon of interference in order to extract information. In this work, we implement an optical heterodyne interferometer. This interferometer, the waves (laser beams) that superpose have a frequency shift f0 between them. When the beams interfere, the intensity from the combination of the beams (interferogram) is a sinusoid signal at a frequency f0 (i.e. a carrier signal). In this work, one of the beams reflects over a sample that has a mechanical deformation. Therefore, this information is encoded in the phase of the carrier signal.
We applied the RTL-SDR dongle to demodulate the carrier signal to extract the phase information. Instead of using an antenna, we put a photodiode with a transimpedance amplifier (TIA). Thus, since the signal obtained from the photodiode and the TIA is proportional to the interferogram, the phase/frequency recovery techniques are the same as those used in telecommunications systems (i.e. we can use many demodulation algorithms developed by the community).
During the Hackaday superconference held during November 2017, Samy Kamkar presented a talk on how he reverse engineers devices, and in particular passive entry and start systems in vehicles. In the talk he also explains what tools he uses which includes SDRs like the HackRF One and RTL-SDR dongle and explains the methodology that he takes when looking at how to reverse engineer any new device. Samy is most famous for writing the Samy MySpace computer worm and also popularizing the "RollJam" wireless car door vulnerability. The talk blurb reads:
In this talk Samy Kamkar shares the exciting details on researching closed systems & creating attack tools to (demonstrate) wirelessly unlocking and starting cars with low-cost tools, home made PCBs, RFID/RF/SDR & more. He describes how to investigate an unknown system, especially when dealing with chips with no public datasheets and undisclosed protocols. Learn how vehicles communicate with keyfobs (LF & UHF), and ultimately how a device would work that can automatically detect the makes/models of keyfobs nearby. Once the keyfobs have been detected, an attacker could choose a vehicle and the device can wirelessly unlock & start the ignition. Like Tinder, but for cars.
Over on his blog "ele y ciencia" has written up two very useful blog posts - one on how to decode AFSK signals from scratch and the other on how to reverse engineer any unknown digital signal. The blog is written entirely in Spanish, but Google translate does a decent enough job at getting the message across (in Chrome right click anywhere on the page and select Translate to English or use the Google translate webpage).
The first post is about decoding an AFSK protocol and explains that you need to record the signal with an RTL-SDR or other SDR, apply a low pass filter to obtain the signal envelope and then apply thresholding with the known baud rate to obtain the demodulated digital signal. The tutorial is high level and just explains the process, but doesn't show how to do it in any software. Later on in the post he goes on to show how he reverse engineered a train-land radiotelephone system and a TCM3105 modem chip which utilizes a FSK system.
In the second post he shows how to decode any unknown digital signal using just an RTL-SDR and Audacity. He starts off with finding and recording an unknown digital signal with an RTL-SDR and then reverse engineers it in a sort of manual fashion without using any tools like Universal Radio Hacker. The post goes through the full details and steps that he took, and in the end he gets data out of the signal discovering that it is data from a Fleet Management System used in his country for monitoring data such as speed and engine data from commercial vehicles like trucks and buses.
The two posts are very detailed and could be an excellent reference for those interested in reverse engineering some unknown digital signals in your area.
Decoding an Unknown "Fleet Management" signal from scratch.
