Wireless Technology

Unit 3: Wireless Metropolitan and Local Area

Networks

Faculty Name : Mrs. Deepali Patil

Module 2: Wide Area Wireless
Networks

Lecture No: 19
IEEE 802.16 (WiMax)
 Wireless networks

• Wireless PANs (Bluetooth – IEEE

802.15)
– very low range
– wireless connection to printers etc

• Wireless LANs (WiFi – IEEE 802.11)

– infrastructure as well as ad-hoc
networks possible
– home/office networking

• Multihop Ad hoc Networks  Wireless MANs (WiMAX-802.16)

– useful when infrastructure not – Similar to cellular networks
available, impractical, or expensive – traditional base station
– military applications, emergencies infrastructure systems

3 3
 Wireless Metropolitan Area Networks (WMAN)

Introduction
 A WMAN is a wireless network intended to provide a signal over an area approximately
the size of a metropolitan area (approximately 50 kilometers or 31 miles).
A WMAN is typically owned by a single entity such as an Internet Service Provider (ISP ),
government entity, or large corporation.
Access to a WMAN is usually restricted to authorized user or subscriber devices.
 WiMAX is the most widely used form of WMAN.
Goal: Provide high-speed Internet access to home and business subscribers, without wires.
 Base stations (BS) can handle thousands of subscriber stations (SS)
 BS can control all data traffic that goes between BS and SS through the allocation of
bandwidth on the radio channel.

4 Lecture 33: WMAN

Sridhar
5
Iyer
IIT Bombay
 WIMAX / IEEE 802.16
 WIMAX stands for Worldwide Interoperability for Microwave Access as defined by WiMax
Forum
 WiMAX networks refer to broadband wireless networks that are based on the IEEE 802.16
standard, which ensures compatibility and interoperability between broadband wireless
access equipment
 The IEEE 802.16 standards define how wireless traffics move between subscriber
equipment and core networks

Source: SHASHI JAKKU

6
WiMAX

• Goal: Provide high-speed Internet access to home and

business subscribers, without wires.

• Base stations (BS) and subscriber stations (SS)

• Centralized access control to prevents collisions

• Supports applications with different QoS requirements

• WiMAX is a subset of IEEE 802.16 standard

7
 WIMAX System: General Features

• Subsystems:
– A WiMAX tower
• similar in concept to a cell-phone tower - A single WiMAX tower can
provide coverage to a very large area as big as ~8,000 square km.
– A WiMAX client terminal
• The terminal receiver and antenna could be a small box or Personal
Computer Memory card, or they could be built into a laptop the
way WiFi access is today
• Range: 50km from base station
• Speed: 70 Megabits per second
• Frequency bands: 2 to 11 and 10 to 66 (licensed and unlicensed bands)
• IEEE 802.16 standards define both MAC and PHY layers and allow multiple
PHY layer specifications

8
 IEEE 802.16

• The IEEE 802.16 standard delivers performance comparable to traditional cable, DSL, or
T1 offerings.
• The principal advantages of systems based on 802.16 are multifold:
 faster provisioning of service, even in areas that are hard for wired infrastructure
to reach;
 lower installation cost; and
 ability to overcome the physical limitations of the traditional wired infrastructure.
• 802.16 technology provides a flexible, cost-effective, standard-based means of filling
gaps in broadband services not envisioned in a wired world.
• For operators and service providers, systems built upon the 802.16 standard represent
an easily deployable “third pipe” capable of delivering flexible and affordable last-mile
broadband access for millions of subscribers in homes and businesses throughout the
world.

9
 Wireless Metropolitan Area Networks (WMAN)
Key Features of IEEE 802.16
 Broadband Wireless Access
 Coverage area up to 50 km.
 Data rate up to 70 Mbps.
 Modulation technique used is BPSK, 64-QAM.
 Offers non-line of site (NLOS) operation.
 1.5 to 28 MHz channel support.
 Hundreds of simultaneous sessions can be carried per channel.
 Delivers >1Mbps data throughput per user.
 Supports both licensed and unlicensed spectrum.
 QoS for voice, video, and T1/E1, continuous and bursty traffic.
 Support Point-to-Multipoint (PMP) and Mesh network models.

10 Lecture 33: WMAN

IEEE 802.16 standards

• 802.16.1 (10-66 GHz, line-of-sight, up to 134Mbit/s)

• 802.16.2 (minimizing interference between coexisting
WMANs)

• 802.16a (2-11 Ghz, Mesh, non-line-of-sight)

• 802.16b (5-6 Ghz)
• 802.16c (detailed system profiles)

• P802.16e (Mobile Wireless MAN)

11
 IEEE 802.16 Specifications

• 802.16a
– Uses the licensed frequencies • 802.16d (d = a+b+c)
from 2 to 11 GHz; supports Mesh – Improvement and fixes for 802.16a
network • 802.16e-2005
• 802.16b – Addresses on Mobile
– Increase spectrum to 5 and 6 GHz – Enable high-speed signal handoffs
– Provides QoS( for real time voice necessary for communication with users
and video service) moving at vehicular speeds
• 802.16c
– Spectrum from 10 to 66GHz

12
IEEE 802.16

.
• IEEE 802.16a: It covers frequency bands between 2 and 11 GHz and enables non
line-of-sight (NLOS) operation, making it an appropriate technology for last-mile
applications where obstacles such as trees and buildings often present and where
base stations may need to be unobtrusively mounted on the roofs of homes or
buildings rather than towers on mountains.
• The 802.16a has a range of up to 30 miles with a typical cell radius of 4 to 6 miles.
• Within the typical cell radius NLOS performance and throughputs are optimal. In
addition, the 802.16a provides an ideal wireless backhaul technology to connect
802.11 WLAN and commercial 802.11 hotspots with the Internet.
• The 802.16 delivers high throughput at long ranges with a high spectral efficiency.

13
 WIMAX System: General Features
• Subsystems:
– A WiMAX tower
• similar in concept to a cell-phone tower - A single WiMAX tower can
provide coverage to a very large area as big as ~8,000 square km.
– A WiMAX client terminal
• The terminal receiver and antenna could be a small box or Personal
Computer Memory card, or they could be built into a laptop the
way WiFi access is today
• Range: 50km from base station
• Speed: 70 Megabits per second
• Frequency bands: 2 to 11 and 10 to 66 (licensed and unlicensed bands)
• IEEE 802.16 standards define both MAC and PHY layers and allow multiple
PHY layer specifications

14
WiMAX Forum

• Is an industry group founded in April 2001

– Consists of services providers, manufacturers, and related companies
that have joined together to promote the family of technologies based
upon the IEEE 802.16 standard
– Ensure interoperability of IEEE 802.16* and other interoperable (ETSI
HiperMAN*) systems
– Equivalent in purpose to Wi-Fi Alliance for IEEE 802.11
• Develop Conformance Test Specifications
• Host interoperability events
– Provide WiMAX-Certified stamp of approval

15
 Players in WiMAX Forum
 WiMAX Forum has >500 members
(530 as at 26/11/08)
 WiMAX members represent over
75% of current 2-11 GHz BWA
equipment sales!

And a lot more…..

Source: WiMAx Forum

16
 WiMAX and IEEE 802.16

• “WiMAX” is a subset of IEEE 802.16

– No new features can be added
• Mandatory features in 802.16 are mandatory in
WiMAX, if included
• Optional features in 802.16 may be optional,
mandatory or not included
Fixed WiMAX –
256 OFDM
IEEE 802.16
World WiBro
Mobile WiMAX -
OFDMA Source: WiMAx Forum

17
MODES OF OPERATION

• WiMax can provide 2 forms of wireless service:

– Non-LOS
• Wi-Fi sort of service, where a small antenna on a computer
connects to the tower.
• Uses lower frequency range (2 to 11 GHz).
– LOS
• where a fixed antenna points straight at the WiMax tower from
a rooftop or pole.
• The LOS connection is stronger and more stable: higher
throughput.
• Uses higher frequencies: reaching a possible 66 GHz.
• Through stronger LOS antennas, higher range can be achieved:
up to 50km radius.

18
 Broadband Usage
Scenarios Non Line of Sight
Point to Multi-
Multi-point
Line of Sight
BACKHAUL
802.16
• Fixed wireless access (FWA)
802.16
– Wireless access application in which the
location of the end-user termination and
the network access point to be
connected to the end-user are fixed.
• Backhaul for business 802.11
Telco Core
Network or
Private (Fiber)

• Consumer last mile

Network

• Nomadic wireless access (NWA) INTERNET

BACKBONE

– Wireless access application in which the

location of the end-user termination FRACTIONAL

may be in different places but it must be

E1/T1 for SMALL
E1/T1+ LEVEL BUSINESS
SERVICE ENTERPRISE

stationary while in use. 802.16 PC

Card

• Mobile wireless access (MWA) Laptop Connected

– Wireless access application in which the Through 802.16

location of the end-user termination is

mobile.
Source: WiMAx Forum

19
Types of access supported by WiMax

Source: WiMax Forum

20
 History & Evolution

21
Why (earlier) BWA solutions have not taken off?

Wireless Solutions Before WiMax:

 Proprietary, vertical solutions
 No volume silicon market – lack economies of scale
 Lack of global spectrum
Service Providers
Equipment Mfrs Focus

Economies of Ethernet
System scale as

Volume
Integration
Network Software
WiMax is an
open
System Design & standard
Architecture solution

Custom MAC

Custom, 802.11 or
DOCSIS PHY
Custom Radio 1980s 1990s 2000 2010
Source: WiMAx Forum

22
 802.16 Standard History 2008 530

2006
Membership

802.16-2004 Fixed 343 members

Broadband Wireless
2005 802.16e Combined
Standard
(Revised : Covers <11 GHz NLOS & 10- Fixed and Mobile
66 GHz LOS Systems) Amendment
802.16c System Profiles for <11 GHz
for 10-66 GHz LOS Systems
2004 Licensed Systems
(Inactive)
2003 (Formally approved in
55 members 65 members December 2005)
2002
1999 802.16a Fixed
802.16 Fixed Broadband Broadband Wireless
IEEE 802.16
Wireless Standard for Standard for 2-11
Working Group
10-66 GHz LOS Systems GHz Non-LOS
Started
(Inactive) Systems
(Inactive)

Time
Source: Intel & WiMax Forum
23
 WiMax Spectrum

24
 Global spectrum bands

• WiMax Forum is focusing on 3 spectrum bands for global deployment:

• Unlicensed 5 GHz:
– Includes bands between 5.25 and 5.85 GHz. In the upper 5 GHz band (5.725 –
5.850 GHz) many countries allow higher power output (4 Watts) that makes it
attractive for WiMax applications.
– Unlicensed fixed outdoor services
• Licensed 3.5 GHz:
– Bands between 3.4 and 3.6 GHz have been allocated for BWA in majority of
countries.
– Explicitly allow Nomadic use in Fixed Wireless spectrum to support indoor
modems and laptops
• Licensed 2.5 GHz:
– The bands between 2.5 and 2.6 GHz have been allocated in the US, Mexico, Brazil
and in some SEA countries. In US this spectrum is licensed for MDS and ITFS.
– New mobile services model and can address the broadband digital divide.

25
 Licensed vs. License-Exempt
Solutions
Licensed Solution License-Exempt
Solution
FDD TDD
Better QoS Fast Rollout
Better NLOS Lower Costs
reception at lower
frequencies
Higher barriers for More worldwide
entrance options

26
 Wimax Network CSN: Connectivity Service Network
ASN: Access Service Network
NSP: Network Service Provider

System Architecture NAP: Network Access Provider

HA: Home Agent, FA: Foreign Agent
AAA: Authentication, Authorization and
Accounting

Home CSN Visited CSN

HA AAA HA NSP

ASN

ASN GW ASN GW
BS
BS (FA) (FA)

NAP

Mesh
BS
BS BS BS

P2MP or P2P
MS
27
Wimax Network System Architecture

WiMAX network architecture

Subscriber Station, SS / Mobile Station, MS :  
 The Subscriber station, SS may often be referred to as the Customer Premises
Equipment, CPE.
 These take a variety of forms and these may be termed "indoor CPE" or "outdoor
CPE”.
 he outdoor CPE has the advantage that it provides better performance as a
result of the better position of the antenna, whereas the indoor CPE can be
installed by the user.
 Mobile Stations may also be used. These are often in the form of a dongle for a
laptop, etc.

28
Wimax Network System Architecture

WiMAX network architecture

Base Station, BS:
   The base-station forms an essential element of the WiMAX network.
 It is responsible for providing the air interface to the subscriber and mobile
stations.
 It provides additional functionality in terms of micro-mobility management
functions, such as handoff triggering and tunnel establishment, radio resource
management, QoS policy enforcement, traffic classification, session
management, and multicast group management.

29
Wimax Network System Architecture

WiMAX network architecture

ASN Gateway, ASN-GW:  
The ASN gateway within the WiMAX network architecture typically acts as a layer 2
traffic aggregation point within the overall ASN.
The ASN-GW may also provide additional functions that include: intra-ASN location
management and paging, radio resource management and admission control,
caching of subscriber profiles and encryption keys.
The ASN-GW may also include the AAA client functionality, establishment and
management of mobility tunnel with base stations, QoS and policy enforcement,
foreign agent functionality for mobile IP, and routing to the selected CSN.

30
Wimax Network System Architecture

WiMAX network architecture

Home Agent, HA:  
 The Home Agent within the WiMAX network is located within the CSN.
 With Mobile-IP forming a key element within WiMAX technology, the Home Agent
works in conjunction with a "Foreign Agent", such as the ASN Gateway, to provide
an efficient end-to-end Mobile IP solution.
 The Home Agent serves as an anchor point for subscribers, providing secure
roaming with QOS capabilities.
Authentication, Authorisation and Accounting Server, AAA: 
  As with any communications or wireless system requiring subscription services,
an Authentication, Authorisation and Accounting server is used. This is included
within the CSN.

31
802.16 Network Architectures

P2P
 Point-to-Point (P2P) P2MP
Architecture
 BS to BS
 P2MP Architecture Telco Core
 BS serves several Network

Subscriber Stations (SS) INTERNET

 Provides SS with first

mile access to Public
Networks
 Mesh Architecture
 Optional architecture
for WiMAX

32
 Wireless Metropolitan Area Networks (WMAN)

IEEE 802.16 Protocol Architecture

IEEE 802.16 is a broadband wireless access network standard that describes two layers, PHY and
MAC to provide services for Point-to-Multipoint (PMP) broadband wireless access.

33 Lecture 33: WMAN

 Wireless Metropolitan Area Networks (WMAN)

IEEE 802.16 lays down the standards for physical layer and data link layer.
Physical Layer − The two popular services of the physical layer are fixed WiMAX and
mobile WiMAX.
They operate in the licensed spectrum below 11 GHz.
Fixed WiMAX was released in 2003 and uses OFDM; while mobile WiMAX was released
in 2005 and uses scalable OFDM.

34 Lecture 33: WMAN

 Wireless Metropolitan Area Networks (WMAN)

MAC Layer
The MAC layer refers to an interface that reads data between the physical layer and
the data link layer.
The main goal of the MAC layer is to provide support to PMP architecture using a
central base station that controls the subscriber stations connected to it.
The 802.16 MAC protocol is connection based, which when connected to a network,
every subscriber station creates one or multiple connections with the help of which
data can be transmitted.
A 16-bit unique Connection Identification (CID) is assigned to the transport
connection by the base station.
 All uplink connections are unicast and all the downlink connections can be either
unicast or multicast.

35 Lecture 33: WMAN

 Wireless Metropolitan Area Networks (WMAN)

This layer is subdivided into three sublayers −

 Security sublayer − This is the bottommost layer and is concerned with security
and privacy of the wireless network.
 It deals with encryption, decryption and key management.

 MAC common sublayer − The MAC sublayer is concerned with channel

management.
 The channel management is connection oriented, a feature that plays due to which
quality of service (QoS) guarantees are given to the subscriber.
 The base station controls the system. It schedules the channels from base station to
the subscriber (downlink channels) and also manages the channels from the
subscriber to the base station (uplink channels).

36 Lecture 33: WMAN

 Wireless Metropolitan Area Networks (WMAN)

Service Specific Convergence Sub-layer (CS):

 This is equivalent to logical link control layer of other systems.
 It provides the required services and interface to network layer.
 The service specific convergence sub-layer (CS) provides any transformation or
mapping of external network data, received through the CS service access point
(SAP) into MAC SDUs received by the MAC CPS through the MAC SAP.
 Accepts higher layer protocol data units (PDUs) from the higher layer.
 Perform classification of higher layer PDUs and associates them to the proper
service flow identified by the connection identifier (CID).
 Delivering CS PDUs to the appropriate MAC SAP.

37 Lecture 33: WMAN

 Wireless Metropolitan Area Networks (WMAN)

Service Specific Convergence Sub-layer (CS):

 This is equivalent to logical link control layer of other systems.
 It provides the required services and interface to network layer.
 The service specific convergence sub-layer (CS) provides any transformation or
mapping of external network data, received through the CS service access point
(SAP) into MAC SDUs received by the MAC CPS through the MAC SAP.
 Accepts higher layer protocol data units (PDUs) from the higher layer.
 Perform classification of higher layer PDUs and associates them to the proper
service flow identified by the connection identifier (CID).
 Delivering CS PDUs to the appropriate MAC SAP.

38 Lecture 33: WMAN

 Wireless Metropolitan Area Networks (WMAN)

IEEE 802.16 Protocol Architecture cont…..

PHY Layer
 802.16 uses scalable OFDMA to carry data, supporting channel bandwidths of between 1.25 MHz
and 20 MHz, with up to 2048 subcarriers.
 It supports adaptive modulation and coding, so that in conditions of good signal, a highly efficient
64 QAM coding scheme is used, whereas when the signal is poorer, a more robust BPKS coding
mechanism is used.
 In intermediate conditions, 16 QAM and QPSK can also be employed.
 Other PHY features include support for multiple-input multiple-output (MIMO) antennas in order
to provide good non-line-of-sight propagation  (NLOS) characteristics (or higher bandwidth)
and hybrid automatic repeat request (HARQ) for good error correction performance.
 Although the standards allow operation in any band from 2 to 66 GHz, mobile operation is best in
the lower bands which are also the most crowded, and therefore most expensive.

39 Lecture 33: WMAN

Unit No: 4 Emerging Wireless Technologies and standards

Lecture No:34
WLAN-802.11
Wi-Fi

• Wi-Fi is trademarked name for popular wireless technology that uses radio
waves to provide high-speed Internet and network connections.
• The governing body that owns the term Wi-Fi, the Wi-Fi Alliance, defines it
as any WLAN (wireless area network) products that are based on the
Institute of Electrical and Electronics Engineers’ (IEEE) 802.11 standards.
• The way Wi-Fi works is through the use of radio signals like in phones.
• Specifications
• 802.11a
• 802.11b
• 802.11g
• 802.11n
Background

1990 : 802.11 development started by IEEE

The aim was to develop a standards for medium access control (MAC) and physical
layer (PHY)

1997 : First version of 802.11 standard was ratified

First version delivered 1Mb/s and 2Mb/s data rates

1999 : 802.11a and 802.11b amendments were released Data rates improved to
5.5Mb/s and 11Mb/s at 2.4GHz (802.11) Wired Equivalent Privace (WEP) introduced
5GHz operation with OFDM modulation at 54Mb/s (802.11a)

2001 : FCC approved the use of OFDM at 2.4GHz

2003 : OFDM modulation at 54Mb/s at 2.4GHz (802.11g)

42
 Background

2009 : 801.11n amendment were ratified

PHY relies heavily on multiple-input multiple-output (MIMO) technology
Can use both 2.4Ghz and 5Ghz at the same time
Throughput increased even up to 600Mbps

2009 : Bluetooth 3.0 + HS

802.11 selected as the Bluetooth high speed channel

2009 : Wi-Fi direct specification introduced 2011 : 802.11ac

More throughput with wider bandwith, more MIMO streams and
wider 256-QAM modulation. Provides 500-1000Mbps throughput

43
 Benefits of Wi-Fi

Mobility
Compatibility with IP networks
High speed data
 Unlicenced frequencies
Security
Easy and fast installation
Scalability
Installed infrastucture Low cost

44
WLAN-802.11

 Wi-Fi stands for Wireless Fidelity.

 It is a technology for wireless local area networking with devices based on 
IEEE 802.11 standards.
 Wi-Fi compatible devices can connect to the internet via WLAN network and a
wireless access point abbreviated as AP.
 Every WLAN has an access point which is responsible for receiving and transmitting
data from/to users.
 IEEE has defined certain specifications for wireless LAN, called IEEE 802.11 which
covers physical and data link layers.
 Access Point(AP) is a wireless LAN base station that can connect one or many
wireless devices simultaneously to internet.

45 Lecture 34: WMAN-80216a

 The architecture of this standard has 2 kinds of services:
1. BSS (Basic Service Set)
2. ESS (Extended Service Set)
  BSS is the basic building block of WLAN. It is made of wireless mobile stations and
an optional central base station called Access Point.
 Stations can form a network without an AP and can agree to be a part of a BSS.
 A BSS without an AP cannot send data to other BSSs and defines a standalone
network. It is called Ad-hoc network or Independent BSS(IBSS).i.e A BSS without
AP is an ad-hoc network.
 A BSS with AP is infrastructure network.

46
• ESS is made up of 2 or more BSSs with APs. BSSs are connected to the
distribution system via their APs. The distribution system can be any IEEE LAN
such as Ethernet.
• Distribution System (DS): A system to interconnect two or more BSS Typically
wired Ethernet Could be also wireless like 802.11, WiMax, 3G/4G etc.
• ESS has 2 kinds of stations:
• 1. Mobile – stations inside the BSS
2. Stationary – AP stations that are part of wired LAN.

47
 802.11 - infrastructure network
(PCF)•Station (STA)
802.11 LAN – terminal with access mechanisms
802.x LAN
to the wireless medium and radio
contact to the access point
STA1 •Basic Service Set (BSS)
BSS1
– group of stations using the same
Access Portal radio frequency
Point •Access Point
Distribution System – station integrated into the
wireless LAN and the distribution
Access
ESS system
Point
•Portal
BSS2 – bridge to other (wired) networks
•Distribution System
– interconnection network to form
one logical network (EES:
STA2 802.11 LAN STA3 Extended Service Set) based
on several BSS

48
• AP – client services:
• Authentication : open, shared key or WPS
• De-authentication
• Privacy : WEP, WPA or WPA2
• Distribution System services:
• Association : maps the client into the distribution system via access point
Disassociation : release of association
• Distribution : used to deliver MAC frames across the distribution system
• Integration : enables delivery of MAC frames between DS and non 802.11
• Re-association : transition of association from one access point to an other

49
802.11 Architecture

Application

HTTP, FTP, SMTP etc. DHCP, RTP, TFTP etc.

Host

TCP UDP

IP

802.2 Logical Link Control (LLC)

802.11 Media Access Control (MAC) Radio

Physical layer (PHY)

(802.11b DSSS, 802.11g OFDM, 802.11n MIMO etc.)

50
802.11- in the TCP/IP stack

fixed terminal
mobile terminal

server

infrastructure network

access point

application application
TCP TCP
IP IP
LLC LLC LLC
802.11 MAC 802.11 MAC 802.3 MAC 802.3 MAC
802.11 PHY 802.11 PHY 802.3 PHY 802.3 PHY

51
52
 Physical layer

53
 Physical layer

 The Physical layer is divided into three sub layers.

1. The Physical Layer Convergence Procedure (PLCP)
acts as an adaption layer.
The PLCP is responsible for the Clear Channel Assessment (CCA) mode and building
packets for different physical layer technologies.
2. The Physical Medium Dependent (PMD) layer specifies modulation and coding
techniques.
3. The PHY management layer takes care of the management issues like channel
tuning.
The Station management sub layer is responsible for co-ordination of interactions
between the MAC and PHY layers.
This primer focuses on the PHY layer as this is where the design requirements for the
device hardware using the different techniques of the 802.11 standards are realized.

54
 Physical layer

2.4 GHz and/or 5GHz transciever Industrial

Scientific Medical (ISM) band License free

Spread spectrum technology

FHSS, DSSS abnd OFDM modulations

FHSS (Frequency Hopping Spread Spectrum)

Bandwidth divided into 75 1MHz channels
Data throughput limited to 2Mbps because of hopping overhead and FCC
regulations (1 Mhz channel bandwidth)

DSSS (Direct Sequency Spread Spectrum)

Bandwidth divided into 14 22MHz channels
Channels overlap partially

OFDM (Orthogonal Frequecy-Division Multiplexing)

20 or 40MHz bandwidth
Uses several non-overlapping channels Channels
overlap partially
55
56
 The features of the PHY are-
 activation and deactivation of the radio transceiver, energy detection (ED), link
quality indication (LQI), channel selection, clear channel assessment (CCA) and
transmitting as well as receiving packets across the physical medium.
 The standard provides two options based on the frequency band.
 Both are based on direct sequence spread spectrum (DSSS).
 The data rate is 250 kbps at 2.4 GHz, 40 kbps at 915 MHz, and 20 kbps at 868 MHz.
 The higher rate at 2.4 GHz is attributed to a higher-order modulation scheme.
 Lower frequency provides longer range due to lower propagation losses.
 Low rate can be translated into better sensitivity and larger coverage area.
 Higher rate means higher throughput, lower latency, or lower duty cycle.

57
58
 To maintain a common simple interface with MAC, both PHY share a single packet
structure.
 Each PPDU contains a synchronization header (preamble plus start of packet
delimiter), a PHY header to indicate the packet length, and the payload, or PHY service
data unit (PSDU).
 The 32-bit preamble is designed for the acquisition of symbol and chip timing, and in
some cases may be used for coarse frequency adjustment.
 Within the PHY header, 7 bits are used to specify the length of the payload (in bytes).
This supports packets of length 0–127 bytes

59
 Difference between wired and wireless

Ethernet LAN Wireless LAN

B
A B C
A C

• If both A and C sense the channel to be idle at the same

time, they send at the same time.
• Collision can be detected at sender in Ethernet.
• Half-duplex radios in wireless cannot detect collision at
sender.
60
Carrier Sense Multiple Access (CSMA)

• Listen before you speak

• Check whether the medium is active before sending a packet
(i.e carrier sensing)
• If medium idle, then transmit
• If collision happens, then detect and resolve
• If medium is found busy, transmission follows:
– 1- persistent
– P- persistent
– Non-persistent

61
Collision detection (CSMA/CD)

• All aforementioned scheme can suffer from collision

• Device can detect collision
– Listen while transmitting
– Wait for 2 * propagation delay
• On collision detection wait for random time before retrying
• Binary Exponential Backoff Algorithm
– Reduces the chances of two waiting stations picking the same random time

62
Binary Exponential Backoff

1.On detecting 1st collision for packet x

station A chooses a number r between 0 and 1.
wait for r * slot time and transmit.
Slot time is taken as 2 * propagation delay k.
On detecting kth collision for packet x
choose r between 0,1,..,(2k –1)

• When value of k becomes high (10), give up.

• Randomization increase with larger window, but delay
increases.

Sridhar Iyer IIT Bombay 63

Hidden Terminal Problem

A B C

– A and C cannot hear each other.

– A sends to B, C cannot receive A.
– C wants to send to B, C senses a “free” medium (CS fails)
– Collision occurs at B.
– A cannot receive the collision (CD fails).
– A is “hidden” for C.

64
 Effect of interference range

Transmission from 1  2 will fail

 The exposed node problem occurs when a node

is prevented from sending packets to other
nodes because of co-channel interference with a
neighboring transmitter.
Solution for Hidden Terminals

• A first sends a Request-to-Send (RTS) to B

• On receiving RTS, B responds Clear-to-Send (CTS)
• Hidden node C overhears CTS and keeps quiet
– Transfer duration is included in both RTS and CTS
• Exposed node overhears a RTS but not the CTS
– D’s transmission cannot interfere at B

RTS RTS
D A B C
CTS CTS
DATA
Sridhar Iyer IIT Bombay 66
 Logical Link Control (LLC)

The LLC provides end-to-end link control over 802.11-based

wireless LAN

LLC services:

Unacknowledged connectionless service

Higher layers must take care of error and flow control mechanisms
Peer-to-peer, multicast and broadcast communication

Connection-oriented service
Error and flow control
Peer-to-peer communication

Acknowledged connectionless service

Flow and error control with stop-and wait ARQ
Peer-to-peer, multicast and broadcast communication
802.11 Media Access Control (MAC)

Manages and maintains communications between

802.11 stations and clients

Coordinates access to shared radio channels

Uses CSMA/CA algorithm to access the media (Carrier Sense
Multiple Access / Collision Avoidance)
 802.11 Media Access Control (MAC)

Function Explanation

Scanning Scanning of access points. Both active (probe) and passive (beacon) scanning are provided by
the standard.
Authentication is the process of proving identity between the client and the access
Authentication point.

Association Once authenticated, the client must associate with the access point before sending data
frames.

Encryption Encryption of payload

The optional request-to send and clear-to-send (RTS/CTS) function allows the acces point to
RTS/CTS control use of the medium for stations activating RTS/CTS.

Power Save
Mode The power save mode enables the user to turn on or off enables the radio.

Fragmentation The fragmentation function enables an 802.11 station to divide data packets into smaller
frames.
 802.11 Media Access Control (MAC)

• Distributed Coordination Function 

• One of the two protocols defined by IEEE at the MAC sublayer is called
the distributed coordination function (DCF) .
•  DCF uses CSMA/CA as the access.
•  Before sending any frame, the source station senses the medium by checking the
energy level at the carrier frequency.

70
802.11 Media Access Control (MAC)

IEEE 802.11 : Distributed Coordination Function▪

Decentralized
▪ Carrier sense multiple access (CSMA)
▪ Listen to the medium
▪ If idle, then transmit
▪ If not, wait a random time
▪ If busy again, expand the mean waiting time, randomly wait, and try again.
▪ Binary exponential backoff describes this procedure
▪ The backoff is the waiting process
▪ Mean random waiting times get exponentially larger
▪ By a factor of 2 each time, hence the term binary.
▪ This process responds to heavy loads
▪ Since nodes do not know the loads of other nodes trying to send.

71
802.11 Media Access Control (MAC)

• Point Co-ordination Function (PCF)

• The PCF is an optional access method that can be implemented in an
infrastructure network (not in an ad-hoc network ) .
• Centralized control
• Point coordinator polls devices
• To give them permission to send
• On a schedule the point coordinator determines
• PCF has a centralized contention-free polling access method. 
• The AP performs polling for stations that are capable  of being polled.
• The polling procedure is performed by the point coordinator (PC) in the AP within a
ESS.
• PCF is implemented on top of the DCF and is used mostly for time-sensitive
transmission.

72
802.11 - MAC layer

• Traffic services
– Asynchronous Data Service (mandatory) – DCF
– Time-Bounded Service (optional) – PCF
• Access methods
– DCF CSMA/CA (mandatory)
• collision avoidance via randomized back-off
mechanism
• ACK packet for acknowledgements (not for
broadcasts)
– DCF w/ RTS/CTS (optional)
• avoids hidden terminal problem
– PCF (optional)
• access point polls terminals according to a list

73
802.11 - CSMA/CA
contention window
DIFS DIFS (randomized back-off
mechanism)

medium busy next frame

direct access if t
medium is free  DIFS slot time

– station ready to send starts sensing the medium (Carrier Sense based
on CCA, Clear Channel Assessment)
– if the medium is free for the duration of an Inter-Frame Space (IFS),
the station can start sending (IFS depends on service type)
– if the medium is busy, the station has to wait for a free IFS, then the
station must additionally wait a random back-off time (collision
avoidance, multiple of slot-time)
– if another station occupies the medium during the back-off time of the
station, the back-off timer stops (fairness)

74
 802.11 –CSMA/CA example
DIFS DIFS DIFS DIFS
boe bor boe bor boe busy
station1

boe busy
station2

busy
station3

boe busy boe bor

station4

boe bor boe busy boe bor

station5
t

busy medium not idle (frame, ack etc.) boe elapsed backoff time

packet arrival at MAC bor residual backoff time

 802.11 –RTS/CTS

• station can send RTS with reservation parameter after waiting for DIFS
(reservation determines amount of time the data packet needs the medium)
• acknowledgement via CTS after SIFS by receiver (if ready to receive)
• sender can now send data at once, acknowledgement via ACK
• other stations store medium reservations distributed via RTS and CTS

DIFS
RTS data
sender
SIFS SIFS
CTS SIFS ACK
receiver

NAV (RTS) DIFS

other NAV (CTS) data
stations t
defer access contention

76
 802.11 - PCF

t0 t1
SuperFrame

medium busy PIFS SIFS SIFS

D1 D2
point
coordinator SIFS SIFS
U1 U2
wireless
stations
stations‘ NAV
NAV
MAC Frame

All stations should be able to properly construct frames for transmission and decode frames
upon reception, as specified here.
802.11 MAC frame is composed of header, body and FCS part.
•   MAC header: It consists of frame control field, duration, address fields 1-4, sequence
control field.
•   Frame body: This field vary in size and consists of information based on frame type to be
carried.
•   FCS: stands for Frame Check Sequence, this is 32 bit CRC (i.e. cyclic redundancy code).

78
 MAC Frame

Frame Control(FC) –
It is 2 bytes long field which defines type of frame and some control information.
Version:It is a 2 bit long field which indicates the current protocol version which is fixed to be 0 for
now.
Type:It is a 2 bit long field which determines the function of frame i.e management(00), control(01) or
data(10). The value 11 is reserved.
Subtype: It is a 4 bit long field which indicates sub-type of the frame like 0000 for association request,
1000 for beacon.
To DS: It is a 1 bit long field which when set indicates that destination frame is for DS(distribution
system).
From DS: It is a 1 bit long field which when set indicates frame coming from DS.
More frag (More fragments): It is 1 bit long field which when set to 1 means frame is followed by
other fragments.
Retry: It is 1-bit long field, if the current frame is a retransmission of an earlier frame, this bit is set to
1.

79
MAC Frame

Power Mgmt (Power management): It is 1-bit long field that indicates the mode of a
station after successful transmission of a frame. Set to 1 the field indicates that the
station goes into power-save mode. If the field is set to 0, the station stays active.
More data: It is 1-bit long field that is used to indicate receiver that a sender has more
data to send than the current frame.
This can be used by an access point to indicate to a station in power-save mode that
more packets are buffered or it can be used by a station to indicate to an access point
after being polled that more polling is necessary as the station has more data ready to
transmit.
WEP: It is 1 bit long field which indicates that the standard security mechanism of
802.11 is applied.
Order:It is 1 bit long field, if this bit is set to 1 the received frames must be processed in
strict order.

80
MAC Frame

81
 MAC Frame

Duration/ID –
It is 4 bytes long field which contains the value indicating the period of time in which the
medium is occupied(in µs).
Address 1 to 4 –
These are 6 bytes long fields which contain standard IEEE 802 MAC addresses (48 bit
each). The meaning of each address depends on the DS bits in the frame control field.
SC (Sequence control) –
It is 16 bits long field which consists of 2 sub-fields, i.e., Sequence number (12 bits) and
Fragment number (4 bits). Since acknowledgement mechanism frames may be
duplicated hence, a sequence number is used to filter duplicate frames.
Data –
It is a variable length field which contain information specific to individual frames which
is transferred transparently from a sender to the receiver(s).
CRC (Cyclic redundancy check) –
It is 4 bytes long field which contains a 32 bit CRC error detection sequence to ensure
error free frame.

82
Enhancements and Applications

83
New Naming Standards :

Network Wi-Fi Standard

IEEE 802.11b Wi-Fi 1

IEEE 802.11a Wi-Fi 2

IEEE 802.11g Wi-Fi 3

IEEE 802.11n Wi-Fi 4

IEEE 802.11ac Wi-Fi 5

IEEE 802.11ax Wi-Fi 6

84
 Application of Wi-Fi
• Many electronic devices use Wi-Fi
due to its simple functions.

• Companies use Wi-Fi to create

wireless networks within their
company.

• Phone companies such as use Wi-

Fi Hot Spots for their users to get
free calling/internet access.

• Gaming companies like Nintendo

use Wi-Fi to synch their products
and to use global network usage.
 Wireless Technology
Unit 4: Wireless Personal Area Networks and
Ad hoc Networks

Faculty Name : Mrs. Deepali Patil

 Wireless Personal Area Networks and Ad hoc Networks

• A wireless personal area network (WPAN) is a short-distance (typically <10 m but as

far as 20 m) wireless network
• Specially designed to support portable and mobile computing devices such as PCs,
PDAs, printers, storage devices, cell phones, pagers, set-up boxes, and a variety of
consumer electronic equipment.
• Bluetooth (IEEE 802.15.1), UWB (IEEE 802.15.3a), and ZigBee (IEEE 802.15.4) are
examples of WPANs that allow devices within close proximity to join together in
wireless networks in order to exchange information.
• The IEEE 802.15 committee has the responsibility for developing standards for short
distance wireless networks used in the networking of portable and mobile
computing devices such as PCs, PDAs, cell phones, printers, speakers, microphones,
and other consumer electronics.

87
 Wireless Personal Area Networks IEEE 802.15

• IEEE 802.15.1 and 802.15.4 focus on the devices with the following characteristics:
• Power management: low current consumption Range:
• 0–10 m Rate: 19.2–100 kbps
• Size: 0.5 in3 without antenna
• Low cost relative to target device
• Should allow overlap of multiple networks in the same area
• Network supports a minimum of 16 devices

88
 WPAN Vision Statement
High performance,
RFID WPAN WLANscost
higher

Low performance,
low cost
• variety of needs for wireless products
• No one product which can fill all needs
• Family of complementary devices
Wireless Personal Area Networks IEEE 802.15

90
 Wireless Personal Area Networks IEEE 802.15

The IEEE 802.15 committee consists of 4 task groups:

Task group I: It is for Bluetooth and defines physical (PHY) and medium access control
(MAC) specifications for wireless connectivity with fixed, portable, and moving devices
within or entering a personal operating space (POS).
A POS is the space around a person or object that typically extends up to 10 m in all
directions and envelops the person whether stationary or in motion.
Task group II: It focuses on the coexistence of WPAN and IEEE 802.11 WLANs.
The goal of the WPAN group is to achieve a level of interoperability that allows the data
transfer between a WPAN device and an IEEE 802.11 device.
Task group III: It works on PHY and MAC layers for high-rate WPANs that operate at a data
rate of more than 20 Mbps, and will provide for low-power, low-cost solutions to address the
needs of portable consumer digital imaging and multimedia applications. The standards aim
at providing compatibility with Bluetooth specifications.
Task group IV: It investigates an ultra-low complexity, ultra-low power consuming, ultra-
low-cost PHY and MAC layer for data rates of up to 200 kbps. Potential applications are
sensors, interactive toys, smart badges, remote controls, and home automation.

91
Wireless Personal Area Networks IEEE 802.15

92
 Wireless Personal Area Networks IEEE 802.15

•ISM frequency band at 2.4 GHz

•The ISM band at 2.4 GHz can be used by anyone as long as

•Transmitters using FH (Frequency Hopping) technology:

• Total transmission power < 100 mW
• Power density < 100 mW / 100 kHz

•Transmitters using DSSS technology:

• Total transmission power < 100 mW
• Power density < 10 mW / 1 MHz

93
Bluetooth (IEEE 802.15.1)

•In 1994, the Swedish telecommunication company Ericsson decided to honor old,
weird Herald I. Bluetooth, king of Denmark between 940 and 985 AD, by naming its
new wireless networking standard after him.

94
Bluetooth (IEEE 802.15.1)

• A cable replacement technology

• Operates in the unlicensed ISM band at 2.4 GHz
• Frequency Hopping scheme (1600 hops/sec)
• 1 Mb/s symbol rate
• Range 10+ meters
• Single chip radio + baseband
• Key features:
• Robustness
• low complexity
• low power, and
• low cost.
Bluetooth (IEEE 802.15.1)

• Bluetooth supports
– Synchronous & asynchronous data channels.
• Three simultaneous synchronous voice channels, or
• One channel, with asynchronous data and synchronous voice
– Each voice channel supports 64 kb/s in each direction.
– The channel can support maximal 723.2 kb/s asymmetric
(and still up to 57.6 kb/s in the return direction), or 433.9
kb/s symmetric.
• Bluetooth provides
– point-to-point connection (only two BlueTooth units
involved), or
– point-to-multipoint connection.
Bluetooth (IEEE 802.15.1)

97
Usage scenarios: Synchronization

User benefits
• Proximity synchronization
• Easily maintained database
• Common

Sharing Common Data…

Usage scenarios: Headset

User benefits
• Multiple device access
• Cordless phone benefits
• Hand’s free operation
Wireless Freedom…
 Usage scenarios: Data access points

PSTN, ISDN,
LAN, WAN, xDSL

User benefits
• No more connectors
• Easy internet access Remote Connections...
• Common connection experience
 Bluetooth (IEEE 802.15.1)

Piconet.: A collection of devices connected via Bluetooth

technology in an adhoc fashion.
 piconet starts with two connected devices, such as a PC and
cellular phone, and may grow to eight connected devices.
 All Bluetooth devices are peer units and have identical
implementations.
 However, when establishing a piconet, one unit will act as a
master for synchronization purposes, and the other(s) as
slave(s) for the duration of the piconet connection.
 Piconets are established dynamically and automatically as
Bluetooth enabled devices enter and leave radio proximity.
 Up to 8 devices in one piconet (1 master and 7 slave devices).
Max range 10 m.
 Master can connect to 7 simultaneous or 200+ inactive
(parked) slaves per piconet

101
 The Piconet
IDa
ID d ID d

ID a D ID a P

A M
ID e
ID e
sb
E
ID a
ID b B ID b S IDa
ID c C ID c S

• All devices in a piconet hop together

– To form a piconet: master gives slaves its clock and device ID ID a
• Hopping pattern determined by device ID (48-bit)
• Phase in hopping pattern determined by Clock
sb
• Non-piconet devices are in standby
• Piconet Addressing M or S

– Active Member Address (AMA, 3-bits) P

– Parked Member Address (PMA, 8-bits)

102
Scatternet

 Scatternet is formed by multiple Piconets with overlapping coverage areas.

 Two or more independent and non-synchronized piconets that communicate with
each other
 A slave as well as a master unit in one piconet can establish this connection by
becoming a slave in the other piconet.
 Each Piconet can only have a single master
 Slaves can participate in different Piconets on a time-division multiplex basis.
 A master in one Piconet can be a slave in
another Piconet.
 Each Piconet has its own hopping channel in a Scatternet.
Inter-connected Piconets - The Scatternet

• Complex Access Point

LAN

Mobile Phone

Headset

Printer
Laptop
master Laptop
Mouse
slave
master/slave
Source: Kris Fleming 20Mar01 [Bluetooth-BOF-at-50th-IETF-PAN-Talk.ppt]

September 11, Ian Gifford <[email protected]> 104

2001
 Addressing

• Bluetooth device address (BD_ADDR)

– 48 bit IEEE MAC address
• Active Member address (AM_ADDR)
– 3 bits active slave address used to distinguish between units participating in the
piconet.
– all zero broadcast address
• Parked units. Devices in a piconet which are time-synchronized but do not have MAC
addresses
• Parked Member address (PM_ADDR)
– 8 bit parked slave address
 Functional Overview

The connection procedure is initiated by any one

of the devices, which then becomes master.
A connection is made by a PAGE message (Connect
to a specific radio ) if the address is already known,
or by an INQUIRY message followed by a
subsequent PAGE message if the address is
unknown.
The INQUIRY message is typically used for finding
Bluetooth devices.
The master unit can put slave units into HOLD
mode, where only the internal timer is running.
In the SNIFF mode, a slave device listens to the
piconet at a reduced rate, thus reducing its duty
cycle.
 In the PARK mode, a device is still synchronized to
the piconet but does not participate in the traffi c.

106
 Bluetooth Protocol Stack

• The Bluetooth protocol stack allows devices to locate, connect, and exchange data
with each other and to execute interoperable, interactive applications against each
other.
• The Bluetooth protocol stack can be placed into three groups: transport protocol
group, middleware protocol group, and application group

107
 Bluetooth Protocol Stack
The transport protocols

audio apps middleware & data applications

application (a) (d) (c)
group
L2CAP
middleware
protocol HCI audio control
group
link
transport
protocol manager
group

baseband

a: audio
d: data radio
c: control

108
 Bluetooth Protocol Stack
The transport protocols :
 These protocols allow Bluetooth devices to locate and connect to each other.
Carry audio and data traffic between devices and support both synchronous
and asynchronous transmission for telephony-grade voice communication.
 Audio traffic is treated with high priority in Bluetooth.
 Audio traffic bypasses all protocol layers and goes directly to the baseband
layer which then transmits it in small packets directly over Bluetooth’s air
interface.
 responsible for managing the physical and logical links between the devices so
that the layers above and applications can pass data through the connections.
 The protocols in this group are radio, baseband, link manager, logical link, and
host controller interface (HCI)
 Bluetooth Protocol Stack
 Logical link control and adaptation protocol (L2CAP) layer:
 All data traffic is routed through the logical link control and adaptation protocol layer.
 This layer shields the higher layers from the details of the lower layers.
 The higher layers need not be aware of the frequency hops occurring at the radio and
baseband level.
 It is also responsible for segmenting larger packets from higher layers into smaller
packets

 Link manager layer (LML)

 responsible for negotiating the properties of the Bluetooth air interface.
 These properties may be anything from bandwidth allocation to support services of a
particular type to periodic bandwidth reservation for audio traffic.
 responsible for supervising device pairing.
 Device pairing is the creation of a trust relationship between the devices by
generating and storing an authentication key for future device authentication.
 The link managers are also responsible for power control and may request
adjustments in power levels.
 Bluetooth Protocol Stack
 Baseband and radio layers
 responsible for the process of searching for other devices and establishing a
connection with them.
 responsible for assigning the master and slave roles.
 controls the Bluetooth unit’s synchronization and transmission frequency hopping
sequence.
 manages the links between the devices and is responsible for determining the
packet types supported for synchronous and asynchronous traffic.
Host controller interface (HCI) layer.
 allows higher layers of the stack, including applications, to access the baseband,
link manager, etc., through a single standard interface.
 Through HCI commands, the module may enter certain modes of operation.
 Higher layers are informed of certain events through the HCI.
 The HCI is not a required part of the specification.
 It has been developed to serve the purpose of interoperability between host
devices and Bluetooth modules.
 The middleware protocols
networking IrDA
audio apps telephony apps
apps apps

application
group (b) TCP UDP IrMC (b)

middleware (a)
protocol IP telephony
group control
(a) OBEX based on
transport
audio control SDP TCS-BIN
AT
protocol
PPP commands
group
(b)
RFCOMM

transport protocols

a: adopted protocol
b: Bluetooth specific protocol
112
 Bluetooth Protocol Stack
 Middleware Protocol Group
 This group comprises the protocols needed for existing applications to operate
over Bluetooth links.
 The protocols in this group can be third party and industry standard protocols and
protocols developed specifically by the Special Interest Group (SIG).
 RFCOMM layer: provides a virtual serial port to applications.
 The advantage provided by this layer is that it is easy for applications designed for
cabled serial ports to migrate to Bluetooth.
 Service discovery protocol (SDP) layer: Once a connection is established there is
a need for the devices to find and understand the services the other devices have
to offer.
 The SDP is a standard method for Bluetooth devices to discover and learn about
the services offered by the other device.
 Infrared data association (IrDA) interoperability protocols.
 The SIG has adopted some IrDA protocols to ensure interoperability between
applications.
 Bluetooth Protocol Stack
 Object exchange (OBEX) protocol: IrOBEX (in short, OBEX) is a session protocol
developed by the Infrared Data Association to exchange objects in a simple and
spontaneous manner.
 OBEX provides the same basic functionality as HTTP but in a much lighter
fashion.
 The OBEX protocol defines a folder-listing object, which is used to browse the
contents of folders on a remote device.
 Networking layers. Bluetooth wireless communication uses a peer-to-peer
network topology rather than an LAN type topology.
 Dial-up networking uses the attention (AT) command layer.
 In most cases the network that is being accessed is an IP network.
 Once a dial-up connection is established to an IP network, then standard
protocols like TCP, UDP, and HTTP can be used.
 A device can also connect to an IP network using a network access point.
 The Internet PPP is used to connect to the access point.
 Bluetooth Protocol Stack
 Telephone control specifi cation (TCS) layer and audio.
 This layer is designed to support telephony functions, which include call control
and group management.
 These are associated with setting up voice calls.
 Once a call is established a Bluetooth audio channel can carry the call’s voice
content.
 TCS can also be used to set up data calls. The TCS protocols are compatible with
ITU specifications.
 The SIG is also considered a second protocol called TCS-AT, which is a modem
control protocol. AT commands over RFCOMM are used for some applications.

 Application Group
 This group consists of actual applications that make use of Bluetooth links and
refers to the software that exists above the protocol stack.
 The software uses the protocol stack to provide some function to the user of the
Bluetooth devices.
 The application group

(a) (b) (b)

profile profile new/future
application applications applications applications
group
platform APIs
middleware
(b) (b)
protocol
group
Bluetooth adaptation common services
transport
protocol
group

middleware protocols

transport protocols

a: legacy application
b: Bluetooth specific application
11
116
6
 IEEE 802.15.4 (ZigBee)

• The low rate (LR) wireless personal access network (WPAN) (IEEE802.15.4/LRWPAN) is
intended to serve a set of industrial, residential, and medical applications with very low
power consumption, low cost requirement, and relaxed needs for data rate and QoS.
• The low data rate enables the LR-WPAN to consume little power
• ZigBee technology is a low data rate, low power consumption, low cost, wireless
networking protocol targeted toward automation and remote control applications.
• The IEEE 802.15.4 committee and ZigBee Alliance worked together and developed the
technology commercially known as ZigBee.
• The IEEE 802.15.4 committee is focusing on the specifications of the lower two layers of
the protocol (the physical and data link layers)
• ZigBee Alliance aims to provide the upper layers of the protocol stack (from the network
to the application layer) for interoperable data interworking, security services, and a
range of wireless home and building control solutions.

117
IEEE 802.15.4 (ZigBee)

 802.15.4 General Characteristics:

 Data rates of 250 kb/s, 40 kb/s and 20 kb/s.
 Star or Peer-to-Peer operation.
 Support for low latency devices.
 Fully handshaked protocol for transfer reliability.
 Low power consumption.
 Frequency Bands of Operation
 16 channels in the 2.4GHz ISM* band
 10 channels in the 915MHz ISM band
 1 channel in the European 868MHz band.


118
Wireless networking Basics

Network Scan
Device scans the 16 channels to determine the best channel to
occupy.
Creating/Joining a PAN
Device can create a network (coordinator) on a free channel or
join an existing network
Device Discovery
Device queries the network to discover the identity of devices on
active channels
Service Discovery
Device scans for supported services on devices within the network
Binding
Devices communicate via command/control messaging
IEEE 802.15.4 (ZigBee)

• ZigBee Components and Network Topologies:

• A ZigBee system consists of several components. The most basic is the device.
• A device can be a full-function device (FFD) or reduced-function device (RFD).
• Full function device (FFD)
– Any topology
– Network coordinator capable
– Talks to any other device

• Reduced function device (RFD)

– Limited to star topology
– Cannot become a network coordinator
– Talks only to a network coordinator
– Very simple implementation

120
Network Pieces –PAN Coordinator

• PAN Coordinator
– “owns” the network
• Starts it
• Allows other devices to join it
• Provides binding and address-table
services
• Saves messages until they can be
delivered olds list of neighbors and
routers
• Select channel to be used by network

– A “full-function device” – FFD

– Mains powered
 Network Pieces - Router

• Routers
– Routes messages
– Does not own or start network
• Scans to find a network to join
– Given a block of addresses to
assign
– A “full-function device” – FFD
– Mains powered depending on
topology
– Could also have i/o capability
 Network Pieces – End Device

• End Device
– Communicates with a
single device

– Does not own or start network

• Scans to find a network to join
– Can be RFD (reduced function device)
– Usually battery powered
– operates at low duty cycle power
 IEEE 802.15.4 (ZigBee)

• ZigBee supports three types of topologies: star topology, peer-to-peer topology,

and cluster tree.
• In the star topology, communication is established between devices and a single
central controller, called the PAN coordinator.
• The PAN coordinator may be powered by mains while the devices will most likely be
battery powered.
• Applications that benefi t from this topology are home automation, personal
computer (PC) peripherals, toys, and games.
• Each star network chooses a PAN identifier, which is not currently used by any other
network within the radio sphere of influence.
• This allows each star network to operate independently

124
 IEEE 802.15.4 (ZigBee)

• In the peer-to-peer (Mesh) topology:

• there is one PAN coordinator.
• any device can communicate with any other device as long as they are in range of one
another.
• A peer-to-peer network can be ad hoc, self-organizing, and self-healing.
• Applications such as industrial control and monitoring, wireless sensor networks and asset
and inventory tracking would benefit from such a topology.
• It also allows multiple hops to route messages from any device to any other device in the
network.
• It can provide reliability by multipath routing.
• The cluster-tree topology
• It is a special case of a peer-to-peer network in which most devices are full-function devices
and an RFD may connect to a cluster-tree network as a leaf node at the end of a branch.
• Any of the full-function devices can act as a coordinator and provide synchronization
services to other devices and coordinators.
• However, only one of these coordinators is the PAN coordinator.

125
Network Topology Models

Mesh

Star

PAN coordinator (PANC)

Full Function Device (FFD,Router)

Cluster Tree Reduced Function Device (RFD)

Chaitanya Misal, Vamsee Krishna

ZigBee is Mesh Networking
 IEEE 802.15.4 LR-WPAN Device Architecture

 LR-WPAN device comprises a physical layer (PHY),

which contains the RF transceiver along with its low-
level control mechanism.
 A MAC sublayer provides access to the physical
channel for all types of transfer.
 The upper layers consist of a network layer, which
provides network configuration, manipulation, and
message routing
 An application layer, which provides the intended
function of a device.
 An IEEE 802.2 logical link control (LLC) can access the
MAC through the service specific convergence
sublayer (SSCS).

128
 ZigBee protocol Stack

The lower two layers (PHY and MAC) are defined by the IEEE 802.15.4 standard.
 The NWK and APL layers are defined by the  ZigBee standard.
 The security features are defined in both standards.
 A network that implements all of the layers in Figure 3.1 is considered a ZigBee wireless
network.
 Physical Layer functionalities:

 The PHY (IEEE 802.15.4) provides two services: the PHY data service and PHY
management service interfacing to the physical layer management entity (PLME).
 The PHY data service enables the transmission and reception of PHY protocol data
units (PPDUs) across the physical radio channel.
 Activation and deactivation of the radio transceiver
 Energy detection within the current channel
 Link quality indication for received packets
 Clear channel assessment for CSMA-CA
 Channel frequency selection
 Data transmission and reception
Physical Layer functionalities:

ZigBee specifies two Physical media:

 868 MHz/915 MHz direct sequence spread spectrum
(DSSS) PHY (11 channels)
• 1 channel (20Kb/s) in European 868MHz band
• 10 channels (40Kb/s) in 915 (902-928)MHz ISM band
 2450 MHz direct sequence spread spectrum (DSSS)
PHY (16 channels)
• 16 channels (250Kb/s) in 2.4GHz band
 IEEE 802.15.4 Physical Layer

• Operates in unlicensed ISM bands:

868MHz/ Channel 0 Channels 1-10
2 MHz
915MHz
PHY
868.3 MHz 902 MHz 928 MHz

2.4 GHz
PHY Channels 11-26 5 MHz

2.4 GHz 2.4835 GHz

IEEE 802.15.4 PHY Overview Packet Structure

PHY Packet Fields

• Preamble (32 bits) – synchronization
• Start of Packet Delimiter (8 bits)
• PHY Header (8 bits) – PSDU length
• PSDU (0 to 1016 bits) – Data field

Start of PHY PHY Service

Preamble Packet Header Data Unit (PSDU)
Delimiter

6 Octets 0-127 Octets

Chaitanya Misal, Vamsee Krishna

 ZigBee protocol Stack

 Data Link Layer

 The data link layer (IEEE 802.15.4) is divided into two sublayers, the MAC and LLC
sublayers.
 The logical link control is standardized in IEEE 802.2 and is common among all IEEE
802 standards.
 The IEEE 802.15.4 MAC provides services to an IEEE 802.2 type logical link control
through the service-specific convergence sublayer (SCCS), or a proprietary LLC can
access the MAC services directly without going through the SCCS.
 The SCCS ensures compatibility between different LLC sublayers and allows the MAC
to be accessed through a single set of access points.
 The features of the IEEE 802.15.4 MAC are association and disassociation,
acknowledged frame delivery, channel access mechanism, frame validation,
guaranteed time slot management, and beacon management.
ZigBee protocol Stack

 The MAC provides two services to higher layers that can be accessed through two
service access points (SAPs).
 The MAC data service is accessed through the MAC common part sublayer (MCPS-
SAP), and the MAC management services are accessed through the MAC layer
management entity (MLME-SAP).
 These two services provide an interface between the SCCS or another LLC and the
physical layer.
 The MAC protocol data unit (MPDU) consists of the MAC header (MHR), MAC service
data unit (MSDU), and MAC footer (MFR).
IEEE 802.15.4 MAC Overview
General Frame Structure

 The MAC protocol data unit (MPDU) consists of the MAC header (MHR), MAC service
data unit (MSDU), and MAC footer (MFR).
 The fi rst fi eld of the MAC header is the frame control field, which indicates the type of
MAC frame being transmitted, specifies the format of the address field, and controls the
acknowledgment
 The sequence number in the MAC header matches the acknowledgment frame with the
previous transmission.
 The FCS helps to verify the integrity of the MAC frame.
 ZigBee protocol Stack

4 Types of MAC Frames:

 Data Frame- to transfer of data
 Beacon Frame – for transmitting beacon
 Acknowledgment Frame – to confirm sender that frame is received
 MAC Command Frame – to handle all mac peer entity control transfers.

Only the data and beacon frames actually contain information sent by higher
layers;
the acknowledgment and MAC command frames originate in the MAC and
are used for MAC peer-to-peer communication
 Data Transfer Model
Data transferred from device to coordinator
• In a beacon-enable network, device finds the beacon to synchronize to
the super-frame structure. Then using slotted CSMA/CA to transmit its

data.
• In a non beacon-enable network, device simply transmits its data using
un-slotted CSMA/CA

Communication to a coordinator Communication to a coordinator

In a beacon-enabled network In a non beacon-enabled network
 Data Transfer Model

• Data transferred from

coordinator to device
– In a beacon-enable
network, the coordinator
indicates in the beacon that
“data is pending.”
– Device periodically listens
to the beacon and transmits
a MAC command request
using slotted CSMA/CA if Communication from a coordinator
In a beacon-enabled network
necessary.
 Superframe Structure

• Some applications may require a dedicated bandwidth to achieve low latencies.

• To accomplish these low latencies, the IEEE 802.15.4 LR-WPAN can operate in an
optional superframe mode.
• In a superframe a dedicated PAN coordinator transmits superframe beacons in
predetermined intervals.
• These intervals can be as short as 15 ms or as long as 245 seconds. The time between
two beacons is divided into 16 equal time slots independent of the duration of the
superframe.
• The beacon frame is sent in the first slot of each superframe.
• The beacons are used to synchronize the attached devices, to identify PAN, and describe
the structure of superframes.
• A device can transmit at any time during the slot, but must complete its transaction
before the next superframe beacon.

140
 Superframe Structure

• The channel access in time slots is contention based; however, the PAN coordinator may
assign time slots to a single device that requires a dedicated bandwidth or low latency
transmissions.
• These assigned time slots are called guaranteed time slots (GTSs) and together form a
contention-free period (CFP) located immediately before the next beacon

141
 802.15.4 Architecture

Applications

• Network Routing
• Address translation
ZigBee • Packet Segmentation
• Profiles

IEEE 802.15.4 MAC

IEEE 802.15.4 IEEE 802.15.4

868/915 MHz 2400 MHz
PHY PHY

Chaitanya Misal, Vamsee Krishna

ZigBee Stack Architecture :
ZigBee Stack Architecture- The Network Layer

 The Network Layer The network layer of Zigbee (IEEE 802.15.4) is responsible for
topology construction and maintenance as well as naming and binding services,
which include the tasks of addressing, routing, and security.
 The network layer should be selforganizing and self-maintaining to minimize
energy consumption and total cost.
 IEEE 802.15.4 supports multiple network topologies, including star, peer-to-peer,
and cluster tree.
 The topology is an application design choice

144
 ZigBee Stack Architecture-  Application Support Sublayer (APS)

 The application support sublayer (APS) provides the services necessary for application
objects (endpoints) and the ZigBee device object (ZDO) to interface with the network layer
for data and management services.
 Some of the services provided by the APS to the application objects for data transfer are
request, confirm, and response.
 Application object (endpoint): An application object defines input and output to the APS.
For example, a switch that controls a light is the input from the application object, and the
output is the light bulb condition.
 An application object may also be referred to as an endpoint (EP). 

145
 ZigBee Stack Architecture-  Application Support Sublayer (APS)

ZigBee device object (ZDO):

  A ZigBee device object performs control and management of application objects.
 The ZDO performs the overall device management tasks:
 Determines the type of device in a network (for example, end device, router, or
coordinator)
 Initializes the APS, network layer, and security service provider
 Performs device and service discovery
 Initializes coordinator for establishing a network
 Security management
 Network management
 Binding management

146
 ZigBee Stack Architecture-  Application Support Sublayer (APS)

End node:
  Each end node or end device can have multiple EPs.
 Each EP contains an application profile, such as home automation, and can be used to
control multiple devices or a single device.
 Each EP defines the communication functions within a device.
 Eg: the bedroom switch controls the bedroom light, and the remote control is used to
control three lights: bedroom, hallway1, and hallway2.

ZigBee addressing mode: 

ZigBee uses direct, group, and broadcast addressing for transmission of information.
In direct addressing, two devices communicate directly with each other.
This requires that the source device has both the address and endpoint of the destination
device.
Group addressing requires that the application assign a group membership to one or more
devices.
A packet is then transmitted to the group address in which the destination device lies.
The broadcast address is used to send a packet to all devices in the network.

147
 Wireless Sensor Network

 Wireless Sensor Networks (WSNs) can be defined as a self-configured and

infrastructure-less wireless networks to monitor physical or environmental
conditions, such as temperature, sound, vibration, pressure, motion or pollutants
and to cooperatively pass their data through the network to a main location or sink
where the data can be observed and analysed.
 A sink or base station acts like an interface between users and the network.
 One can retrieve required information from the network by injecting queries and
gathering results from the sink.
 Typically a wireless sensor network contains hundreds of thousands of sensor
nodes.
 The sensor nodes can communicate among themselves using radio signals
 The wireless sensor nodes are equipped with sensing and radio transceivers,
computing devices, and power components.

148
149
  Applications of wireless sensor network

• Military applications: Wireless sensor networks be likely an integral part of military

command, control, communications, computing, intelligence, battlefield surveillance,
reconnaissance and targeting systems.
• Area monitoring: In area monitoring, the sensor nodes are deployed over a region
where some phenomenon is to be monitored. When the sensors detect the event being
monitored (heat, pressure etc), the event is reported to one of the base stations, which
then takes appropriate action.
• Transportation: Real-time traffic information is being collected by WSNs to later feed
transportation models and alert drivers of congestion and traffic problems.
• Health applications: Some of the health applications for sensor networks are
supporting interfaces for the disabled, integrated patient monitoring, diagnostics, and
drug administration in hospitals, tele-monitoring of human physiological data, and
tracking & monitoring doctors or patients inside a hospital.

150
  Applications of wireless sensor network

• Environmental sensing: The term Environmental Sensor Networks has developed to

cover many applications of WSNs to earth science research. This includes sensing
volcanoes, oceans, glaciers, forests etc. Some other major areas are listed below:
• Air pollution monitoring
• Forest fires detection
• Structural monitoring: Wireless sensors can be utilized to monitor the movement
within buildings and infrastructure such as bridges, flyovers, embankments, tunnels
etc enabling Engineering practices to monitor assets remotely with out the need for
costly site visits.
• Industrial monitoring: Wireless sensor networks have been developed for
machinery condition-based maintenance (CBM) as they offer significant cost savings
and enable new functionalities.
• Agricultural sector: using a wireless network frees the farmer from the maintenance
of wiring in a difficult environment. Irrigation automation enables more efficient
water use and reduces waste.
 Difference between wireless sensor networks and traditional wireless ad
hoc networks
• The number of sensor nodes in a wireless sensor network can be several orders of
magnitude higher than the nodes in a wireless ad hoc network.
• In a wireless sensor network, sensor nodes are densely deployed.
• Sensor nodes are prone to failure.
• The topology of a wireless sensor network changes very frequently.
• Sensor nodes mainly use broadcast communication paradigms whereas most traditional
ad hoc networks are based on point-to-point communications.
• Sensor nodes are limited in power, computational capabilities, and memory.
• Sensor nodes may not have global identification because of the large amount of overhead
and large number of sensors.
• The large number of sensing nodes may congest the network with information. To solve
this problem, some sensors, such as cluster heads, can aggregate the data, perform some
computation (e.g., average, summation, highest value, etc.), and then broadcast the
summarized new information.
• One of the most important constraints on sensor nodes is the low power consumption
requirement. Sensor nodes carry limited, generally irreplaceable power sources.
Wireless Sensor Network Model

153
 Wireless Sensor Network – Design Considerations

The design of the sensor network is influenced by many factors:

Fault tolerance:
The failure of sensor nodes should not affect the overall task of the sensor network. This is
the reliability or fault tolerance issue. Fault tolerance is the ability to sustain sensor network
functionality without any interruption due to sensor node failures.
Scalability:
The number of sensor nodes deployed to study a phenomenon may be on the order of
hundreds or thousands. New schemes must be able to work with this number of nodes and
must also utilize the high density of the sensor networks.
Production cost: The cost of a single node is very important to justify the overall cost of the
network. The cost of each sensor node has to be kept low.
Hardware constraints:
These nodes must consume extremely low power, operate in high volumetric densities, have
low production cost, be dispensable and autonomous, operate unattended, and be adaptive
to the environment and should be of small size.

154
 Wireless Sensor Network – Design Considerations

The design of the sensor network is influenced by many factors:

Fault tolerance:
The failure of sensor nodes should not affect the overall task of the sensor network. This is
the reliability or fault tolerance issue. Fault tolerance is the ability to sustain sensor
network functionality without any interruption due to sensor node failures.
Scalability:
The number of sensor nodes deployed to study a phenomenon may be on the order of
hundreds or thousands. New schemes must be able to work with this number of nodes
and must also utilize the high density of the sensor networks.
Production cost: The cost of a single node is very important to justify the overall cost of
the network. The cost of each sensor node has to be kept low.
Hardware constraints:
These nodes must consume extremely low power, operate in high volumetric densities,
have low production cost, be dispensable and autonomous, operate unattended, and be
adaptive to the environment and should be of small size.

155
 Wireless Sensor Network – Design Considerations

Sensor network topology

Node densities may be as high as 20 nodes/m3 . Deploying a high number of nodes densely
requires careful handling of topological maintenance.
Operating environment
Sensor nodes are densely deployed either very close to or directly inside the phenomenon to
be observed. They usually work unattended in remote geographic areas. They may work in the
interior of large machinery, at the bottom of an ocean, in a biologically or chemically
contaminated fi eld, in a battlefield beyond the enemy lines, or in a home or large building.
Transmission media:
In a multihop sensor network, communication nodes are linked by a wireless medium. These
links are formed by radio, infrared, or optical media. Both infrared and optical media require a
line-of-sight between sender and receiver. To enable the global operation of sensor networks,
the chosen transmission medium must be available worldwide.
Power consumption
. Sensor node lifetime shows a strong dependency on battery lifetime. The disfunctioning of a
few nodes can cause significant topological changes and might require rerouting of packets
and reorganization of the network.

156
 Wireless Sensor Network – Design Considerations

Sensor network topology

Node densities may be as high as 20 nodes/m3 . Deploying a high number of nodes
densely requires careful handling of topological maintenance.
Operating environment
Sensor nodes are densely deployed either very close to or directly inside the phenomenon
to be observed. They usually work unattended in remote geographic areas. They may work
in the interior of large machinery, at the bottom of an ocean, in a biologically or chemically
contaminated fi eld, in a battlefield beyond the enemy lines, or in a home or large building.
Transmission media:
In a multihop sensor network, communication nodes are linked by a wireless medium.
These links are formed by radio, infrared, or optical media. Both infrared and optical media
require a line-of-sight between sender and receiver. To enable the global operation of
sensor networks, the chosen transmission medium must be available worldwide.
Power consumption
The wireless sensor node can only be equipped with a limited power source . Sensor node
lifetime shows a strong dependency on battery lifetime. The disfunctioning of a few nodes
can cause significant topological changes and might require rerouting of packets and
reorganization of the network. Hence, power conservation and power management take
on additional importance.
157
The components of a sensor node

• Wireless sensor nodes are the essential building blocks in a wireless sensor
network
• A wireless sensor node is equipped with sensing and computing devices, radio
transceivers and power components.
• sensing, processing, and communication
• stores and executes the communication protocols as well as data processing
algorithms
• After the sensor nodes are deployed, they are responsible for self-organizing an
appropriate network infrastructure often with multi-hop communication with
them.
• Then the onboard sensors start collecting information of interest.
• Wireless sensor devices also respond to queries sent from a “control site” to
perform specific instructions or provide sensing samples.

158
 The components of a sensor node

A sensor node is made up of four basic components :

a sensing unit, a processing unit, a transceiver unit, and a power unit.
There may also be additional application-dependent components such as a location
finding system, power generator, and mobilizer

159
Types of Wireless Networks: infrastructure vs. ad- hoc
networks

infrastructure
network •Infrastructure
Networks
AP: Access Point
AP
• Fixed, wired
AP wired network backbone
AP
•Mobile communicates
directly with access
points
ad-hoc network •Suitable for locations
where access points can
be placed
• Cellular networks

1-
160
 What is an Ad hoc Network?
A network without any base
stations “infrastructure-less” or
multi-hop infrastructure
A collection of two or more network
devices equipped with wireless

communications and networking AP AP: Access Point

capability AP wired network AP
Supports anytime and
anywhere computing
Two topologies:
ad-hoc network
Heterogeneous (left)
• Differences in
capabilities
Homogeneous or fully
symmetric (Right)
Homogeneous network
• all nodes have identical
capabilities and
responsibilities
1-
161
Why Ad Hoc Networks ?
Ease of deployment

Speed of deployment

Decreased dependence on infrastructure

1-
162
 Introduction

• A Mobile Ad hoc Network (MANET)

– An ad hoc network
• Formed as needed
• Does not require support from any existing newtork infrastructure

• Formal def. of MANET:

– An autonomous system of mobile nodes or MSs (also serving as routers)
connected by wireless links, the union of which forms a communications network
modeled in the form of an arbitrary communication graph

• Autonomous => does not require support from any existing network
infrastructure
– But might be able to use such support if available
» Such support might be available from time to time
– Support could be: an Internet gateway or some fixed stations
• Notice how different from cellular network
– Requires infrastructure (BS, MSC, backbone network, etc.) => not ad hoc
 Introduction
• Characteristics of MANETs:
– Dynamically changing topology
• Changing in an unpredictable manner
– Since nodes are free to move
– Limited power available to nodes (e.g., a battery)
– Usually communicates only with neighboring nodes
• Among other reasons, to save power
– Peer-to-peer
• No more or less “important” nodes
– Information transmission via store-and-forward (fig)
Asymmetric =
• Using multi-hop routing unidirectional - when
• MSs also serve as routers
Moving to a new location xmission power of
MS2 MS2 nodes on its ends is
different (e.g., MS4
stronger than MS7)
MS4
MS3 Asymmetric link
MS5
Symmetric link MS7
MS1 MS6
 Characteristics of Ad Hoc Networks
• As nodes move:
– Connectivity changes
– Topology information must be updated
• E.g., MS2 changes attachment: from MS3 to MS4

• Communication characteristics for MANETs:

– Each node equipped with a wireless transmitter and a receiver with an
appropriate antenna
– Impossible to have all nodes within each other’s radio range
– When the nodes are close by (within each others radio range), they can
communicate directly
• If direct comm. => no routing needed (one hop)
– Wireless connectivity modeled by a random multi-hop graph exists between the
nodes
 Characteristics of Ad Hoc Networks
• Dynamic topologies
– Network topology may change dynamically as the nodes are
free to move

• Bandwidth-constrained, variable capacity links

– Wireless links have typically lower capacity than wired
– Realized throughput of wireless communication is lower than
the radio’s maximum transmission rate
– Link capacity is relatively low => congestion is common (collisions
occurs frequently as application demand approaches link capacity)

• Energy-constrained operation
– Nodes in ad hoc network may rely on batteries or other
limited energy sources
• Energy conservation may be a dominant design factor
Characteristics of Ad Hoc Networks

• Limited physical security

– More prone to physical security threats than wired networks
• Incl. stealing mobile ad hoc devices
– Many attacks, incl. Eavesdropping, spoofing, and DoS attacks
are easier

• Decentralized network control

– Eliminates single points of failure (=> better reliability)

• Scalability problems
– As networks get large
 Applications (Examples)

• “Wearable” computing
• Defense applications
• Crisis-management applications
– Natural disasters, where the entire communication infrastructure is in disarray
• Telemedicine
– E.g., assistance by a surgeon for an emergency
• Tele-geoprocessing applications
– Queries dependent on location of the users
– Integrating geographical info systems (GIS) & GPS
• Virtual navigation
– Data from a remote database transmitted to navigation device in car or in hand
– May contain graphical representation of streets, buildings, and the latest traffic
information
• May assist driver in selecting a route
• Education and Internet access
– K-12, continued education, etc., for people in remote areas
– E.g., email-by-bus in remote villages
Vehicular Ad Hoc Networks (VANET) : 

Vehicular Ad Hoc Networks (VANET) : 

VANET is similar to MANET in terms, that is also do not need any infrastructure for data
transmission.
VANET play important role in aspect of safe driving, intelligent navigation, emergency
and entertainment applications .
It can be defined as an intelligent component of transport system as vehicle are able to
communicate with each other as well as roadside base station, which are located at
critical points of the road.
Example :-Construction Sites. 

169
 Vehicular Ad Hoc Networks (VANET) : 

• VANET can be characterized by following factors:

• Dynamic topology- The speed and direction of vehicles changes constantly thereby resulting in
high dynamic topology
• Intermittent connectivity- Connectivity between devices changes very frequently like
connection between two devices exchanging information can disconnect anytime.
The reason behind frequent disconnection is high dynamic topology.
• Mobility Patterns: A large section of vehicles follow a certain patterns to move which is
generally a function of traffic signals, speed limits, highways, streets, road conditions etc. These
patterns when observed help in the creation of routing protocols for VANET.
• Unlimited power and storage: It is assumed that the nodes in VANET are capable of possessing
an unlimited amount of power as well as storage capacity.
Therefore the nodes are free to exchange the data without the foundations of power
consumption or storage wastage.
• On board sensors: VANET assumes that the nodes are seldom equipped with on board sensors
which are capable of transmission of information to other devices or nodes.

170
Vehicular Ad Hoc Networks (VANET) : 

• ARCHITECTURE VANET aims to provide communication between different neighboring

vehicles. As per the guidelines of IEEE 1471-2000 and ISO/IEC 42010, the entities in a
VANET can be divided into three domains
1) Mobile domain: Mobile domain comprises of two parts. First is vehicle domain which
encompasses all the vehicles which are moving constantly such as buses, cars, trucks etc.
Second part is mobile device domain which comprises of all the portable handy devices
such as PDAs, laptop, GPS, smartphones etc.
2) Infrastructure domain: It also comprises of two parts. Roadside infrastructure domain
comprises of stationary roadside entities such as traffic lights, poles etc. Whereas, central
infrastructure domain encompasses the central managing centre such as vehicle
management centre, traffic management centre etc.
3) Generic domain: It comprises of Internet infrastructure and Private infrastructure. For
instance, different nodes and servers and other computing resources working directly or
indirectly for a VANET come under generic domain.

171
Vehicular Ad Hoc Networks (VANET) : 

• Example applications of VANETs are 

• Electronic brake lights, which allow a driver (or an autonomous car or truck) to react to
vehicles braking even though they might be obscured (e.g., by other vehicles).
• Traffic information systems, which use VANET communication to provide up-to-the
minute obstacle reports to a vehicle's satellite navigation system
• Road Transportation Emergency Services[– where VANET communications, VANET
networks, and road safety warning and status information dissemination are used to reduce
delays and speed up emergency rescue operations to save the lives of those injured.
• On-The-Road Services[– it is also envisioned that the future transportation highway would
be "information-driven" or "wirelessly-enabled". VANETs can help advertise services (shops,
gas stations, restaurants, etc.) to the driver, and even send notifications of any sale going on
at that moment.

172
Security mechanisms in GSM

• Most security protections provided by the GSM are located at the BSS and limited to access
control and radio encryption.
• GSM security is composed of three classes of protection:
– subscriber identity protection.
 For privacy issues, transmitting a subscriber identity in plain on a radio link must be
avoided;
 International Mobile Subscriber Number (IMSI) contained in the SIM card and in the HLR
shall never be transmitted in plain text.
 Instead, the system uses a temporary subscriber number (TMSI) on the radio link. The TMSI
only holds temporary and local validity, meaning that only the fusion between the TMSI
and the Local Area Identifier (LAI) may reveal the IMSI.
 The association between the IMSI and the TMSI is kept safe by the VLR that is accordingly
in charge of creating a new TMSI when roaming outside a local area.
 The identity of the subscriber is therefore protected by two methods. The first one is by
only transmitting an old TMSI on an unencrypted radio link and the second is by encrypting
the new TMSI.

173
Security mechanisms in GSM

174
 Security mechanisms in GSM

– network access control by means of SIM cards.

 The major functionality of the SIM is to securely hold and
manage confidential information to allow the GSM network to
formally identify a subscriber’s identity.
 When a new subscriber is added to the network, a secret AK
(Ki)
 is also added along with the IMSI in order to check on its
identity.
 All security mechanisms are based on this secret key, which
shall
 never be either transmitted or compromised.
 This key is kept safe by the original network in the AuC and by
the subscriber in its SIM card.

175
Security mechanisms in GSM

176
 Security mechanisms in GSM

 – radio communication encryption between a MN and the BTS.

 Eavesdropping on radio communication being significantly easier than landline
 communication, it is absolutely vital to protect the radio link.
 A cryptography key Kc is generated by the GSM network and a MN from the
 secret key Ki and a random number (RAND) using the A8 cipher located in the
 SIM card and at the AuC.
 This key is then used along with the A5 cipher by the MN and the BTS to encrypt
radio communication

177
Security mechanisms in GSM

178