GSM (Global System for Mobile Communications, originally Groupe Spécial Mobile), is a standard set developed by the European Telecommunications Standards Institute (ETSI) to describe technologies for second generation (or "2G") digital cellular networks. Developed as a replacement for first generation analog cellular networks, the GSM standard originally described a digital, circuit switched network optimized for full duplex voice telephony. The standard was expanded over time to include first circuit switched data transport, then packet data transport via GPRS. Packet data transmission speeds were later increased via EDGE. The GSM standard is succeeded by the third generation (or "3G") UMTS standard developed by the 3GPP. GSM networks will evolve further as they begin to incorporate fourth generation (or "4G") LTE Advanced standards. "GSM" is a trademark owned by the GSM Association.

The GSM Association estimates that technologies defined in the GSM standard serve 80% of the world's population, encompassing more than 5 billion people across more than 212 countries and territories, making GSM the most ubiquitous of the many standards for cellular networks.

History

Early European analogue cellular networks employed an uncoordinated mix of technologies and protocols that varied from country to country, preventing interoperability of subscriber equipment and increasing complexity for equipment manufacturers who had to contend with varying standards from a fragmented market. The work to develop a European standard for digital cellular voice telephony began in 1982 when the European Conference of Postal and Telecommunications Administrations (CEPT) created the Groupe Spécial Mobile committee and provided a permanent group of technical support personnel, based in Paris. In 1987, 15 representatives from 13 European countries signed a memorandum of understanding to develop and deploy a common cellular telephone system across Europe. The foresight of deciding to develop a continental standard paid off, eventually resulting in a unified, open, standard-based network larger than that in the United States.

France and Germany signed a joint development agreement in 1984 and were joined by Italy and the UK in 1986. In 1986 the European Commission proposed to reserve the 900 MHz spectrum band for GSM. By 1987, basic parameters of the GSM standard had been agreed upon and 15 representatives from 13 European nations signed a memorandum of understanding in Copenhagen, committing to deploy GSM. In 1989, the Groupe Spécial Mobile committee was transferred from CEPT to the European Telecommunications Standards Institute (ETSI).

Phase I of the GSM specifications were published in 1990. The historic world's first GSM call was made by the Finnish prime minister Harri Holkeri to Kaarina Suonio (mayor in city of Tampere) in July 1 1991. The first network was built by Telenokia and Siemens and operated by Radiolinja. 1992, the first short messaging service (SMS or "text message") message was sent and Vodafone UK and Telecom Finland signed the first international roaming agreement. Work had begun in 1991 to expand the GSM standard to the 1800 MHz frequency band and the first 1800 MHz network became operational in the UK in 1993. Also in 1993, Telecom Australia became the first network operator to deploy a GSM network outside of Europe and the first practical hand-held GSM mobile phone became available. In 1995, fax, data and SMS messaging services became commercially operational, the first 1900 MHz GSM network in the world became operational in the United States and GSM subscribers worldwide exceeded 10 million. In this same year, the GSM Association was formed. Pre-paid GSM SIM cards were launched in 1996 and worldwide GSM subscribers passed 100 million in 1998.

In 2000, the first commercial GPRS services were launched and the first GPRS compatible handsets became available for sale. In 2001 the first UMTS (W-CDMA) network was launched and worldwide GSM subscribers exceeded 500 million. In 2002 the first multimedia messaging services (MMS) were introduced and the first GSM network in the 800 MHz frequency band became operational. EDGE services first became operational in a network in 2003 and the number of worldwide GSM subscribers exceeded 1 billion in 2004.

By 2005, GSM networks accounted for more than 75% of the worldwide cellular network market, serving 1.5 billion subscribers. In 2005, the first HSDPA capable network also became operational. The first HSUPA network was launched in 2007 and worldwide GSM subscribers exceeded two billion in 2008.

The GSM Association estimates that technologies defined in the GSM standard serve 80% of the global mobile market, encompassing more than 1.5 billion people across more than 212 countries and territories, making GSM the most ubiquitous of the many standards for cellular networks.

Technical details

GSM is a cellular network, which means that mobile phones connect to it by searching for cells in the immediate vicinity. There are five different cell sizes in a GSM network—macro, micro, pico, femto and umbrella cells. The coverage area of each cell varies according to the implementation environment. Macro cells can be regarded as cells where the base station antenna is installed on a mast or a building above average roof top level. Micro cells are cells whose antenna height is under average roof top level; they are typically used in urban areas. Picocells are small cells whose coverage diameter is a few dozen metres; they are mainly used indoors. Femtocells are cells designed for use in residential or small business environments and connect to the service provider’s network via a broadband internet connection. Umbrella cells are used to cover shadowed regions of smaller cells and fill in gaps in coverage between those cells.

Cell horizontal radius varies depending on antenna height, antenna gain and propagation conditions from a couple of hundred metres to several tens of kilometres. The longest distance the GSM specification supports in practical use is . There are also several implementations of the concept of an extended cell, where the cell radius could be double or even more, depending on the antenna system, the type of terrain and the timing advance.

Indoor coverage is also supported by GSM and may be achieved by using an indoor picocell base station, or an indoor repeater with distributed indoor antennas fed through power splitters, to deliver the radio signals from an antenna outdoors to the separate indoor distributed antenna system. These are typically deployed when a lot of call capacity is needed indoors; for example, in shopping centers or airports. However, this is not a prerequisite, since indoor coverage is also provided by in-building penetration of the radio signals from any nearby cell.

The modulation used in GSM is Gaussian minimum-shift keying (GMSK), a kind of continuous-phase frequency shift keying. In GMSK, the signal to be modulated onto the carrier is first smoothened with a Gaussian low-pass filter prior to being fed to a frequency modulator, which greatly reduces the interference to neighboring channels (adjacent-channel interference).

GSM carrier frequencies

GSM networks operate in a number of different carrier frequency ranges (separated into GSM frequency ranges for 2G and UMTS frequency bands for 3G), with most 2G GSM networks operating in the 900 MHz or 1800 MHz bands. Where these bands were already allocated, the 850 MHz and 1900 MHz bands were used instead (for example in Canada and the United States). In rare cases the 400 and 450 MHz frequency bands are assigned in some countries because they were previously used for first-generation systems.

Most 3G networks in Europe operate in the 2100 MHz frequency band.

Regardless of the frequency selected by an operator, it is divided into timeslots for individual phones to use. This allows eight full-rate or sixteen half-rate speech channels per radio frequency. These eight radio timeslots (or eight burst periods) are grouped into a TDMA frame. Half rate channels use alternate frames in the same timeslot. The channel data rate for all 8 channels is 270.833 kbit/s, and the frame duration is 4.615 ms.

The transmission power in the handset is limited to a maximum of 2 watts in GSM850/900 and 1 watt in GSM1800/1900.

Voice codecs

GSM has used a variety of voice codecs to squeeze 3.1 kHz audio into between 5.6 and 13 kbit/s. Originally, two codecs, named after the types of data channel they were allocated, were used, called Half Rate (5.6 kbit/s) and Full Rate (13 kbit/s). These used a system based upon linear predictive coding (LPC). In addition to being efficient with bitrates, these codecs also made it easier to identify more important parts of the audio, allowing the air interface layer to prioritize and better protect these parts of the signal.

GSM was further enhanced in 1997 with the Enhanced Full Rate (EFR) codec, a 12.2 kbit/s codec that uses a full rate channel. Finally, with the development of UMTS, EFR was refactored into a variable-rate codec called AMR-Narrowband, which is high quality and robust against interference when used on full rate channels, and less robust but still relatively high quality when used in good radio conditions on half-rate channels.

Network structure

The network is structured into a number of discrete sections:

The Base Station Subsystem (the base stations and their controllers).

the Network and Switching Subsystem (the part of the network most similar to a fixed network). This is sometimes also just called the core network.

The GPRS Core Network (the optional part which allows packet based Internet connections).

The Operations support system (OSS) for maintenance of the network.

Subscriber Identity Module (SIM)

One of the key features of GSM is the Subscriber Identity Module, commonly known as a SIM card. The SIM is a detachable smart card containing the user's subscription information and phone book. This allows the user to retain his or her information after switching handsets. Alternatively, the user can also change operators while retaining the handset simply by changing the SIM. Some operators will block this by allowing the phone to use only a single SIM, or only a SIM issued by them; this practice is known as SIM locking.

Phone locking

Sometimes mobile network operators restrict handsets that they sell for use with their own network. This is called locking and is implemented by a software feature of the phone. Because the purchase price of the mobile phone to the consumer may be subsidized with revenue from subscriptions, operators must recoup this investment before a subscriber terminates service. A subscriber may usually contact the provider to remove the lock for a fee, utilize private services to remove the lock, or make use of free or fee-based software and websites to unlock the handset themselves.

In some territories (e.g., Bangladesh, Hong Kong, India, Malaysia, Pakistan, Singapore) all phones are sold unlocked. In others (e.g., Finland, Singapore) it is unlawful for operators to offer any form of subsidy on a phone's price.

GSM service security

GSM was designed with a moderate level of service security. The system was designed to authenticate the subscriber using a pre-shared key and challenge-response. Communications between the subscriber and the base station can be encrypted. The development of UMTS introduces an optional Universal Subscriber Identity Module (USIM), that uses a longer authentication key to give greater security, as well as mutually authenticating the network and the user – whereas GSM only authenticates the user to the network (and not vice versa). The security model therefore offers confidentiality and authentication, but limited authorization capabilities, and no non-repudiation.

GSM uses several cryptographic algorithms for security. The A5/1 and A5/2 stream ciphers are used for ensuring over-the-air voice privacy. A5/1 was developed first and is a stronger algorithm used within Europe and the United States; A5/2 is weaker and used in other countries. Serious weaknesses have been found in both algorithms: it is possible to break A5/2 in real-time with a ciphertext-only attack, and in February 2008, Pico Computing, Inc revealed its ability and plans to commercialize FPGAs that allow A5/1 to be broken with a rainbow table attack. The system supports multiple algorithms so operators may replace that cipher with a stronger one.

On 28 December 2009 German computer engineer Karsten Nohl announced that he had cracked the A5/1 cipher. According to Nohl, he developed a number of rainbow tables (static values which reduce the time needed to carry out an attack) and have found new sources for known plaintext attacks. He also said that it is possible to build "a full GSM interceptor ... from open source components" but that they had not done so because of legal concerns.

In January 2010, threatpost.com reported that researchers had developed a new attack that had "broken Kasumi" (also known as A5/3), the standard encryption algorithm used to secure traffic on 3G GSM wireless networks, by means of a sandwich attack (a type of related-key attack), allowing them to identify a full key. It reported experts as saying that this "is not the end of the world for Kasumi." (Paper) The researchers noted that their attack failed on its predecessor algorithm MISTY1, and observed that the GSM Association's change of standard from MISTY to KASUMI resulted in a "much weaker cryptosystem". This was followed between December 2010 and April 2011 by an announcement from other researchers that they had reverse engineered the GSM encryption algorithms, and demonstrated software capable of real-time interception of GSM voice calls.

New attacks have been observed that take advantage of poor security implementations, architecture and development for smart phone applications. Some wiretapping and eavesdropping techniques hijack the audio input and output providing an opportunity for a 3rd party to listen in to the conversation. At present such attacks often come in the form of a Trojan, malware or a virus and might be detected by security software.

GSM uses General Packet Radio Service (GPRS) for data transmissions like browsing the web. The most commonly deployed GPRS and EDGE ciphers were publicly broken in 2011, and the evidence indicates that they were once again intentionally left weak by the mobile industry designers.. The researchers revealed flaws in the commonly used GEA/1 and GEA/2 ciphers and published the open source "gprsdecode" software for sniffing GPRS/EDGE networks. They also noted that some carriers don't encrypt the data at all (i.e. using GEA/0) in order to detect the use of traffic or protocols they don't like, e.g. Skype, leaving their customers unprotected. GEA/3 seems to remain relatively hard to break and is said to be in use on some more modern networks. If used with USIM to prevent connections to fake base stations and downgrade attacks, users will be protected in the medium term, though migration to 128-bit GEA/4 is still recommended.

But since GEA/0, GEA/1 and GEA/2 are widely deployed, applications should use SSL/TLS for sensitive data, as they would on wi-fi networks.

Standards information

The GSM systems and services are described in a set of standards governed by ETSI, where a full list is maintained.

GSM open-source software

Several open-source software projects exist that provide certain GSM features: gsmd daemon by Openmoko

OpenBTS develops a Base transceiver station

OpenBSC is developing a minimalistic, self-contained GSM network The GSM Software Project aims to build a GSM analyzer for less than $1000 OsmocomBB developers intend to replace the proprietary baseband GSM stack with a free software implementation

Issues with patents and open source

Patents remain a problem for any open-source GSM implementation, because it is not possible for GNU or any other free software distributor to guarantee immunity from all lawsuits by the patent holders against the users. Furthermore new features are being added to the standard all the time which means they have patent protection for a number of years.

The original GSM implementations from 1991 are now entirely free of patent encumbrances and it is expected that OpenBTS will be able to implement features of that initial specification without limit and that as patents subsequently expire, those features can be added into the open source version. As of 2011, there have been no law suits against users of OpenBTS over GSM use.

See also

International Mobile Subscriber Identity (IMSI)

MSISDN Mobile Subscriber ISDN Number

Handoff

Visitors Location Register (VLR)

Um Interface

GSM-R (GSM-Railway)

GSM services

* Cell Broadcast

* GSM localization

* Multimedia Messaging Service (MMS)

* NITZ Network Identity and Time Zone

* Wireless Application Protocol (WAP)

Network Simulation Simulation of GSM networks

Standards

* Comparison of mobile phone standards

* GEO-Mobile Radio Interface

* Intelligent network

* Parlay X

* RRLP – Radio Resource Location Protocol

* GSM 03.48 – Security mechanisms for the SIM application toolkit

RTP audio video profile

Enhanced Network Selection (ENS)

References

Further reading

External links

GSM Association Official industry trade group representing GSM network operators worldwide

3GPP 3G GSM standards development group

GSM For Dummies A basic introduction to GSM network architecture and procedures

GSM GADGETS Basic Tools for GSM Programing and Repairing

Category:1991 introductions Category:GSM standard

af:GSM ar:النظام العالمي للمواصلات الجوالة bat-smg:GSM be-x-old:GSM bg:GSM bn:গ্লোবাল সিস্টেম ফর মোবাইল কমিউনিকেশন্‌স bs:GSM ca:Global System for Mobile Communications cs:Global System for Mobile Communications da:GSM de:Global System for Mobile Communications el:Global System for Mobile Communications es:Sistema global para las comunicaciones móviles et:GSM eu:Komunikazio Mugikorretako Sistema Orokorra fa:جی‌اس‌ام fi:GSM fr:Global System for Mobile Communications he:GSM hi:वैश्विक मोबाइल संचार प्रणाली hr:GSM hy:GSM id:Global System for Mobile Communications it:Global System for Mobile Communications ja:GSM kn:ಜಿಎಸ್ಎಮ್ ko:GSM ku:Pergala Gloverandî ya Peywendiyên Gerok lmo:GSM lt:GSM lv:GSM mk:GSM ml:ജി.എസ്.എം. my:ဂျီအက်စ်အမ် nl:GSM (communicatie) nn:GSM no:GSM pl:GSM pt:GSM ro:GSM roa-tara:GSM ru:GSM sh:GSM sk:Global System for Mobile Communications sl:GSM so:GSM sr:ГСМ мрежа su:GSM sv:GSM sw:GSM ta:உலகளாவிய நடமாடும் தகவல் தொடர்புகள் திட்டம் te:జిఎస్ఎమ్ th:จีเอสเอ็ม tr:GSM uk:GSM ur:عالمی نظام برائے محمول ابلاغیات uz:GSM uz:GSM vi:Hệ thống thông tin di động toàn cầu zh:全球移动通信系统