24 March 2017

STANAG-4538, HDL+ and LDL protocols swapping in a bidirectional link

This is a very interesting 3G-HF on-air scenario where as many as 5 burst waveforms and 2 datalink protocols are used, moreover, thanks to the different strength of the signals, it's also possible to notice the swap of the data-flow directions.
In the first part, after the 2-way Fast link setup PDUs exchange, data flows from PU1 to PU2 using HDL+ protocol. Immediately after the HDL+ transfer is complete, ie after the three HDL+ ACK PDUs (BW6) sent by PU1, both stations remain linked and initiate the Fast Traffic Management (FTM) protocol to negotiate further traffic. This gives PU2, which was the called station, the opportunity to send reverse traffic to PU1 (which was the caller) so data now flow from PU2 to Pu1.
After the LDL transfer is complete, ie after the ACK PDU (BW4) sent by PU2, stations wait for possible FTM PDUs and after the link timeout has occurred, the last station to receive an xDL transfer (PU1 in this case) terminates the link with an FLSU_Term PDU request.

Fig. 2
It's important to notice the use of the BW6 waveform for FLSU and FTM protocols PDUs (marked with an "*" in Figure 2) which are usually conveyed using the BW5 waveform. Indeed, as stated in STANAG 4538 Annex-C Edition1 Amendment2, if a link has been established for delivery of packet traffic using the HDL+ data link protocol, all FTM and FLSU PDUs transmitted for the remaining duration of the packet link shall be transmitted using the BW6 burst waveform, up to and including the FLSU_TERM PDU transmitted to terminate the link, and any optional response to the FLSU_TERM.
This means that BW6, other than BW7 header, ACK, and EOT (EOM) PDUs of the HDL+ protocol, is also used to convey PDUs of the fast link setup (FLSU) and fast traffic management (FTM) protocols in HDL+ links. It's worth noting that altough the link is subsequently used for LDL, it was initialized for HDL+ protocol.

Transmission was copied on 9175.0 KHz/USB at 1454 UTC (March, 22): MIL 188-110B traffic from Algerian Army was logged on this QRG, are we facing the same user? 
For what concerns the nature of the exchanged data, we can only state that LDL is used by PU2 to send an HARRIS Citadel encryped message to PU1 (Fig.3): probably the end-to-end acknowledgment mechanism which is part of P-MUL protocol; this is and end-to-end ACK at application layer and it's related to the delivery of the message (not the ACKs issued in xDL link protocols). The use of Citadel encryption is a clue in favor of HARRIS sw/hw equipments, e.g.
Falcon II RF-5800H radios.

Difficult to say what sits on top of S-4538: it could be an email messaging system (eg HARRIS WMT RF-6710) as well as a  STANAG-4406 application (Thales XOmail): the presence of the reverse message from PU2 to PU1 leads to think to the latter, since WMT does not provide delivery confirmations. I will discuss this topic in further posts.

Fig. 3

No comments:

Post a Comment