31 January 2019

8-ary constellation bursts at 12800bps data rate (3)

This is a follow-up of the posts about the "clusters" of S4539 12800bps bursts, all posts including this one are grouped here.
Since a couple of days it's possible to hear both the peers, don't know if it's due to new test sites or increased powers but previously the "called" station was not heard (or maybe it did not even exist). As you see, the "called" listens on f2 while it simultaneously replies on f1 (the same for f2/f3 and in all the six clusters) as well as the "caller" station puts its call on f2 while it simultaneously listens on f1 (Fig. 1); the interval between the call and the reply is about 319 ms. Maybe they use staring and synched SDRs?

Fig. 1
This simultaneity is also noted between the lower frequency of a cluster and the higher frequency of the preceding one, as shown in Fig. 2. Particularly, Figure 3 shows the timings between the last and the first cluster (the different signal strengths in Fig. 3 depend on the different locations of the two used KiwiSDRs).

Fig. 2 - timings between two consecutive clusters
Fig. 3 - timings between the last and the first cluster

23 January 2019

wideband operations on 4950 KHz, new Harris wideband HF waveforms

since few weeks me and my friend and colleague ANgazu are studying interesting wideband waveforms family spotted on 4950 KHz (central frequency), just in the middle of the 60 mt Broadcast band, these transmissions have been also reported here by our friend KarapuZ from radioscanner.  Monitoring was done thanks the KiwiSDR owned by WA2ZKD that can provide up to 20KHz IQ band http://rx.jimlill.com:8073/.

As shown in Fig. 1, they use Harris WB-ALE paradigm for call and link negotiation:
- STANAG-4538 FLSU initial call for link setup
- spectrum sensing to measure interference within the selected wideband channel
- new burst handshake exchanges spectrum sense measurements
- data exchange
- STANAG-4538 FLSU for link term

Fig. 1
The Harris wideband ALE approach and the 3G extensions for wideband have been previously discussed in this post.  

For what concerns tha data waveforms, we saw bandwiths from 3-24 Khz and modulations from PSK-8 to QAM-64 with a data rate from 75 to 120,000 bps.
Each transmission begins with a transmit level control (TLC) block to allow radio transmit gain control (TGC), transmitter automatic level control (ALC), and receiver automatic gain control (AGC) loops to settle before the actual preamble is sent/received. A variable length preamble for reliable synchronization and autobauding follows the TLC section and it's followed by ariable length frames of alternating data (unknown) and mini-probes (known) symbols: times vary depending on the combinations of speed and modulation.
Although the characteristics such as BWs, modulations and speeds are the same as those indicated in Appendix D of MIL-STD 188-110D (WBHF), these adaptive waveforms definitely do not belong to that standard. Indeed, as shown in the following figures (2-5), the waveforms exhibit a common structure consisting of a super frame which is formed of 8 frames probably related to the 8 different allowable bandwidths: a similar structure and the duration of the frames (i.e., the number of K and U symbols) are quite different from what is stated in the Appendix D.

Fig. 2 - 4800Bd/6KHz waveform
Fig. 3 - 7200Bd/9KHz waveform
Fig. 4 - 9600Bd/12KHz waveform
Fig. 5 - 16800Bd/18KHz waveform

The frames structures have been verified also by analyzing some streams after the demodulation of the signals: in figure 6 the result of the demodulation of a 9600Bd/12KHz chunk (in this case using PSK-8 modulation):

Fig. 6
When measuring  the symbole rate using the quadrature detector, an interesting pattern shows up: a repetitive 8 blocks group which are generated by miniprobes. Up to date, we know the "frequency" in these blocks is different for every speed, starting in lower freq and going upwards. In some modes a mirror image can be seen as in Fig. 7. This is an odd feature since it looks like miniprobes are not phase modulated as data are.

Fig. 7
The 8 different minprobes repeat in a particular series and are complicated to study, their structure point to a sequence (maybe using Walsh modulation?) that repeats 4 times: this pattern seems to be the same in all waveforms varying frequency/duration.
Fig. 8
We have other examples of such miniprobes but we prefer to postpone to a next post, if possible with more precise details. For this purpose, ANgazu and I would like to have some other better recordings (i.e., with IQ band > 20KHz) from friends in US so that we can gather more informations. Thanks!


9 January 2019

unid 1200Bd (G)FSK bursts recorded in Japan

This signal was recorded at different periods using some the KiwiSDRs located in Japan ( http://kiwisdr-jp7fso.ddns.net:8073), it was observed, at least, in three frequencies: 4765, 4626 and 4584 KHz. During night-time good results are also obtained with the KiwiSDR at Irkutsk (Russia), so the origin of the signal seems to be Japan or surroundings. 
My spanish friends ANgazu and Rapidbit (from radiofrecuencias group) did a brief analysis measuring the speed (1200Bd) and the shift between tones (825-890 KHz) and suggesting the GFSK mode (Fig. 1). On my behalf, I veried their measurements and verified that the bursts are 26 secs spaced and carry the same (encrypted?) text sent in async 8N1 mode (Fig. 2), although there are some difference among old recordings and new ones. The stream obtained after removal the start/stop bits does not offer useful information (encryption? not-standard 8-bit alphabet?), same results after descrambled the stream using the polynomial x^3+x^2+x+1. 

Fig. 1
Fig. 2
Maybe some kind of beacon? We thinked that a reference could help others to record and study the signal.