Sunday, October 10, 2021

Chasing the Dragon - Building a Signals Intelligence (SIGINT) platform with SDR

Introduction

It has been ten years since software defined radio (SDR) has reached the average tech enthusiast through hacking a USB DVB-T TV Tuner. This helped accelerate existing SDR projects such as GNU Radio for signal processing and low cost transceiver platforms such as the HackRF and LimeSDR.

The more complex the signal the more demanding it is in system performance to process, decode, and sometimes decrypt. Many interesting signals transmit at very low power levels requiring you to be in close proximity to them. This makes building a highly portable dedicated SDR system the most desirable path.

Building a SDR system to participate in Wireless or RF Capture the Flag contests (WCTF and RFCTF respectively) is a use case that has the broadest spectrum requirements from a few MHz to a few GHz. Many of these events are hosted at fixed locations with the more complex modulation schemas transmitted there. Any portable requirements are for well known signals.

Because this use case requires the greatest breadth and depth of signal identification you see people use workstation-grade laptops. But people do not want to be using their best laptop as their SDR station especially if it is their "daily driver" for work/personal. Thus begins the journey for a more cost effective solution for a system dedicated to SDR. Thus began my quest such a system.

Ideation

Starting with contests as my use case, I started investigation what is the most versatile signal intelligence (SIGINT) platform I can build using readily available components at a moderate cost. This is what I came up with:

  • RX coverage from 100 KHz to 6 GHz
  • TX coverage on frequencies within the RX coverage where legally and/or licensed to operate. ISM, GMRS (US), FRS (US), and Amateur Radio bands.
  • Should be able to carry every thing in nothing larger than a carry-on luggage sized case and quickly deploy the station in under 10 minutes.
  • All resources are focused on signals intelligence first. Any other intended usage of the compute platform is secondary.

Architecture

I came up with the architecture and components diagrammed below. While SDR performance s well documented using a Raspberry Pi 3 Model B+, performance is centered around simple analog and digital modulation modes like OOK, ASK, FSK, PSK, and MFSK. Since I expect to be working with more complex digital modulation voice modes such as DMR, C4FM, P25, and M17 I opted to build on a Raspberry Pi 4 with 4GB RAM (RPi4) instead.

SIGbox Architecture

Since the build needs to be portable, I decided to have power sourced from 12VDC which could be delivered by a switching power supply or power supply or battery such as a 12V@20A LiFePO4.

Since the RPi4 demands 5.1V a dedicated buck converter is installed between the RPi4 and power sourc. When RPi4 are under heavy load a "Low Voltage" message will be displayed in any X-Windows session. 

USB devices are equally demanding for power so a USB 3.0 powered hub is installed. 36 watts is distributed across seven ports.

I suspect each port is limited to 2.5A but I do not expect all connected USB devices to be under load at all times - three at best. But it does beg the question whether USB power hubs vary when it comes to whether they make the entire current capacity avialble to a port. Further testing require on this.

The RTL-SDR Blog V3 R820T2 RTL2832U and HackRF SDR devicesare a good combo to satisfy broad spectrum and TX/RX requirements. The RTL-SDR performs well for HF/VHF/UHF receive, The HackRF makes a good secondary receiver for VHF/UHF for signals that require two receivers and primary up reciever for signals up to 6GHz. The HackRF also provides all our transmit requirements. 

For signal specific requirments, Ubertooth is added for Bluetooth, a GPS to keep time and location, and an Alfa AC1200 for WiFi. A FM VHF/UHF analog/digital transceiver is optional for VHF/UHF APRS and DMR. This transceiver could be something simple like a Baofeng DM-1801.

Prototype

Given the RPi4 for compute, Raspberry Pi OS Full (32-bit) is the chosen operating system given its maturity and maximum ARM hardware compatibility. While Ubuntu 20.04 was an option, sticking with "tried and true" reduces debugging points in the prototype.

SDRangel and SDR++  are SDR applications reflecting a new generation of tools that provide frameworks for plug-in development. This is necessary given the growing complexity of digital modulation modes optimized for superior noise immunity without sacrificing throughput to deliver use cases such as passive radar. SDR applications need to scale in functionality that allows peeling back the layers which can also include decryption.

SDR application frameworks are a great evolution enabling those who may not be able to cope with working at a lower level with GNU radio and GRC companion to stand on the shoulders of others through developing plug-ins. To encourage plug-in develeopment and experimentation to further the SDR "arts" I decided to focus only on SDRangel and SDR++ and include libraries, command line decoders, and other relevant tools focused on signal intelligence (SIGINT.)

To promote further development in SDR and signals intelligence you have to create an education path free of distractions best through some gamified journey. While one can create labs for simple digital modulation modes like OOK, ASK, and FSK, the established modulation modes in Amateur Radio provide a more interactive introductory education. I have done this with a workshop I presented at HOPE XII and have since archived on Github.

Development

When people try to build their own RF related platform or distro, they tend to dump every RF related package a repo has on the topic and top it off with the latest trendy app as long as it is available as a package and does not require compiling. Without ready avilable and relevant help and education, this hurts more than helps someone getting into SIGINT. 

The best approach is establish common ground starting with the end-user already knowing how to install and configure Raspberry Pi OS Full (32-bit) and familiarity in its use as an end user. From there easy to follow instructions that to stand-u pan automated script to install the required software to build a working SDR station. Any choices the end user needs to make during installation needs to be very explicit in what they are deciding.

The end user should not be overwhelmed with first experience after the install. Any desktop changes should be incremental and not transformational. Something as simple as an updated background tells them "they have arrived", a new menu with all the applications that were part of the install, and one or two desktop links that help educate end-users in their SIGINT journey.

Gievn the above, I produced a (Bash) installer script that is run after a fresh install of Raspberry Pi Full OS and configuration (raspi-config) has occured. The end-user gets the script through cloning a Github repo which includes componetns the installation script is dependent on.

Testing

What I love about virtual machines and containers is I can quickly iterate tests and fixes build/destroying/building again images. For the RPi it means having a bunch of formatted SDcards on hand with fresh Raspberry Pi OS installs already upgraded on hand. This tends to slow down the testing iteration.

Testing has shown that RPi4 performance may not be enough when investigating signals for special uses cases that require multiple SDR devices. In those scenarios it may be better to run SDR headless servers on RPi3 B or better platforms each with their own SDR device. The SDR GUI client on a laptop or its own platform.

This laid the groundwork in porting everything into Ubuntu 20.04 for use on more potent hardware since it is available for Raspberry Pi as well. Porting to Ubuntu 20.04 also meant I could iterate through testing faster by building/destroying virtual machines instead.

Early Releases

The discussion and work to date have culminated into the following projects.

  • SIGpi. SIGINT platform for RPi4
  • SIGdeb. SIGINT platform for Ubuntu 20.04 and Debian based systems

With the exception of the workshop materials, the other two repos are early days still implementing and testing lessons learned with the SIGdeb repo as of this writing the furthest along.

Summary

If your a beginner in SIGINT and your use case is education, experimentation with well known signals, and new to contests, then adding a bunch fo RF packages from your favorite distro should suffice. But as your experience grows and you develop an affinity to certain types of signals you will find that you need to be selective in the tools you choose and your system optimized for their performance. You will also gain an appreciation for building/using the proper antennas for various signals and perhaps once you've mastered a tool like SDRangel or SDR++ get into better understanding GNU Radio.

What about Windows? There are a range of low cost PC sticks comparable to RPi4 in "price-for-performance/features." Referencing the architecture, I plan to do some testing with a Windows PC stick running Windows 10 on an Intel Atom x5-Z8350 with 4GB RAM, HDMI, Bluetooth, dual-band Wi-Fi, and USB 3.0. Subject for a future article.

73,

- Joe, NE2Z





No comments:

Post a Comment

We really do not want to moderate comments, so lets keep it easy to use until it becomes an issue.