• Login

• Help/Guide

• About Trac

• Preferences

Context Navigation

• Start Page

• Index

• History

• Last Change

---

OpenBSC is the current name for a software program that started with the name bs11-abis.

What is OpenBSC ¶

It is a BSC (Base Station Controller) side implementation of the A-bis protocol, as implemented in the GSM Technical Specification 08.5x and 12.21. It implements a minimal subset of the BSC, MSC and HLR. It does not implement ant of the interfaces (like the A and B interfaces) between the higher-order GSM network components.

The goal of the project is to

• provide a basis for experimentation and security research with GSM from the network side

• document, publicized and point out any security related issues that we find as part of that

• learn more about GSM networks on a lower level, particularly the practical aspects with real-world equipment

We are not interested in

• building a stable/reliable BSC/MSC for deployment in actual networks

• building something that follows the GSM spec to the last detail

• disrupting actual commercial GSM network

Requirements ¶

OpenBSC runs only on Linux systems and requires a E1 interface card compatible with mISDN

It requires a GSM BTS. The only currently tested configurations are with a Siemens BS-11 microBTS or a ip.access nanoBTS.

Source code ¶

You can check out the source code via

git clone git://bs11-abis.gnumonks.org/openbsc.git

or browse it at http://bs11-abis.gnumonks.org/trac/browser

Mailing list ¶

There's a developer mailing list called openbsc@… Subscription is available at http://lists.gnumonks.org/mailman/listinfo/openbsc/

IRC (Internet Relay Chat) ¶

irc.freenode.net/#openbsc

Project status ¶

Things that work ¶

• OML? Initialization of the BTS

• RSL? bringup, channel allocation, Channel required / Immediate Assign

• Very simplistic HLR implemented as sqlite database

• Non-secure Authentication using IMEI?/IMSI? and regular SIM cards.

• IMEI?/IMSI? skimming of all phones that try to register with OpenBSC

• SMS? reception and SMS? sending (simplistic, not possible to route them yet)

• Transmission of MM INFO packets with operator name and local time / timezone

• Extremely simplistic call control for MO (Mobile Originated) and MT (Mobile Terminated) calls

• TCH/F support

• paging of mobiles that are registered to the BTS

• signalling of mobile-originated and mobile-terminated calls

• processing/switching of calls from one phone to another

• demultiplex of the four 16k sub-channels with voice data contained in one E1 timeslot

Things that are implemented but don't work yet or aren't tested yet ¶

• support for multiple TRX in one BTS

Things being worked at ¶

• GPS/DCF77 disciplined quartz reference for the HFC-E1 card (via HS-Esslingen, Student Research Project)

Things that are missing ¶

• Cell Broadcast

• transcoding of voice data

• TCH/H voice calls

• CSD? calls

• handover between multiple BTS

• emergency call handling

• Discontinuous TX and RX (DTX? / DRX?) support

• Support the use of A3/A8 and A5/1 (we need SIM cards with known Ki, e.g. simulated SIM cards)

Authors ¶

OpenBSC was mainly developed by Harald Welte. Contributions by Holger Freyther, Stefan Schmidt, Daniel Willmann, Jan Luebbe, Thomas Seiler and Andreas Eversberg.

Thanks to Dieter Spaar for his BS11-Init?, without which we would not have been able to make progress as quickly as we did.

Download in other formats:

• Plain Text