Project

General

Profile

OsmocomBB Firmware » History » Version 8

« Previous - Version 8/16 (diff) - Next » - Current version
jolly, 02/19/2016 10:49 PM
Add "menu" and "EMI" applications.


Background

The OsmocomBB source code comes with several applications for various purposes.
Those applications can be devided into two separate classes, applications:
  • running on the baseband chip of the phone
  • running on a PC, communicating with the baseband firmware over serial
Applications running on the PC can further be partitioned into:
  • Firmware management software (loading, flashing, ...)
  • GSM Layer 2/3 applications

The following will provide you a rough overview of the most commonly used software pieces.

Baseband firmware

Binary location: src/target/firmware/board/*/*.bin
Source locations: src/target/firmware/, particularly apps and layer1

layer1

layer1bin is a simple GSM layer 1 proxy, communicating over the L1A_L23_Interface.

This allows you to run a full-blown GSM implementation on your host machine, communicating through the phones radio interface.

loader

loaderbin is our flash loader, dumper and second stage bootloader

l1test

Layer 1 development application.

This application does what layer1 does, but automatically tunes to the strongest ARFCN it can find.

It can be used for stand-alone-testing of the phones radio.

loader

Our Bootloader, available in various build configurations.

compal_dsp_dump

Application for dumping the contents of the DSP in the Calypso chip.

compal_dumper

The old compal device dumper. Use Bootloader instead once it is available.

hello_world

The initial obligatory "Hello, world!" application.

Currently, this does more than say hello. Intended as a template for new applications.

menu

Boot menu application to select and load apps that are stored in flash memory. See flashing_new.

rssi

The [blog:rssi-firmware] can be used to monitor the received signal indication (RSSI) of ARFCNs or the entire spectrum.

EMI

The EMI (electro magnetic interference) simulator application can be used to generate RF interference caused by GSM networks an mobile station. See emi-firmware.

Firmware management software

Location (source and binary): src/host/osmocon

osmocon

osmocon is a console tool for interfacing our baseband firmware on the phone with applications on the host PC.

It is responsible for downloading a baseband firmware or bootloader into the phone and relay communication between Layer 3 applications and baseband firmwares over serial.

osmoload

osmoload is used to write, dump and examine flash memory of supported phones.

You will need this program for example if you intent flashing an application to the phone (the software is usually loaded into RAM).

calypso_pll

The calypso_pll tool can be used to calculate Calypso DPLL multiplier+divider.

rita_pll

The rita_pll tool can be used to calculate the Rita PLL multiplier/divider.

GSM Layer 2/3 applications

Location (source and binary): src/host/layer23/*

Layer 3 applications implement various functionality based on GSM Layer 3 in combination with Layer 2 (LAPDm).

mobile

mobile is the most sophisticated OsmocomBB application so far.

It implements most of the behavior of a regular GSM telephone, but is extended in many ways with features interesting to researchers.

cell_log

The cell_log application scans through valid available carrier frequencies, attempts to sync to them and dumps information gathered from the BCCH.

It is usually used to create a list of used ARFCNs and information such as their reception levels, MNC, MCC, and System Information.

ccch_scan

The ccch_scan application can sync to a carrier ARFCN and logs power measurement and CCCH information (paging requests and Immediate Assignments).

bcch_scan

bcch_scan is basically a predecessor of cell_log and logs information as observed on the BCCH (System Information).

cbch_sniff

cbch_sniff dumps cell broadcast channel information such as, e.g., GPS location of the cell.

Add picture from clipboard (Maximum size: 48.8 MB)