The OP25 decoder program demodulates and decodes P25 signals and produces an audio stream and a queue of error-corrected APCO Project 25 frames. A block diagram of the major decoder functions is shown below:
The steps involved in this process are:
1. Sample the radio spectrum (the USRP can sample 6MHz or so at once or 480 APCO Project 25 channels!).
1. Filter the original signal with an appropriate channel filter.
1. Demodulate the symbol stream.
1. Decode the P25 frames.
1. Correlate the bit stream using the Frame Synchronization (FS) field.
1. Aggregate of bit stream into octets and frames (partitioned by an FS).
1. Apply error detection and correction.
1. Decode IMBE audio frames and produce a mono audio output stream.
1. Encapsulate assembled frames in IP and send them for further processing.
The [HardwarePage USRP] allows us to receive a wideband spectrum consisting of many channels at once. Using the analysis_filterbank block these channels can be divided into equal-width channels and processed in parallel. Whatever the source of the samples it will be necessary to filter the incoming signal and correct for any frequency offset.
For example, the [source:trunk/samples/sample-complex-250KSS.dat example signal] has the peak hold spectrum is shown below.
Notice that in this example there is a peak at approximately +27.5KHz which is the center frequency of a P25 signal. A 12.5KHz low-pass filter is used extract the channel of interest and has extremely good selectivity. Once the original signal has been filtered results in a [source:trunk/samples/baseband-complex-250KSS.dat baseband signal] with the following peak-hold spectrum:
When displayed as a float signal on an oscilloscope the baseband signal shows a nice clean APCO Project 25 signal:
The demodulator block is responsible for transforming the baseband signal into a symbol stream. The phase I and phase II signals have been defined such that a single C4FM or π/4 DQPSK receiver can demodulate both signals. π/4 DQPSK means that there is a shift in the constellation by 45 degrees every symbol - what would otherwise be a 0 degree phase shift (00) becomes a +45 degree phase shift. This minimizes the phase transition between successive symbols so the maximum is +135 degrees instead of +180. This minor change in the modulator that lowers the bandwidth of the signal and permits the transmitter power amplifier more leeway in terms of linearity and spectral regrowth.
The [http://radiorausch.googlepages.com/GnuradioFourLevelFSK.html Radio Rausch FSK4 demodulator] is a GNURadio demodulator block that demodulates P25 signal and recovers one of four frequencies that are trivially mapped back into symbols. Each symbol comprises a pair of bits and the signal maps between the dibit symbol and audio frequency/phase shifts according to the following specification:
|Dibits||Symbol||CQPSK Phase Change (degrees)||C4FM Deviation (KHz)|
The output from the demodulator block is fed to the decoder block which combines the tasks of correlation, frame assembly, error correction and decoding.
The bit stream on its own provides no clues as to where the beginning of an octet or frame should be. We need to spot the FS, a fixed 48 bit pattern, to determine where the beginning occurs. Once a frame has begun the decoder is responsible for aggregating symbols into frames, applying the many different error detection and correction schemes.
APCO Project 25 uses Golay, Reed-Solomon and Hamming error correcting codes to guarantee that data survives errors in reception. For LDU1 and LDU2 frames the IMBE voice content is decoded into an audio stream and for all frames the error-corrected contents are written to a message queue for processing by Python (in our case writing to file or using scapy to write to the loopback device).
Write packets to socket for further processing¶
At this point the GNURadio framework has served its purpose and we feed the output to its final destination. The diagram above uses the loopback device to allow for using packet sniffers and tunneling P25 to another site. A modified version of the !WireShark program will, for example, allow for packet sniffing of the P25 traffic (for more details see the WireSharkPage) including the use of capture and display filters. Later versions have used TUN/TAP and we are now encapsulating the P25 traffic in UDP and multicasting it to all stations that want to process such traffic (this would include !WireShark, traffic logging and so on).
Other programs can be written to further process the voice and data streams using the output of the decoder block.
- [source:/trunk/audio/encrypted-p25-as-nbfm.mp3 MP3 audio recording of an encrypted P25 signal when received as NBFM.]
- [http://www.p25.com/resources/P25TrainingGuide.pdf P25 Systems Training Guide from Daniels Electronics Ltd.]
- [http://radiorausch.googlepages.com/GnuradioFourLevelFSK.html Radio Rausch FSK4 demodulator] The 4-level FSK demodulator used to demodulate the signal.