#286 How does Software Defined Radio (SDR) work under the Hood? SDR Tutorial

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
the whole world goes wireless and digital one technology is right in the center of these two mega trends software-defined radio or short SDR do you know how it works and how you can take advantage of it create see youtubers here is the guy with the Swiss accent with a new episode and fresh ideas around sensors and microcontrollers remember if you subscribe you will always sit in the first row software-defined radio is a relatively new technology and it was extremely expensive in the past then came this small USB dongle for 10 dollars and changed all and other more capable devices like the hack RF 1 for $300 pushed this technology into mainstream today most modern radios used for example in smart phones in amateur radio equipment or in satellites or SDR radios what does it mean for us suddenly we can listen to all wireless services and even build our own gsm base station if we want or as you see here you can listen to a satellite which is 36,000 kilometers away in a geostationary position to lose in the spectrum Garry microphone back to you Sulu Sierra 6 Eng Italy OE 9 MB I hear I connect via Internet to an SDR receiver which is located in the UK I leave a link if you want to try it yourself one word of warning please make sure your actions are legal in your country as a rule of thumb transmitting signals is generally forbidden unless you are licensed to do it listening to commercial services might also be restricted in this video we will look on how radios worked before Str maybe we can learn something useful look at the core of STR the IQ signal and how it is created build a universal transmitter and a universal receiver look at some applications of the technology which are interesting for makers very important we will keep it simple and do not go into complex numbers or any other such thing this is why I will simplify as much as possible but not more exactly as Einstein proposed we all know radios since our childhood and we use them daily to listen to our favorite FM station for example but how do such radios work our ears only can hear frequencies below 20 kilohertz and for an old man like me even less but the FM station we listened to is maybe on 100.7 megahertz to get this working the carrier is modulated with a sound signal a typical signal of such an FM station looks like this we see a curve with a center of 100.7 megahertz and two so-called sight bands which contain the sound signal so our radio has to demodulate the music or voice from this courier how is this done when FM stations were invented 100 megahertz was a very high frequency and costly to handle this is why the engineers wanted to get to lower frequencies as soon as possible this can be done by a mixer which has two inputs one for our radio signal on frequency one and another for a constant frequency to signal at the output of the mixer we get a signal containing two different frequencies frequency 1 plus frequency 2 and frequency 1 minus frequency 2 let's do an example and assume frequency 2 is 90 megahertz then the output frequencies of mixer are 10.7 and 190 point seven megahertz ten point seven megahertz is still a high frequency but for sure lower than 100 point seven megahertz if we add a ten point seven megahertz filter after the mixer with a bandwidth of one hundred and fifty kilohertz we only get the signal of our favorite station all other frequencies also one hundred and ninety point seven megahertz are dropped ten point seven megahertz is called intermediate frequency or I F because it is between the carrier frequency and the audible sound and the generator of frequency two is called local oscillator or L from this example you already learn in RF we not only need modulators and demodulators we also need frequency generators mixers and lots of filters this method has another huge advantage we can use a fixed frequency filter for ten point seven megahertz fixed frequency filters are much simpler and cheaper to build why is the if' fixed let's assume you want to listen to the favorite of your partner on 103 point 7 megahertz you only change the local oscillator frequency to 93 megahertz and your intermediate frequency for your partner's favorite is at ten point seven megahertz cool after this if' filter we add a demodulator an audio amplifier a loudspeaker and ready is our analog receiver let's now digitized usually this is a simple process we use an analog to digital converter or ADC to create a digital signal we even could use one of our arduino x' to create such a digital signal if you saw great Scots or my walkie talkie videos you know that this works fine with voice to achieve this we could connect our FM antenna to the arduino ADC at catch and we would have a digital receiver simple and cheap unfortunately the Arduino ADC takes at least 13 microseconds to convert one value this means that we can only use it to digitize signals of a few kilohertz but we need 100 point seven megahertz what to do we could buy a much faster ADC but the prices increase exponentially with speed and if we want to receive Wi-Fi signals at 2.4 gigahertz we have to give up this idea quickly but we can learn from analog radios we also can use a mixer to reduce the frequency for our Wi-Fi signal we could for example use a local oscillator frequency of two thousand three hundred and eighty nine point two megahertz then we again would get ten point seven megahertz very good no matter which frequency we can get it down to ten point seven megahertz this reduces the cost of our ADC already a lot but still to digitize our one hundred and fifty kilohertz FM signal we need a 11 megahertz ADC not very efficient we have to go further what do we have to do to get the cheapest available ADC we have to get the intermediate frequency to zero what does this mean for our FM station if we set the local oscillator to 100.7 megahertz we shift the center of our FM signal to zero Hertz now the ADC only has to handle up to 150 kilohertz close to the capabilities of an Arduino very good but wait look at the diagram something is wrong here we also get negative frequencies and such frequencies do not exist in reality in analog systems they are cut off and we lose 50% of our information so this is probably not a good idea this assumption lasted until a bright guy had an idea he bent the negative part of the frequency axis by 90 degrees and added a small letter I some of you might recognize this chart instead of real frequencies he invented complex frequencies guys who know these numbers know that we had to spend some time to learn to work with them but they are useful in many respects and fortunately we have mathematicians who can do the heavy lifting for us if they are done with their work we can use ready-made software and do not have to bother about mathematical formulas if we do not want however if you want to bother and use your gray cells I leave a link to tutorials made by Mike Osman about this stuff hi I'm Michael Osman of great Scot gadgets and this is software-defined radio with hack RF lesson 1 welcome it will take you at least 10 hours to complete but it is fascinating essential for us is only with this concept we can use the cheapest possible ADCs and do not lose any signal content how can we Bend this curve instead of a mixer we use a so called quadrature the modulator it also has inputs for the radio signal and the local oscillator and it has two outputs one for the horizontal axis in SDR speak call I signal and one for the vertical axis called cue signal together they form the famous IQ signal similar to the mp3 signal for audio the IQ signal is the standard for SDR the only caveat is we need to ABC's instead of only one this signal usually is transferred via USB to a PC where we have software which does the heavy lifting like displaying the signals and demodulated by the way do you know where this 100.7 megahertz signal came from no it did not come from a commercial broadcaster it came from this hack RF one a transmit capable SDR box this is possible because what we learned before also applies to transmitters if we use a quadrature modulator we can generate whatever signal we want but this is not all what would happen if we used a faster ADC we could sample more than the 150 kilo Hertz needed for one FM station the whole FM band for example is 20 megahertz wide a 20 megahertz ADC would be able to digitize all stations at once incredible but it is possible yes it is the ADCs of this hack RF one for example are capable of generating an IQ signal of 20 megahertz and this $10.00 rtl-sdr dongle still covers a few stations because it is capable of making IQ signals with 2 megahertz bandwidth just that you understand right if we record the 20 megahertz IQ signal we record all FM stations in our vicinity in one go perfect for organizations like the NSA or others interested in listening to secrets you can imagine who were the first buyers of this technology and who still buys the fastest ADCs with the biggest bandwidth as with mp3 signals we not only can record we also can't replay any IQ signal the only difference is that we use antennas instead of microphones and speakers maybe you understand now how these so-called replay attacks on older cars and other unsafe devices work you hide behind the bush record a signal of the original key and replay it when the owner is gone and because you can register a vast spectrum you only have to know the frequency range of such a car key and use an ADC with some bandwidth cool stuff even cooler is that you do not need to know which modulation principle the sender uses like you do not need to know how Bruce Springsteen plays his guitar to listen to his music you just hit record and play you might think that replay is the coolest trick SDR can do but there are much more essential usages until now we only looked at the ADCs and therefore the bandwidth of the devices next we have to look at the frequency range they can cope with most SDR devices cover a massive range from a few megahertz to a few gigahertz so they include most available communication services like the ones shown here if we go one step further we have to ask ourselves what happens with the IQ signal in the PC because it is digital it can get a treat especial from the software the most common software for SDR receivers look like this here you see all signals in a frequency range in a waterfall diagram if you select the signal you immediately hear sound if we use a hack RF one we see the entire FM band with all stations you see in the countryside and we do not have a lot of stations around me and you also see that I had to leave my lab because I do not hear any FM stations down in the basement at least I got some vitamin D like that if we select the 2 meter amateur radio band we can use the cheaper RTL SDR on opening because the band is only 2 megahertz wide and we would see every station immediately when it is calling when I was in military service I had the job to manually scan a frequency range of about 500 kilohertz and stop for all stations of other armies with such an SDR receiver one soldier could monitor a much wider band and would never miss the station who knows how the robot is called which has taken over my job we also get very specialized software which works with SDR receivers one example is RTL underscore 433 used in video 209 such software is optimized for a particular task like decoding and hacking signals of 433 megahertz sensors and if you use standard SDR receivers these tools work without any problems the king of the SDR software tools however is new radio companion it is like the land of milk and honey you can build nearly all sorts of transmitters and receivers you can imagine without touching a soldering iron the only thing you need is an SDR receiver or transmitter and a PC it even runs on a Raspberry Pi this for example is my FM broadcast station it takes a WAV file creates a wideband FM modulated IQ signal on 100.7 megahertz and sends it to the hack RF one the quadrature modulator of the hack RF generates the RF signal and transmit its wire this antenna done and this is how FM receivers look like in new your companion it takes the IQ signal of the SDR receiver demodulates it and sends it to the speaker we easily can change the frequency to one hundred and forty five point five to five megahertz and the modulation from wideband FM to narrowband FM now we can listen to amateur radio the same applies of course also for the transmitter how cool is that we can change the purpose of hardware solely by adapting the software we saw now how software-defined radio works let's now have a look at the available hardware I start with the cheapest ones the RTL SDR tunnels these tunnels can only receive and have a maximum bandwidth of around two megahertz and the frequency range of 24 to 1766 megahertz you get several versions the cheap standard ones are okay for playing around and the more expensive ones like this RTL SDR version 3 come with some bells and whistles the prices are in the 10 to $20 range incredibly affordable by the way do you know the story of these tunnels they were made to watch terrestrial TV stations and listen to digital radio they are produced in high series for the consumer market and therefore are cheap they were not intended to be used for SDR until two smart guys discovered how to switch on the debug mode in debug mode these dongles send the internal IQ signal via USB to the PC for analysis and this is exactly what we need for SDR hacking at its best the next is the hack RF one it was the first affordable as the our device and it can receive and transmit in half duplex which means it only can transmit or receive at one point in time it has a max van of 20 megahertz and a frequency range of one to six thousand megahertz it uses 8-bit ADCs and it's price is in the 200 to $300 range for the original or a clone hack RF one is supported by nearly all SDR software packages and Michael Osman its creator is a great contributor to the SDR community this is why I bought an original hack RF to help him even if I get more competitive devices now one of those designs is the atom Pluto it is sold as an evaluation board it's frequency range from 325 megahertz to 3.8 gigahertz is not spectacular it has a maximum bandwidth of 20 megahertz but it is full duplex and uses 12 bit adc's which means it is much more sensitive than the hack RF which only has 8 bits because it is a newer product the software support is not as good as with hack RF its price is around 100 dollars then comes SDR play they have several versions like the RSP 2 pro I have here its speciality is the 14 bit ADC a frequency range of 1 kilohertz to 2 gigahertz and excellent software which mainly runs with these devices this makes it the darling for all amateur radio enthusiasts it supports a maximum bandwidth of 10 megahertz and its prices start at $100 and end at close to 300 for the duo containing 2 receivers and yes it is receiving only the next is live SDR with 61 megahertz it has the biggest bandwidth of all and a frequency range of 100 kilohertz to 3.8 gigahertz it uses 12 bit ADC s can receive and transmit also in full duplex and price starts at 300 dollars up to recently its software support was not comparable to a hack RF 1 or an RTL SDR so check before you buy one the line SDR mini is a compromise for 160 dollars you get 10 megahertz to 3.5 gigahertz and half the bandwidth of 30 megahertz the other specs seem to be very similar to its bigger sister professionals prefer devices from a toes they start at $1000 and maybe are not the first choice for hobbyists and what about the software as mentioned before we get several categories of software for our SDR devices the first category contains general-purpose receivers like SDR sharp SDR console HD SD r GQ rx or SDR you know all of these packets create a so-called waterfall diagram for a specific frequency band and demodulate all sorts of signals with a focus on audible signals like voice or music together where the cheap rtl-sdr dongle they are a perfect entry into SDR the next category consists of software for a particular purpose often these packets are used for digital signals examples are the RTL underscore 433 to listen to sensors the AP player to listen to the a/b radio or RTL 1090 for receiving position information of all airplanes around you the last category is software for analysis and testing for example rtl-sdr white spectrum analyzer or RTL underscore panorama both enable broad spectrum scanning like a spectrum analyzer or universal radio hacker which is a big helper for hacking digital signals and of course the MC catcher if you are interested who is using mobile phones around your house new radio deserves its own category as a universal platform to build wireless communication systems it is also used in professional applications to test new communication protocols before they are implemented in mass-produced devices I leave a link to a comprehensive list of SDR software in the description if you are now interested in trying out this new technology you find many installation guides for each software packet many run on Windows but Linux still is the platform of choice especially if you want to try special applications maybe you watch my video number 209 where you can also find a link to a Raspberry Pi SD image with some pre-installed tools like that you're up and running in a short time summarized we learned that software-defined radios similar to analog radios use mixers to shift reception frequencies down to zero Hertz they Bend the negative axis by 90 degrees to not lose 50% of the signal content quadrature tomate relatives do that trick and create a universally usable IQ signal consisting of an eye and the cue component this signal then can be processed by software on our pcs or raspberries as an example we built a universal transmitter and a universal receiver and it worked on broadcast FM as well as on amateur radio we looked at the various SDR devices available in the market and saw that you could start by spending less than ten dollars for 100 to 300 dollars you get serious receivers some even with transmit capabilities we had a look at some specialized software packages which are useful for makers to hack or to receive signals and I was able to mention the word complex numbers only once look at some other explanations of SDR if you want to assess how hard this is as usual I omitted 99% of all facts but I hope I covered the critical 1% and with the help of Google you can start or continue your own journey please write us in the comment where you already used SDR in your projects or where you see a useful application on this channel comments usually contain more information than the video itself this video was not a cheap one this is why I want to thank all my supporters on patreon and viewers using my links for their purchases for supporting the channel without you it would be difficult for me to do what I do now by you
Info
Channel: Andreas Spiess
Views: 258,706
Rating: 4.9621587 out of 5
Keywords: arduino, arduino project, beginners, diy, do-it-yourself, eevblog, electronics, esp32, esp32 datasheet, esp32 project, esp32 tutorial, esp8266, esp8266 datasheet, esp8266 project, greatscott, guide, hack, hobby, how to, iot, lorawan, nodemcu, project, ttgo, wemos, wifi, SDR, Software defined Radio, SDR Raspberry, HackRF, HackRF one, Ossmann, Michael Ossmann, Ossmann SDR, RTL_477, SDR-RTL, RTL-SDR, Dongle, SDR Dongle, Rtl2832U, R820T2, SDR tutorial, tutorial, Great Scott Gadgets
Id: xQVm-YTKR9s
Channel Id: undefined
Length: 27min 19sec (1639 seconds)
Published: Sun Sep 08 2019
Related Videos
Software Defined Radio
MIT Film & Video Production club
41K
#188 Antenna Tutorial incl. cheap DIY Antenna Tester (LoRa, ESP32)
Andreas Spiess
133K
#359 How to properly use a NanoVNA V2 Vector Network Analyzer & Smith Chart (Tutorial)
Andreas Spiess
173K
Radio Hacking: Cars, Hardware, and more! - Samy Kamkar - AppSec California 2016
OWASP
1M
SDRPlay RSPDX Radio Receiver Review and Demonstration
Ham Radio Crash Course
60K
#381 How to work with a Real Time Operating System and is it any good? (FreeRTOS, ESP32)
Andreas Spiess
94K
#112 LoRa / LoRaWAN De-Mystified / Tutorial
Andreas Spiess
682K
2020 SDR Guide Ep 3 : Beginner Budget SDR Shootout (Generic vs Nooelec vs RTL-SDR v3) cheap SDRs!
Frugal Radio
33K
The Simplest Math Problem No One Can Solve
Veritasium
8.7M
The Art of Code - Dylan Beattie
NDC Conferences
2.9M
The Coolest Radio You've Probably Never Heard Of
Tom the Dilettante
657K
#209 How to Hack your 433 MHz Devices with a Raspberry and a RTL-SDR Dongle (Weather Station)
Andreas Spiess
119K
#170: Basics of IQ Signals and IQ modulation & demodulation - A tutorial
w2aew
341K
BSIDES CPT 2019 - Hacking satellites with Software Defined Radio (SDR) - Gerard de Jong
BSides Cape Town
178K
Build a Developer's Linux Workstation - Complete Guide
DroneBot Workshop
208K
SDR School Part One The Basics
David Kennett
118K
Hacking the Wireless World with Software Defined Radio - 2.0
Black Hat
216K
[014] IcoBoard Software Defined Radio Project - Hardware
OpenTechLab
50K
Defcon 21 - All Your RFz Are Belong to Me - Hacking the Wireless World with Software Defined Radio
HackersOnBoard
276K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.