TETRA - TErrestrial Trunked Radio
Emma Södersrtröm
April 18, 2016
1
Introduction
TETRA, TErrestial Trunked Radio, is a digital land mobile radio standard
developed by ETSI (The European Telecommunications Standards Institute) with the primary function to fulfil the needs that Professional Mobile
Radio (PMR) and Public Access Mobile Radio (PAMR) users have [1]. Such
users are usually government agencies, police, fire department, ambulance
service and the military, for example NATO, and the airforce. For these
users it is important that the communication between parties is safe and
fast without eavesdropping and information loss and capable of large group
calls [2].
The TETRA standard offers most of the features that the users value,
the call set-up time is short which especially emergency services require, it
is possible to have group conversations with unlimited group size as well as
unlimited number of dispatchers, direct operation between the individual
radios and data transmission.
2
System
A typical TETRA system consists of Base Stations (BS) and Mobile Stations
(MS) [3]. The BS resends information from an MS to requested reciever. The
base stations to a base station controller (BSC) which in turn is connected
to a mobile switching centre. MS are also able to connect directly to each
other even though outside the range of a base station.
2.1
Operation modes
TETRA has three different main operation modes with different objectives
allowing both voice communication and data transmission [4, p.141-144] [5].
• Voice plus Data (V+D)
• Direct Mode Operation (DMO)
• Packet Data Optimized (PDO)
1
In the Voice plus Data mode it is possible to switch the communication
type between data and speech or use both at the same time. In the Direct
mode communication through voice or data is between two mobile units
even if they are outside the base stations range.The last mode is Packet
Data mode which is for data transmission only.
3
Radio Communication
Transmission and Reception steps in the TETRA standard depends on what
mode is used, but the basics are more less the same for V+D and DMO.
The protocol architecture of the TETRA air interface consists of three
layers [6, p.25] :
• Physical layer: controls the radio characteristics, such as (de)modulation
and synchronization.
• Data Link Layer (DLL): is divided into two sub layers with different
functionalities:
– Logical Link Control (LLC): Handles data transmission and retransmission etc.
– Medium Access Control (MAC):Handles channel access, channel
(de)coding and (de)interleaving.
• Network Layer: handles network procedures.
The MAC layer is further divided into upper and lower layer, where the
upper MAC layer handles access control and multiplexing and the lower
MAC layer handles channel coding, slot stealing and routing.
The Network layer is only for Network services meaning that all speech
and data only uses the Physical layer and the DLL.
3.1
Channels
The interface between the protocols and the radio subsystem is represented
by logical channels divided into two categories; traffic channels that carries
information about speech and data and control channels sending signalling
messages and packet data [7, p.151]. Information between i.e the upper and
lower MAC layer is passed through logical channels where the different channels either pass specific information in one or both directions. Information
transmitted from the base station is passed in the uplink whilst information
recieved to the basestation is passed through the downlink. In other words,
information from the MAC to the physical layer is uplink information whilst
information from the physical layer to the MAC downlink information.
2
3.2
Channel Access
The TETRA standard uses Time Division Multiple Access (TDMA) to access the channel [6, p.66]. TDMA makes it possible for multiple users to
share the same radio frequency (RF) but in different timeslots. Simple Frequency Division Multiple Access (FDMA) assigns a carrier frequency for
each user while TDMA uses the basic principle of FDMA but dividing the
frequencies into timeslots introducing even more possible users. In this case
each RF carrier is divided into four timeslots allowing 4 users per carrier
and each carrier has a 25kHz spacing. The multi-slot solution results in a
greater transmission rate making it more efficient.
3.2.1
Frame structure
The TDMA structure is built on TDMA frames lasting roughly 56,6 ms,
these consist of four timelsots each lasting around 14,2 ms. The TDMA
frames are in turn grouped in multiframes consisting of 18 TDMA frames.
The 18th frame is always a control frame which means that the first 17
frames actually consist of 18 frames of information which is neatly solved
by simple data compression. For example encryption synchronisation and
other methods that require large repeat frame structures take use of the
final frame structure called hyper-frame consisting of 60 multiframes, they
last a little over 60 seconds [6, ch.4.5] [4, p.192].
3.3
Source and Channel coding
The TETRA standard uses a version of Code-Excited Linear Predictive
(CELP)code for speech source coding [6, p.124] [8, p.26]. The error control
structure or channel coding, consists of three main processing parts. The input information bits are packed into, so called, MAC blocks and encoded by
a block code. The block coded bits are then encoded by a convolutional code,
more precisely a Rate-Compatible Punctured Convolutional Code (RCPC
Code). The next step is to interleave and reorder the bits. Interleaving
spreads out the symbols over many codewords making it possible to correct
errors even if there are bursts of errors.
3.4
Modulation
π
differential quaternary phase
4
shift keying-DQPSK with a rate of 36kbit/s [4, p.192] which shifts the phase
of the RF carrier, depending on data transmitted, in steps of either ± π4 or
± 3π
4 . The signal is then filtered through a root raised cosine filter removing
the sidebands outside the assigned bandwidth, this reduces intersymbol interference (ISI), aid synchronization receiver and helps to correctly choose
channels [5].
Modulation onto the carrier is done using
3
4
Security
When talking about security there are three main areas to take into consideration in order to keep information safe:
• Confidentiality: Making sure that only authorized persons or items
can access the information.
• Integrity: Only authorized persons or items can write or change the
protected information.
• Availability: Making sure that authorized persons have access to the
information when ever needed.
These areas are often referred to as CIA. The TETRA standard a few different security measures in order to keep the information safe. There are a
four main categories of functionality [9, p.2]
• Security mechanisms: independent functions with a specific purpose
• Management features which are functions that manage the security
mechanisms.
• Cryptographic algorithms: specific mathematical functions that together with cryptographic keys as parameters give reassuring security
for the security mechanisms.
• Lawful interception mechanisms: Functions used together with communications systems to supply the lawfully required access to information and communication
4.1
Authentication
One way of assuring that a network or Mobile Station (MS) can be trusted is
authentication. If they share a valid key then communication is established
[4, p.] [9, 3]. The authentication is, among other things, used to control the
MS access to the network services, provide confidentiality and create a secure
channel for sharing sensitive information. The authentication mechanism is
only used in V+D mode, for DMO Static Cipher Keys (SCKs) are used
for mutual authentication. Each MS has an authentication key K, which is
stored both in the MS itself and in the Authentication Centre (AUC) where
all authentication keys in the network are stored.
4.2
Encryption methods
When communicating through a wireless system eavesdropping is a very
common security risk. In order to prevent eavesdropping, among other
4
threats, in the air interface between the MS and the network, Air Interface
Encryption (AIE) and End-to-end encryption (e2ee) is used [4, 62]. These
methods encrypts the information and makes it impossible for anyone not
having the required decryption algorithm to make sense of the encrypted
information. The encryption is done before the channel coding when transmitting and after the channel decoding when recieving. When placing the
encryption in that order the MAC-headeres are left unencrypted which in
turn allows the reciever to determine the relevancy of the received message [10, 112].
4.2.1
Air Interface Encryption
AIE uses a shared key to encrypt both traffic and signalling information
between transmitter and receiver when MS and BS are communicating with
each other. It encrypts all the data on the radio path and messages on the
control channel [4, 62]. There are four AIE TETRA Encryption Algorithms
(TEAs) for the TETRA standard called TEA1, TEA2, TEA3 and TEA4 [11,
ch.3]. They have slightly different areas of application, they are all designed
for Public Safety and Military Organisations. TEA2 is only permitted within
the European Union and associated countries whereas the others are suited
for Civil use, where security is required, as well [12].
4.2.2
End-to-end encryption
E2ee protects information within the network and the information is encrypted and decrypted in the end terminals [13, p.38]. The e2ee algorithms
and key management is not standardized [10], because the requirements differ from organizations, but the synchronization is standardized. There are
some requirements set by ETSI, these include that the same mechanisms
should work in both directions, there has to be independent synchronization
processes in both directions and the encryption has to be locatied in the
U-plane. Since the e2ee encrypts information in the traffic channel and not
the control channel [4] it has to be used together with AIE.
5
Improvements
There are many improvements done to the original TETRA standard in different releases. The most significant changes were done in TETRA Release
2 where TETRA Enhanced Data Service (TEDS) was introduced. It aquires
higher data rate (50-300kbit/s) [4, 139] through using different RF channel
bandwidths and adaptable modulation schemes [5].
5
References
[1] ETSI, “Tetra,” 2008.
URL: http://www.etsi.org/index.php/
technologies-clusters/technologies/tetra[Accessed April 2016].
[2] Digital Radio Today,
“Tetra,”
2014.
URL:
//digitalradiotoday.com/digitalradio/technologies/
tetra/[Accessed April 2016].
http:
[3] L. Harte, Introduction to private land mobile radio. : dispatch, LTR,
APCO, MPT1327, iDEN, and TETRA. ALTHOS Publishing Inc.,
2004.
[4] P. Stavroulakis, ed., Terrestial Trunked Radio, TETRA A Global Security Tool. Springer, 2007.
[5] I. Poole, “Tetra: Terrestrial trunked radio system.” URL: http://www.
radio-electronics.com/info/pmr-business-land-mobile-radio/
tetra/what-is-tetra-radios-communications.php[Accessed April
2016].
[6] ETSI, “Terrestrial trunked radio (tetra); voice plus data (v+d); designers’ guide; part 1: Overview, technical description and radio
aspects,” tech. rep., European Telecommunications Standards Institute, 1997. URL: http://www.etsi.org/deliver/etsi_etr/300_
399/30001/01_60/etr_30001e01p.pdf[Accessed April 2016].
[7] ETSI, “Voice plus Data (V+D); Part 2: Air Interface (AI),” Technical
Standard TS 100 392-2, European Telecommunications Standards
Institute, 2016.
URL: http://www.etsi.org/deliver/etsi_ts/
100300_100399/10039202/03.07.01_60/ts_10039202v030701p.
pdf[Accessed April 2016].
[8] ETSI, “Terrestrial trunked radio (tetra), speech codec for fullrate traffic channel; part 2: Tetra codec,” Tech. Rep. EN 300
395-2, European Telecommunications Standards Institute, 2005.
URL:
http://www.etsi.org/deliver/etsi_en/300300_300399/
30039502/01.03.01_60/en_30039502v010301p.pdf[Accessed April
2016].
[9] TETRA MoU Association, “Tetra security,” 2006.
URL:
http://www.tandcca.com/Library/Documents/About_TETRA/
TETRA%20Security%20pdf.pdf[Accessed April 2016].
[10] ETSI, “Terrestrial trunked radio (tetra); security; synchronization mechanism for end-to-end encryption,” European Standard
6
EN 302 109 V1.1.1, European Telecommunications Standards Institute, 2003.
URL: http://www.etsi.org/deliver/etsi_en/
302100_302199/302109/01.01.01_60/en_302109v010101p.pdf [Accessed April 2016].
[11] TETRA, “Tetra security.” URL: http://www.tandcca.com/about/
page/12027.
[12] M. Bolle, “Overview of standard tetra, cryptographic algorithms and their rules for management and distribution,” 2014.
URL: http://www.tandcca.com/Library/Documents/About_TETRA/
stndrd_crptgrphy_algrthms_ed4.pdf[Accessed April 2016].
[13] S. Duan, “Security analysis of tetra,” Master’s thesis, Norwegian University of Science and Technology, 2013.
[14] D. Bennett, H. Jahankhani, and H. Jahankhani, “The uk government’s critical national infrastructure policy for emergency services
communications platforms: vulnerabilities in the tetra architecture.,”
in Global Security, Safety, and Sustainability: 5th International Conference, ICGS3 2009, London, UK, September 1-2, 2009. Proceedings.
7