26 December 2015

something broken, tests,... or holidays mistakes

since few days, just 2-3 times a day, I a keep an eye on 11598.0 on USB trying to understand what's going on to a signal that - apparently - should be a normal and peaceful T600 BEE36-50. This FSK synchronous mode, mainly used by the Russian Navy, is very frequent and in many frequencies in HF and is easily recognizable by the messages blocks sent a 50 Baud speed with 200Hz shift, interspersed by reversals.
On 21 december, in the morning, I tuned 11598.0 KHz having seen a signal occupy a rather narrow and odd bandwidth. Measuring the signal, it was a regular T600 transmission but modulated with unusual shift, ~78Hz, and offset although its manipulation speed was the right one (pic.1). 
The signal continued to be transmitted all the day in this strange way, no transmission heard the day after, but again the same behavior on 23 december. On Christmas' Eve everything is back to normal (pic. 2) exhibiting the expected values 50 Baud/200 Hz. A comparison between the two signals is visible in picture 3. Today morning, 26 December, things look even worse: only one keyed tone, the lower, is sent (pic. 4).
The 50Bd/78Hz, although out of rule, could be guessed as a test or as an operational need, but the single - and keyed - tone  suggests a sort of failure of old equipment... or careless mistakes, no one notices? Then, late in the morning again 50Bd/78Hz.
But, it's holiday time after all.

Pic. 1
Pic. 2
Pic. 3
Pic. 4

22 December 2015

CIS OFDM modems logs

this is not the result of a systematic monitoring but just a grouping of my (2015) logs sorted by frequency and waveform; so it doesn't claim to be complete or to provide a sort of schedule for such transmissions. Very poor information about CIS protocols and modems can be found in the web and it is worth noting that in Russia today there is a large replacement of HF equipment and installations: I only know a few links and this is one of these: SDR HF Wireless modem MDM-40K0
About the users... more or less reliable it can be argued that "SERDOLIK" waveforms family is used by the CIS/Russian Diplomatic networks. It should also be understood that a same modem can be used by various agencies, depending on the offered features (such as resistance encryption algorithms and the like): for example, the "old" AT-3004 modem is used by both civilian and military agencies and there are options for the export markets in Latin America and Middle East. Actually, the situation is similar to NATO standards: we log several and same ALE-2G signals but the particular user can be identified only by the callsigns.


notes:
 
- CIS-12 AT-3004D (aka MS5, fire) is not considered as an OFDM waveform and so those logs are not reported here. 

- Frequencies are USB, times in UTC.

SERDOLIK OFDM 35-tone DQPSK
frequency time note

14390.0 0815 SERDOLIK OFDM 35-tone
14442.0 1220 SERDOLIK OFDM 35-tone
14750.0 0650 SERDOLIK OFDM 35-tone

CIS-45 HDR modem OFDM 45-tone (version-1 BPSK 33.33Bd 62.5Hz - version-2 π/4-DQPSK 40Bd 62.5Hz)
frequency time note

09070.0 0900 CIS-45 v2
11032.0 0630,0645 CIS-45 v2

11081.0 0740,0800 CIS-45 v1 
13373.0 0807 CIS-45 v2
13841.0 1420 CIS-45 v2
14642.0 1425
CIS-45 v1
14827.0 1230 CIS-45 v1/v2
14974.0 1315 CIS-45 v2
15643.0 0725 CIS-45 v2
15680.0 0835,1140 CIS-45 v1
15812.0 0705 CIS-45 v1
16103.0 1320,1520 CIS-45 v1

16203.0 0930 CIS-45 v1
16230.0 1410 CIS-45 v1/v2
16241.0 1305 CIS-45 v1

16287.0 1136 CIS-45 v2
16341.0 0930 CIS-45 v2
17434.0 1405 CIS-45 v2
18038.0 1035, 1422 CIS-45 v1/v2 

18553.0 1250 CIS-45 v1
18720.0 1202 CIS-45 v1
19305.0 1300 CIS-45 v1
19864.0 1400 CIS-45 v2

CIS-60 HDR modem OFDM 60-tone (π/4-DQPSK 30Bd 44.44Hz - π/8-DPSK-8 35.5Bd 44.44Hz)
frequency time note

10241.0 0825 CIS-60
10565.0 0830 CIS-60
12143.0 0810 CIS-60
14259.0 0550,0710,0815 CIS-60
14557.0 0750,0815,0830,1220 CIS-60
16810.0 0710, 0820 CIS-60
18241.0 0720 CIS-60

CIS-112 modem OFDM 112-tone π/4-DQPSK 22.22Bd 25.6Hz
frequency time note

11081.0 1255 CIS-112
13940.0 0745 CIS-112
14390.0 0645, 0820 CIS-112
14643.0 0830 CIS-112

14898.0 0938 CIS-112
15680.0 0710 CIS-112
16103.0 1430 CIS-112
16342.0 1400 CIS-112
16643.0 0835 CIS-112
17495.0 0645 CIS-112

17540.0 1405 CIS-112
19400.0 0655 CIS-112
20964.0 0815 CIS-112

CIS-128 modem OFDM 128-tone QAM-16, PSK-8 (broadband waveform span 6KHz band)
frequency time note

11018.2 0635 CIS-128
13856.0 1245
13858.5 0740 CIS-128 broadband
15622.2 1335 CIS-128
16255.0 0825 CIS-128
19284.0 0830 CIS-128 broadband

20 December 2015

pseudo-random frequency hopping


Frequency Hopping Spread Spectrum (FHSS) is a method of transmitting radio signals by rapidly switching the carrier among many frequency channels using a pseudo-random sequence known to both transmitter and receiver(s). The heard packets in this sample have a duration of 2520 ms, frequency shift ~ 20 Hz and 20 data bits carried (other similar transmission have been noted with 2460 ms and 24 data bits, same shift) and span up a 2 MHz bandwidth, this recording has been on 13 MHz band.



16 December 2015

Logs

03831.0 ZLST: Zoll Leitstelle Cuxhaven, D 2158 USB MIL 188-141 2G-ALE calling ZKNI (10Dec15) (AAI)
05155.0 TBB: Turkish Navy, TUR 2115 USB STANAG-4285 600/L CARBs "TBB041--ZES-2/TBB043I(0)/TBB045I(0)/TBB048AI(0)/DZ 036I(0)/TBB050I(0)//" (08Dec15) (AAI)
05200.0 ---: Unid (prob. Algerian Mil) 2105 USB Arabian op.chat + STANAG-4197 (09Dec15) (AAI)
05246.2 ---: Unid (prob. SXV Greek Navy Piraeus, GRC) 2155 STANAG-4285 1200/L crypto (08Dec15) (AAI)
07455.0 RS0016D: prob. Macedonian Mil, MKD 1302 MIL 188-141 2G-ALE handshake with CS004A then into MIL 188-110 serial (10Dec15) (AAI)
07535.0 WG02: Algerian Mil, ALG 0726 USB MIL 188-141 2G-ALE calling PY01 (11Dec15) (AAI)
07622.0 CS002: prob. Macedonian Mil, MKD 1302 MIL 188-141 2G-ALE handshake with RS0011 then into MIL 188-110 serial (10Dec15) (AAI)
08010.0 ---: Ukraine Mil, UK 0647 double FSK 96/100Bd ~500Hz (16Dec15) (AAI)
10156.5 OEY20: Austrian Mil Lebanon, 1230 USB MIL 188-141 2G-ALE calling OEY61, handshake then into MIL 188-110 App.B 39-tone (16Dec15) (AAI)
10251.0 ---: Russian Intel, RUS 0825 (cf) MFSK-68(34+34) + QPSK 2400Bd 10KHz inserts each 1 sec (09Dec15) (AAI)
10370.0 SPI324: Polish Mil, Pol 1507 USB MIL 188-141 2G-ALE calling LCR154 (09Dec15) (AAI)
10435.0 CENTR3: ALG MFA Bucuresti, ROU 0802 USB MIL 188-141 2G-ALE calling FQS (11Dec15) (AAI)
10506.0 ZEN: Algerian AF, ALG 0737 USB MIL 188-141 2G-ALE calling CM2 (09Dec15) (AAI)
11120.0 BSK: Algerian AF, ALG 0847 USB MIL 188-141 2G-ALE calling CM4 (08Dec15) (AAI)
12226.0 ---: Unid 0906 MIL 188-110 serial 2400bps/voice MELP vocoder (11Dec15) (AAI)
12664.5 BE01: Algerian Mil, ALG 0916 USB MIL 188-141 2G-ALE calling LQ01 (12Dec15) (AAI)
12664.5 XV01: Algerian Mil, ALG 0921 USB MIL 188-141 2G-ALE calling BE01 (12Dec15) (AAI)
13499.0 13151: Moroccan Civil Protection, MRC 0802 MIL 188-141 2G-ALE sounding (10Dec15) (AAI)
13856.0 ---: Russian Intel, RUS 0840 USB (cf) CIS FTM-4, MFSK-4 150Bd 4000Hz (tones at: -6, -2, +2, +6 KHz) (14Dec15) (AAI)
13892.0 ---: Russian Intel, RUS 0845 (cf) MFSK-68(34+34) + QPSK 2400Bd 10KHz inserts each 1 sec (15Dec15) (AAI)
15043.0 GUA: USAF Anderson GUM 0741 USB MIL 188-141 2G-ALE sounding (14Dec15) (AAI)
15623.0 ---: Russian Intel, RUS 0845 USB (cf) CIS FTM-4, MFSK-4 150Bd 4000Hz (tones at: -6, -2, +2, +6 KHz) (10Dec15) (AAI)
15626.0 ---: Russian Intel, RUS 0840 USB (cf) CIS FTM-4, MFSK-4 150Bd 4000Hz (tones at: -6, -2, +2, +6 KHz) (15Dec15) (AAI)
15867.0 ---: Russian Diplo, RUS 0934 (cf) SERDOLIK selcall flwd by MFSK-34 40Bd 40Hz (15Dec15) (AAI)
16116.5 OEY61: Austrian Mil Lebanon 0913 USB MIL 188-141 2G-ALE calling OEY20 (10Dec15) (AAI)
16252.5 OEY61: Austrian Mil Lebanon 0912 USB MIL 188-141 2G-ALE calling OEY20 (10Dec15) (AAI)
16283.6 KVX53: Unid US DoS station 0859 USB MIL 188-141 2G-ALE calling KVX50 (10Dec15) (AAI)
16606.0 XKM: DHFCS Forest Moor, G 0909 USB MIL 188-141 2G-ALE calling XSS (08Dec15) (AAI)
17472.0 ---: Russian Diplo, RUS 0826 (cf) SERDOLIK MFSK-34 40Bd 40Hz (14Dec15) (AAI)
19041.5 ---: Unid 1254 USB Hagelin HC-256 voice scrambler (14Dec15) (AAI)


Austrian Mil: 188-141 2G-ALE link setup + 188-110 App.B 39-tone
Hagelin HC-256 HF voice scrambler

12 December 2015

playing with MS-DMT (MIL-STD Data Modem Terminal)

The MS-DMT application is a software defined modem based communications terminal tool developed as a Microsoft Foundation Class (MFC) based Multi-threaded 32 bit application. It is currently designed to run under MSWindows XP SP3 and later versions of both 32 and 64 bit MS-Windows operating systems. The tool is written in C++ using the Microsoft Visual Studio 2008 compiler and requires the installation of the VS2008 C++ runtime redistribution libraries which are part of the full MS-DMT install distribution only.
The MS-DMT tool functions as both a MIL-STD modem and basic data communications terminal and provides MARS a MIL-STD-188-110A (MS110A) compliant Serial Tone (ST) waveform modem based Message Terminal capability providing message composition and automated message storage to simplify MARS MS110A Forward Error Correction (FEC) message handling.
The software’s terminal provides numerous features to aid in message handling and the software also supports the use of more fully featured external asynchronous terminal applications. Additional features such as Data Link Protocol, Data Compression, Data Encryption and others may be added to the MS-DMT tool as required and in accordance with the specific standards as requested or left to implementation in external terminal applications.
You may use MS-DMT to build, decode and learn the MIL-STD 188-110 ST wavefvorm, the modem, along with other interesting resources and docs, can be downloaded from here:
MIL-STD Data Modem Terminal (MS-DMT) software and resources 





8 December 2015

Logs

19305.0 ---: Russian Mil, RUS 1300 USB CIS-45 HDR modem v1 33.3Bd 62.5Hz BPSK (01Dec15) (AAI)
18424.0 ---: Unid 0921 USB MKSK-11 125Bd 250Hz, first tone at: +650Hz ACF 790ms (07Dec15) (AAI)
18255.0 ---: Unid 0915 (cf) BPSK 1200Bd 9-secs segments + 9 tones 150Hz spaced (07Dec15) (AAI)
18100.0 ---: Russian Intel, RUS 1310 USB (cf: +1500Hz) 5 x MFSK-16 10Bd 20Hz + BPSK 250Bd inserts each 10 secs (03Dec15) (AAI)
16898.5 XSG: Shanghai Radio, CHN 0825 CW/ARQ morse id "XSG" (02Dec15) (AAI) 
16083.0 ---: Russian Intel, RUS 0900 USB (cf) CIS FTM-4, MFSK-4 150Bd 4000Hz (tones at: -6, -2, +2, +6 KHz) (07Dec15) (AAI)
15842.0 ---: Unid 0805 USB MIL 188-110 serial PSK-8 2400bps/short (01Dec15) (AAI)
13940.0 ---: Russian Mil, RUS 0745 USB CIS-112 22.22Bd 25.6Hz DBPSK (03Dec15) (AAI)
12693.0 ---: Russian Navy, RUS 1441 USB (cf: +1000Hz) CIS "Akula" BPSK 500Bd + FSK 500Bd/1000 (03Dec15) (AAI)
12282.5 ---: Unid (prob. German AF) 1430 USB Telefunken Racoms MAHRS-2400 serial 2400Bd PSK-8 (05Dec15) (AAI)
12226.0 ---: Unid 0903 USB MIL 188-110 serial 2400bps/voice (07Dec15) (AAI)
12197.0 ---: Unid NATO 1236 ISB LINK-11/SLEW 2400Bd (05Dec15) (AAI)
12173.0 ---: Russian Intel, RUS 0845 USB (cf) CIS FTM-4, MFSK-4 150Bd 4000Hz (tones at: -6, -2, +2, +6 KHz) (07Dec15) (AAI)
10165.0 ---: Unid 0757 USB MIL 188-110 serial 2400bps/voice (07Dec15) (AAI)
12164.0 ---: Unid 1151 USB MFSK-11 125Bd 250Hz, first tone at: +650Hz ACF 790ms (04Dec15) (AAI)
12156.0 ---: Russian Intel, RUS 1420 USB (cf) CIS FTM-4, MFSK-4 150Bd 4000Hz (tones at: -6, -2, +2, +6 KHz) (03Dec15) (AAI)
12153.0 ---: Russian Intel, RUS (cf) MFSK-68 (34+34) + QPSK 2400Bd 10KHz inserts each 1 sec (07Dec15) (AAI)
12120.0 ---: Russian Mil, RUS 0803 USB CIS-3000 serial 3000Bd PSK-8 flwd by CIS-128 OFDM 21Bd QAM-16 (07Dec15) (AAI) 
12113.0 ---: Chinese Mil 1530 LSB OFDM 30-tone bursts BPSK 60Bd (06Dec15) (AAI)
09903.0 ---: Unid (prob. French Mil) 0811 USB Thales Systeme-3000 ALE, QPSK 2000Bd + MSFK-8 125Bd (03Dec15) (AAI)
08812.0 TAH: Istanbul radio, TUR 1006 USB J3E English weather conditions, 0ff 1012 (03Dec15) (AAI)
06970.0 ---: Ukraine Mil, UKR 0650 (cf) MFSK-4 96Bd 500Hz tones at: -750, -250, +250 +750 Hz (03Dec15) (AAI)

[ALE]
16490.0 HIB: Unid net 1321 USB MIL 188-141 2G-ALE calling TOA (01Dec15) (AAI)
16490.0 TOA: Unid net 1320 USB MIL 188-141 2G-ALE sounding (01Dec15) (AAI)
15091.0 CROSPR: USAF Croughton, G 1313 USB MIL 188-141 2G-ALE calling DL0005DAT flwd by 188-110 serial (02Dec15) (AAI)
15091.0 ADW: USAF Andrews, USA 1306 USB MIL 188-141 2G-ALE calling DL0005DAT (USAF AWACS #81-0005) flwd by 188-110 serial (02Dec15) (AAI)
12431.0 AVALLONE: Guardia Di Finanza patrol boat, I 1451 USB MIL 188-141 2G-ALE calling MESSINA (03Dec15) (AAI)
12203.0 CENTR2: MFA Bucuresti, ROU 0840 MIL 188-141 2G-ALE calling YPM25 (07Dec15) (AAI)
12120.0 ---: (no call) prob. Algerian AF, ALG 0828 USB MIL 188-141 2G-ALE calling AOS (prob. Ain Oussera Airport ?)(07Dec15) (AAI)
11226.0 ICZ: USAF Sigonella, I 1510 USB MIL 188-141 2G-ALE multiple stations call "HOW COPY" (06Dec15) (AAI)
08190.0 RHI: Saudi Air Force, ARS  1515 USB MIL 188-141 2G-ALE calling AAI (07Dec15) (AAI)
08162.0 SP01 Algerian Mil, ALG 1523 USB MIL 188-141 2G-ALE calling PY01 (07Dec15) (AAI)
08016.0 NPRD15: NPRD net, HRV 1321 USB MIL 188-141 2G-ALE sounding (05Dec15) (AAI)
08016.0 NPRD001: NPRD net, HRV 0725 USB MIL 188-141 2G-ALE sounding (04Dec15) (AAI)
07421.5 CHFEDR: Greek Air Force, GRC 0733 USB MIL 188-141 2G-ALE calling SFFF2 (04Dec15) (AAI)

3 December 2015

MFSK-4 (double FSK) 96/100Bd 500Hz, Ukraine Military


This waveform is known as Double FSK 96/100 Baud and 500 Hz shift, a dual channel mode used by Ukraine Military, spreading about a 1730Hz bandwidth. The signal was heard just this morning (03 December) on 6970.9 KHz on USB, tones at -750, -250, +250 and + 750 Hz. Site radioscanner.ru reports this signal as Ukraine Mil 96-100, the two baudrates indication (96 and 100) is due to (literally) "some difficulties  in determining the speed of manipulation, due to the fact that the transmission channels are not synchronized (or poorly synchronized) with each other".
That issue is verified in the 21Aug15 log: the signal exhibits two baudrate lines at 96 and 100 Hz (pic. 3). That uncertainty is anyway not present in the measurement results of the  03Dec15 signal (96Bd) as in the pic. 2. The perfect 500Hz space among the tones (pic. 3) has ben found in the 96Bd signal, while in the other (96/100Bd) the shift is about 505Hz.

Pic. 1 - 03Dec15 signal, single baudrate line (96Hz)
Pic. 2 - 21Aug15 signal, the two baudrate lines
Pic. 3 03Dec15 signal, perfect 500Hz shift


http://youtu.be/w44gtaCBQBM?hd=1
 

2 December 2015

MFSK-4 150Bd 4000Hz (CIS FTM-4): the effective data-rate

This signal (reported here) is logged as FSK 4-tone with baudrate 150Bd and shift 4000Hz, or else CIS FTM-4 (Pic. 1). Looking in depth, they use only 4 of 24 combinations of the four tones (Pic. 2), so the encoded characters which are transmitted are reduced to 4.  This mode is called Frequency-Time Matrix (FTM) or, in this case, FTM-4. The coding method is five-digit group of characters plus spaces. The four symbols are:
A) 1-2-3-4
B) 2-4-1-3
C) 4-3-2-1
D) 3-1-4-2
Looking at the segment in Pic. 2, we could find the occurences of each symbol, for example "A" occurs 4 times, "B" occurs 3 times, "C" occurs 3 times and "D" occurs 3 times.
Since the baudrate of the signal, i.e. 150Bd, the real data-rate is 150/4 = 37.5 Baud. 

Pic. 1
Pic. 2
The repetitions of 4 symbols is clearly visible analyzing the demodulated bistream, unless some few errors due to the demodulation:

Pic. 3
 as well as the structure of the message seen as 48 bits period: some parts are well distinct
although it is unclear what they mean (sinc?, address?, commands?, ...)

Pic. 4