GNU Radio Conference 2016

University of Colorado, Boulder
September 12 - 16, 2016

6th Annual GRCon

GRCon is the annual conference for the GNU Radio project & community, and has established itself as one of the premier industry events for Software Radio. It is a week-long conference that includes high-quality technical content and valuable networking opportunities. This year, we expect our largest event yet, with attendees from industry, academia, and government.

With an annual program that has broad appeal, GRCon attracts people new to Software Radio just looking to learn more, folks that want to keep their finger on the pulse & direction of the industry, and seasoned developers ready to show off their latest work.

Conference Schedule

  • 7:30 - 8:30

    Check-In & Breakfast

  • 8:30 - 8:45

    Introduction

    Ben Hilburn

  • 8:45 - 9:30

    Keynote: CU Boulder & SDR

    Scott Palo

    Scott Palo is the Victor Charles Schelke Endowed Professor & Associate Dean for Research at CU Boulder.

  • 9:30 - 10:00

    Welcome to GNU Radio

    Ben Hilburn

  • 10:00 - 10:30

    Working with GNU Radio

    Johnathan Corgan

  • 10:30 - 11:00

    Break

  • 11:00 - 11:45

    Why Doesn't My Signal Look Like the Textbook?

    Matt Ettus

  • 11:45 - 12:15

    Low-Cost SDR Hardware

    Michael Ossmann

  • 12:15 - 1:00

    Lunch

  • 1:00 - 1:20

    Intro to GRC

    Sebastian Koslowski

  • 1:20 - 1:40

    Intro to PyBOMBS & CGRAN

    Martin Braun

  • 1:40 - 2:00

    Intro to Volk

    Nathan West

  • 2:00 - 2:20

    Intro to Synchronization

    Derek Kozel

    The what, why, and how of frequency, time, and phase synchronization in RF systems. What are the requirements in hardware and software to align each of these signal properties? Why would you want to do so? How do you measure these properties on receivers and transmitters? Example GNU Radio programs will be shown and measurements of real systems.

  • 2:20 - 2:50

    Break

  • 2:50 - 3:10

    Hacking the Wireless World

    Balint Seeber

    Interesting radio signals emanate from terrestrial sources, as well as from space, and GNU Radio continues to prove itself as an ideal prototyping platform for processing and decoding these signals.

  • 3:10 - 3:30

    Motivating Undergraduate Communication Theory with GNU Radio

    Peter Mathys

    Typical undergraduate communication theory textbooks start out with a review of continuous time linear systems, followed by amplitude, frequency and phase modulation. In some cases, probability theory and random processes also appear prominently at the beginning of the book. Digital data communication and digital signal processing are usually deferred until the second half of the course and the first complete digital communication system that resembles what is actually used in smartphones and other wireless systems appears only some 300 to 400 pages into the book. That makes it difficult to motivate students and we are thus promoting an approach where we start with a simple ideal communication system, e.g., using binary phase shift keying to transmit ASCII code text messages. In subsequent steps we can then introduce practical constraints and impairments such as channel bandwidth, noise, and timing synchronization. Along the way such concepts as the matched filter, signal space, and phase locked loops can be introduced naturally. To give the students opportunity to experiment and explore ‘what-if’ scenarios, GNU Radio and the gnuradio companion provide an ideal and very affordable platform. But there is a ‘chicken and egg’ problem. If you already know communication theory, GNU Radio is a great tool for experimentation, but if you are new to the field there is a steep learning curve. Just to demonstrate the concept of signal space and what happens if there is noise and the transmitter and receiver are not exactly synchronized, one quickly fills an entire flowgraph screen with some 30 blocks. Thus, some tailored blocks along the lines of an idealized textbook exposition to communications are needed to demonstrate the applicability of the material and let the students gain confidence in their ability to analyze and design such systems. In this talk we are exploring different ways to either combine existing GNU Radio blocks or create new ones for the purpose of an introductory level undergraduate communications course.

  • 3:30 - 3:50

    Utilizing GNURadio in the Design of a Geosynchronous Experimental Radio Hosted Payload

    Kayla Brosie

    Currently, a first of its kind amateur radio emergency communication system is being developed for Northern America as a hosted payload on a geosynchronous satellite projected to launch in 2017. The intent of this system is to act as a transponder in order to ensure reliable communication during emergencies when normal forms of communication, such as cell towers, are destroyed or saturated, as is common in these scenarios. While not serving its primary purpose for emergency communication, the system will be available to licensed amateur radio operators for daily use. In this presentation, an overview of the under development emergency communication system is provided, looking more in depth at the role of GNURadio in simulating the transmitters and receivers of the system and contributing to the overall design of the system. A representation of the system has been created that uses multiple flowgraphs to better model the multiple transmitter and receivers of the system as well as highlighting the use of USRPs and hand held radios.

  • 3:50 - 4:10

    Some Mil/Aero R&D Using GNU Radio

    Stu Card

    In our recent survey of Software Defined Radio (SDR) resources for military and aerospace waveform development and implementation, although other software environments appeared better suited for some specific development and test activities, GNU Radio emerged as the de facto definitive environment for general SDR research and development. Rapidly evolving commercial waveforms pose both opportunities and challenges from cyber and physical security perspectives; addressing these is facilitated by various Out Of Tree projects, together with the rapid prototyping and experimentation capabilities enabled by GNU Radio Companion etc. Proliferation of Unmanned Aerial Systems (UASes) presents other issues, including safe integration of UASes into the National Airspace System (NAS); research into some of these, such as UAS command and control data links, is also facilitated by GNU Radio. We briefly present the rationale for our recommendation that SDR researchers start with GNU Radio (at least as a baseline before trying more specialized tools) and some of the military and aerospace work in which we are using it.

  • 4:10 - 4:30

    Leveraging SDR for Public Safety Communications Research

    Jeb Benson

    The Public Safety Communications Research (PSCR) group, located in Boulder, CO, is undertaking a 7-yr, $300M R&D endeavor associated with the creation of the National Public Safety Broadband Network (NPSBN). R&D activities will primarily be focused on the acceleration of five key technology areas prioritized by the public safety community, and most readily leveraged using LTE broadband capabilities enabled by the NPBSN. One of these areas is mission critical voice (MCV), which has traditionally been implemented in a variety of land mobile radio technologies, e.g. P.25, TETRA, DMR, analog, etc. This presentation will introduce the key components of MCV, a high-level overview of how they might be implemented in LTE, and the role SDR could play in accelerating the implementation of exciting, critical features like device-to-device communications for early test & evaluation, and new product development. This talk will not focus on ‘what we have done’, but rather how, using our $300M technology accelerator program, we might stimulate interest from the SDR community to contribute to this opportunity.

  • 4:30 - 4:45

    Break

  • 4:45 - 5:45

    Panel: "Using GNU Radio in the Real World"

    Panelists: Tom Rondeau, Mike Ossmann, Dan CaJacob, Martin Braun
    Moderator: The Interrogator

  • 7:00 - 10:00

    Reception

  • 9:30 - 10:30

    WiSER FPGA Acceleration

    Ning Gao

  • 10:30 - 11:00

    Break

  • 11:00 - 12:15

    RFNoC Tutorial Part 1

    Ettus Research

  • 12:15 - 1:00

    Lunch

  • 1:00 - 2:20

    RFNoC Tutorial Part 2

    Ettus Research

  • 2:20 - 2:50

    Break

  • 2:50 - 4:15

    RFNoC Tutorial Part 3

    Ettus Research

  • 4:15 - 4:45

    Rapid Design Assembly

    Consolidated Logic

    FPGA DSP application design with GNU Radio is easier than ever with new platforms that streamline the process. One such platform is the Ettus USRP X-series, and an easy to use FPGA framework, RFNoC. Customizing the RFNoC modules on a USRP is no quick task though, as a user must still have an adept understanding of the Xilinx design tools and wait an hour (or more) for a design compilation to complete. Rapid Design Assembly (RDA)-- a process for rapid FPGA assembly -- has been augmented with new Xilinx Vivado capabilities. RDA extracts metadata from a design to provide an RFNoC compatible precompiled module library where modules can be mixed and matched, and executing a GNU Radio flowgraph reconfigures the USRP's Kintex-7 FPGA in a matter of seconds. This lowers the barrier to entry to use RFNoC, streamlines the design flow, and increases the turns per day when customizing the USRP in the GNU Radio flowgraph. This presentation will explain the basics of RDA, walk through the process of creating an RDA generated bitstream targeting the USRP X310, and explain how the precompiled module library is generated. In the live demo, we will rapidly compile multiple RFNoC modules into a programmable bitstream for the USRP, and interface with GNU Radio.

  • 7:30 - 8:30

    Check-In & Breakfast

  • 8:30 - 9:00

    Introduction

    Ben Hilburn

  • 9:00 - 9:45

    Keynote: Deep Neural Signal Processing

    Charles Clancy

    The past two decades of software-defined and cognitive radio (SDR/CR) engineering have been hampered by the presumption that signal processing components have a one-to-one relationship with traditional hardware processing components. SDR implementations have lacked computational scalability, relying heavily on Moore's law to make commercial SDR feasible. CR has been limited to spectrum sharing applications because the search space of all SDR waveform component permutations is too large to enable fully-cognitive waveforms.

    However recent advances in applying deep learning to signal processing are beginning to challenge these fundamental assumptions. By viewing signal processing as a dimensionality reduction problem from passband I/Q data to output content, rather than the composition of waveform components, we can achieve near-Shannon signal processing performance from neural networks. This results in order of magnitude reductions in waveform runtime complexity, in exchange for offline network training.

    In this talk we will introduce these new approaches to signal processing, share initial research results, and discuss novel approaches to rapid waveform training such as use of adiabatic quantum computing.

    Dr. Charles Clancy is an Associate Professor of Electrical and Computer Engineering at Virginia Tech and directs of the Hume Center for National Security and Technology. Additionally he is co-founder and member of the board of directors for HawkEye 360, a startup company focused on space-based RF analytics. Prior to joining Virginia Tech in 2010, he served as a senior researcher at the Laboratory for Telecommunications Sciences, a defense research lab at the University of Maryland, where he led research programs in software-defined and cognitive radio. Dr. Clancy received his B.S. in Computer Engineering from the Rose-Hulman Institute of Technology, M.S. in Electrical Engineering from the University of Illinois, and his Ph.D. in Computer Science from the University of Maryland. He is a Senior Member of the IEEE and has over 150 peer-reviewed technical publications. His current research interests include cognitive communications and spectrum security.

  • 9:45 - 10:15

    GNU Radio Update

    Ben Hilburn

  • 10:15 - 10:45

    Break

  • 10:45 - 11:00

    GRCon Hacking Challenges

    Balint Seeber

    Introduction & opening of the GRCon Hacking Challenges, sponsored by Bastille!

  • 11;00 - 11:45

    Ettus Research

    Ettus Research

  • 11:45 - 12:15

    GPU Acceleration: Custom Buffers in GNU Radio

    Seth Hitefield

    Recent advances in graphics processing units (GPU) have allowed for extremely large single-instruction-multiple-data architectures that can vastly improve the computational speeds of applications. A great example of these systems is the NVIDIA Titan X which contains 3072 individual cores; the NVIDIA Digits Devbox contains 4 Titan X cards, which can reach 28 TFlops of processing power. However, utilizing these powerful discrete cards can be rather difficult since the user must manage memory transfers between the host and each discrete card.

    Unlike VOLK which makes use of the host’s SIMD capabilities, GPU frameworks (such as CUDA) need to allocate their own memory. This requires the user to transfer data every call to work() which can result in significant latency. With the new custom buffers feature for GNU Radio, blocks can allocate their own memory buffers which make utilizing GPUs far easier. This presentation will also show an example flow graph making use of custom buffers.

  • 12:15 - 1:00

    Lunch

  • 1:00 - 1:30

    DARPA's Spectrum Collaboration Challenge

    Paul Tilghman

    DARPA’s Spectrum Collaboration Challenge (SC2). DARPA’s next Grand Challenge aims to ensure that the exponentially growing number of military and civilian wireless devices will have full access to the increasingly crowded electromagnetic spectrum. Competitors will reimagine spectrum access strategies and develop a new wireless paradigm of collaborative, local, real-time decision-making where radio networks will autonomously collaborate and reason about how to share the RF spectrum; avoiding interference, and jointly exploiting opportunities to achieve the most efficient use of the available spectrum. SC2 teams will develop these breakthrough capabilities by taking advantage of recent advances in artificial intelligence (AI) and machine learning, and the expanding capacities of software-defined radios. Ultimately this competition aims not only to challenge innovators in academia and business to produce breakthroughs in collaborative AI, but also to catalyze a new spectrum paradigm that can help usher in an era of spectrum abundance.

  • 1:30 - 2:00

    OFDM in GNU Radio

    Matt La Pan

    Orthogonal Frequency Division Multiplexing (OFDM) is utilized as a multi-carrier modulation method for many modern communications systems. While GNU Radio currently offers a number of OFDM blocks, there are still shortcomings in terms of reliable implementations both in simulation and more so on embedded hardware targets. This talk explores the under-the-hood details and pitfalls of OFDM in GNU Radio that are critical to a successful implementation.

  • 2:00 - 2:30

    GNU Radio Outside of the SDR Scope: Intro to Scopy

    Paul Cercueil

    Scopy is a modern software oscilloscope and signal analysis toolset,
    developed at Analog Devices, and designed to work atop the IIO
    subsystem of the Linux kernel. One of its particularities is that it
    relies on GNU Radio for the internal data flow and some of the
    processing, making it one atypical software solution in the SDR-focused
    GNU Radio ecosystem.

    This presentation will go through the reasons behind the choice of GNU
    Radio for the piping system, the issues it solved, the challenges we
    faced, and our contribution to the GNU Radio community.

  • 2:30 - 3:00

    Break

  • 3:00 - 3:30

    Accelerators in SDR

    Adam Bacon

    With Moore’s law coming to an end, software defined radio is seeking new ways to achieve greater performance for applications. RF Network on a Chip (RFNoC) creates a new paradigm for software defined radio that will allow prototypes to harness the power of FPGAs and to be designed, tested, and transitioned directly into final products. AHA, in collaboration with AMSAT and Virginia Tech Hume Center, has created DVB-S2X FEC blocks to enable prototypes of high performance satellite systems using GNU radio. AHA is providing free versions of these new RFNoC FEC blocks for researchers to evaluate and use in their high performance communication applications.

  • 3:30 - 4:00

    Run Your Own Classroom Spectrum Challenge

    Fraida Fund

    This tutorial will give educators and experimenters the tools necessary to run their own cognitive radio "challenge", using open SDR testbeds and GNU Radio, in a tournament format similar to competitions such as the DARPA Spectrum Challenge. We will describe our experiences running this challenge in courses at the University of Thessaly (Greece) and the NYU Tandon School of Engineering (US). In particular, we will explain how to overcome common points of friction that occur in the classroom setting, including: teaching students to understand "real" RF hardware, gaining access to an SDR testbed, easing the build and setup process, running reference or student designs, extending reference designs, and visualizing "match" results. We will demonstrate some of these in real time, and also refer participants to step-by-step instructions they can follow (with open source code) to run their own Spectrum Challenge.

  • 4:00 - 4:30

    GNU Radio and VOLK on ARMv8

    Doug Geiger

    GNURadio and its support library, the Vector-Optimized Library of Kernels (VOLK) are designed to take advantage of single-instruction, multiple data (SIMD) instruction sets, such as SSE, AltiVec, and NEON. Extending support for VOLK, and by extension GNURadio, to the new ARMv8 instruction set should provide more performance on the advanced ARM-based processors and systems-on-chips (SoC’s) now available on the market, as well as future generations of processors. ARMv8 adds additional 128-bit registers, new instructions, and improves IEEE-754 support of the NEON instruction set. We will introduce support to VOLK for the ARMv8/AArch64 architecture, explore the improvements to NEON, and show real-world improvements in GNURadio flow graphs through benchmarking and profiling on an ARM Cortex-A53 processor.

  • 4:30 - 4:45

    Break

  • 4:45 - 5:15

    Hacking the Wireless World 3.0

    Balint Seeber

    Interesting radio signals emanate from terrestrial sources, as well as from space, and GNU Radio continues to prove itself as an ideal prototyping platform for processing and decoding these signals.

    This talk will discuss some experiments and enhancements:

    The INMARSAT Aero service is used to transfer SATCOM voice and data traffic between aircraft and the ground-based aviation network via a geosynchronous satellite constellation. A prototype GNU Radio decoder is implemented for the coordination channel, with a simple satellite dish feed and SDR, and is used to parse ACARS messages transmitted to airborne flights. This makes for a nice complement to keeping an eye on flights that are out of range of the terrestrial VHF datalink network.

    Multipath propagation has impacted all real-life communications system design, but what does it actually look like? A real-time visualisation is created by using a smart correlator block, and terrestrial digital television signals. Due to the high symbol rate, and high power, it is possible to see multiple reflections live as one moves around the receiver’s antenna.

    FMCW is a popular choice for RADAR systems, and can easily be implemented to aid with understanding the fundamental nature of the waveform. Some flowgraphs have been developed for use with different transducers (e.g. SDR). Using multiple transmit channels, it is also possible to steer the transmitter’s beam to create a primitive phased array.

    Kevin Reid’s wideband ‘un-selective AM’ receiver is re-created. It uses stereo audio spatial separation to convey on which side of the baseband spectrum the most powerful AM transmission is taking place - very handy for listening to the aviation band.

  • 5:15 -5:45

    SDR Implementation of the Dual Link Algorithm in TDD Mode Using USRP E310

    Zhe Feng

    This work presents challenges and some solutions of implementing the Dual Link Algorithm in the fairly new USRP E310 software defined radio (SDR) in time division duplex (TDD) mode. The dual link algorithm that we designed previously aims to solve the interference problem in future dense cellular networks. The algorithm performs joint beamforming matrix design for transmit signals of multiple transmitters, which are equiped with multiple antennas. The receivers can also be equipped with multiple antennas. Our experiment uses 4 E310's to model two pairs of interfering users with 2 antennas at each transmitter and each receiver. In TDD mode, the dual link algorithm is an iterative algorithm with iterations between uplink and downlink transmission. The algorithm takes advantage of channel reciprocity to reduce complexity. Therefore, it requires that the same antennas are used for both transmission and reception, as well as a compensation for the differences in transmit and receive RF chains. We did not find prior SDR GNU Radio solution on using the same antennas in TDD mode. We will share our experience with GNU radio Companion in using the two TRX ports in each E310 to achieve this in network mode, where the signal processing is performed on computers. To utilize the FPGA resource inside E310, we are working on RFNoC for the embedded mode of E310 and plan to share our experience in that as well.

  • 7:30 - 8:30

    Check-In & Breakfast

  • 8:30 - 8:45

    Introduction

    Ben Hilburn

  • 8:45 - 9:15

    GNU Radio Technical Update

    Johnathan Corgan

  • 9:15 - 9:45

    Whole Packet Clock Recovery

    Michael Ossmann

    Reverse engineers and others new to SDR frequently stumble when faced
    with the challenge of clock recovery. After identifying a signal and
    determining its modulation characteristics, reverse engineers often turn
    away from SDR tools and rely on crude means such as pen and paper to
    decode packets. They do this because traditional SDR clock recovery
    techniques are needlessly difficult to use.

    These traditional techniques are ill-suited to the scenario in which an
    entire packet waveform is stored in memory. Instead of using algorithms
    designed to require minimal state, we should have techniques that take
    advantage of the availability of a complete packet waveform. Such
    methods should make clock recovery more reliable and easier to use, at
    the expense of computing resources.

    I will report on my investigation of whole packet clock recovery
    techniques and will demonstrate an open source implementation that
    produces packet data from a demodulated waveform with zero
    configuration.

  • 9:45 - 10:15

    A Cost-Efficient, Field-Ready Sensor to Detect and Decode LTE FDD Downlink at Low Signal Levels

    Douglas Anderson

    This presentation introduces a GNU radio design implemented on a USRP to detect and decode an LTE Frequency Division Duplex (FDD) downlink control channel by utilizing the srsLTE library. We provide background and motivation, technical requirements, and an initial design. The sensor is designed for unattended field measurements – subsequent technical requirements involve hardware considerations external to USRP, e.g., time discipline, local calibration, processing power, and backhaul to NTIA’s Measured Spectrum Occupancy Database. Technical challenges and solutions are described. Finally, we demonstrate performance of the sensor to time-synch, detect, and decode a simulated LTE FDD downlink at diminishing signal-to-noise ratios. As part of the NTIA Spectrum Monitoring Program, we plan to deploy a network of LTE sensors around Boulder, CO to characterize LTE use of the 700 MHz band and to identify in real-time new entrants in the 1695 – 1710 MHz AWS-3 band. This proof-of-concept sensor also informs on feasibility of GNU Radio programmed SDRs to meet upcoming AWS-3 RFP requirements to monitor the perimeter of NOAA meteorological satellite Earth stations.

  • 10:15 - 10:45

    Break

  • 10:45 - 11:15

    Rigorous Moment-Based Automatic Modulation Classification

    Darek Kawamoto

    In this paper we develop the connection between the high-order moments, orthogonal polynomials, and probability densities representing signal constellations with AWGN in order to improve moment-based Automatic Modulation Classification (AMC). The result is that an approximate weighted $L^2$ distance between probability densities can be computed using a Euclidean distance on vectors consisting of series expansion coefficients. This analysis justifies the use of high-order moments in AMC. A discriminative Deep Neural Network (DNN) is trained to perform AMC, resulting in near-maximum likelihood performance at marginal SNR.

  • 11:15 - 11:45

    Sniffing and Dissecting nRF24L with GNU Radio and Wireshark

    Marc Newlin

    Nordic Semiconductor nRF24L transceivers are ubiquitous in wireless peripherals and low power wireless devices, with over one billion sold as of 2013. This presentation will introduce a GNU Radio out-of-tree module which supports transmission and reception of nRF24L packets, along with an nRF24L dissector for Wireshark. Support is included for all of the valid data rate, CRC, packet length, and address length values, and the module can be used as either a fixed configuration transceiver, or a generic sniffer which attempts to decode packets in any configuration. Due to timing constraints imposed by USB and host processing overhead, some valid ACK timeout values are not supported. Both the GNU Radio module and Wireshark dissector will be released open source prior to the conference, and will be used in live demonstrations during the presentation.

  • 11:45 - 12:15

    Exploring Distributed Sensor Synchronization with GNU Radio and RTL-SDRs without Hardware Modification

    Wilbur Myrick

    Low-cost distributed sensor processing has been a topic of interest due to its added advantage of sensor placement and processing gain. However, having independent local oscillators at each sensor presents a synchronization challenge for low-cost distributed sensors lacking an external synchronization hardware interface. We explore Signals-of-Opportunity (SOOs) to maintain distributed sensor coherency when an external synchronization hardware interface is unavailable for inexpensive COTS SDRs. Some distributed sensor processing approaches may function without stringent coherency enabling the use of SOOs as synchronization reference beacons in the field of view. We explore the concept of “software” sensor synchronization leveraging GNU Radio and RTL-SDRs with SOOs.

  • 12:15 - 1:00

    Lunch

  • 1:00 - 1:30

    SWaP BOOM POW: Advancing the State of the Art with Modular SWaP-Optimized Software Defined Radios

    John Orlando

    Software defined radio continues to increase its reach into both commercial and defense/security markets at a rapid pace. As this reach increases, a focus on size, weight, and power (SWaP) consumption of the radio architecture has also garnered significant attention. Proper system architecture can allow both modularity and scalability at the radio level as well as the system level, and significantly reduce the time to market for these flexible radio systems. This talk will discuss some of the architectural tradeoffs when developing SDRs that focus on both SWaP as well as modularity, and the interplay with software frameworks such as GNU Radio. A review of currently available SWaP-optimized SDR platforms and a preview of forthcoming SWaP-optimized SDR platforms will be presented.

  • 1:30 - 2:30

    Panel: "GNU Radio in the Year 2026"

    Panelists: Paul Tilghman, Dirk Grunwald, Tim Newman, Matt Ettus
    Moderator: Pierre de Vries

  • 2:30 - 3:00

    Break

  • 3:00 - 3:30

    Utilizing GNU Radio in the Design of a Geosynchronous Experimental Radio Hosted Payload

    Kayla Brosie

    Currently, a first of its kind amateur radio emergency communication system is being developed for Northern America as a hosted payload on a geosynchronous satellite projected to launch in 2017. The intent of this system is to act as a transponder in order to ensure reliable communication during emergencies when normal forms of communication, such as cell towers, are destroyed or saturated, as is common in these scenarios. While not serving its primary purpose for emergency communication, the system will be available to licensed amateur radio operators for daily use. In this presentation, an overview of the under development emergency communication system is provided, looking more in depth at the role of GNURadio in simulating the transmitters and receivers of the system and contributing to the overall design of the system. A representation of the system has been created that uses multiple flowgraphs to better model the multiple transmitter and receivers of the system as well as highlighting the use of USRPs and hand held radios.

  • 3:30 - 4:00

    Leveraging SDR for Public Safety Communications Research

    Jeb Benson

    The Public Safety Communications Research (PSCR) group, located in Boulder, CO, is undertaking a 7-yr, $300M R&D endeavor associated with the creation of the National Public Safety Broadband Network (NPSBN). R&D activities will primarily be focused on the acceleration of five key technology areas prioritized by the public safety community, and most readily leveraged using LTE broadband capabilities enabled by the NPBSN. One of these areas is mission critical voice (MCV), which has traditionally been implemented in a variety of land mobile radio technologies, e.g. P.25, TETRA, DMR, analog, etc. This presentation will introduce the key components of MCV, a high-level overview of how they might be implemented in LTE, and the role SDR could play in accelerating the implementation of exciting, critical features like device-to-device communications for early test & evaluation, and new product development. This talk will not focus on ‘what we have done’, but rather how, using our $300M technology accelerator program, we might stimulate interest from the SDR community to contribute to this opportunity.

  • 4:00 - 4:20

    GRC Update

    Sebastian Koslowski

  • 4:20 - 4:40

    PyBOMBS & CGRAN Update

    Martin Braun

  • 4:40 - 5:00

    VOLK Update

    Nathan West

  • 6:00 - 9:00

    GRCon16 Reception

  • 7:30 - 8:30

    Check-In & Breakfast

  • 8:30 - 8:45

    Introduction

    Ben Hilburn

  • 8:45 - 9:30

    Keynote: FCC, Friend or Foe? SDR, Trick or Treat?

    Pierre de Vries

    SDR is a powerful technology that changes the rules of many games, including the game of radio regulation. This talk will explore why SDR work influences spectrum policy, how FCC decisions affect what the SDR community can do, and what you can do about it.

    All US radio operation must conform to FCC rules. Therefore, the FCC’s understanding of SDR determines what you can legally do with this technology. The promise of SDR is less visible to policy makers than its risks, from jamming first responder radios and degrading aviation radar to spoofing GPS and hacking home security systems.

    The FCC has wrestled repeatedly with SDR, most recently in the debate over third-party Wi-Fi router firmware like DD-WRT. SDR undermines assumptions that underpin regulation, like “a radio’s behavior doesn’t change after it’s been certified for use” and “only a few well-heeled players have access to sophisticated radio technology.”

    The SDR community has a choice: engage with spectrum regulators to help them understand the risks and promise of the technology – or live with poorly-informed rules that hamper progress.

    Pierre de Vries is Co-Director of the Spectrum Policy Initiative at the Silicon Flatirons Center for Law, Technology, and Entrepreneurship at the University of Colorado, Boulder. His work focuses on maximizing the value of radio operation through smarter management of potential and actual interference. He is a member of the FCC’s Technological Advisory Council, and Visiting Senior Scientist at the Institute for Networked Systems of RWTH Aachen University. Prior to this he was a Technology Advisor to Harris Wiltshire & Grannis LLP in Washington, DC; Senior Fellow at the Annenberg Center for Communication at USC; and held various positions at Microsoft including Chief of Incubation, and Senior Director of Advanced Technology and Policy.

  • 9:30 - 10:00

    Some Mil/Aero R&D using GNU Radio

    Stu Card

    In our recent survey of Software Defined Radio (SDR) resources for military and aerospace waveform development and implementation, although other software environments appeared better suited for some specific development and test activities, GNU Radio emerged as the de facto definitive environment for general SDR research and development. Rapidly evolving commercial waveforms pose both opportunities and challenges from cyber and physical security perspectives; addressing these is facilitated by various Out Of Tree projects, together with the rapid prototyping and experimentation capabilities enabled by GNU Radio Companion etc. Proliferation of Unmanned Aerial Systems (UASes) presents other issues, including safe integration of UASes into the National Airspace System (NAS); research into some of these, such as UAS command and control data links, is also facilitated by GNU Radio. We briefly present the rationale for our recommendation that SDR researchers start with GNU Radio (at least as a baseline before trying more specialized tools) and some of the military and aerospace work in which we are using it.

  • 10:00 - 10:30

    Break

  • 10:30 - 11:15

    Radio Architecture Design Challenges: An RF Engineer’s Perspective

    Shyam Nambiar

    Currently, wireless systems architects and engineers face numerous challenges in designing an efficient radio that meets their customer’s expectations in terms of data throughput while concurrently reducing traditional systems costs (Size, Weight and Power). With increasing demand for higher data rates and greater spectral crowding, techniques such as cognitive radio and spectrum sensing/sharing demand more signal processing intelligence and processing power at the higher layers of a protocol stack. But what do all of these trends mean for the RF hardware designer? A PHY layer that doesn’t just maintain the RF-to-bits status quo but instead delivers differentiating performance while acting autonomously is the answer. In this presentation, we broadly analyze conventional radio architectures to better understand the system design tradeoffs that impact a wireless system’s overall performance with specific focus on functional partitioning and architectures of low-cost and low-power applications that are typically the domain of rapid SDR prototyping. Direct-RF, real-IF and zero-IF solutions are discussed in terms of their overheads considering RF front-end costs, digital interface complexity, power consumption, and typical RF impairments. A few application-specific examples for anticipated 5G systems which employ Analog Devices’ AD9361 and AD9371 Integrated Transceivers in their signal chain are discussed as well in this presentation.

  • 11:15 - 11:45

    It's the RFNoC Life, for Us

    Martin Braun

    RFNoC is many things: It enables heterogeneous data processing between
    FPGAs and host computers, it gets the best out of Ettus Research USRP
    devices that you may already own or are planning to buy, it facilitates
    deployment of DSP and other algorithms and it's simply a great framework
    in which to do FPGA development.
    RFNoC is most powerful when used in combination with GNU Radio. In this
    presentation, we'll give an update of the state of RFNoC, highlight new
    features, and provide an overview of the efforts required to become an
    RFNoC developer.

  • 11:45 - 12:15

    Drone Hijacking and other IoT hacking with GNU Radio

    Alexander Chemeris

    Internet of things is surrounding us. Is it secure? Or does its security stand on (deemed) invisibility? XTRX SDR (Software-defined radio) and GNU Radio can answer these questions. In this presentation, we will play some modern wireless
    devices. They have similar protocols, and none of them encrypts its
    traffic. We will show how easy it is to find them using XTRX SDR and
    proprietary chipsets, and how to sniff/intercept/fuzz these devices
    using a small python script and GNU Radio. As an example we will show a Mousejack attack to wireless dongles, wireless keyboard keylogger and even a drone hijacking.

  • 12:15 - 1:00

    Lunch

  • 1:00 - 1:30

    Motivating Undergraduate Communication Theory Using GNU Radio

    Peter Mathys

    Typical undergraduate communication theory textbooks start out with a review of continuous time linear systems, followed by amplitude, frequency and phase modulation. In some cases, probability theory and random processes also appear prominently at the beginning of the book. Digital data communication and digital signal processing are usually deferred until the second half of the course and the first complete digital communication system that resembles what is actually used in smartphones and other wireless systems appears only some 300 to 400 pages into the book. That makes it difficult to motivate students and we are thus promoting an approach where we start with a simple ideal communication system, e.g., using binary phase shift keying to transmit ASCII code text messages. In subsequent steps we can then introduce practical constraints and impairments such as channel bandwidth, noise, and timing synchronization. Along the way such concepts as the matched filter, signal space, and phase locked loops can be introduced naturally. To give the students opportunity to experiment and explore ‘what-if’ scenarios, GNU Radio and the gnuradio companion provide an ideal and very affordable platform. But there is a ‘chicken and egg’ problem. If you already know communication theory, GNU Radio is a great tool for experimentation, but if you are new to the field there is a steep learning curve. Just to demonstrate the concept of signal space and what happens if there is noise and the transmitter and receiver are not exactly synchronized, one quickly fills an entire flowgraph screen with some 30 blocks. Thus, some tailored blocks along the lines of an idealized textbook exposition to communications are needed to demonstrate the applicability of the material and let the students gain confidence in their ability to analyze and design such systems. In this talk we are exploring different ways to either combine existing GNU Radio blocks or create new ones for the purpose of an introductory level undergraduate communications course.

  • 1:30 - 2:00

    Radio Machine Learning Opportunities and Resources

    Tim O'Shea

    Machine learning holds significant promise for bringing in a new era of vastly improved radio and signal processing algorithms. By learning radio signal processing tasks and algorithms directly from data while minimizing the use of expert features and algorithms, we believe numerous radio tasks can be learned in highly generalizable ways with the ability to adapt and specialize to a wide range of operating conditions and requirements. We will review several key technology enablers for machine learning in the radio domain and demonstrate several pertinent applications. We will introduce the radioML online community and introduce our benchmark datasets and tasks with which we hope to facilitate quantitative comparison of ML approaches, strategies, and results in the domain.

  • 2:00 - 2:30

    Reversing and Implementing the LoRa PHY with SDR

    Matt Knight

    This talk will demonstrate techniques for decoding the LoRa PHY layer and will introduce gr-lora, an open source implementation of the protocol. LoRa is a Low Power Wide Area Network (LPWAN), an emerging class of wireless technology optimized for embedded and IoT applications. LoRa is unique because it uses a chirp spread spectrum modulation that encodes data into RF features more commonly encountered in RADAR systems. LoRa is also designed to operate in unlicensed ISM frequency bands, both avoiding costly spectrum licensing requirements and democratizing long-range network capabilities to consumers and new commercial operators alike. After briefly introducing the audience to LPWANs, I will walk through the SDR and DSP techniques required to demodulate and decode LoRa packets. In addition I will introduce gr-lora, an open-source implementation of the PHY that can be leveraged to design LoRa security test tools, gateways, and end node applications.

  • 2:30 - 3:00

    Break

  • 3:00 - 3:30

    Laboratory for Radio Communications Learning in Columbia Based in SDR Technologies

    José de Jesús Rugeles Uribe

    The Software Defined Radio technology has become today in the most important way to develop, create and innovate in radio technologies. This potential is a big opportunity for the teaching in electronic and Telecommunications in all world, especially in developing countries where the resources are limited. A laboratory with all this equipment requires a very high budget, impossible for most Universities in Colombia. Thus, some of important concepts are studied just theoretically; Sometimes, complemented by basic simulations using software such as Matlab or free software tools like Scilab.

    The Telecommunication Engineering Department, decided build a communications laboratory using Software Defined Radio and GNU Radio with the idea of develop and apply this technology in their curriculum, specifically in courses like signal processing, analog and digital communications, mobile and wireless communications, transmission lines, instrumentation, radio propagation, antennas and advanced courses like digital TV, wireless sensor networks and radar technologies.

    The hardware used in the laboratory include USRP and Nutaq radios besides instruments like radio-frequency generator (9 MHz - 6 GHz), power meter (50 MHz - 18 GHz), micro-strip, omnidirectional, horn and logperiodic antennas (800 MHz -18 GHz).

  • 3:30 - 4:00

    Experimenting Cognitive Radio Communication with GNU Radio on CorteXlab

    Tanguy Risset

    CorteXlab (http://www.cortexlab.fr/) is an experimental wireless test-bed inaugurated in 2014 and dedicated to Software Defined Radio (SDR), Cognitive Radio and more generally any physical layer wireless experimentation. CorteXlab a part of the FIT (Future Internet of Things) platform. It is composed of a mix of SDR nodes, SISO and MIMO, installed in a shielded room and programmed from Internet. CorteXlab is provided for scientific and industrial communities and is openly accessible to anyone in the world with an Internet access. The FIT/CorteXlab experimentation room hosts 22 USRP N2932 nodes from National Instruments and 16 Nutaq PicoSDR (4 of them having 4×4 MIMO capabilities). This equipment can be programmed from anywhere in the world using GNU Radio. CorteXlab is a unique opportunity for GNU Radio wireless protocol developer to test their protocol in a real yet controlled environment.

  • 4:00 - 4:30

    Accelerated Signal-Processing on Embedded Platforms: Paths Forward

    Raj Bhattacharjea

    In the past ten years, low-power, embedded computers capable of running GNU Radio have become increasingly available, capable, and low-cost. They are quickly becoming the platform of choice for projects that require modest computing capabilities in the maker, hacker, and do-it-yourself communities. Popular platforms include single-board computers, stick computers, and mini-computers. These embedded systems can use GNU Radio to perform the signal-processing functions of a software-defined radio; however, efficient and fast signal-processing performance is not guaranteed out-of-the-box. For efficient performance, the developer must use single instruction, multiple data (SIMD) CPU extensions and/or general purpose computing on graphics processing units (GPGPU). Both SIMD and GPGPU are available on many popular embedded hardware platforms, but software in the GNU Radio ecosystem does not yet fully leverage SIMD and GPGPU on embedded hardware. Therefore, the goal of this talk is to discuss paths forward for integrating efficient signal-processing techniques into GNU Radio and to outline the work that has been done in embedded SIMD and GPGPU signal-processing.

  • 4:30 - 4:45

    Break

  • 4:45 - 5:05

    Efficient Waveform Spectrum Aggregation for Algorithm Verification and Validation

    Bill Clark

    Many algorithms that are designed for analyzing waveforms (e.g., detection, synchronization, or signal classification) face performance degradation
    in the presence of interfering signals. The GNU Radio application outlined here allows for testing the algorithms under the presence of interference by specifying the spectral layout in an efficient manner. This approach makes use of channelizers and synthesizers to dynamically aggregate the desired signals and arbitrarily center
    them at any given center frequency, which is in contrast to the traditional approach of upsampling and adding the individual signals. This application also allows for convenient white-space access algorithm development as the Primary User’s signals can be model easily within the spectrum. While this approach is presently being used in a file generation manner, it can easily be extended to over-the-air transmissions using SDRs with a high capacity interface.

  • 5:05 - 5:25

    Exploiting Vulnerabilities in Software Radios

    Seth Hitefield

    In the past few years, a significant amount of research has been conducted concerning vulnerabilities of software defined communications systems. However, in many cases this research has focused on exploiting vulnerabilities within a radio protocol rather than the software implementation of the radio itself. With software radio becoming more prevalent in the communications domain, the chances of vulnerabilities existing and being attacked is increasing significantly. The goal of this research is to examine different software radio frameworks and determine what types of vulnerabilities can exist and how they may be exploited by attackers. This presentation will give an overview of the types of vulnerabilities that can exist and demonstrate a few examples, such as buffer overflows and state machine corruption.

  • 5:25 - 5:45

    Closing

    Ben Hilburn

  • 7:30 - 8:30

    Breakfast

  • 8:30 - 12:15

    Guided Tutorials

    The dev summit this year will include not only the usual collaborative development & hacking, but lightning talks, walk-throughs, and tutorials.

  • 12:15 - 1:00

    Lunch

  • 1:00 - 2:00

    Hacking

  • 2:00 - 2:30

    Hacking Challenge Conclusion

    Bastille

  • 2:30 - 4:00

    Hacking

  • 5:00

    Open House & BBQ

    Great Scott Gadgets

    Hosted by Great Scott Gadgets in Evergreen, CO.

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsors

Hacking Challenges Sponsor

Hosted By