Martin – Page 226 – WirelessMoves

SAE Review Part 2: Mobility and Connection Management

LTE and SAE are making big steps forward and the major specification documents are nearing completion. In part 1 of this mini-series, I've started taking a closer look at 3GPP TS 23.401, the main SAE (System Architecture Evolution) specification document and reported about the flexible meshed like architecture design. In this part, I'll have a look at Evolved Packet System Mobility Management (EMM) and EPS Connection Management (ECM) and their differences to Mobility- and Session Management of UMTS.

Before taking a look at the features in SAE, let's have a look at how similar things work today with UMTS as many of you will be familiar to that. Here, the SGSN at the border between the radio access network and the core network has two management tasks:

UMTS – Packet Mobility Management

The first is called Packet Mobility Management (PMM) and deals with keeping track of the whereabouts of mobile devices. There are three states: A mobile device is PMM detached when it is switched off or if it is not connected to the packet switched part of the UMTS network. That's the case for example if the device has been set to connect to the circuit switched part right at power on but not to the packet switched part unless it becomes necessary, i.e. the user wants to establish a data session. When a data session is established, the connection state changes to PMM connected. Afterwards, if the mobile is connected but hasn't exchanged data with the network for some time, the radio network controller (RNC) can ask the SGSN to release the mobility management connection. The connection then enters PMM idle state and the mobile only reports to the SGSN when it changes a routing or location area. If an IP address was assigned, it is kept. From the application layer point of view (e.g. the web browser) there is no difference between PMM connected and PMM idle.

UMTS – Session Management

The Mobility Management only deals with the whereabouts and tracking of the mobile device, so this state machine knows nothing about assigned IP addresses and contexts. This is task of Session Management (SM). Here there are only two states, either a device has a session and an IP address or it hasn't.

And now to SAE / LTE

In SAE things work a bit different and I guess that's the reason why the mechanisms had to change as well. The biggest difference in SAE is that once a mobile device is switched on it always has at least a default bearer. In other words, it always has an IP address when it is switched on. And again in other words it's not possible for a mobile device to be attached to the network and not have an IP address. Hence, session managements makes no sense in LTE/SAE. To reflect this, the following two state machines are used in LTE/SAE:

EPS – Mobility Management

This EMM state machine only has two states. When a mobile is switched off or uses a different radio access network technology (e.g. GPRS or UMTS) it's state is EMM deregistered. That's simple. There's an optional feature referred to as Idle-mode Signaling Reducation (ISR) described in Annex J of 23.401 that changes that rule somewhat but let's ignore it for now. Once the mobile sees an LTE network it tries to register and if successful it's state is changed to EMM registered. At the same time the mobile is also assigned an IP address. As a consequence mobile devices in EMM registered state always have an IP address. But the EMM state machine does not care about that fact, it is only influenced by mobility management procedures such as Attach, Detach and Tracking Area Updates. While in EMM registered, the network knows the location of the mobile device either on a cell level or a tracking area level. Which of the two depends on the connection management state machine described right below.

EPS – Connection Management

When a mobile device is registered (EMM state = registered) it can be in two connection management (ECM) states. While a data transfer is ongoing the device is in ECM connected state. For the mobile device this means that on the radio link a Radio Resource Control (RRC) connection is established. For the network, ECM connected means that both the Mobility Management Entity (MME) and the Serving (User Data) Gateway (SGW) have an connection to the mobile device via the S1 interface (the physical and logical link between the core network and the radio access network). in ECM connected state, the location of the mobile is known to the cell level and cell changes are controlled by handovers.

If there is no activity for some time, the network can decide that it is no longer worthwhile to keep a logical and physical connection in the radio network. The connection management state is then changed to ECM idle. Note the use of the term 'idle'. It doesn't mean the connection completely goes away. Logically, it is still there but the RRC connection to the mobile is removed as well the S1 signalling and data link. The mobile continues to be EMM registered and the IP address it has been assigned remains in place. In ECM idle state the location of the mobile is only known down to the tracking area level and cell changes are performed autonomously by the device without any signaling exchanges with the network

Interactions With the Radio Interface

From the base station and mobile device point of view there is a lot of room for maneuvering between ECM connected and ECM idle. While a lot of data is exchanged, the air interface can be fully activated for a device so it has to continuously listen for incoming data. In times of lower activity or even no activity at all, the base station can activate a discontinuous reception (DRX) mode so mobile devices can power down their transcievers for some time. The power down cycles range from milliseconds to seconds. In fact, the longest DRX cycle is as long as the paging interval. So from a mobile point of view the main difference between being in ECM connected state with a DRX cycle the length of a paging intervall and being in ECM idle state without a radio interface connection is how it's mobility is controlled. In ECM connected state, handovers are performed, in ECM idle state, it can change its serving cell autonomously and only has to report to the network when it leaves the current tracking area. In other words, the base station is likely to keep the mobile device in ECM connected state for as long as possible by using DRX so data transfers can be resumed very quickly before cutting the link entirely and setting the state to ECM idle.

Summary

Quite difficult to make a summary as Mobility Management, Connection Management and air interface DRX control are in theory independent from each other but have to be looked at in common to make sense. In a rough generalization I would say that during normal operation:

a mobile is always in EMM registered state because it's identiy is known to the network and, implicity, an IP address has been assigned;

a mobile transfering data is always in ECM connected state;

a mobile not transfering data is also in ECM connected state but DRX is activated on the air interface;

only mobile whith very long periods of inactivity are in ECM idle state while staying EMM registered.

I hope this look at EMM and ECM from different points of view have made the concepts a bit clearer. In the next part of this mini-series, I'll have a look at the different handover variants the SAE architecture supports to ensure the mobile device is always best connected. As always, comments are welcome.

134h Online

My new 3G online record while on vacation: My D100 3G dongle dock reported 134h online time (almost 6 days) without the network dropping the connection. Screenshot of the status page on the left. Quite stable I'd say 🙂

Meet Me at the Mobile World Congress at the Wiley Booth

The Mobile World Congress 2009 in Barcelona is coming closer and I am happy to announce that my publisher John Wiley and I will feature a "Meet The Author" session at their booth to promote the launch of my latest book "Beyond 3G – Bringing Networks, Terminals and the Web Together".

The details:

Where: John Wiley and Sons, Hall 2, 2A130
When: Wednesday, 18th February
Time: 2 to 4 p.m.

So no matter whether you already have a copy, are interested in the content, are thinking about picking one up, or if you just want to have a chat with me I am very much looking forward to meeting you there!

For those interested in taking a copy home, Wiley will offer a 20% discount. If your suitcase is already full, there's also the option to place an order at the booth and have to book shipped to you.

Over the years, this blog has become a very frequented place and I had many e-mail conversations with people working in the industry from all over the world. Now it's time to put some of these conversations into the real world. Again, it would be a pleasure meeting you at the Congress! See you there!

Carnival of the Mobilists #159 at The Mobile Broadband Blog

This week, the Carnival of the Mobilists has stopped over at Ram Krishnam's "The Mobile Broadband Blog". It's edition 159 this week, quite amazing, and I still remember how I was part of one of the first single or double digits ones by accepting to run an edition by exchanging e-mails with Russel Buckley on my mobile phone while being on the way from Lisbon airport to a meeting. Nothing special these days anymore but at the time, quite something. Tomi Ahonen would probably say it was a magical moment. So without further ado, I can warmly recommend to head over and enjoy the great writeup.

Email As The Simple Way Out

Another normob (normal mobile user) story today. A friend of mine keeps track of her notes on her Nokia N82 as it's quite convenient to use it together with a Bluetooth keyboard while traveling. While most of those notes stay on the phone, every now and then they should also end up on the PC. So how can that be done best, i.e. quickest? As a normob, that's a difficult question (but shouldn't be).

The answer is quite simple once you've set up an email account on the phone and are used to using the Wi-Fi connectivity at home with the phone. Then you just go to the notes application, click on send via email and the note ends up in the email inbox on the PC a couple of seconds later. Simple and straight forward once you've figured out how. And again, that's the problem, figuring it out in the first place. Too many pieces have to fall into place first before it becomes easy.

On the other hand, now that there is one 'killer application' for mobile email and use of the Wi-Fi at home (in addition to VoIP telephony) with the phone (and to her it's still a phone and not a mobile device…), it might lead to discovery that the mobile email client can be used for much more than to just forward notes.

Hm, maybe that's the difference between the iPhone vs. the competition from a normob point of view: While the iPhone is seen as 'something + a phone', other devcies are still seen as 'a phone + something'!?

The T-Mobile Dance

Here’s some free advertising for T-Mobile. Stunning, so I had to link. Watch in HQ and full screen!

The T-Mobile Dance in Liverpool station:

And the ‘making of’:

Enjoy!

How Do You Compete With Your DSL Competition?

I've just read an interesting article about how difficult it is today in some countries for DSL and cable operators to compete due to the sheer number of rivals in this sector. True, I can see it in France, for example. In Paris I can choose between at least 10 different DSL providers and the highwater mark for tripple play services (Internet access, unlimited landline calls and IPTV) is 30 euros per month, set-top box included. And competition is getting fiercer with alternative providers such as Free adding service upon service while sticking with the 30 euros per month price tag.

So the only real differentiator you could have against that competition is a wireless 2G/3G network that you bring into the bundle. To stay with the French example, Orange, SFR and Bouygues are going in the direction and are now all offering a DSL and set-top box. For now, I don't see a lot of combined fixed/mobile offers except maybe common billing, which won't make a lot of people switch to another DSL provider. But I suspect that might change in the not so far future when solutions mature to let people access the content stored in their set-top box or in their home network from their mobile device while being away. A unique chance for mobile operators with fixed line assets as they are in the right place to pre-configure the mobile devices and the set-top box (maybe even centrally) of a household to work together seamlessly.

Throw some femtos into the equation or simply a 3G USB modem with a SIM card that automatically installs when you plug it into your notebook. A daily fee or a couple of euros extra a month automatically and transparently put on your monthly invoice. Quite a number of options DSL/cable only players do not have. I am curios which fixed/mobile player will go ahead first to heat up the competition.

SAE Review Part 1: Let’s Be Flexible and Redundant

Release 8 of the 3GPP specification is nearing completion and I thought it's the right time to have a closer look at one of the key core network architecture specifications for LTE, or to be precise, the SAE (System Architecture Evolution) in 3GPP TS 23.401. It's title 'GPRS enhancements for E-UTRAN' is a bit misleading as it is an architecture document in itself that shows the full architecture and not only enhancements. It has become a massive document, 219 pages at the moment, so a single blog post won't do to describe the features which are different compared to GSM and UMTS. So I've decided to split the review into several parts and start with the flexibility and redundancy of network elements which is built into the system from day one.

In the initial 3GPP specs for UMTS (Release 99 or Release 3 if you will after the current counting method), the network was pretty hierarchical. One UMTS base station (NodeB) was connected to one radio network controller (RNC) which was in turn connected to one MSC for voice calls and one SGSN (Serving GPRS Support Node) for packet data traffic. In later 3GPP releases the RNC interface has become more flexible (the famous Iu flex) and in theory, a single UMTS RNC can now be connected to several MSCs and SGSNs for redundancy and load sharing purposes. In practice, however, I suspect it is not used a lot (yet).

Splitting the gateway into MME and SGW and assigning several to a single base station

In the LTE/SAE specs, flexibility and redundancy is built in from day one. A single LTE base station, called eNodeB, can now be connected to several gateway nodes simultaneously. The gateway node itself is split into a Mobility Management Entity (MME) and a Serving Gateway (SGW) and an interface has been defined between the two. So in practice both can be in the same physical device or split into two different devices. There is also no need to have the same number of MMEs and SGWs in the network, so capacity can be independently increased for the management part (MME) or the datapath (SGW) as needed.

Moving subscribers from one gateway to another and creating redundancy

There are even functions foreseen to move subscribers of one MME or SGW to another MME or SGW, for example to upgrade the software and then reboot the device. Another benefit of pools is that in case one device fails, not all users in the area are affected. If one node fails and the connection is interrupted a device can quickly reconnect and be assigned to a different node. Quite a difference to today where the failure of a single SGSN immediately renders a part of the network useless. It happens often enough…

[Updated 7. September 2009] Tracking Area Lists to prevent border hopping

Another piece of flexibility are tracking area lists, which used to be called location areas (LAs) or routing areas (RAs) in UMTS. Like LAs and RAs, a tracking area is a conglomerate of one or more cells. Mobile devices currently not connected to the network only have to report to the network when they change to a tracking area which is not in the list that was assigned to them by the MME during the last tracking area update. This reduces power consumption and reduces mobility management signaling in the network. Tracking area lists in effect blur the tracking area boundaries and prevent scenarios in which a mobile device keeps hopping between two cells in different tracking areas resulting in frequent signaling exchanges and battery drain.

Packet Data Network Gateway flexibility

And of course the packet data gateway (PDN-GW), the gatekeeper between the mobile network and the Internet (or a fixed line IP network in general) is also not fixed but can be chosen from a pool.

Summary

As shown above, the whole LTE/SAE architecture has been defined in a very flexible way for several reasons. Compared with the flexibility added to GSM/GPRS and UMTS over time, this goes one step further and the use of IP for all interfaces helps a great deal to make this much more simple than in 2G and 3G networks.

So much for today. In the next part, I'll look at Mobility- and Connection Management (EMM and CMM) and the differences to UMTS's Packet Mobility Management and Session Management (PMM and SM).

Sandboxie

Not a truly mobile story today by itself but one that started as a such some time ago on this blog. A while back I reported on a first weakness found in the Wi-Fi WPA encryption. I didn't get all the facts right the first time and was promptly corrected by a reader who was kind enough to supply a link to Security Now, a great podcast show, that each week explains security issues at great length but easy to understand. I listened to the podcast, corrected my mistakes and subscribed to the podcasts on my N95 to have interesting podcasts while traveling. Recently I listened to podcast 172 about a program called Sandboxie for Windows machines that I think is so useful that I would like to mention it here.

With Sandboxie, you can put programs like web browsers, e-mail clients, instant messengers, etc. in a sandbox that redirects write access to files and the registry to a copy instead of to the original. This way should you catch a virus via a web page or via that attached power point file of an e-mail from a trusted friend, all the malicious code can do is harm a copy of the file and the registry. It can still steal data as it has standard read access to all other files but it can't harm the machine anymore. As soon as the last program in the sandbox ends, the files in the sandbox are deleted and gone is the threat.

It's even possible to install programs in the sandbox. They just run just fine afterward, but only in the Sandbox of course. Once you are done with testing, delete the sandbox and you can start from scratch. No orphan files remaining, no extra clutter in the already fat registry. So the concept of Sandboxie is quite similar to that of a virtual machine except that the applications have read access to the outside. The big advantages are that it requires no extra memory and processor resources, it just adds a shell of protection around those programs so they can't do any harm.

Completely blocking write access has it's drawbacks, too, of course. With a complete isolation, it's not possible to permanently store bookmarks for example and you will also loose your e-mail that is stored in local files once the sandbox is deleted. But the author has thought about that as well and it's possible to activate exceptions for the most well known programs so that their configuration and data files are not sandboxed. For less well known programs, it's possible to configure files or directories that are excluded from the sandbox manually. And, with the registered version, it's even possible to define programs which are automatically run in the sandbox when they are started. Great for an installation for less computer savy users to make the sandbox almost transparent for them.

So while it's not the purpose of Sandboxie to replace an anti-virus scanner it's a great tool to add another layer of protection. It takes some knowledge to configure it for individual purposes but once done, even less computer savvy users should not have a problem with it. So while the proof for that is still outstanding, I'll install it on a normob notebook soon 🙂

I love it how one gets from A to B on the web, I would never have heard of it would I not have blogged about the Wi-Fi WPA attack, if someone would not have commented and left a link and if someone else hadn't bothered to do a great podcast every week I listened to on my mobile phone during a long car trip. In this way, it is actually a mobile story after all.

Carnival of the Mobilists 158 over at the VoIP Survivor

This week, the Carnival of the Mobilists has stopped over at Tsahi Levent-Levi's blog, aka the VoIP survivor for an as usual impressive roundup of what's been happening in the mobile blogging sphere over the past week. To my great pleasure and surprise, my entry on the use of Wi-Fi in mobile devices has been voted for being the best post of the week. Thanks for that, I really appreciate it! So for all the best from the mobile blogging sphere, don't hesitate, head over and enjoy!