1. What is OpenBSC
    2. Requirements
    3. Source code
      1. Releases
      2. Development Version
    4. Mailing list
    5. IRC (Internet Relay Chat)
    6. Project status
      1. Things that work
      2. Things that are implemented but don't work yet or aren't tested yet
      3. Things being worked at
      4. Things that are missing
    7. Authors

OpenBSC is the current name for a software program that started with the name bs11-abis.

What is OpenBSC

It is a BSC (Base Station Controller) side implementation of the A-bis protocol, as implemented in the GSM Technical Specification 08.5x and 12.21. It implements a minimal subset of the BSC, MSC and HLR. It does not implement ant of the interfaces (like the A and B interfaces) between the higher-order GSM network components.

The goal of the project is to

  • provide a basis for experimentation and security research with GSM from the network side
  • document, publicized and point out any security related issues that we find as part of that
  • learn more about GSM networks on a lower level, particularly the practical aspects with real-world equipment

We are not interested in

  • building a stable/reliable BSC/MSC for deployment in networks requiring high-9 (99.999....) availability
  • building something that follows the GSM spec to the last detail
  • disrupting actual commercial GSM network

Requirements

While OpenBSC is mainly written in portable C99 code, there are some non-portable parts:

  • The E1 input driver requires a Linux kernel with mISDN support and an E1 interface card compatible with mISDN

To opertate a GSM network, you not only need OpenBSC but of course also some kind of GSM BTS. The only currently tested configurations are with a

Source code

Releases

As we're a mostly research oriented project, we don't really have any releases yet. This will likely change soon.

Development Version

You can check out the source code via 

git clone git://openbsc.gnumonks.org/openbsc.git

or browse it at http://openbsc.gnumonks.org/trac/browser

Mailing list

There's a developer mailing list called openbsc@lists.gnumonks.org Subscription is available at http://lists.gnumonks.org/mailman/listinfo/openbsc/

IRC (Internet Relay Chat)

We have an IRC channel where some developers and users hang out. You can find it at: irc.freenode.net/#openbsc

Project status

Things that work

  • Housekeeping
    • OML? Initialization of the BTS
    • Support for frequency hopping channels on BTS equipment that supports it (like BS-11)
    • RSL? bringup, channel allocation, Channel required / Immediate Assign
  • Mobility Management
    • Very simplistic HLR implemented as sqlite database
    • Non-secure Authentication using IMEI?/IMSI? and regular SIM cards.
    • IMEI?/IMSI? skimming of all phones that try to register with OpenBSC
    • Transmission of MM INFO packets with operator name and local time / timezone
    • paging of mobiles that are registered to the BTS
    • keeping track of which location area a phone has last performed location updating
    • in-call handover between multiple cells inside one BSC
  • SMS Support
    • SMS? reception and SMS? sending, including routing between subscribers
    • Sending of SMS from OpenBSC commandline
    • Sending of SMS from external applications by writing to the SQL tables
  • Voice Call Support
    • MO (Mobile Originated) and MT (Mobile Terminated) calls
    • TCH/F support with FR and EFR codec
    • TCH/H support with AMR codec (in BSC-only configuration)
  • E1 support
    • demultiplex of the four 16k sub-channels with voice data contained in one E1 timeslot
    • support for multiple TRX in one BTS
    • support for multiple BTS connected to the same E1 link (multi-loop configuration)
  • Abis/IP support
    • Abis/IP protocol for nanoBTS
    • RTP gateway to interoperate E1 based BTS and nanoBTS on one BSC and switch calls between them
  • GPRS/EDGE support
    • configuring the nanoBTS OML objects/attributes for GPRS and EDGE
    • setting SYSTEM INFORMATION 13 via RSL
    • configurable RAID/CGI/NSVCI/NSEI/BVCI
    • have the BTS interoperate a SGSN with Gb (NS-over-IP) interface
    • pre-alpha state OsmoSGSN? included in OpenBSC

Things that are implemented but don't work yet or aren't tested yet

  • GPRS support (SGSN + GGSN inside OpenBSC)
  • Support the use of A3/A8 and A5/1 (we need SIM cards with known Ki, e.g. simulated SIM cards)

Things being worked at

  • GPS/DCF77 disciplined quartz reference for the HFC-E1 card (via HS-Esslingen, Student Research Project)

Things that are missing

  • Cell Broadcast
  • transcoding of voice data
  • TCH/H voice calls (in standalone config)
  • CSD? calls
  • emergency call handling
  • Discontinuous TX and RX (DTX? / DRX?) support

Authors

OpenBSC was mainly developed by Harald Welte. Contributions by Holger Freyther, Stefan Schmidt, Daniel Willmann, Jan Luebbe, Thomas Seiler and Andreas Eversberg.

Special thanks to Dieter Spaar for BS11-Init? and tons of feedback and comments, without which we would not have been able to make progress as quickly as we did.