Suggestions required to implement Calypso BTS with GPRS (minimal)
I have been successful in running the calypso BTS and registering phones to it. I have also examined the source code implemented.
I am currently doing an Internship in Berlin and the company wants to demonstrate to it customers that 2G services are not secure. Basically we are designing a securtiy demonstrator. We want to do man-in-the-middle attacks with the existing open source s/w. So we thought a B100 USrp would be the need of the hour. But I am really interested working with the calypso phones because I am comfortable with the source code and have already worked on it.
I want to try (do) implementing the GPRS functionality to this calypso BTS. Since the work is mostly involved at Layer1 or lets say transceiver.
I tried running OpenBTS-gprs version and resulted with some info. The mframe_sched in the trx doesnt contain info about the how to handle packet channels or the multiframes do not have the Packet channels. So when the BTS assigns (on CCCH) a dedicated channel and the calypso phone fails to receive uplink or doesnt provide a way for the phone to access the BTS. I understand the working of trx and want to add this GPRS functionality to trx. I am aiming to implement minimal GPRS functionality. I have also seen how OpenBTS-gprs has triggers this packet channel or the way multiframes handle PDCH, PTCH.. By observing them I can get some idea.
In this regard I request from you few suggestions such as where I have to work more and what are the challenges I will face. your suggestions are valuable to me.