Admin
I am sure that for many of you, as for me quite recently, what is happening on the airwaves was a real magic. We turn on the TV or radio, pick up the cell phone, determine our position on the map using GPS or GLONASS satellites – and it all works automatically. Thanks to RTL-SDR, we now have an affordable way to look inside all this magic.
As already mentioned, RTL-SDR is a whole family of cheap TV tuners capable of performing the function of an SDR receiver. These toys have different names and brands, but one thing unites them – they are all built on the RTL2832 chipset. This is a microcircuit containing two 8-bit ADCs with a sampling rate of up to 3.2 MHz (however, data loss may occur above 2.8 MHz), and a USB interface for communication with a computer. This microcircuit accepts I- and Q-streams at the input, which should be received by another microcircuit.
The R820T and E4000 are the two most SDR-friendly microcircuits that implement the RF part of the SDR: antenna amplifier, tunable filter, and quadrature demodulator with frequency synthesizer. The figure is a block diagram of the E4000.
The difference between the two is as follows: the E4000 operates in the ~ 52-2200 MHz range and has slightly higher sensitivity below 160 MHz. With the E4000 maker going bankrupt and discontinued, the remaining tuners are becoming increasingly difficult to buy and their prices are rising.
The R820T operates in the 24-1766 MHz range, however, the tuning range of the internal filters makes it very difficult for the R820T to operate above 1200 MHz (which makes it impossible, for example, to receive GPS). At the moment, tuners based on this microcircuit are easy to buy, and they cost about 10-11 dollars.
Also, tuners based on FC0012 / FC0013 / FC2580 microcircuits are sold – they have very serious restrictions on operating frequencies, and it is better not to buy them. You can find out on which microcircuit the tuner is made in the product description or by asking the seller. If there is no information on the chips used, it is better to buy elsewhere.
Purchase
You can’t find them in retail stores, so aliexpress.com will help us . We write in the search R820T or E4000, sort by the number of orders, carefully read the description (it must be clearly written there that the tuner uses RTL2832 + E4000 or RTL2832 + R820T microcircuits), and you can order. They are usually sent by mail in Russia, within 3-6 weeks.
A tiny antenna will be included with the tuner – of course, it is better to replace it. Good results can be obtained using a conventional indoor TV antenna MV-DMV “horn”. In the product description, you also need to pay attention to the antenna connector – and either look for a tuner with a regular TV connector, or uncover the soldering iron and make an adapter / re-solder the connector. It is very easy to kill the device with static electricity when soldering, so ground yourself.
On many tuners, there are no protective diodes near the antenna connector (in this case, U7) – you can either solder them yourself (one to the ground, one from the ground – I, for example, soldered 1N4148), or leave it as it is, and do not touch the antenna with your bare hands and protect from static electricity in every possible way.
RTL2832 software and API
rtl_sdr
Rtl_sdr is a driver providing “inappropriate” use of data from TV tuners based on rtl2832. On Windows, you will have to replace the default tuner driver with WinUSB using the Zadig program.
Rtlsdr.dll is required by all SDR programs, and often this DLL is already included in the delivery of software that uses RTL2832.
Rtl_sdr can also be used through the console utility to test the tuner or merge a piece of air into a file:
rtl_sdr -f 1575520000 -g 34 -s 2048000 out.datDuring further processing, you need to remember that in the file the bytes of the I- and Q-streams are alternately.
SDRSharp
SDRSharp is one of the popular and easy-to-use Windows programs for working with RTL2832 (and some other SDRs). At the start, select RTL2832 by clicking on the Front-end button. You need to enter the frequency by hand in the Center field.
Top left – selection of the type of demodulation. FM is used for conventional FM broadcasting and audio in analogue television, AM in low-frequency radio stations and aircraft communications, and NFM in walkie-talkies.
Many external decoders for digital broadcasts work through an “analog” interface – that is, you launch SDRSharp, install the Virtual Audio Cable program (paid program), configure SDRSharp so that it outputs decoded audio to VAC, and in the Windows system settings specify VAC as a recorder for default. As a result, the external decoder program will receive sound from SDRSharp.
Thus, P25 decoders of walkie-talkies (police), data from weather satellites, pagers, aircraft navigation messages (ADS-B) and much more are connected (more on this below). This unusual way of connecting has developed historically – before, analog receivers were connected to a computer. Over time, decoders are added to work directly with RTL-SDR.
GNU Radio
GNU Radio Is a true bison SDR. This is a software package designed to process data received from an SDR receiver in real time. Being the de facto standard for all more or less professional fun in the field of radio, the program is built on a modular basis, taking into account the OOP paradigm. This is a real radio constructor, in which the role of elements is assigned to functional blocks: filters, modulators / demodulators and a myriad of other signal processing primitives. Thus, it is possible to compose practically any processing path from them. This is done in the literal sense of the word in a few mouse clicks in a visual graphic editor, whose name is gnuradio-companion. Moreover, gnuradio-companion is written in Python and allows you to generate schemas in Python.
Hardware add-ons
Extending the range of supported frequencies
Below ~ 52 MHz / 24 MHz, most of the interesting things in the air are found – therefore, the limitation on the minimum frequency seriously limits the capabilities of these receivers. You can expand the range by purchasing an up-converter, which will shift the signal from the antenna 100 or 125 MHz up. Among the converters on sale so far, NooElec – Ham It Up v1.2 with 125 MHz quartz shows itself best. The use of 125 MHz quartz is very important, since there are many powerful FM stations in the 100 MHz region and without very high-quality shielding of all parts of the system, they will interfere with reception.
This converter can be used with any SDR systems, including those working for transmission (there is a limitation on the power).
For reception at frequencies less than 50 MHz, you will have to pay more attention to the antenna, since its dimensions grow in proportion to the increase in the wavelength. There are a lot of antenna designs for amateur radio communication in the HF band, but in the simplest case it is a 5–20 m long wire descending from the balcony.
Low noise amplifier
Both the E4000 and R820T are silicon chips, and the amplifier inside them is noisier than the more expensive standalone GaAs amplifiers. To slightly reduce the noise level (by 1.5-3 dB) and improve the reception of very weak signals, you can buy a low-noise amplifier, which is connected between the antenna and the tuner.
One of the options is LNA for all .
What to listen to on the radio?
Radio communications in unlicensed bands
Civilian radios that do not require registration in Russia operate at 433 and 446 MHz. However, in Moscow it is difficult to hear Russian speech there. They can be heard immediately and without problems in SDRSharp, NFM modulation.
Since there are many channels, the plug-in for SDRSharp AutoTuner Plugin is very useful – it automatically turns on the frequency on which the transmission is being carried out, and thus you can listen to all radio channels at once.
To listen to walkie-talkies at a frequency of 27 MHz, you need a tuner with an R820T chip or an external converter in the case of the E4000 (for example, Ham It Up v1.2 described earlier). An optimal antenna for 27 MHz already requires a more serious one, ~ 2.59 or ~ 1.23 m long.
Police radio communications
Police in Moscow and in many other regions of Russia have switched to the use of digital radio stations operating in the APCO-25 (P25) standard. In the P25, data is transmitted digitally with compression and error correction codes – this allows you to increase the range of stable communication and cram more channels into the same radio frequency band. There is also an optional encryption option, but the regular police work without encryption.
A DSD decoder can be used to receive P25 radios . DSD expects audio input. You can redirect audio from SDRSharp to DSD using Virtual Audio Cable. DSD is very critical to SDRSharp settings – I recommend setting AF Gain around 20–40%, it is possible to disable the Filter Audio checkbox. If everything goes according to plan, decoded packets will run in the DSD window, and conversations will be heard in the headphones. This scheme also works with the mentioned AutoTuner plugin in SDRSharp.
I invite readers to find frequencies on their own, since this information is not open.
Radio communications between aircraft and dispatchers
For historical reasons, amplitude modulation is used for radio communications in aviation. Usually, transmissions from airplanes are better heard than from air traffic controllers or weather informants on the ground. The frequency range is 117-130 MHz.
Receiving signals from automatic transmitters of aircraft ADS-B
ADS-B is used to enable both controller and pilot to see the air situation. Each aircraft regularly transmits flight parameters at a frequency of 1090 MHz: flight name, altitude, speed, azimuth, current coordinates (not always transmitted).
We can also accept this data in order to personally monitor flights. Two popular ADS-B decoders for RTL2832 are ADSB # and RTL1090. I used ADSB #. Before starting, it is advisable to tune to 1090 MHz in SDRSharp, see if there is a signal and what is the frequency error due to the inaccuracy of the crystal oscillator. This error must be compensated for in the Front-end settings: Frequency correction (ppm). Remember that the magnitude of this error can change with the temperature of the receiver. The found correction must be specified in the ADSB ### window (after closing SDRSharp).
The optimal monopole antenna for 1090 MHz is only 6.9 cm long. Since the signal is very weak, it is very desirable to have a dipole antenna installed vertically with the same length of elements.
ADSB # decodes packets and waits for network connections from a client displaying the air situation. We will use adsbSCOPE as such a client .
After launching adsbSCOPE, open the Other -> Network -> Network setup menu item, click on the adsb # button below, make sure that the server address is 127.0.0.1. Then you need to find your location on the map and execute the Navigation -> Set Receiver Location command. Then start connecting to ADSB #: Other -> Network -> RAW-data client active.
If everything is done correctly, then within a few minutes you will be able to see information about the planes (if, of course, they are flying near you). In my case, with a monopole antenna, it was possible to receive signals from aircraft at a distance of about 25 km. The result can be improved by taking a better antenna (dipole and more difficult), adding an additional amplifier at the input (preferably GaAs), using a tuner based on the R820T (at this frequency it has a higher sensitivity than the E4000).
Reception of long and short wave analog and digital radio stations
Before the advent of the Internet, HF radio stations were one of the ways to get news from the other side of the globe – short waves, reflected from the ionosphere, can be received far beyond the horizon. A large number of HF radio stations still exist today, they can be searched in the range of ~ 8-15 MHz. At night in Moscow, I managed to hear radio stations from France, Italy, Germany, Bulgaria, Great Britain and China.
Further development – digital DRM radio stations: compressed audio with error correction + additional information is transmitted on short waves. You can listen to them using the Dream decoder . The frequency range for searching is from 0 to 15 MHz. Remember that a large antenna may be needed for these low frequencies.
In addition, you can hear the transmissions of radio amateurs – at the frequencies 1810-2000 kHz, 3500-3800 kHz, 7000-7200 kHz, 144-146 MHz, 430-440 MHz and others.
Doomsday radio – UVB-76
UVB-76 is located in western Russia, has been transmitting at 4.625 MHz since the early 1980s, and has an unclear military purpose. On the air from time to time, code messages are transmitted by voice. I was able to receive it on RTL2832 with a converter and a 25-meter antenna lowered from the balcony.
GPS
One of the most unusual possibilities is the reception of navigation signals from GPS satellites to a TV tuner. This requires an active GPS antenna (with amplifier). You need to connect the antenna to the tuner through a capacitor, and to the capacitor (from the side of the active antenna) – a 3 V battery to power the amplifier in the antenna.
Further, you can either process the merged ether dump with a matlab script – this may be interesting in order to study the principles of GPS operation – or use GNSS-SDR , which implements decoding of GPS signals in real time.
It would be difficult to receive a signal from GLONASS satellites in a similar way – there are different satellites transmitting at different frequencies, and all frequencies do not fit into the RTL2832 band.
Other uses and limits
RTL2832 can be used to debug radio transmitters, eavesdrop on baby monitors and analog radio telephones, to parse communication protocols in radio-controlled toys, radio calls, car remotes, weather stations, systems for remote collection of information from sensors, electricity meters. With the converter, you can read the code from the simplest 125 kHz RFID tags. Signals can be recorded for days, analyzed and then repeated over the air on the transmitting equipment. If necessary, the tuner can be connected to an Android device, Raspberry Pi or other compact computer to organize autonomous data collection from the radio.
You can take photos from weather satellites and listen to transmissions from the ISS – but this will require special antennas and amplifiers. Photos are decoded by WXtoImg program .
It is possible to capture encrypted data transmitted by GSM phones ( airprobe project ) if frequency-hopping is disabled in the network.
The possibilities of SDR based on RTL2832 are still not limitless: before Wi-Fi and Bluetooth, it lacks in frequency, and even if you make a converter, due to the fact that the capture bandwidth cannot be wider than ~ 2.8 MHz, it is impossible will receive even one Wi-Fi channel. Bluetooth 1600 times per second changes the operating frequency in the range of 2400-2483 MHz, and it will not keep up. For the same reason, full-fledged reception of analog television is impossible (there is a need for a received band of 8 MHz, from 2.8 MHz you can only get a black and white picture without sound). For such applications, more serious SDR receivers are needed: HackRF, bladeRF, USRP1 and others.
Nevertheless, everyone now has the opportunity to explore both analog and digital radio broadcasts, touch satellites and planes!
Comments
Loading…