Signals intelligence (SIGINT) refers to all intelligence obtained from electronic signals and their carried information. If information is transmitted over the air, RF antennas can retrieve and monitor it. In order to understand a signal’s content, the protocol must be known and, if the message is encrypted, the decryption algorithm and key must be identified. Even if the message cannot be decrypted, useful information can still be obtained through traffic analysis.
To detect a signal of interest, an analog RF front end that can cover the signal’s frequency range is required. RF front ends come with specifications about their tuning frequency range and their instantaneous bandwidth. Generally, a signal can be detected if its frequency is between the tuned frequency plus-or-minus half the bandwidth of the RF front end.
To decode a signal, the RF front end bandwidth specification must be higher than the signal protocol bandwidth. For example, LTE supports a 20 MHz bandwidth. Even when low bandwidth signals are monitored (like a 200 kHz GSM channel), a higher bandwidth RF front end is still useful; it could monitor several channels at the same time, as well as the uplink and the downlink stream. If an RF front end’s bandwidth is not high enough to monitor another signal at a different frequency, it must to be re-tuned, thus preventing continuous channel monitoring.
The amount of data generated by a signal is directly proportional to its bandwidth. For example, a signal with a 20 MHz bandwidth produces 20 million samples each second for both the in-phase component (I) and the quadrature component (Q). Even cutting-edge multi-core processors, working in the Gigahertz range, cannot keep up with this amount of data, as signal processing algorithms require several multiplications and additions for each sample received.
One approach to dealing with high throughput is to record the data on a high-speed memory device and then post-process the data when the recording is over. This approach is not well suited for continuously monitoring signals, however, as it creates latency between the signal’s reception and availability.
Another approach is to use the processing power of a field-programmable gate array (FPGA), an integrated circuit designed for heavily parallel processing algorithms. An FPGA has the benefits of an application-specific integrated circuit (ASIC) and the reconfigurability of a digital signal processor (DSP). Since all samples can be processed in parallel, the FPGA can run algorithms on several hundred million samples per second. They can decode the entire received signal or just perform some pre-processing treatments in order to catch significant events, thus considerably scaling down the amount of data sent to the computer.
FPGA are programmed using a hardware description language (VHDL or Verilog). The learning curve can be discouraging for new users who want to take advantage of an FPGA’s processing power. A model-based development environment can greatly speed up the time required to develop a real-time algorithm.
A model-based design kit
The Nutaq Model-Based Design Kit (MBDK) is an easy way to quickly implement a real-time SIGINT algorithm. In this example, a wideband receiver is connected to a Perseus board with an ADAC250.
The wideband receiver can be tuned from 100 kHz to 20 GHz and has a 100 MHz bandwidth. It outputs the baseband complex signal on its I and Q analog outputs. The PicoDigitizer can then sample these signals with its two 250 MHz analog-to-digital converters (ADC).
In the Nutaq MBDK environment (using the Xilinx System Generator), FPGA applications can be designed without worrying about hardware interfaces. ADC signals are directly accessible (RX section) and Xilinx signal processing blocks (filters, FFT, multiplication, down sampler, etc) can be used. Real-time data exchange (RTDEx) with a remote computer is already implemented for communication interfaces like Gigabit Ethernet and PCI express, both on the FPGA side as well as on the computer side.
In this example application, an RF channelizer splits the wideband signal in multiple channels. The averaged power of each channel is continuously sent to the computer and the computer can monitor specific low bandwidth channels. This configuration shows how an FPGA can enable real-time monitoring of the entire available bandwidth while only sending useful data streams or information to the computer.
The Nutaq MBDK lets users who are unfamiliar with FPGA development benefit from their real-time processing capabilities. A few decades ago, this amount of data could not be processed in real-time but with today digital processing technologies, continuous RF sensing on wideband signals is now possible.