Some months ago I published the analysis of a BPSK pulse radar waveform that Scott Tilley VE7TIL had received through the transponder of Meridian 8 at a downlink frequency of 994 MHz. Now Roland Proesch DF3LZ has analyzed the same recording that I used, finding some different signal parameters. This has made me review my analysis, and it turns out that I made a mistake in finding the symbol rate of the signal. This post is an updated analysis, correcting my mistake.
Category: Software
Using, configuring and programming amateur radio related software.
Othernet’s open source open-ondd receiver
Back in 2016, I became interested in Othernet‘s satellite filecasting service, which back then was called Outernet. Outernet was a start up company that offered a free global satellite service with which some internet contents such as weather updates or Wikipedia pages were broadcast. The main goal of the company was making this content available in developing countries, remote locations, and in general, in places that couldn’t afford an internet connection. Outernet started being popular with Amateur radio operators, hobbyists and makers, who saw it as an interesting project to set up at home for fun.
Most of the Outernet’s software stack was open source, and their receivers were some kind of embedded Linux system. However, the key parts of the receiver, which were the demodulator and the implementation of the filecasting protocol, were closed source and the protocols and specs they used were not documented publicly. Unhappy with this, I wrote in their forums asking if these software pieces could be open sourced. After receiving a negative reply, I decided to try to reverse-engineer all this, with the goal of writing some documentation and producing an open-source alternative implementation.
Decoding the Falcon-9 upper stage
This is hardly news any longer. Since a few weeks ago, some people have been decoding the S-band telemetry from the Falcon-9 upper stage, which includes live video of the exterior of the spacecraft and the liquid oxygen tanks interior. This started with the work of r00t.cz, @aang254 and others, who around the second week of March managed to decode video from the telemetry for the first time. r00t.cz has published some information about the telemetry, @aang254 has added a decoder to SatDump, and Alexandre Rouma is adding a decoder to SDR++. In fact, the whole exercise of decoding the video has become quite popular, and more and more people are contributing to decode the latest launches.
On 2021-03-24 there was a launch of 60 Starlink satellites from Cape Canaveral, and Iban Cardona EB3FRN sent me the IQ recording he did on the first orbit, some 18 minutes after the launch. I decided to make a GNU Radio decoder flowgraph for this, since even though there are already several software decoders, I haven’t seen anyone using GNU Radio. I figured out that I could easily put together a flowgraph using some blocks from gr-satellites. This would make a useful and interesting example of using GNU Radio to decode digital signals.
Decoding IDEASSat
One of the interesting Amateur cubesats in yesterday’s SpaceX Transporter-1 launch from Cape Canaveral is IDEASSat, a 3U cubesat from the National Central University of the Republic of China (Taiwan) designed to study ionospheric plasma. Jan van Gils PE0SAT drew my attention to this satellite as he was trying to see if it was possible to decode it with any of the decoders existing in gr-satellites. Mike Rupprecht DK3WN also helped with a good recording, much cleaner than the SatNOGS recording that Jan was using.
Presumably this satellite uses “AX25, 9k6, GMSK”, as listed at the bottom of this page from Taiwan’s National Space Organization, and also in this research paper. However, this is not true. It’s simple to check that the usual 9k6 FSK AX.25 decoders aren’t able to decode this signal, and a look at the FSK symbols shows that there is no scrambler (9k6 AX.25 uses the G3RUH scrambler) and that the symbol sequence doesn’t have much to do with AX.25.
After some reverse-enginnering, yesterday I figured out how the coding used by IDEASSat worked, and today I added a decoder to gr-satellites to help Mike investigate what kind of telemetry the packets contain. The protocol is not very good, so I think it’s interesting to document it in detail, as some sort of lessons learned. In this post I’ll do so. As it turns out, the protocol has some elements that loosely resemble AX.25, so I’m left wondering whether this is some unsuccessful attempt at implementing standard AX.25 (we’ve already seen very weird attempts, such as ESEO).
BPSK radar received through Meridian 8
Ever since SETI Insitute published the news of a possible signal received from Proxima Centauri in some of the Parkes telescope recordings at 982 MHz, Scott Tilley VE7TIL has taken up the interest to search and catalogue the satellites that transmit on this band (specially old, forgotten and zombie satellites). His idea is to try to see if this candidate signal can be explained as interference from some satellite.
This has led him to discover some signals coming from satellites on a Molniya orbit. After examination with the Allen Telescope Array of these signals, we confirmed that they came from wideband transponders (centre frequency around 995 MHz, 13 MHz width) on some of the Meridian Russian communications satellites (in particular Meridian 4 and 8, but also others).
These transponders show all sorts of terrestrial signals that are relayed as unintended traffic through the transponder. By measuring Doppler we know that the uplink is somewhere around 700 or 800 MHz. We have found some OFDM-like signals that seem to be NB-IoT. Unfortunately we haven’t been able to do anything useful with them, maybe because there are several signals overlapping on the same frequency. We also found a wideband FM signal containing music and announcements in Turkmen, which later turned out to be the audio subcarrier of a SECAM analogue TV channel from Turkmenistan.
A few days ago, Scott detected a pulsed strong signal through the transponder of the Meridians at a downlink frequency of 994.2 MHz. He did an IQ recording of this signal on the downlink of Meridian 8. It turns out that this signal is a BPSK pulse radar. In this post I do a detailed analysis of the radar waveform using this recording.
Decoding the NEXUS π/4-DQPSK signal
NEXUS, also called FO-99, is a Japanese Amateur satellite built by Nihon University and JAMSAT. It was launched on January 2019, and one of its interesting features is a π/4-DQPSK high-speed transmitter for the 435 MHz Amateur satellite band.
I was always interested in implementing a decoder for this satellite, due to its unusual modulation, but the technical information that is publicly available is scarce, so I never set to do it. A few days ago, Andrei Kopanchuk UZ7HO asked me a question about the Reed-Solomon code used in this satellite. He was working on a decoder for this satellite, and had some extra documentation. This renewed my interest in building a decoder for this satellite.
With some help from Andy regarding the symbol mapping for the π/4-DQPSK constellation, I have made a decoder GNU Radio flowgraph that I have added to gr-satellites.
Decoding AMICal Sat in-orbit images
Back in March, I was helping Julien Nicolas F4HVX to test the S-band image transmitter of AMICal Sat before launch. In my post back then, I explained that AMICal Sat uses a Nordic Semiconductor nRF24L01+ 2.4GHz FSK transceiver chip to transmit Shockburst packets at 1Mbaud. I also explained how the Onyx EV76C664 CMOS image sensor works and how to process raw images.
AMICal Sat was finally launched on 2020-09-03, and since them the satellite team has been busy trying to downlink some images, both using the UHF transmitter (which uses the same protocol as Światowid) and the S-band transmitter. This has proven a bit difficult because the ADCS of the satellite is not working, and the downlink protocols are not very robust.
Julien has been sending me recordings done by their groundstation in Russia with the hope that we could be able to decode some of the data. Before several failed attempts where we were hardly able to decode a few packets, we got a particularly good S-band recording done on 2020-10-05. Using that recording, I have been able to decode a full image.
Measuring Tianwen-1’s modulation
This is a post I had announced since I first described Tianwen-1’s modulation. Since we have very high SNR recordings of the Tianwen-1 low rate rate telemetry signal made with the 20m dish in Bochum observatory, it is interesting to make detailed measurements of the modulation parameters. In fact, there is something curious about the way the modulation is implemented in the spacecraft’s transmitter. This analysis will show it clearly, but I will reserve the details for later in the post.
Here I will be using a recording that already appeared in a previous post. It was made on 2020-07-26 07:47:20 UTC in Bochum shortly after the switch to the high gain antenna, so the SNR is fantastic. The recording was done at 2.5Msps, and the spectrum can be seen below. The asymmetry (especially around +1MHz) might be due to the receive chain.
The signal is residual carrier phase modulation, with 16348 baud BPSK data on a 65536Hz square wave subcarrier. There is also a 500kHz ranging tone.
Decoding Mars 2020
Mars 2020, NASA’s latest mission to Mars, was launched a couple weeks ago. However, with all the Tianwen-1 work down the pipeline, until now I haven’t had time to dedicate an appropriate post to this mission (though I showed some sneak peek on Twitter). This mission consists of a rover and helicopter (a real novelty in space exploration). Both were launched with the cruise stage and the entry, descent and landing system on July 30 from Cape Canaveral, an are currently on their transfer orbit to Mars, as Tianwen-1 and Emirates Mars Mission.
In this post I will be working with some recordings made by AMSAT-DL using the 20m radio telescope at Bochum’s observatory. These feature the low rate safe mode telemetry, which was very strong and caused some anecdotes as it saturated some NASA DSN receivers, and the nominal 10kbps telemetry signal that was switched on later. Here I will describe the modulation and coding, giving GNU Radio decoders, and also take a look at the data. r00t.cz has also written a post where he shows similar information.
Tianwen-1 high speed data signal
In a previous post I talked about how the high data rate signal of Tianwen-1 can be used to replay recorded telemetry. I did an analysis of the telemetry transmitted over the high speed data signal on 2020-07-30 and showed how to interpret the ADCS data, but left the detailed description of the modulation and coding for a future post.
Here I will talk about the modulation and coding, and how the signal switches from the ordinary low rate telemetry to the high speed signal. I also give GNU Radio decoder flowgraphs, tianwen1_hsd.grc, which works with the 8192 bit frames, and tianwen1_hsd_shortframes.grc, which works with the 2048 bit short frames.