Main Content

Recover and Analyze Packets in 802.11 Waveform

This example blindly detects, decodes, and analyzes multiple IEEE 802.11a™, IEEE 802.11n™, IEEE 802.11ac™, and IEEE 802.11ax™ packets in a waveform. The example provides a summary of the detected packets and displays the MAC contents, error vector magnitude (EVM), power, and signaling information for a selected packet.

Introduction

In this example we detect, decode, and analyze multiple packets within a waveform. This example can decode OFDM non-HT, non-HT duplicate, HT, VHT [ 1 ], HE MU, HE SU, and HE ER SU [ 2 ] packet formats. The receiver does not know any transmission parameters, except for the channel bandwidth, and retrieves these parameters by decoding the preamble fields of the packet. These measurements are displayed for a detected packet:

  • The spectrum and time domain samples.

  • The signaling field contents.

  • The resource unit and user information for an HE waveform.

  • The constellation of the equalized data symbols.

  • The EVM of the signaling fields.

  • The EVM per data subcarrier averaged over spatial streams and symbols.

  • The EVM per data symbol averaged over spatial streams and subcarriers.

  • The MAC frame contents: A-MPDU deaggregation status, Address1, Address2, Frame Check Sequence (FCS) and Frame Type.

Setup Waveform Recovery Parameters

This example analyzes I/Q data containing non-HT and HE packets. The useSDR variable controls the data source for this example:

  • When set to false, comm.BasebandFileReader reads a synthetic waveform stored in a binary file format.

  • When set to true, an SDR platform captures an off-the-air-waveform from a commercial device.

useSDR = false;

Reception with an SDR Device

This section demonstrates how to capture an off-the-air-waveform using an SDR device. Communications Toolbox supports radio communication with several SDR devices. For a list of supported devices and for an overview of how to install and setup a support package for your device, refer to the documentation of these support packages.

Communications Toolbox Support Package for Analog Devices ADALM-Pluto Radio

  • Installation and Setup (Communications Toolbox Support Package for Analog Devices ADALM-Pluto Radio) and Supported Hardware (Communications Toolbox Support Package for Analog Devices ADALM-Pluto Radio)

  • Use Pluto as deviceName

Communications Toolbox Support Package for USRP Embedded Series Radio

  • Installation and Setup (Communications Toolbox Support Package for USRP Embedded Series Radio) and Hardware Support (Communications Toolbox Support Package for USRP Embedded Series Radio)

  • Use E3xx as deviceName

Communications Toolbox Support Package for Xilinx Zynq-Based Radio

  • Installation and Setup (Communications Toolbox Support Package for Xilinx Zynq-Based Radio) and Hardware Support (Communications Toolbox Support Package for Xilinx Zynq-Based Radio)

  • Use AD936x or FMCOMMS5 as deviceName

% Configure the analysis source
if useSDR %#ok<*UNRCH>
    deviceName    = "Pluto"; % Device name
    frequencyBand = 5; % Frequency band
    channelNumber = 102; % WLAN channel number
    captureTime   = 0.1; % Signal capture duration in seconds
    sr            = 20000000; % Captured sampling rate
    chanBW        = 'CBW20'; % Channel bandwidth of all packets within the waveform
    
    % Set the center frequency to the corresponding channel number. The
    % center frequency should be centered on the channel bandwidth.
    fc = helperWLANChannelFrequency(channelNumber,frequencyBand); 
    rx = sdrrx(deviceName,'BasebandSampleRate',sr,'CenterFrequency',fc,'OutputDataType','double');
    rxWaveform = capture(rx,captureTime,'Seconds');
    release(rx);
end

To view an example on how to recover 802.11a™ OFDM non-HT beacon frames transmitted over the air from the commercial 802.11 hardware see the 802.11 OFDM Beacon Receiver with USRP® Hardware example.

Import a Captured Waveform from a File

This section loads I/Q data from an existing binary file using comm.BasebandFileReader. The baseband file format includes the sample rate and the number of channels in the captured waveform. Alternately you can load the waveform in a MAT-file format.

% Configure the analysis source
if ~useSDR
    BBR = comm.BasebandFileReader('wlanWaveform.bb'); % Create a baseband file reader object
    chanBW = 'CBW20'; % Channel bandwidth of all packets within the waveform
    bbrInfo = info(BBR);
    BBR.SamplesPerFrame = bbrInfo.NumSamplesInData; % Number of sample in the waveform
    rxWaveform = BBR();  % Load the I&Q sample from a binary file
    sr = BBR.SampleRate; % Sampling rate of the input signal
    release(BBR);
end

To view an example that recovers beacon packets from a baseband file see the 802.11 OFDM Beacon Receiver with Captured Data example.

Signal Recovery and Analysis

This section detects, analyzes, and displays a summary of the detected packets. All packets in the waveform must have the specified channel bandwidth, chanBW.

% Create a WaveformAnalyzer object to parse and analyze the packet within a waveform
analyzer = WaveformAnalyzer;
process(analyzer,rxWaveform,chanBW,sr);

% Display the summary of the detected packets
detectionSummary(analyzer);
                                                                           Summary of the Detected Packets
detSummary=11×9 table
    Number     Format     PHY Status    Power (dBm)    CFO (Hz)    Offset (samples)    MAC Contents    RMS EVM (dB)    Max EVM (dB)
    ______    ________    __________    ___________    ________    ________________    ____________    ____________    ____________

       1      "Non-HT"    "Success"         12.7         61431             97          "Beacon"          -25.824         -17.272   
       2      "Non-HT"    "Success"        13.08        -39757           2577          "RTS"             -24.937         -17.737   
       3      "Non-HT"    "Success"        13.01         62250           4017          "CTS"             -26.181         -18.982   
       4      "HE-MU"     "Success"        14.98        -39660           5297          "A-MPDU"          -25.353         -12.353   
       5      "Non-HT"    "Success"        13.04        -39437          18657          "Block Ack"       -25.564         -17.118   
       6      "Non-HT"    "Success"        13.07        -29899          20417          "RTS"             -25.082         -16.625   
       7      "Non-HT"    "Success"        13.01         52489          21857          "CTS"             -26.118         -18.372   
       8      "VHT"       "Success"        17.43         62290          23137          "A-MPDU"            -20.9         -10.955   
       9      "Non-HT"    "Success"        14.99        -38861          28337          "RTS"             -27.842         -20.114   
      10      "Non-HT"    "Success"        14.94         42363          29777          "CTS"             -27.409         -19.042   
      11      "HT-MF"     "Success"        15.03         22238          31058          "A-MPDU"           -26.55         -17.287   

Use the pktNum variable to display the MAC and PHY analysis for a selected packet.

pktNum = 4 ;

% Display the MAC information of the selected packet
macSummary(analyzer,pktNum);
 
                                    Recovered MPDU Summary of Packet 4

    AMPDU/MPDU Number    STAID       Address1          Address2       AMPDU/MPDU Decode Status    MAC Frame Type
    _________________    _____    ______________    ______________    ________________________    ______________

     "AMPDU1_MPDU1"        1      "1342ABC2FF1F"    "00123456789B"           "Success"              "QoS Data"  
     "AMPDU2_MPDU1"        2      "23FFAB1234AC"    "00123456789B"           "Success"              "QoS Data"  
     "AMPDU3_MPDU1"        3      "13EF35781356"    "00123456789B"           "Success"              "QoS Data"  
     "AMPDU4_MPDU1"        4      "159A123AFFFF"    "00123456789B"           "Success"              "QoS Data"  
% Display the time samples and the spectrum of the detected packet
plotWaveform(analyzer,pktNum)

% Display the packet field information of the selected packet
fieldSummary(analyzer,pktNum);
 
                                           Field Summary of Packet 4 (HE-MU)

    Field Name    Modulation    Num Symbols    Parity Check/CRC    Power (dBm)    RMS EVM (dB)    Max EVM (dB)
    __________    __________    ___________    ________________    ___________    ____________    ____________

     L-STF        BPSK               2                                14.59                                   
     L-LTF        BPSK               2                                14.61                                   
     L-SIG        BPSK               1               Pass             14.96         -27.59          -22.62    
     RL-SIG       BPSK               1               Pass             14.86         -27.14          -19.87    
     HE-SIG-A     BPSK               2               Pass             15.37         -26.14          -19.54    
     HE-SIG-B     BPSK               5               Pass             14.98         -27.56          -20.08    
     HE-STF       BPSK               1                                14.95                                   
     HE-LTF       BPSK               2                                15.01                                   
     Data                           35                                14.99         -25.35          -12.35    
% Display signaling field information of the selected packet
signalingSummary(analyzer,pktNum);
 
                               Signaling Field Summary of Packet 4 (HE-MU)

        Property        Value          Property          Value          Property            Value 
    ________________    _____    ____________________    _____    ______________________    _____

    L-SIG Length        467      Bandwidth               CBW20    Num HE-LTF Symbols        2    
    L-SIG Rate          0xB      Num HE-SIG-B Symbols    5        LDPC Extra Symbol         True 
    UL/DL Indication    DL       SIGB Compression        False    STBC                      False
    SIGB MCS            0        Guard Interval          3.2      Pre-FEC Padding Factor    1    
    SIGB DCM            False    HE-LTF Type             4        PE Disambiguity           False
    BSS Color           0        Doppler                 False                                   
    Spatial Reuse       0        TXOP                    127                                     
% Display the RU information
ruSummary(analyzer,pktNum);
 
                                    Resource Unit (RU) Information of Packet 4 (HE-MU)

    RU Number    RU Size    Subcarrier Index (Start)    Subcarrier Index (End)    Num Users    Num STS    Power (dBm)
    _________    _______    ________________________    ______________________    _________    _______    ___________

      "RU1"        52                 -121                       -70                  1           1          8.98    
      "RU2"        52                  -68                       -17                  1           1          8.96    
      "RU3"        52                   17                        68                  1           2          8.97    
      "RU4"        52                   70                       121                  1           1          8.97    
% Display the user information
userSummary(analyzer,pktNum);
 
                                      User Information of Packet 4 (HE-MU)

    STAID    RU Number    MCS    Modulation    Code Rate    DCM    Channel Coding    Num STS    Transmit BeamForming
    _____    _________    ___    __________    _________    ___    ______________    _______    ____________________

      1        "RU1"       0      "BPSK"         "1/2"       0         "LDPC"           1                0          
      2        "RU2"       2      "QPSK"         "3/4"       0         "LDPC"           1                0          
      3        "RU3"       4      "16QAM"        "3/4"       0         "LDPC"           2                0          
      4        "RU4"       6      "64QAM"        "3/4"       0         "LDPC"           1                0          
% Display EVM per spatial streams for all user
userEVM(analyzer,pktNum);
 
          User EVM per Spatial Stream of Packet 4 (HE-MU)

    STAID    Spatial Stream Index    RMS EVM (dB)    Max EVM (dB)
    _____    ____________________    ____________    ____________

      1               1                -26.391         -17.295   
      2               1                -27.401         -19.682   
      3               1                -23.564         -12.353   
      3               2                -23.122         -14.444   
      4               1                -27.278         -17.793   
% Plot constellation for all users
plotConstellation(analyzer,pktNum);
 

% Plot EVM
plotEVM(analyzer,pktNum);
 

 

Further Exploration

The WaveformAnalyzer provides properties to control the pilot tracking, equalization, DC blocking, and packet detection algorithms that can be tweaked to improve packet detection and analysis performance.

False packet detections

False packet detections are detected packets that you do not believe are actual packets. Evaluating the time domain waveform of the packet is one way to determine if the detected packet is legitimate. If there is a significant number of false detections present these techniques may help reduce them:

  • Enable the EnergyDetection property and set the EnergyDetectionThreshold property to a suitable value given the noise floor of the capture device. When enabled, EnergyDetection only detects packets with a power exceeding EnergyDetectionThreshold during the preamble.

  • Increase the LLTFSNRDetectionThreshold and PacketDetectionThreshold properties to discard packets with a low measured SNR during detection.

Missed packet detections

Missed packet detections are packets that you believe are in the waveform but have not been detected.

  • One possible reason a packet detection may have been missed is if a false detection occurred earlier in the waveform, but the L-SIG check passed, causing samples to be skipped. To search within possible false detections, enable the SearchWithinUnsupportedPacket property.

  • Alternatively try decreasing the PacketDetectionThreshold property to detect packet with low SNR during detection.

For detail on 802.11ax and 802.11ac signal recovery and processing, see the Recovery Procedure for an 802.11ax Packet and Recovery Procedure for an 802.11ac Packet examples.

Selected Bibliography

  1. IEEE Std 802.11™ - 2016 IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.

  2. IEEE P802.11ax™/D4.1 Draft Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications - Amendment 6: Enhancements for High Efficiency WLAN.