[IEEE 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Ajaccio, France (2013.06.24-2013.06.26)] 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Software-based system for measuring location observables in IEEE 802.11 networks

Download [IEEE 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Ajaccio, France (2013.06.24-2013.06.26)] 2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET) - Software-based system for measuring location observables in IEEE 802.11 networks

Post on 16-Mar-2017




2 download

Embed Size (px)


<ul><li><p>Software-based System for Measuring Location Observables in IEEE 802.11 Networks </p><p>Israel Martin-Escalona, Francisco Barcelo-Arroyo, Enrica Zola Universitat Politcnica de Catalunya (UPC), </p><p>Department of Telematics Engineering, Barcelona, Spain Email: imartin@entel.upc.edu ; barcelo@entel.upc.edu ; enrica@entel.upc.edu </p><p>AbstractSeveral techniques have been proposed for positioning nodes over IEEE 802.11 networks, but only few consist in time-based multilateration, mainly due to the protocol stack not supporting accurate timestamps. One frequent solution is to develop the hardware required for providing accurate timestamps. However, this approach tends to slow down the research and the ulterior deployment of the location techniques, since the performance of these techniques is bounded to a specific hardware design. This paper presents a measuring system aimed at providing location observables that can be used in time-based multilateration techniques. The system, which follows a software approach, is based on enhancing the SoftMAC layer of Linux with location-measuring capabilities. The system is conceived for supporting any kind of time-based measurements, by adding as many plugins as measured observables. Two plugins have been initially developed. The first one computes the round trip time of a message from a station to an access point and back again to the station. The second plugin calculates time-differences of arrival suitable for being used in the passive TDOA technique. This work provides the definition of the measuring system. Real data has been collected to test the system. The results indicate that the measurements provided by the system can be used for location purposes, i.e. they follow the physical laws in which metrics are based (e.g. they grow along with the distance between the nodes). </p><p>Keywordslinux; location; measuring system; round trip time; RTT; positioning; ranging;range-difference; IEEE 802.11; WLAN </p><p>I. INTRODUCTION Most of the recent wireless networks have included the </p><p>location services as part of the network definition. The location information allows the operation and maintenance of these wireless networks to be enhanced and eventually, in certain networks, it becomes essential for the proper functioning of the network. This latter is the case of the ad hoc networks, in which scalable routing protocols are only feasible if nodes include positioning capabilities [1]. Moreover, service provides can use location capabilities for enhancing their current services (e.g. taking geo-tagged pictures) and for proposing new ones in which the users position is key to provide the service (e.g. navigation services). </p><p>GPS is a good solution for scenarios with direct sight between terrestrial receivers and satellites (e.g. outdoors). However, the GPS performance worsens when the path between these two elements is partially or totally blocked (e.g. urban canyons, indoors, etc.). Therefore, new location techniques addressed to these GPS-less scenarios need to be developed. These techniques have to cope with more restrictive </p><p>signal propagation conditions (e.g. with noticeable multipath, interference, shared network infrastructure, etc.) and with higher requirements in terms of location quality of service (QoS) compared with those demanded outdoors, especially in terms of accuracy and response time. </p><p>Recent proposals for GPS-less positioning tend to use IEEE 802.11 networks for location purposes. Two main approaches are followed in these networks: pattern-matching and ranging-based. Pattern-matching concentrates most of the techniques proposed for IEEE 802.11 [2], since it does not require customizing the network devices and it usually provides good QoS figures. However, pattern-matching requires building a database with data measured at certain relevant places of the scenario in which the technique is going to be deployed. This database has to be built before the technique is deployed and needs to be updated as long as the conditions of the scenario change (e.g. changing the furniture in an office). Thus, the real performance of the technique depends on the variability of the scenario. Moreover, in environments with lots of changes (e.g. shopping centers, offices, etc.), the cost of periodically updating this database can be a remarkable issue. </p><p>Better trade-off between location QoS and the cost of operation is achieved by ranging techniques, especially those based on time-based measurements. Time-based ranging techniques consist in observing metrics related with the time-of-flight of a signal from the network device to be located to a restricted set of nodes placed at known positions. Latter, these time-of-flight-related observables can be turned into distances or distance-differences so that positioning algorithm (e.g. circular or hyperbolic multilateration) can be run. </p><p>Time-based ranging involves three main issues: non-line-of-sight estimation, time synchronization between devices, timestamping precision. In non-line-of-sight scenarios, direct path between nodes is blocked and hence an alternative path is measured instead. Therefore, time-of-flight observations are impacted by huge errors. Several approaches have been presented to face this issue [3]. Synchronization can be easily overcome, depending on the metric being observed. For instance, techniques based on measuring the distance between one node to another at known position frequently measure the round trip time (RTT) for subsequently deducting the time-of-flight [4]. Improving the precision of the timestamps is more complicated. The IEEE 802.11 protocol stack includes the Timing Synchronization Function (TSF), which adds a timestamp to each received frame. However, its precision is in the order or microseconds, which means a range-resolution of </p><p>This research was funded by the ERDF and the Spanish Government through project TEC2009-08198 and the Catalan Government through the project 2010VALOR-00065. </p><p>978-1-4799-1004-5/13/$31.00 2013 IEEE</p><p>2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET)</p><p>75</p></li><li><p>300 meters, clearly inadequate for indoor positioning. Therefore, accurate timestamping must involve changes in the IEEE 802.11 equipment. An FGPA is attached to a IEEE 802.11 Wireless Network Interface Card (WNIC) in [5] to listen to location traffic and timestamping the corresponding frames. Although good QoS figures are achieved, WiFi nodes have to be customized (i.e. include the new hardware), which seriously limits the deployment of the location technique. </p><p>Modifying the software running in the IEEE 802.11 equipment seems to be a better strategy to face the timestamping accuracy issue. It consists in updating the protocol stack of the network devices to include time-based ranging capabilities. The feasibility of the software-based approach is studied in [6], according to the layer in which frames are timestamped. The solutions based on software timestamping tend to involve huge error, because the measurements are taken in the upper layers of the protocol stack, often in the application player. </p><p>This paper presents a measuring system for gathering location observables in IEEE 802.11 networks, aimed at being hardware independent and as accurate as possible; and assessing the stability of the collected observables. The rest of the paper is structured as follows. The Section II provides the definition, design and few comments on the implementation of the system. The procedure and scenarios proposed for testing the measuring system are provided in the Section III. The Section IV shows the results of the proposed scenarios and experiments. Finally, the Section V draws the main conclusions. </p><p>II. THE MEASURING SYSTEM </p><p>A. Design of the measuring system IEEE 802.11 networking is supported by almost all the </p><p>current network-oriented operating systems. The measuring system proposed in this work is based on modifying the protocol stack of the IEEE 802.11 in Linux. The architecture of the IEEE 802.11 provisioning in Linux is presented in [7]. Early implementations of the IEEE 802.11 stack did not provide most of the MAC facilities. They were supposed to be internally provided by the WNICs, which simplified the driver </p><p>development and portability, but led to poor consistency in terms of hardware support (i.e. different WNICs behave different under the same conditions). The SoftMAC approach succeeded this hardware-based approach. It implements most of the MAC functionalities of the IEEE 802.11 stack as a software layer, which makes the network architecture of Linux much more consistent and easier to maintain and debug. </p><p>Two frameworks provide the SoftMAC capabilities in Linux: net80211 [8] and mac80211 [9]. Net80211 is a partial port of the FreeBSD SoftMAC system. It is only supported by Atheros hardware by means of the madwifi driver. Currently, it has been overtaken by mac80211, which is the framework finally included in the main branch of the Linux kernel. The gray-colored blocks of the Fig. 1 show the architecture defined by the mac80211 framework. It is based on two modules: cfg80211 and mac80211. The first one is responsible for managing the WNICs (e.g. setting up the wireless card), while the mac80211 module implements the MAC layer functionalities. Wireless extensions (i.e. wext) are still maintained for backward compatibility, but new applications tend to use the interfaces introduced by mac80211 (i.e. nl80211 and cfg80211_ops) for exchanging data with these two modules (i.e. cfg80211 and mac80211). </p><p>Only few proposals for software time-based ranging in IEEE 802.11 networks have been proposed. In [10], the madwifi-ng driver [11] was modified to enable round trip times (RTTs) between the station (STA) to be located and several access point (AP), to be collected. This solution only works with Atheros-based WNICs, reducing the updatability and the portability of the measuring system. The authors of [12] propose to use a user application to make the RTT measurements, which leads to inaccurate observables and consequently, complex filtering stages. </p><p>The measuring system proposed in this work is designed with accuracy in mind. Fig. 1 shows the resulting design. The mac80211 module is enhanced so that time-based observables can be collected. The dialog with the ranging capabilities of the mac80211 is carried out by means of a new module named pos80211. This module creates a virtual character device in the system, which supports four system-calls that can be called by users applications to access to the ranging capabilities: open, release, read and unlocked_ioctl. The first two are responsible to initializing and releasing the resources allocated by the virtual device associated with the ranging measurement. The read system-call provides a blocking way for requesting a certain amount of observables. Finally unlocked_ioctl is used to manage the behavior of the measuring system (e.g. to reset the system). </p><p>A more detailed description of the systems design is shown in Fig. 2. The functionalities of the measuring system are implemented by means of plugins. These plugins implements the set of actions to be taken in order to capture an observable. These actions are defined by means of an interface (named pos80211_ops), which must be implemented by all the plugins. Plugins are registered in compilation time, patching the kernel sources to include the new capabilities. This design favors the modularity, portability and the upgradability of the measuring system. Thus, the defined system supports several </p><p>Fig. 1. Module and interfaces of the IEEE 802.11 stack in Linux </p><p>2013 12th Annual Mediterranean Ad Hoc Networking Workshop (MED-HOC-NET)</p><p>76</p></li><li><p>techniques and hardware architectures with a minimum effort and the system performance can be easily enhanced to support further techniques or to fix issues of the already supported ones. </p><p>B. Location techniques supported Currently, the measuring system captures observables </p><p>suitable for the 2-way TOA [4] and the passive TDOA [13] techniques. </p><p>The 2-way TOA technique consists of measuring the round trip time between a STA and several APs. This is done by measuring the time elapsed since a message is sent from the STA to the AP until the answer from the AP to that message (e.g. an acknowledgement) is received by the STA. This approach allows using only the clock of the STA for the timestamps and hence working in unsynchronized networks. </p><p>The passive TDOA technique was proposed to lighten the location traffic in the IEEE 802.11 network, i.e. the amount of messages required to estimate the metric required by the positioning algorithm for fixing the STA position. The passive TDOA technique defines two different STA: the active and the passive STA. The active STA is a STA running the 2-way TOA technique. The passive STA listens to the radio medium for all the messages exchanged by the active STA and the APs. Under the assumption of working a collaborative network, a TDOA can be computed in the passive STA, as shown in Fig. 3, where Tx and Rx are the messages exchanged between the active STA and one AP according to the 2-way TOA technique; and stands for the processing time required by the AP to analyze the Tx message and produce the corresponding Rx message. </p><p>C. Plugin implementation Two plugins have been designed for computing the </p><p>observables of each of the techniques previously described. The implementation of these two plugins is based on the approach presented in [14], which consists in trapping the frames being transmitted and received, so that they can be analyzed and subsequently marked with a timestamp. The timestamps can be time-based (i.e. in nanoseconds) or frequency-based (i.e. an amount of cycles according to a hardware counter). </p><p>In this specific implementation, transmission frames are trapped just before they are sent to the SoftMAC driver, while received frames are handled just when they are released by the driver. Fig. 4 shows the procedure followed by the 2-way TOA plugin to compute the RTTs. When mac80211 subsystem is going to transmit a frame, the 2-way TOA plugin traps it and adds a timestamp to the frame as long as it is a data or a control </p><p>frame (i.e. not a management frame). Then the frame is forwarded to the corresponding driver for its transmission. On the other side, 2-way TOA traps received frames before the mac80211 subsystem handles them. The plugin computes a new RTT if the frame is an ACK addressed to the STA and a timestamp for a previous transmission is available. Finally, the timestamp of the previous transmitted frame is removed. Computed RTTs are stored in a pre-allocated circular buffer for further consumption. It must be noted that retransmitted frames are not accounted for the RTT computation, but they are discarded. </p><p>The passive TDOA plugin works similarly, as shown in Fig. 5, but with the particularity of trapping only the received frames. If a received fra...</p></li></ul>


View more >