Baseband processor
A baseband processor (also known as baseband radio processor, BP, or BBP) is a device (a chip or part of a chip) in a network interface controller that manages all the radio functions (all functions that require an antenna); however, this term is generally not used in reference to Wi-Fi and Bluetooth radios. A baseband processor typically uses its own RAM and firmware. Baseband processors are typically fabricated using CMOS (complementary metal–oxide–semiconductor) or RF CMOS technology,[1] and are widely used in radio-frequency (RF) and wireless communications.[2]
Overview
Baseband processors typically run a real-time operating system (RTOS) as their firmware, such as ENEA's OSE, Nucleus RTOS (iPhone 3G/3GS/iPad), ThreadX (iPhone 4), and VRTX. There are more than a few significant manufacturers of baseband processors, including Broadcom, Icera, Intel Mobile Communications (former Infineon wireless division), MediaTek, Qualcomm, Spreadtrum, and ST-Ericsson.
The rationale of separating the baseband processor from the main processor (known as the AP or application processor) is threefold:
- Radio performance
- Radio control functions (signal modulation, encoding, radio frequency shifting, etc.) are highly timing-dependent, and require a real-time operating system.
- Radio reliability
- Separating the BP into a different component ensures proper radio operation while allowing application and OS changes.
- Legal
- Some authorities (e.g. the U.S. Federal Communications Commission (FCC)) require that the entire software stack running on a device which communicates with the mobile telephony network must be certified. Separating the BP into a different component allows reusing a stack without having to recertify the full AP.
Security concerns
Since the software which runs on baseband processors is usually proprietary, it is impossible to perform an independent code audit. By reverse engineering some of the baseband chips, researchers have found security vulnerabilities that could be used to access and modify data on the phone remotely.[3][4] In March 2014, makers of the free Android derivative Replicant announced they had found a backdoor in the baseband software of Samsung Galaxy phones that allows remote access to the user data stored on the phone.[5]
See also
- OsmocomBB a free software for baseband processors
References
- Chen, Wai-Kai (2018). The VLSI Handbook. CRC Press. pp. 60–2. ISBN 9781420005967.
- Morgado, Alonso; Río, Rocío del; Rosa, José M. de la (2011). Nanometer CMOS Sigma-Delta Modulators for Software Defined Radio. Springer Science & Business Media. p. 1. ISBN 9781461400370.
- Ralf Philipp Weinmann. "DeepSec 2010: All your baseband are belong to us". YouTube. Retrieved 2014-03-15.
- Ralf Philipp Weinmann. "WOOT 2012: Baseband Attacks: Remote Exploitation of Memory Corruptions in Cellular Protocol Stacks" (PDF). USENIX WOOT. Retrieved 2015-04-05.
- "Replicant developers find and close Samsung Galaxy backdoor". Free Software Foundation. Retrieved 2015-10-03.
Further reading
- Baseband Processor entry at openezx.org, archived from the original on May 5, 2013
- Babin, Steve. Developing software for Symbian OS: A beginner's guide to creating Symbian OS v9 smartphone applications in C++. Symbian Press, 2007, p. 80.