Progress Meeting

On-board Radiometric Fingerprinting System

Mikolai-Alexander Gütschow

May 16, 2023

Overview

Three stages

  1. Obtain physical-layer signal measurements (I/Q samples) on SoC
  2. Implement lightweight feature extraction pipeline on SoC
  3. Deploy ML classifier on SoC

Stage 2: Receiver pipeline and feature extraction

Dataset

  • PHY layer: 802.15.4 @ 2.4GHz
  • PPDU without SHR: 1B (PHR) + 12B (PHY payload) + 2B (MAC CRC)
  • Sampling frequency 8MHz, 3800 IQ samples
  • Experiment in anechoic chamber
  • Rx: 2 nRF52833, Tx: 30 nRF52840 = 15 DK + 15 Dongle
  • 1000 frames per device pair
  • SNR: 50dB

Receiver Pipeline

  • Parallel implementation:
    • Python for fast simulation
    • C using ARM CMSIS-DSP for on-board processing
  • Implementation mostly following [1] and Matlab Communications Toolbox
  • Additional improvements for frequency and phase synchronization
  1. Rice, Michael. Digital Communications - A Discrete-Time Approach. 1st ed. New York, NY: Prentice Hall, 2008.

Normalization + matched filter

  • Half-sine pulse as matched filter for IEEE 802.15.4 2450 MHz PHY

Frequency synchronization

  • Frequency offset detection following [2]
  • 4096-FFT over squared IQ samples
    • frequency resolution ~1kHz
  • Gaussian window and Gaussian interpolation according to [3]
    • remaining frequency estimation error  < 1 Hz
  1. Olds, Jonathan. Designing an OQPSK demodulator.
  2. M. Gasior and J. L. Gonzalez. Improving FFT Frequency Measurement Resolution by Parabolic and Gaussian Spectrum Interpolation. AIP Conference Proceedings, vol. 732, no. 1, pp. 276–285, Nov. 2004, doi: 10.1063/1.1831158.

Phase synchronization

  • Challenge for PLL:
    • not enough IQ samples to achieve phase lock

  • Use iterative approach instead:
    • test different phase shifts
    • pick the one with fewest outliers from characteristic X-shape

Phase ambiguity resolution

  • 90° phase ambiguity after phase synchronization
  • Resolved via correlation with known chip sequence
  • Challenge: synchronization header (preamble, SFD) missing in samples
  • But: payload is known, use first half-byte of payload

Time synchronization

  • normal time PLL with interpolator

Feature extraction

  • synchronization-based features:
    • Carrier Frequency Offset (CFO)
  • constellation-based features:
    • Magnitude Error
    • Phase Error
    • I/Q Offset
    • Error Vector Magnitude (EVM)

Feature Quality

Preliminary classifier performance

  • training set: 100 frames per Tx
  • SVM (rbf kernel, one-vs-rest, C=1000)
    • accuracy = 77.78%
  • RFC (100 subtrees)
    • accuracy = 81.58%

Next steps

Additional Data Acquisition

  • same Tx as before (comparison over time)
  • additional Tx (types) for larger and more varied dataset

Transition to Stage 3

  • feature tuning
  • classifier selection
  • classifier deployment on-board

Thanks