Using the RTL-SDR as a Panadapter for the IC-751A

A panadapter is a device that connects to a standard hardware radio and allows you to visually see the RF signals on a waterfall. Since SDR’s run on the PC, they naturally have the ability to display a panadapter screen, and most software like SDR#, HDSDR and SDR-Console already provide this. The RTL-SDR can also be used to add panadapter capabilities to a regular hardware radio. 

Gary Rondeau has been using the RTL-SDR as a panadapter for his IC-751A, which is a high quality ham radio transceiver. In his first post, Gary shows how he connected the RTL-SDR in a block diagram, and then shows how he interfaces the RTL-SDR and IC-751A together using HDSDR and the Omnirig software.

Block diagram showing the RTL-SDR as a Panadapter with the IC-751A and HDSDR.
Block diagram showing the RTL-SDR as a Panadapter with the IC-751A and HDSDR.

In his second post he shows a comparison between decoding JT65 and JT9 signals directly from the IC-751A audio output, vs via the RTL-SDR & HDSDR panadapter connection. His results show that as long as there is sufficient signal level, the RTL-SDR as a panadapter can match the performance of the raw IC-751A audio output, even producing less signal splatter on strong signals due to the pure numerical vs analogue mixing strategies of SDRs vs analogue radios.

RTL-SDR (top) vs raw audio from IC-751A below. RTL-SDR has a wider bandwidth, and less splatter at 2200 kHz when the strong signal came in.
RTL-SDR (top) vs raw audio from IC-751A below. RTL-SDR has a wider bandwidth, and less splatter at 2200 kHz when the strong signal came in.

Finally, in his third post he shows some more benefits of using the RTL-SDR as a panadapter, including rapid SSB tuning, RFI identification and signatures, helping work a pile up, monitor SSB net while working PSK on the parent radio, monitor the JT65 & JT9 band while working PSK – or vise versa and finally leave the radios on and monitor PSK, RTTY, JT65 & JT9 traffic for PSK Reporter.

Reverse Engineering Digital RF Signals the Easy Way with DSpectrum

Recently nullwolf (T.J. Acton) wrote in to let us know about a very useful wrapper for Inspectrum that he has created, called DSpectrum. Inspectrum is a Linux/Mac based tool that makes it very easy to extract a binary string from a digital transmission which can be recorded with any SDR like an RTL-SDR. DSpectrum builds on Inspectrum and further automates the reverse engineering process. He writes:

The wrapper [DSpectrum] assesses the amplitude measurements, or frequency shifts, that are reported by Inspectrum. The wrapper uses the average of the provided values as a threshold. When a cell’s value falls below the threshold, the wrapper determines that the value is a binary ‘0’, and when it is above the threshold, it records the value as a ‘1’. It then returns this raw binary data as output, in addition to the binary’s hex and ascii translations.

Another two features were included: the semi-automatic comparison of two portions of a transmission in the same file, and the semi-automatic comparison of two signals in separate files.

Nullwolf notes that with DSpectrum the time taken for him to reverse engineer signals has dropped from 1 hour down to 5 minutes in some cases.

A comparison of two binary signals in DSpectrum
A comparison of two binary signals in DSpectrum
https://www.youtube.com/watch?v=wR0HpWfeVRU

Airspy vs SDRPlay: Two New Comparison Videos

Over on YouTube two new videos comparing the reception on the SDRplay and Airspy have been uploaded. The first is by Mile Kokotov and he compares the reception on a very weak broadcast FM station, with several strong signals surrounding it. He writes:

In this video I am presenting Airspy+SDR# vs SDRplay+SDRuno in the real world, receiving very weak FM broadcast station in the terrible conditions, with very strong signals around.
The Weak signal was in the lower edge of the FM broadcast spectrum, with very strong local signals close to the weak one, in the upper frequencies of the FM broadcast spectrum.
The antenna for the both SDR receivers was the same – Vertical Dipole for FM BC band.

Both SDR receivers were tuned to maximum possible signal to noise ratio (SNR) of the weak FM broadcast signal.

In SDRuno RSP control panel (for SDRplay receiver) ZERO IF and 0.3/0.6 bandwidth were chosen, and the weak signal of interest was placed on the right edge of IF filter, so that the strong signals from other FM broadcast radio stations were placed right from the weak one in order to minimized the negative influence to the our weak signal.
LNA was switched off. When the LNA was on, there where high distortion level because LNA was overloaded from the strong signals, and SNR was deteriorated regardless of gain reduction.
The best results were achieved with gain reduction set to “0”, without LNA.

In SDR# software (for Airspy SDR receiver) 10 MSPS and Decimation was used.
From the version 1480, in SDR#, when decimation is choosed, there is tracking filter which allow better selectivity, so you can use more gain, increasing the SNR to maximum possible level depending of concrete situation.

The overall receiving conditions was extremely bad. The signals from local FM radio stations were too strong so the weak signal from this video can not be received at all, with many expensive FM tuners which I tried: Pioneer VSX 527, Denon AVR-1802, Marantz SR6300. I was tried RTL-SDR just for fun, but it can not receive weak signal too :-), not because SDR-RTL is not sensitive enough, but because its dynamic range is not so high and it is overloaded by too strong local signals.

The very sensitive receiver is not problem to design and produce. Much more difficult is to design a high dynamic range receiver. which will be able to receive very weak and very strong signals at the same time without overloading.

Overloaded receiver front end means that it is not linear any more, and produces many signals by itself, increasing its noise level.
Very strong signals at the receiver front end makes Desensitization of the receiver, so it could not receive weak signals any more.
We should not forget that the receiver front end “looks” all signals from the wide frequency range even if we want to receive only one signal at the time. The more wideband the receiver is, the higher dynamic range it has to be, for not been overloaded…

https://www.youtube.com/watch?v=RqM6KtbEyYI

In the second video Leif sm5bsz compares the Airspy+SpyVerter with the SDRplay RSP on HF reception. He concludes that the difference between the two radios on HF is small. However, Youssef from Airspy has contested the result, noticing that Leif ran the Airspy at 2.5 MSPS, resulting is significantly less decimation being used. In response Leif updated his video adding an A/B comparison on HF with the Airspy correctly running at 10 MSPS in the last 8 minutes of the video. The results seem to show that the SDRPlay and Airspy+Spyverter have similar HF performance, but when comparing maximum decimation on the Airspy and the smallest bandwidth the SDRplay to obtain similar bandwidth’s, the results seem to show that the Airspy+SpyVerter is about 5 dB more sensitive at receiving weak signals.

https://www.youtube.com/watch?v=VTYdIVzTrYQ

SDRUno Updated to Version 1.03

SDRUno, the official software for the SDRplay has recently been updated to version 1.03. SDRUno is the free SDRplay specific version of Studio1, and also supports other SDR’s like the RTL-SDR, with an artificial 1MHz bandwidth limit. The change log is shown below:

Bug Fixes

  • High DPI resolution issue.
  • Various minor bug fixes and typos

Updates

  • Reworked filter cutoffs
  • Separate out EXTIO functionality
  • RSP Ready indicator in Main Window/SETT/Input
  • Rename FM Stereo Noise Reduction button and slider to FMS-NR to avoid confusion with SNR (Signal Noise Ratio)
  • Improvements to tuner AGC scheme
  • Improvements to DC offset scheme
  • Removed unused buttons in SP1/SP2 windows
  • LO display in RSP advanced window and the SP1 window
  • Change defaults (LNA OFF / AGC ON)
  • Added RDS PTY support

sdruno_announcement

New Posts From RTLSDR4Everyone: Avoiding RTL-SDR Ripoffs, ADS-B Antenna Reviews, Travel Kits and Direct Sampling vs Upconverter vs SDRPlay

Akos from the rtlsdr4everyone blog has been busy uploading new posts over the past few days. His first post is part three in a series that discusses how to avoid ripoffs when buying RTL-SDR dongles. The RTL-SDR market has recently become quite saturated, and it is now easy to purchase something that most experienced users would consider a ripoff. His post shows some examples of what he considers to be poor value choices available on eBay.

An example of a ripoff price.
An example of a ripoff price.

His second post discusses his methodology for testing dongles on their ADS-B performance. The second post then leads into the third post in which he compares four antennas on ADS-B reception. He compares two telescopic whip antennas, one set to 1/2 wave length, and the other set to 1/4 wave, a NooElec 5dBi whip antenna, and the FlightAware ADS-B antenna. His results show that the FlightAware antenna was the best performer, followed by the 1/2 wave telescopic whip, then the NooElec 5dBi whip and finally the 1/4 wave telescopic whip. The fourth post continues the ADS-B topic, and he reviews the NooElec 5dBi ADS-B antenna. Although the performance is not as good as the FlightAware antenna he mentions that it is much smaller and great for portable use. If  you are interested, we have also a review of the FlightAware antenna, and we also found its performance to be excellent.

The four ADS-B antennas tested in Akos' review.
The four ADS-B antennas tested in Akos’ review.

In his fifth post Akos shows what his RTL-SDR travel kit consists of. In this post he recommends both our RTL-SDR V3 dongle as well as the NooElec SMArt. For a portable computer, he takes along a Raspberry Pi 3 and a 20,000 mAh battery bank with solar charger. (Though we’d be interested to hear from Akos how long it takes for that small solar panel to charge the battery bank, probably takes days to charge?) For antennas he prefers to take along our large 1.5m telescopic antenna, the NooElec 5dBi ADS-B antenna, a medium telescopic antenna and a Nagoya knock-off telescopic antenna.

Akos' Mobile ADS-B Station.
Akos’ Mobile ADS-B Station.

Finally in the sixth post he shows a video that compares the differences between a generic dongle modded with direct sampling (without any impedance matching circuitry), an RTL-SDR dongle with ham-it-up upconverter and an SDRplay. Unsurprisingly the upconverter and SDRplay performs best.

http://www.youtube.com/watch?v=g7qa8nQbIPg

As a bonus, Akos also has done an interesting stress test on the metal case of our RTL-SDR dongles, where he runs it over with a bus to see if it will survive. The case is mangled afterwards, but the dongle and functionality survives!

Dotcom dongle meets a bus

Two Videos Showing the LimeSDR on HF in SDR-Console V3

The LimeSDR is a RX/TX capable SDR with a 100 kHz – 3.8 GHz frequency range, 12-bit ADC and 61.44 MHz bandwidth. It costs $299 USD and we think it is going to be an excellent next generation upgrade to SDR’s with similar price and functionality like the HackRF and bladeRF. Back in August we posted how they had added HF functionality to their drivers, and posted some videos from LimeSDR beta tester Marty Wittrock who had gotten HF working well  in GQRX.

Now that SDR-Console has added support for the LimeSDR and HF reception, Marty has uploaded two new videos showing it in action. The first video shows some SSB reception on 40M and the second shows some CW reception on 20M. Marty runs SDR-Console on a MSI Core i5 Cube PC. Marty also writes:

Even with the ‘older’ LimeSDRs that I have that don’t have the proposed modified matching networks on them the performance at 20m and 40m was actually REALLY good for voice and CW. Obviously if the band conditions for 15m and 10m were better the days that I tested the LimeSDR it would have been even better since ‘as-designed’ matching networks seem to do better at 30 MHz and up. Checking the performance at 162.475 MHz (my local Cedar Rapids, Iowa NOAA Weather Station) the performance is excellent on a VHF antenna.

https://www.youtube.com/watch?v=NwozoUD4Whk
https://www.youtube.com/watch?v=u2KK49sJ3L0

 

Performing a Replay Attack on a Wireless Doorbell with a USRP SDR

A replay attack consists of recording a signal, and then simply replaying it back at the same frequency at a later time. To do this a receive and transmit capable software defined radio like a USRP/HackRF/bladeRF can be used.

Over on his blog, the admin of the dxwxr group has posted a tutorial showing how he performs a replay attack on a simple wireless doorbell using a USRP, GNURadio and the audio editor Audacity. This is a very simple process and is a great tutorial for those looking to get started in reverse engineering signals. First he determines the frequency of the doorbell which turned out be be around 315 MHz. Then using GNURadio he records the signal emitted by the doorbell remote and opens up the audio file in Audacity. He then isolates a section of the signal and saves it as a raw aiff file. Finally, he uses GNURadio to transmit the isolated signal via the USRP.

Captured wireless doorbell signal.
Captured wireless doorbell signal.
https://www.youtube.com/watch?time_continue=19&v=LMFnbwFQdeI

Working towards an FPGA DSP Implementation with LabVIEW for the RTL-SDR

Back in August we posted how Albert Lederer had created a RTL-SDR interface for the LabVIEW visual programming language which could be run on a host PC. LabVIEW is a visual programming language which is used commonly by engineers and scientists to quickly build applications for things like product testing, system monitoring, instrument control etc.

In his latest post/tutorial uploaded a few days ago he shows how to run the RTL-SDR RF acquisition on a myRIO, which is a development processing board that can run Linux and has an on board FPGA. LabVIEW can then be used to control the RTL-SDR from the host PC.

The whole point of running the RTL-SDR on the myRIO is to eventually make use of the on board FPGA. In future posts he hopes to show us how to use the on board FPGA to offload digital signal processing (DSP) tasks,  which would significantly speed up applications.

Data flow for offloading RTL-SDR DSP tasks onto the FPGA
Data flow for offloading RTL-SDR DSP tasks onto the FPGA