Home » Electronic News » Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

Posted by: Yoyokuo 2022-04-26 Comments Off on Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

In a wide range of markets such as mobile terminals, automotive, IoT and industrial, developers have been actively seeking a sophisticated ranging technology to achieve accurate indoor and outdoor positioning. Fortunately, UWB has recently been “reinvented” to be an accurate and secure real-time location technology that outperforms wireless technologies such as Wi-Fi, Bluetooth, and GPS.

In a wide range of markets such as mobile terminals, automotive, IoT and industrial, developers have been actively seeking a sophisticated ranging technology to achieve accurate indoor and outdoor positioning. Fortunately, UWB has recently been “reinvented” to be an accurate and secure real-time location technology that outperforms wireless technologies such as Wi-Fi, Bluetooth, and GPS.

UWB technology can process environmental information in real time, such as location, movement and its distance from UWB devices, which is accurate to a few centimeters, adding spatial awareness to the system, which will enable a range of exciting new applications. development. To understand the potential of UWB, it is important to consider the unique characteristics of UWB in measuring time of flight, angle of arrival, and especially its safety properties.

UWB-based automotive applications – smarter smart keys

In the second half of 2019, automakers are rolling out plans to implement UWB-based keyless car access and will explore new use cases enabled by UWB, such as in-vehicle occupant detection, automated valet parking, automated parking, parking lot entry and drive-through payment, etc. One of the highly anticipated use cases for the upcoming wave of UWB is keyless entry (PKE) via smartphones.

With PKE, you can unlock and start your car without using a mechanical key. The key fob is carried in your pocket or purse and “wakes up” when within the proper range to unlock the door. Once inside the car, the system detects the key fob to activate the ignition start button.

PKE key fobs are popular with automakers because they offer great convenience and are highly anticipated by customers. In addition, if a key fob is used, the steering column will no longer require a bulky lock cylinder, which reduces the weight of the car and reduces the risk of knee injuries in the event of a crash. Consumers also appreciate this technology because life is much more convenient without having to find or flick a mechanical key to unlock, start or lock the car. Sadly, many key fobs today are also targeted by thieves who use inexpensive off-the-shelf intrusion devices to detect the car’s wake-up signal and then redirect that signal to the key to wake the key, forcing it to unnecessarily unlock the lock Signal. This is what we know as a relay attack.

Relay attacks are possible because some key fobs now use signal strength — not timestamps — to detect when the owner is within two meters of the car. Attacks are usually done by two people, one near the keys and the other near the car. When you get out of the car, such as going to a shopping mall, coffee shop or restaurant, or if you are at home and your car key is near the hallway or window, the first thief will try to get as close to the key as possible, issuing the same type of query your car sends to detect key. If your key responds to the query, indicating that it is within range, the first thief captures the response and sends (or relays) that signal to the second waiting thief next to the car. The second thief then used the captured response signal to trick the car into unlocking and starting.

Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

Figure 1: A relay attack replicates a signal and uses it to unlock (Source: NXP)

By adding UWB to PKE key fob and smartphone access control, ToF computing can effectively prevent relay attacks. Any signal retrieved by the thief is stamped with a time stamp, indicating that the signal was generated somewhere out of range. When the signal reaches the car, the calculated travel time shows that the point where the signal was sent is too far away to open the door. A moviegoer with an afternoon movie ticket can’t get into a late night show because the time shown on the ticket is wrong and expired, likewise a pirated UWB signal won’t let a thief into a car because the signal shows the wrong time, Essentially expired.

The origin and current situation of UWB

UWB was first developed for radar applications in the 1960s. Later, the technology was adapted for use as Orthogonal Frequency Division Multiplexing (OFDM) technology and standardized in IEEE.15.3 as an ultra-high data rate transmission technology with speeds up to 480 Mbps. In terms of this capacity, the technology competes directly with WiFi, but WiFi quickly dwarfs its data transfer capabilities, making UWB take a back seat in the transfer use case. Based on pulsed radio technology, UWB’s next role is much more successful. As specified in IEEE 802.15.4a, it uses 2ns pulses to measure time-of-flight and angle-of-arrival values. Soon after, its security features were enhanced (at the PHY/RF level) with extensions specified in IEEE 802.15.4z, which made it a unique secure precision ranging and sensing technology.

The idea of ​​using a smartphone as a smart key to enter and start a car is so appealing that leading companies in the automotive and smartphone industries are getting involved in defining security mechanisms in the 802.15.4z standard. How can UWB handle such an important use case with such precision? Let’s explore the background and context of this technology.

What Makes UWB Unique Wireless Technology

Unlike most wireless technologies, ultra-wideband (UWB) works via pulsed radio. It uses a series of pulses over a wide frequency band, so it is sometimes referred to as IR-UWB or pulsed radio UWB. By contrast: Satellite, Wi-Fi, and Bluetooth use modulated sine waves over narrow frequency bands to transmit information.

UWB pulses have several important characteristics. First, they are steep and narrow and look like spikes that are easy to identify, even in noisy channel environments. Additionally, UWB pulses are more suitable for dense multipath environments for ToF ranging than other technologies such as WiFi or BLE. Radio signals reaching the receiver via multiple paths are easily distinguishable from the main signal in an IR-UWB system due to reflections or interruptions caused by objects next to the main signal path. But this is very time-consuming and difficult in narrowband systems.

UWB operates in other parts of the radio spectrum, away from the busy ISM bands clustered around 2.4 GHz. The UWB pulses used for positioning and ranging operate in the frequency range between 6.5 and 8 GHz and do not interfere with wireless transmissions occurring in other bands of the spectrum. This means UWB can coexist with the most popular forms of wireless today, including satellite navigation, Wi-Fi and Bluetooth.

When operating at a typical power level, the distance can be up to about 10 meters. But if higher power pulses are used, the distance of UWB can even reach 200 meters. UWB communication can also transmit data, where the payload portion of the UWB packet sends data at a rate of approximately 7 Mbps, and can continue to accelerate up to 32 Mbps.

Now, UWB uses a modulated pulse train with a very short duration of 2ns. The pulse spacing can be the same or different. Pulse repetition frequency (PRF) varies from hundreds of thousands of pulses per second to billions of pulses per second. Typically supported PRFs are 62.4 MHz and/or 124.8 MHz, referred to as PRF64 and PRF128, respectively. The modulation techniques of UWB include pulse position modulation and binary phase shift keying.

Define the pulse repetition frequency

• Pulse transmitter toggles on and off to deliver peak power (Ppeak) at a specific rate (PRT or PRF)

• The maximum distance is directly related to the transmitter output power. The more energy the system emits, the greater the target detection distance will be.

Time of flight (ToF) calculation

In scientific and military applications, the process of determining the horizontal distance between two points (or two devices) is called ranging. Time of flight (ToF) is a form of ranging that uses the time of travel of a signal to calculate distance. Figure 2 provides a basic description of how ToF computation works in two UWB-equipped devices.

Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

Figure 2: Time-of-flight calculation for UWB, where device 1 is the controller and device 2 is the slave (Source: NXP)

To calculate the time of flight (ToF), we measure the time it takes for the signal to travel from the point of arrival to point B. We take the round-trip reading of the message round-trip time, which includes the processing time in device 2. Then subtract the processing time and divide by 2 to get the ToF. To determine how much ground is covered during transmission, multiply the ToF by the speed of light.

Due to UWB’s high bandwidth (500 MHz), the pulse width is in the nanosecond range, which improves accuracy. Unlike WiFi and BLE, which use narrowband transceivers, ToF and ranging are limited to about +/-1m to +/-5m accuracy, while UWB can be accurate to within +/-10cm.

Because UWB signals are distinct and easy to read, even in a multi-channel environment, the signals are more identifiable and highly deterministic as pulses leave and arrive. UWB can accurately track pulses at very high transfer rates – sending a large number of pulses in short bursts – so fine-grained ToF calculations are possible even over very short distances.

A modulated sine wave occurs when using Wi-Fi or Bluetooth to determine location, and its multi-channel components can only be separated in complex ways. This is part of the reason why Wi-Fi and Bluetooth strive to provide accurate measurements with an accuracy of less than 1 meter.

Figure 3 compares UWB ToF calculations with Wi-Fi and Bluetooth ToF calculations.

Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

Figure 3: ToF ranging over Wi-Fi and BLE versus UWB (Source: NXP)

Optional Angle of Arrival (AoA) calculation

It is important to note that the ToF calculation determines the radial distance, not the direction. That is, the ToF calculation tells Device 1 its distance from Device 2, but not the direction of Device 2 – front, back, left, right, east, south, west, or north. So the ToF diagram is a circle: if the ToF calculation shows that the distance between device 2 and device 1 is 15 cm, then with device 1 as the center, measure 15 cm in each direction with a tape measure, forming a circle in this way, device 2 Can be anywhere in the circle. To use the intersection of the two distance circles to determine the position by means of the second measurement, additional equipment is required.

Discussion of UWB technology, we should consider another aspect, which is an important factor in current non-automotive applications: the angle of arrival (AoA). The angle of arrival can help determine where in the circle device 2 is. In order to calculate AoA, Device 1 needs to be equipped with a set of carefully placed dedicated antennas that are used only for AoA measurements. Not all UWB solutions include additional antennas, but UWBs that include additional antennas are accurate to within a few centimeters (Figure 4).

Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

Figure 4: ToF ranging and AoA generate high accuracy (Source: NXP)

AoA calculations are performed separately, unlike ToF calculations, but both have similarities: they both start with pulse timing. At each antenna in an AoA array, there is a small but discernible difference in the arrival time and phase of each signal received. The arrival time and phase of each signal are recorded and used in geometric calculations like triangulation to determine where the signal came from.

The left image in Figure 5 uses the two AoA antennas Rx1 and Rx2 on Device 1 as an example. Compared to Rx2, the signal from Device 2 takes longer to reach Rx1, which means that the triangle formed by Rx1, Rx2, and the signal origin slopes to the right, indicating that the signal is coming from Device 1’s northeast.

Compared to Rx2, the signal transmitted from Device 2 to Device 1 takes longer to reach Rx1. The AoA calculation shown on the right in Figure 5 uses the time of arrival and antenna spacing to determine the angle of each incoming signal and draws a triangle consisting of Rx1, Rx2, and Device 2. In this example, the side of Rx1 in the triangle is longer and points to the right, which means Device 2 is to the right of Device 1.

Ultra-Wideband (UWB) Working Principle, Origin and Current Situation

Figure 5 (left): Example of two AoA antennas Rx1 and Rx2 on Device 1 (Source: NXP)

Figure 5 (right): AoA calculation uses time of arrival and antenna spacing to determine the angle of each incoming signal (Source: NXP)

How UWB Manages Security

One of the important features added to UWB is an extra portion of the physical layer (PHY) for sending and receiving packets, which is defined as part of the upcoming 802.15.4z specification. The new feature is based on a technology developed and recommended by NXP called Scrambled Timestamp Sequence (STS). New features add encryption, random number generation, and other techniques that make it more difficult for outside attackers to access or manipulate UWB communications.

Securing ToF Computing

Time-of-flight calculations are susceptible to distance manipulation. If you can interfere with timestamps or other aspects of the calculation, it can make you appear closer than you really are. In certain applications, such as secure access, this can trick the system into thinking an authorized user is around (but isn’t) and trigger an unlock (when it shouldn’t), which is a serious problem.

The original UWB standard for ranging, 802.15.4a, has been released for more than a decade, and the emphasis on security has not kept pace with current developments. When testing the 4a standard, the researchers found that an external attacker was able to reduce the measured distance by up to 140 meters with over 99 percent probability. Concerns about this particular vulnerability prompted people to start revising the 4z standard.

The idea is to prevent ToF-related data from being accessible or predictable by adding encryption keys and digital randomness to the PHY packets. This helps defend against a variety of external attacks that use the deterministic and predictable nature of the original UWB PHY to manipulate distance readings, including Cicada tools, Preamble injection, and Early Detection/Late Connect (EDLC) attacks. The updated method provides the best possible protection against brute force attacks targeting manipulation distance measurements.

The Links:   7MBR50SC060-50 2SB1188T100R IGBT-SUPPLIER