Building A Better Software Defined Radio (and Transmitting As Well)

By now most Hackaday readers should be familiar with this year’s latest advance in software defined radio. With a simple USB TV tuner dongle, it’s possible to receive FM broadcasts, GPS data from satellites, and even telemetry from aircraft flying overhead. There is one limitation to this setup, though: it’s receive only. Hacker extraordinaire [Michael Ossmann] is looking to make a better software defined radio called the HackRF.

The HackRF is an incredibly ambitious project – able to receive just about anything between 100 MHz and 6 GHz (this includes everything from the top of the FM radio band to cordless phones, cell phones, WiFi, and basically any radio technology that has been commercialized in the last 15 years), the HackRF is also able to transmit. Yes, with the HackRF it’s possible to build your own software-defined WiFi module, or just broadcast bogus GPS information.

Compared to the $20 TV tuner SDR dongles we’ve played around with, the HackRF isn’t exactly cheap. [Mossmann] figures he’ll be able to sell the device for about $300. A fair bit of change, but much, much less than professional, commercial SDR solutions.

A very cool advance in the state of SDR, but reason dictates we must suggest that everyone who wants a HackRF to start studying for their amateur radio exam now. Being a licensed radio operator won’t stop you from any sort of malicious intent, but with at least with licensing comes with the possibility of knowing what evil you’re doing.

You can check out the wiki for the HackRF over on the gits along with the current hardware design

39 thoughts on “Building A Better Software Defined Radio (and Transmitting As Well)

  1. Tres cool. I did some work in Uni developing some communications labs using the USRP2 SDR boxes, but their price made the lab setup a little too expensive. That coupled with poor support (this was 2010, mind you) from the vendor made that work a big chore.

    Let’s hope Mr. Ossmann gets it right!

    1. Can you elaborate? They seem to be very different chips. The cypress ones seems to be 8051, while the NXPs are ARM Cortex chips.

      I would guess that familiarity with the chip family was an important factor for him, this helps for both hardware and firmware design.

      Also my impressions is, that ARM Cortex chips are slowly becoming the dominant architecture for hobbyists.

      1. Cypress FX2LP costs $20 in singles (and as low at $10 in bulk), provides >20MB/s FIFO same as this ARM, and is available in smaller packaging (takes less space on the board).
        It is used in many designs, including first USRP.

        So why ARM? Its not like there is any computation on that ARM. All it does is piping data up and down.

    2. “Why LPC43xx instead of old tested cheaper Cypress FX2LP?”
      Probably because of the fact that LPC4350 is priced at less than half of FX2. You can get it around $6-$8 a piece (which I think is huge saving in comparison to $20)

      1. The Cypress chips seems a dead end to me, at that price it’s not going in any new commercial embedded systems … it’s end of life and that means pricing is only going to get worse. Makes no sense to tie yourself down with something like that.

      1. “nothing interesting happens there.”
        I’m going to disagree with you on that point. There are plenty of interesting things going on sub-VHF, both natural and manmade. That said, there are already plenty of capable radios for HF (both fully assembled and kit form), several of which are already software defined or can be easily modified. I’m glad to see cheap exploration into higher bands.

  2. Yes it is actually CHEAP. For a real radio instead of a china toy, it’s bargain basement cheap.

    Try buying a real one that is built to real radio standards…. $1500-$2500 is the norm for quality stuff that does not splatter all over the band and other bands.

    1. The FDC-150/160 from Feidaxin is actually suprisingly good as well. I had mine checked out by a Motorola engineer who happens to also be the local VHF repeater trustee, and he said it has a much cleaner transmit than some yaesu’s and icom’s. I think it was actually designed by a gentleman in New Zealand, his site has full schematics/soldermasks/board layouts, and they are free to download.

  3. Screw exams and licensing. This is a cool thing for physics! All sorts of spectrometry are possible here – for example NMR! Or vector analyzers. Or time-domain reflectometers. Or nonlinear junction detectors. Or all other sorts of equipment that send a signal into a measured object and receive its response.

    Personally, I’d advocate for inclusion of the 0..100MHz band, for these reasons.

    1. With frequency mixing, going below 100 MHz would be easily accomplished.
      When mixed the resulting frequency range would be:

      100MHz-6GHz +/- mixed frequency.

      IE if you chose to mix 100 MHz…
      0-6.1GHz would be your new possible range.

      All you need to do is filter accordingly.

      -Alex

  4. Being halfway through the course offered at the local community college, the General Radio Operator License isn’t that hard to obtain, even if you just use the question pool to study from ( an instructor is probably better if you want to understand WHY the answer is X or Y). If you already have a decent grasp on AC and DC electronics, more than 50% of the questions are simple electronics or AC math.

    Element 1 covers the maritime and aeronautical radio laws – these are mostly related to life and death necessities on the ocean. Don’t fool around and squelch an urgent Distress call that could save lives.

    ‘What happens to the junction conductivity of a semiconductor when light is shined upon it’ (it becomes more conductive) for example, is asked three or four different ways. Likewise, there are multiple questions that refer to the requirement for maritime radio sets to be Part 80 certified by the FCC. There’s a whole section that if you can remember “the answer is 47 or 220, if either answer is available”.

    I got a little tied up with the trig for parallel RLC circuits but with a good calculator it’s a snap. I love my TI36xpro, even if most of the professors tell students to get a ‘normal’ calculator. It’s one of the most powerful non-programmable, non-graphing calculators available.

  5. I hope that most of you know that in the US it is illegal to listen on cellular frequencies.

    Just because you think you won’t get caught doesn’t mean it isn’t the wrong thing to do.

    1. There’s nothing to listen to, though, Everything is at a minimum digitally encoded in a way you can’t easily decode, and probably encrypted too. The laws restricting the cellular frequencies are outdated.

      1. Yes, the laws are outdated. That law was designed for the analog band. However, one of the international GSM bands mostly matches up with the 900MHz ham band. If you look around youtube, there was even a demonstration at defcon a few years ago where a SDR was used as a GSM base station in the ham band…

  6. “or just broadcast bogus GPS information.”

    Why would you do that?
    I’d like to scan frequencies with this to build a cop locator, like what THEY use to keep track of their patrols. More useful to avoid getting speeding tickets :P

  7. @JB, there are number of reasons why someone would do that. First one is: ‘Because I can do it’ For second one, watch Tomorrow never dies :)

    Scotty, when will you complete building this 21st century Tricoder ?

    1. Yes, you have to cut one trace to use the external antenna port. The purpose of the built-in 900 MHz antenna is to give our beta testers a way to get started experimenting quickly without requiring any additional antenna.

  8. I’d be interested in this if I didn’t know it’ll cost at least five-hundred USD because of sourcing and fabrication..

    five-hundred is because I like it, I’ll be shocked if it’s under eight-hundred. The wise way is just publishing schematics, firmware source, software source, so people can source cheaper parts and port code etc..

  9. Hi I want to perform security testing of USSD based applications in GSM network in which I need to intercept over the air traffic and perform request/response tampering. Will this device be helpful?

Leave a Reply to gerrykCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.