Opensource WiFi chip (openwifi) progress and future plan
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 287 | |
| Author | ||
| License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/57084 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
00:00
Goodness of fitDiagramEngineering drawingMeeting/Interview
00:31
Field programmable gate arraySource codeMaxima and minimaSchwarz lemmaMathematical optimizationCapability Maturity ModelBlock (periodic table)Asynchronous Transfer ModeControl flowStatisticsEmailChainPhase transitionSampling (music)RotationMotion captureFreewareNavigationFrame problemMultiplicationPlastikkartePhysicalismProcedural programmingConfidence intervalMultiplication signInternetworkingData transmissionOpen setMereologySoftware bugMathematical optimizationWhiteboardTraffic reportingSingle-precision floating-point formatFigurate numberReal numberOpen sourceMultiplicationCASE <Informatik>Block (periodic table)Presentation of a groupXMLComputer animation
04:17
Block (periodic table)PlastikkarteLatent heatMoment (mathematics)Queue (abstract data type)Multiplication signFrequencyImplementationPopulation densityInformation privacyData transmissionSoftware bugComputer animation
05:25
Integrated development environmentArtificial neural networkAuthorizationTransmitterMeta elementBlock (periodic table)Mathematical optimizationChainControl flowAsynchronous Transfer ModeEmailStatisticsField programmable gate arrayPhase transitionSampling (music)RotationFreewareMotion captureCommunications protocolMoving averageComputer configurationDevice driverScripting languageThresholding (image processing)Digital signal processorDevice driverStatistical hypothesis testingAsynchronous Transfer ModeTime domainMultiplication signFunctional (mathematics)Reading (process)Computing platformDifferent (Kate Ryan album)Mathematical optimizationDomain nameConfiguration spaceMereologyBitWhiteboardEstimatorState of matterFigurate numberComputer architectureCompilerDirection (geometry)CASE <Informatik>ArmSingle-precision floating-point formatSpacetimeOperator (mathematics)Integrated development environmentGame controllerReal numberSampling (statistics)Level (video gaming)MicroprocessorEqualiser (mathematics)MultiplicationFood energyShift operatorStandard deviationInformation securityMathematical analysisCartesian coordinate systemNatural numberBuffer overflowOnline helpOpen setTransmissionskoeffizientArtificial neural networkExecution unitInformationPower (physics)TelecommunicationNormal (geometry)Workstation <Musikinstrument>PlastikkarteFrequencyModule (mathematics)Electric generatorNumbering schemeSensitivity analysisCuboidComputer animationDiagram
13:43
Open setField programmable gate arrayDigital signal processorMechanism designTimestampMotion captureBefehlsprozessorKernel (computing)Device driverFrame problemGeneric programmingTransmitterFlagBit rateShift operatorInformationSchwarz lemmaCapability Maturity ModelMathematical optimizationMeasurementDuality (mathematics)Standard deviationSingle sign-onStatistical hypothesis testingFood energyServer (computing)Expert systemConnectivity (graph theory)Software developerSoftware bugNatural numberInterrupt <Informatik>TimestampLevel (video gaming)Frame problemPopulation densityBlock (periodic table)Power (physics)Reduction of orderField (computer science)Traffic reportingPhysical systemSource codeBuffer solutionCASE <Informatik>Computer hardwareKernel (computing)BefehlsprozessorFunctional (mathematics)Table (information)Statistical hypothesis testingMultiplication signResultantDatabase transactionOpen setSampling (statistics)Wave packetContent (media)Software testingWindowStandard deviationCalculationComputer animation
16:58
Standard deviationMassCommercial Orbital Transportation ServicesOpen setWhiteboardSoftware testingSpectrum (functional analysis)Sensitivity analysisRight angleTime domainStandard deviationComputer animation
17:37
Chemical equationStandard deviationCharge carrierSymbol tableAuditory maskingMarginal distributionSpectrum (functional analysis)Core dumpStatistical hypothesis testingPower (physics)Computer animation
18:22
WhiteboardComputer hardwareComputer hardwareForm factor (electronics)Product (business)Revision control
19:13
RadiusField programmable gate arraySoftware-defined radioComputer hardwareVery-high-bit-rate digital subscriber lineSampling (statistics)Virtual machineWhiteboardSoftware-defined radioComputer animation
20:04
Software-defined radioSoftware protection dongleComputer hardwareWhiteboardOpen sourceSoftware protection dongleSpeichermodellComputer hardwareReal number
20:50
HypothesisOSI modelCommunications protocolComputer networkRandomizationComputerCodeDependent and independent variablesFrame problemInformationSoftwarePerformance appraisalSchwarz lemmaCapability Maturity ModelNP-hardInformation securityWireless LANCapability Maturity ModelDirectory serviceElectronic mailing listCartesian coordinate systemHypothesisComputer animation
21:30
EmulationGame theoryCommon Language InfrastructureMUDDuality (mathematics)Storage area networkMathematical optimizationCapability Maturity ModelFocus (optics)Focus (optics)Demo (music)Source codeComputer animation
22:27
DisintegrationRevision controlMathematical optimizationStatistical hypothesis testingMultiplicationFocus (optics)Software testingStandard deviationType theoryPhysicalismOnline helpDifferent (Kate Ryan album)Statistical hypothesis testingWorkstation <Musikinstrument>Multiplication signComputer animation
23:23
Computer hardwareOnlinecommunityComputer animation
23:56
VideoconferencingLecture/ConferenceComputer animation
24:20
SicXMLUMLComputer animation
24:45
Computer virusGoodness of fitComputer animation
25:17
WindowPerfect groupOpen setBitPower (physics)Regular graphFunctional (mathematics)Meeting/InterviewComputer animation
25:57
Meeting/Interview
26:27
Computer animation
26:51
Open setNumberCore dumpMeeting/Interview
27:27
ArmMicroprocessorMeeting/Interview
27:57
Band matrixComputer animationMeeting/Interview
28:24
Inclusion map2 (number)Meeting/InterviewComputer animation
29:00
Computer animation
Transcript: English(auto-generated)
00:16
Hello everyone in the Software Radio Deaf Room ForStamp 2022.
00:22
Good morning, good afternoon, and good evening. My name is Xianjun Jiao, and I'm from ID.Lab, IMEC, and Ghent University, Belgium. Let's talk about the Open Wi-Fi project again, like we did in every year ForStamp since 2020.
00:41
It's the yearly update of the Open Wi-Fi project. We will also talk about the future plan. In case there are new audiences, let me tell you what Open Wi-Fi is. It is an open-source Wi-Fi chip design project written in Verilog. It's already functioning on the FPGA board, and can be used like a real Wi-Fi card under Linux.
01:07
For instance, you can log in to the FPGA board via SSH over Ethernet, and operate the Wi-Fi card like you do on Raspberry Pi. Just search Open Wi-Fi on the Internet. I believe you will find our project.
01:24
The project was online at the end of 2019. After that, it keeps attracting attention along with time. As in this Star History figure, it increases almost linearly in the past two years.
01:40
There are two leaps in the figure. Probably the first leap was due to the report by CNX Software News, and the second one was because of Hacker News report. The first part is about the features and optimizations in the past year.
02:01
I have to admit that some of them are more complicated than our imagination. So the planned release was delayed several times. Actually, no formal release in the past year, except some bug fixes and some small improvements.
02:21
Maybe at the presentation moment, these works are still not released yet. But we have confidence to release these works in February 2022. Because we have solved most of the issues after struggling more than one year. The first feature is about the AM PDU and Block ACK.
02:45
AM PDU stands for Aggregated MAC PDU. It allows the Wi-Fi card to put multiple MAC layer PDUs to a single physical layer packet. So the gap and acknowledgement procedure after each MAC PDU is eliminated.
03:05
Apparently because of this transmission efficiency can be increased a lot. This is an important feature introduced in Wi-Fi 4 802.11n. It is optional in Wi-Fi 4, but it has become mandatory since Wi-Fi 5 802.11ac.
03:28
Even if there's only one MAC PDU to be sent in Wi-Fi 5, it has to be encapsulated in the AM PDU format, which is called single-packet AM PDU.
03:43
Accordingly, the Block ACK block acknowledgement was introduced as well in Wi-Fi 4. It allows the Wi-Fi card to aggregate the multiple acknowledgments into one big acknowledgement packet. So that the acknowledgement for every single MAC PDU is not needed anymore.
04:06
Apparently, this will also increase the transmission efficiency. Especially when it is used together with the AM PDU. In the actual implementation, when Linux handles a MAC PDU to Wi-Fi card, it only labels the packet that it can be aggregated or not.
04:29
Whether the packet will actually be aggregated and how many MAC PDUs will be aggregated. It is the Wi-Fi card's decision, not Linux.
04:40
Because only the card knows the exact transmission opportunity and how many specific packets in specific queues at that moment in the card. So the AM PDU implementation involves quite a lot of FPGA work and not as simple as the concept.
05:03
And because of the aggregation capability, more packets can come in and go out in a short period of time for Wi-Fi cards. So it triggered some hidden bugs of our design, which is not seen before when the packet density is not that high.
05:23
Next, let's talk about a feature about Wi-Fi privacy and security, the CSI fuzzer. CSI means the channel state information, which is available in the channel estimation module inside the Wi-Fi receiver.
05:42
This is a refined and refactored feature based on the CSI murder work we reported last year together with our partner. Now you can use this feature with the Open Wi-Fi public release out of the box. The idea is simple. You can configure an artificial channel state information to the Wi-Fi signal before it leaves the transmitter antenna.
06:08
Actually, it is a configurable FIR filter in between the Wi-Fi baseband OFDM transmitter and the antenna. And this operation won't destroy the normal Wi-Fi communication.
06:24
Because the receiver will do channel estimation and equalization anyway, no matter if the channel is the real environment channel or real environment channel combined with the artificial channel added inside the transmitter.
06:41
But for those sensing receivers that rely on the CSI reflecting the real environment, the sensing won't work anymore. Because they don't know what kind of artificial CSI is added at the transmitter and
07:01
only see a combined CSI at the receiver, which never reflect the real environment channel. For authorized sensing receiver who knows the artificial CSI, they can recover the environment CSI from the combined CSI observed in the receiver.
07:25
You can find our Vysek21 paper and the application notes on GitHub. The CSI fuzzer is actually manipulating the signal. In the traditional security research fuzzing area, where people manipulate the bit in
07:45
the Wi-Fi PDU, there is an open Wi-Fi based fuzzer called OWFuzz, which is developed by researchers in Alipay, which is part of Alibaba.
08:00
As you can see on their website, some CVEs are disclosed already. Next thing is about simple TX diversity. Since many platforms have two TX antennas, a simple dual-alternate TX diversity can be achieved with a tiny extra footprint.
08:25
It is almost identical to the CSD, cyclic shift diversity, defined in the Wi-Fi standard. To explain how it works, let's think about what happens if we feed the same OFDM signal to two antennas directly.
08:46
This is the simplest beamforming case. If the antenna spacing is appropriate, it could form a beam towards the right direction in the figure. Then the problem is that for those stations in other directions, bad signals will be
09:07
experienced because they are not in the main loop, they are in the side loop. What happens if we simply add a fixed time domain delay before the signal is sent to one of the antennas?
09:23
Amazing things will happen. As we know that the OFDM signal includes multiple sub-carriers, and different sub-carriers actually means different frequencies. The fixed time domain delay for different frequencies actually means different phase shifts.
09:46
Think about the fixed delay versus different or non-fixed periods of different sub-carriers. According to the beamforming principle, the different phase shifts will generate beams towards different directions.
10:06
So energy is delivered to different directions via different sub-carriers. In this case, no matter where the station is, it will have more or less the same signal strength, except that different sub-carriers are received in different power levels.
10:24
But it is okay. The Wi-Fi receiver is supposed to work in frequency-selective situations, and it is the nature of the multi-pass environment. The four-color sub-carriers and beams are just an inaccurate example here in the figure.
10:44
The accurate analysis needs to consider the multi-pass fading in the environment. There are also lots of enhancements and optimizations in architectural and low level. For instance, the receiver has improved a lot for better demodulation capability, sensitivity.
11:06
Also, the clocking scheme has been improved. This is the clocking scheme before. The RF clock hangs at the baseband FIFO, and the baseband has its own clock, which is generated in the clock unit inside the ARM processor.
11:24
A FIFO writing reading rate control is needed to avoid IQ sample overflow or underflow due to the slight clocking speed difference between RF and FPGA baseband. They have totally independent crystal.
11:44
Now, the RF clock drives everything from RF ADC DAC to the open Wi-Fi baseband to the DMA to the ARM. This leads to a more simplified cross-clock domain design in the baseband and lower the timing jitter.
12:05
The actual cross-clock domain happens inside the ARM processor DMA controller, so it's not our business anymore. Other optimizations are for helping people generate the project and use the open Wi-Fi card in a more easy way.
12:26
Now you have fewer steps than before to generate the FPGA design project in Vivado. With the help of more functionalities in the Tico script, many low-level MAC and PHY configurations now can be simply set by a single register operation.
12:46
We also add test mode to the driver for easy experimental feature test and benchmarking, by avoiding recompile the driver to switch between normal and experimental cases.
13:00
More importantly, after having all above features and optimizations, the whole design consumes less FPGA resources than the previous release. Because we have put lots of effort into optimizing the design footprint to make sure it can fit into the entry-level ZYNC-720 FPGA,
13:27
we really care about the entry-level FPGA board support because it is essential to help more users. The name of the new release will be Wilsela, which is a beautiful place next to Leuven, Belgium.
13:43
It is chosen by the main developer of the AMP PDU feature, Michael Meharry. From the Vivado report for the entry-level Z board, which has the ZYNC-720 FPGA, there are 10% reduction for the lookup table resource, 21% reduction for the flip
14:06
-flop, 6% reduction for the block RAM and 26% reduction for the DSP blocks. So, for users who have the entry-level FPGA board, you are safe to have more open Wi-Fi features.
14:24
Now let's talk about the bug fixes in the past year. There are bugs about the duration field, contention window increment mechanism, too-fast 5TX start signal, timestamp issue with the IQ sample capture, which is reported by our user,
14:44
the short training frame power level issue, and of course the hidden bug seen by the high packet density brought by the AM PDU. The complication is mainly due to the asynchronous nature of the CPU interrupt and FPGA operation,
15:06
and the effort of maintaining the related buffers and queues. Lots of corner cases there in asynchronous system running in real-time. Let's take a look at the duration field issue.
15:21
The duration field in the Wi-Fi packet indicates how much time occupation left is expected for the ongoing transaction. So, other nodes can predict when the channel will be released by the current traffic. The Linux kernel MAC 802.11 module, as shown in the Linux kernel source code on this slide,
15:46
calculates the value for this field only for 11A and G. Starting from 11N, it assumes hardware handles this. Which means, starting from Wi-Fi 4, more functionalities are pushed to the chip instead of doing it at the kernel level.
16:10
As you can see in the function, if it's Wi-Fi 4 and above, the function returns immediately. That's why at the beginning we weren't aware of this and always see the 11N packet transmitted by Open Wi-Fi has duration field value 0.
16:27
Now we have implemented the calculation in Open Wi-Fi correctly. Now let's see some test results by a decent Wi-Fi tester, Road Unsource CMW270.
16:41
It's probably the most advanced tester which supports all Wi-Fi standards and all sub-6 GHz frequencies, even those frequencies other than 2.4 and 5 GHz. This is the basic test setup. On the left are the tester and Open Wi-Fi board connected via coax cable.
17:05
On the right are some screenshots. The spectrum mask, EVM, time domain power, etc. We have tested the Open Wi-Fi RX sensitivity via the tester after our efforts of optimizing the baseband FPGA receiver.
17:24
The main conclusion is that the sensitivity is much better than the standard required and similar to those typical commercial Wi-Fi 4 chips. EVM is also quite good. It achieves minus 39 dB with a big spectrum mask margin.
17:45
It is as expected since AD9361 is quite good and also quite expensive RF chip. And there is no external power amplifier in our test which is usually harmful for EVM but we don't have PA.
18:04
If we sacrifice some spectrum mask margin further, the EVM can even achieve minus 41 dB, which is already capable of running 4K core modulation of Wi-Fi 7.
18:23
Regarding the community, we are very happy to see new hardwares emerging in the past year. The first one is ANT-SDR, which is a new commercial product from a Chinese company. The form factor is quite small. I guess that's why it's called ANT.
18:44
The main chips onboard are AD9361 and ZYNC-7020. The entry-level version has AD9363 instead. Its support has been merged into OpenFI Mainline.
19:00
The price was only about $300 at the beginning of AliExpress. It's more expensive now due to the chip shortage during the past two years. The second one is an AD9361-SDR hat for ZYNC's PineQ board,
19:21
which is quite cheap and widely used for Python-based machine learning with IPJ acceleration. The solution is from a Chinese hobbyist and supposed to be also very cheap. He has run OpenFI successfully on the PineQ and the SDR hat.
19:43
Which is made by himself. The interesting thing about this design is that the HDMI and P-mode IOPin of the PineQ board are converted to LVDS pairs to transfer the high-speed IQ sample between the PineQ board and AD9361.
20:04
The last one is also from a Chinese maker. The design is by KiCad, which is the most popular open-source hardware design EDA tool. The USB-C dongle looks quite decent and compact. I hope it could become real in the future.
20:23
In the 4STEM 2021, I mentioned that low-cost hardware was essential and expected for many entry-level users. Now the dream is becoming real. For the entry-level OpenFI board, the price has become half of what it was before.
20:44
I believe there will be more and more OpenFI hardware in the future. About the new papers and applications from the user community, do check out the publication and application note directories on our GitHub.
21:01
Here is a list of those works from our users. Such as the fuzzing tool for security research, wireless time-sensitive network, software-defined network, and the master thesis that tried 2x2 MIMO successfully.
21:22
Regarding our current focus, the first one is about improving maturity of our design. It is not a fancy and exciting concept, but lots of hard work. I won't explain the detailed work, but I'd like to share with you a story I like very much to explain.
21:46
Let me ask you a question. How to draw a horse? Actually, you only need 5 steps. Step 1. Draw 2 circles. Step 2. Draw legs. Step 3. Draw face and feet.
22:01
Step 4. Draw hair. Step 5. Add some details. Having an idea and building a demo sometimes only means that you finished step 1 to step 4. But without step 5, it will never come true.
22:23
The next focus is Wi-Fi 6 802.11ax. We have built the Wi-Fi 6 transmitter, which is under testing and optimization, with the help of the RNS-CMW270 tester.
22:42
Wi-Fi 6 defines different types of physical layer PDU for the first time in the Wi-Fi standard. We have implemented the single-user FiPDU, which can be used for single-user uplink and downlink. The multi-user FiPDU, which is for AP to multiple stations simultaneously via OFDMA.
23:08
The trigger-based FiPDU, which is for multiple stations to AP simultaneously via OFDMA. We will start to implement the receiver in 2022.
23:24
The future plan. Of course, the third thing will be the Wi-Fi 6 receiver, which will be hard, but we still plan to go for it. If you want to help, just let me know. Next, we will also continue to support our user community regarding new ideas, new applications, new hardwares, etc.
23:49
Last but not least, add some details. That is all for the presentation. But don't leave.
24:00
Not finished yet. I have made a short video to recap the exciting moment of open Wi-Fi in the past year. Please watch.
24:56
All right. Hello. Can you hear me?
25:01
Yes. Can you hear me? Good. I think we are live. First of all, thank you very much for this very interesting update on a very interesting project. I'm always looking forward to the award. Yes. Can you hear me? Yes. I think we are live.
25:22
I have some echoes. Anybody else having those echoes? I think now it's okay because I have two windows. Okay. Perfect. Yeah. Always looking forward to your talks. Always very interesting. So we have a couple of questions lined up here.
25:40
First one is by Andre. He's asking, how does the performance and functionality of open Wi-Fi compare to regular commercial chipsets? Now, I guess you answered quite a bit of that already in your talk, but maybe you can elaborate a little bit more. For the R performance, I think it's similar, but we don't have PA, so the TX power is low.
26:02
Regarding the throughput, I think we are also similar. In the release, we will release soon, I think the physical layer could achieve around 70 megabits. If you run iperf, considering all the overhead, you can have around 50 megabits, more
26:20
or less similar to the commercial Wi-Fi for a single-attender chip, I think. Okay. That sounds really good. And I guess that also answers Johanna's question, who was asking which speeds are supported so far. We have another question lined up by Jimin.
26:41
He's asking why ASIC Wi-Fi chips look so small, but open Wi-Fi requires roughly 85k log elements. Actually, 85 loot includes lots of non-necessary logic, like those 89361 interfacing, etc.
27:01
For the core open Wi-Fi logic, if you look at the Vivado report, it consumes, I think, less than 20k loot. Okay, so it's actually a lower number. And then we have one from Daniel. Daniel is asking, do you use the PL330 DMA in the ZYNC, or do you have the DMA implemented in the FPGA fabric?
27:26
I don't think we are using PL330 DMA because I'm using the Xilinx AXI streaming DMA. In the FPGA side, we have the Xilinx AXI streaming DMA block, and it connects to the ZYNC ARM processor HP port.
27:43
There are HP0 to HP3, and some of them also connect to the ACP port. I think PL330 DMA is another DMA module, not the one we are using. Okay, I see. I guess that's another remark.
28:02
But I guess that's the question. Johanna's question was basically answered, which speeds are supported so far. Let me check. Any other questions? Yes, for the Wi-Fi 4 speed indeed is close to the Wi-Fi 4 chip. The Wi-Fi 6 we target still the 20 markers as well.
28:24
So the peak speed won't increase a lot because the bandwidth is there. I see. We have like 30 seconds left. Maybe one question for myself. How big is the team that is currently actively working on the project?
28:42
I think in the past few years, we have two PhDs and two postdocs. Now one of the PhDs is already a postdoc. Last year, we had a fresh PhD from the Netherlands.