The Design, Testing, and Analysis of a Constant Jammer for the Bluetooth Low Energy (BLE) Wireless Communication Protocol

The decreasing cost of web-enabled smart devices utilizing embedded processors, sensors, and wireless communication hardware have created an optimal ecosystem for the Internet of Things (IoT). IEEE802.15.4, IEEE802.11ah, WirelessHART, ZigBee Smart Energy, Bluetooth (BT), and Bluetooth Low Energy (BLE) are amongst the most commonly used wireless standards for IoT systems. Each of these standards has tradeoffs concerning power consumption, range of communication, network formation, security, reliability, and ease of implementation. The most widely used standards for IoT are Bluetooth, BLE, and Zigbee. This paper discusses the vulnerabilities in the implementation of the PHY and link layers of BLE. The link layer defines the scheme for establishing a link between two devices. Scanning devices are able to establish communication with other devices that are sending advertising packets. These advertising packets are sent out in a deterministic fashion. The advertising channels for BLE, specified by the PHY layer, are Channels 37, 38, and 39, at center frequencies 2.402, 2.426, and 2.480 GHz, respectively. This scheme for establishing a connection seems to introduce an unintentional gap in the security of the protocol. Creating and transmitting tones with center frequencies corresponding to those of the advertising channels, a victim BLE device will be unable to establish a connection with another BLE device. Jamming a mesh network of BLE devices relies on this same concept. The proposed jamming system is an inexpensive one which utilizes the following hardware. Three individual synthesizers, a microcontroller (MCU), Wilkinson power combiner, power amplifier, and antenna, integrated on a single PCB, are used to transmit a 3-tone signal. Due to the unprecedented nature of the COVID-19 pandemic, necessary adjustments were made to the jammer system design. In the first modified jamming scheme, a single synthesizer evaluation board, power amplifier, and antenna, are used to transmit jamming tones in the form of a frequency hop. Limitations of the frequency hop approach necessitated a second modified scheme. In this second scheme a synthesizer and two Software Defined Radios (SDR), connected to a personal computer, continuously generate three individual jamming tones. The proposed jammer and the modified ones all classify as constant jammers as the transmission of jamming signals is continuous. Both modified jamming schemes are tested. The results of jamming using the second modified scheme validate the objective of simultaneous jamming of the advertising channels of BLE devices. The success of the modified scheme enables the original goal of creating a relatively inexpensive custom PCB for BLE advertising channel jamming. By exploiting the weakness of the BLE protocol, the hope is to have the governing body for Bluetooth, Bluetooth Special Interest Group (SIG), improve security for the future releases of BLE

Development of Tunable RF Integrated Passive Devices

Radio frequency (RF) lumped elements are crucial building blocks for designing any type of passives circuits for RF front-end applications in mobile devices. In particular, high-quality (Q) factor lumped elements are desirable for improving both insertion loss and noise performance. Integrated passive devices (IPD) technology is a platform that can provide miniature inductors, and capacitors with high- Q values that are unattainable with traditional CMOS technologies. Over the past several years, IPD technology has been used to implement devices such as filters, couplers and impedance-matching networks for a wide range of system-in-package applications. However, most of the IPD circuits do not yet have any tunable/reconfigurable functions for use in frequency agile applications. The objective of this research is to develop tunable integrated passive devices (IPDs) using barium strontium titanate (BST) and micro-electrical-mechanical-systems (MEMS) technologies. Another objective is to develop a fabrication process for monolithic integration of MEMS switches and IPD devices. A 4-mask IPD glass/alumina-based fabrication process is developed at the University of Waterloo for the first time. Details of the modeling and characterization of high-Q lumped elements, L and C, are investigated. The RF performance of these elements is compared with that of similar designs fabricated in a commercial IPD foundry. To highlight the benefits of the IPD process, lumped element bandpass filters are designed, fabricated, and tested. BST varactors are integrated with IPD circuits to demonstrate a highly miniaturized tunable impedance matching network featuring a wide impedance coverage from 2-3 GHz and an insertion loss of approximately 1 dB. The network promises to be useful in a broad range of wireless applications. A high performance tunable IPD/BST bandstop filter with a wideband balun as a multichip module is also proposed. Reconfigurable IPD/BST bandpass filters with tunable transmission zeros are presented and investigated experimentally for operation under high power levels. Intermodulation test results are presented for the integrated IPD/BST devices. Making use of the fact that the IPD fabrication process is amenable to the realization of MEMS devices, the IPD process originally developed for realizing passive circuits is further expanded to accommodate monolithic integration of MEMS switches with IPD circuits. Contact-type MEMS switches are developed, fabricated and tested. Also, a monolithically integrated IPD/MEMS 3-bit high resolution true-time delay network and high-Q switched-capacitor bank are fabricated and tested to demonstrate the benefits of integrating MEMS technology with the IPD technology

Integration of Antennas and Solar cells for Low Power Wireless Systems

This thesis reports on design methods for enhanced integration of low-profile antennas for short-range wireless communications with solar voltaic systems. The need to transform to more sustainable energy sources arises from the excessive production of harmful carbon emissions from fossil fuels. The Internet of Things and the proliferation of battery powered devices makes energy harvesting from the environment more desirable in order to reduce dependency on the power grid and running costs. While photovoltaic powering is opportune due to immense levels of available solar power, the separate area requirements for the antenna and the photovoltaic surfaces presents an opportunity to significantly minimize the unit volume and to enable portable deployment. The focus is on issues of integrating antennas and transmission lines above crystalline silicon solar cells, in particular, the relative orientations are complicated by a-symmetric lattice of the solar cell. A solution to minimise orientation sensitivity was provided and utilised to successfully isolate a microstrip transmission line from the solar lattice, thereby allowing four antenna configurations to be demonstrated. Further work on crystalline solar cells demonstrated their use alongside circularly polarised antennas for aerial vehicles. Wireless energy harvesting over a wide frequency range was demonstrated with an a-Si solar Vivaldi antenna. A dye-sensitised solar dipole antenna was developed for low power indoor applications. The approaches established the engineering capacity to reduce the device size and weight through integration of the radio and the solar cell technologies. In addition, the use of different solar cell technologies demonstrated the importance of selecting the cell type most suited to the intended application

Characterization and modeling of microwave spiral inductors and transformers

Ph.DDOCTOR OF PHILOSOPH

Towards RF graphene devices: A review

Graphene has been targeted for a wide variety of applications due to its characteristics. It is a zero-bandgap material, has high conductivity, and high carrier mobility, which makes it a promising material for radiofrequency applications. This review examines the applications of graphene in the design of radiofrequency building blocks, their performance, and current hurdles. Initially, graphene passive devices (inductors, capacitors, antennas, and waveguides) are analyzed, as well as their current modelling techniques. Then, radiofrequency transistors and their modelling are reported and discussed. An insight on the current state of radiofrequency devices is provided which more specifically targets graphene oscillators, multipliers, and mixers. Finally, the current fabrication issues and techniques are analyzed and discussed, providing a global overview on the application of graphene for radiofrequency electronics.Work supported by PTDC/EEI-TEL/29670/2017 - (POCI-01-0145-FEDER-029670), co-financed by the European Regional Development Fund (ERDF), through COMPETE 2020, grant SFRH/BD/141462/2018, grant SFRH/BD/137529/2018, grant UIDB/04436/2020, grant UIDP/04436/2020, and grant UIDB/04650/2020

Wideband Watt-Level Spatial Power-Combined Power Amplifier in SiGe BiCMOS Technology for Efficient mm-Wave Array Transmitters

The continued demand for high-speed wireless communications is driving the development of integrated high-power transmitters at millimeter wave (mm-Wave) frequencies. Si-based technologies allow achieving a high level of integration but usually provide insufficient generated RF power to compensate for the increased propagation and material losses at mm-Wave bands due to the relatively low breakdown voltage of their devices. This problem can be reduced significantly if one could combine the power of multiple active devices on each antenna element. However, conventional on-chip power combining networks have inherently high insertion losses reducing transmitter efficiency and limiting its maximum achievable output power.This work presents a non-conventional design approach for mm-Wave Si-based Watt-level power amplifiers that is based on novel power-combining architecture, where an array of parallel custom PA-cells suited on the same chip is interfaced to a single substrate integrated waveguide (to be a part of an antenna element). This allows one to directly excite TEm0 waveguide modes with high power through spatial power combining functionality, obviating the need for intermediate and potentially lossy on-chip power combiners. The proposed solution offers wide impedance bandwidth (50%) and low insertion losses (0.4 dB), which are virtually independent from the number of interfaced PA-cells. The work evaluates the scalability bounds of the architecture as well as discusses the critical effects of coupled non-identical PA-cells, which are efficiently reduced by employing on-chip isolation load resistors.The proposed architecture has been demonstrated through an example of the combined PA with four differential cascode PA-cells suited on the same chip, which is flip-chip interconnected to the combiner placed on a laminate. This design is implemented in a 0.25 um SiGe BiCMOS technology. The PA-cell has a wideband performance (38.6%) with both high peak efficiency (30%) and high saturated output power (24.9 dBm), which is the highest reported output power level obtained without the use of circuit-level power combining in Si-based technologies at Ka-band. In order to achieve the optimal system-level performance of the combined PA, an EM-circuit-thermal optimization flow has been proposed, which accounts for various multiphysics effects occurring in the joint structure. The final PA achieves the peak PAE of 26.7% in combination with 30.8 dBm maximum saturated output power, which is the highest achievable output power in practical applications, where the 50-Ohms load is placed on a laminate. The high efficiency (>20%) and output power (>29.8 dBm) over a wide frequency range (30%) exceed the state-of-the-art in Si-based PAs

Through-Silicon Vias in SiGe BiCMOS and Interposer Technologies for Sub-THz Applications

Im Rahmen der vorliegenden Dissertation zum Thema „Through-Silicon Vias in SiGe BiCMOS and Interposer Technologies for Sub-THz Applications“ wurde auf Basis einer 130 nm SiGe BiCMOS Technologie ein Through-Silicon Via (TSV) Technologiemodul zur Herstellung elektrischer Durchkontaktierungen für die Anwendung im Millimeterwellen und Sub-THz Frequenzbereich entwickelt. TSVs wurden mittels elektromagnetischer Simulationen modelliert und in Bezug auf ihre elektrischen Eigenschaften bis in den sub-THz Bereich bis zu 300 GHz optimiert. Es wurden die Wechselwirkungen zwischen Modellierung, Fertigungstechnologie und den elektrischen Eigenschaften untersucht. Besonderes Augenmerk wurde auf die technologischen Einflussfaktoren gelegt. Daraus schlussfolgernd wurde das TSV Technologiemodul entwickelt und in eine SiGe BiCMOS Technologie integriert. Hierzu wurde eine Via-Middle Integration gewählt, welche eine Freilegung der TSVs von der Wafer Rückseite erfordert. Durch die geringe Waferdicke von ca. 75 μm wird einen Carrier Wafer Handling Prozess verwendet. Dieser Prozess wurde unter der Randbedingung entwickelt, dass eine nachfolgende Bearbeitung der Wafer innerhalb der BiCMOS Pilotlinie erfolgen kann. Die Rückseitenbearbeitung zielt darauf ab, einen Redistribution Layer auf der Rückseite der BiCMOS Wafer zu realisieren. Hierzu wurde ein Prozess entwickelt, um gleichzeitig verschiedene TSV Strukturen mit variablen Geometrien zu realisieren und damit eine hohe TSV Design Flexibilität zu gewährleisten. Die TSV Strukturen wurden von DC bis über 300 GHz charakterisiert und die elektrischen Eigenschaften extrahiert. Dabei wurde gezeigt, dass TSV Verbindungen mit sehr geringer Dämpfung <1 dB bis 300 GHz realisierbar sind und somit ausgezeichnete Hochfrequenzeigenschaften aufweisen. Zuletzt wurden vielfältige Anwendungen wie das Grounding von Hochfrequenzschaltkreisen, Interposer mit Waveguides und 300 GHz Antennen dargestellt. Das Potential für Millimeterwellen Packaging und 3D Integration wurde evaluiert. TSV Technologien sind heutzutage in vielen Anwendungen z.B. im Bereich der Systemintegration von Digitalschaltkreisen und der Spannungsversorgung von integrierten Schaltkreisen etabliert. Im Rahmen dieser Arbeit wurde der Einsatz von TSVs für Millimeterwellen und dem sub-THz Frequenzbereich untersucht und die Anwendung für den sub-THz Bereich bis 300 GHz demonstriert. Dadurch werden neue Möglichkeiten der Systemintegration und des Packaging von Höchstfrequenzsystemen geschaffen.:Bibliographische Beschreibung List of symbols and abbreviations Acknowledgement 1. Introduction 2. FEM Modeling of BiCMOS & Interposer Through-Silicon Vias 3. Fabrication of BiCMOS & Silicon Interposer with TSVs 4. Characterization of BiCMOS Embedded Through-Silicon Vias 5. Applications 6. Conclusion and Future Work 7. Appendix 8. Publications & Patents 9. Bibliography 10. List of Figures and Table