A Primer on Signal ID with SDR

I came across this piece written in response to an RFI(request for Information) on an unidentified digital signal. Token frequently contributes to and is a Moderator of HF Underground, a forum that anyone concerned with Open Source Signals Collection should be paying attention to. Their users have tons of great information. He’s explained a lot in a short amount of space; I post it here with his permission.

Utility monitoring primer.

Utility stations are MF and HF, shortwave, stations that are not generally intended for public listening. They are not ham transmissions and they are not Shortwave Broadcast transmissions (music / news / talk), but pretty much every other transmission in the shortwave spectrum loosely fits “utility” stations. Specific examples would be military transmissions, aviation, maritime, various distress frequencies, research transmissions, HF over the horizon radar systems, etc.

All of these can be monitored, and some interesting receptions are possible. But they do require a slightly different approach than say tuning to Voice of America. Utilities often have no set schedule of transmission (but some are very scheduled), and are most often short duration and transient in nature.

When reporting Utilities information is key. Frequency tuned, mode used to receive, date (UTC), and time (UTC) are minimums. More information is useful. Type of receiver used can help confirm possible variation parameters. Antenna used to receive can give some indication of performance level at the receive location. General receiver location, combined with already mentioned frequency and time, can give indications of what kind of coverage can be anticipated. Description of the sound heard, when combined with receiver mode, can start to narrow down the possible suspect pool.

Why are tuned frequency and mode important? Why not just frequency? Typically when you tune to a frequency the mode will also determine the filter bandwidth, or passband, of the receiver. While each radio has unique filter values there are some pretty typical values that you can take as starting points. AM mode typically results in a 6 kHz, or wider passband, 9 and 12 kHz are not uncommon. This means that a radio in AM mode and tuned to 5000 kHz might actually hear anything from about 4997 to 5003 kHz, and quite likely wider than that. USB / LSB typically has something like 2.4 kHz, or wider, passbands, except when using an intentionally narrow filter, and then it is typically 1.8 kHz, or wider. A receiver tuned to 5000 kHz and in USB mode might be hearing anything from 5000 to 5003 kHz, and one in LSB might be hearing anything from 4997 to 5000 kHz. With voice transmissions you would tune to a natural sounding voice, so the freq readout is probably right for them, but for non-voice transmissions your offset might be much harder to guess.

In the two example pictures below the radios are tuned to different frequencies and in different modes, 4288 kHz USB and 4290 kHz LSB, but the resultant sound of the signal is the same. And one person might report it as 4288 kHz, another as 4290 kHz. Without knowing the mode used to tune the receiver, even with a recording of the signal audio, you cannot easily tell they are the same signal tuned two different ways.

4288 kHz, USB mode (correctly tuned):


4290 kHz, LSB mode (incorrectly tuned):


Speaking of modes, the most commonly used Utility mode of transmission for both voice and data signals is USB. Ham radio has a convention (but not a rule) when talking about voice transmissions (but not data) of using LSB from 10 MHz and down, and USB above 10 MHz, with the exception of the 60 meter band, which is USB and below 10 MHz. Utility transmissions have no such convention, and the large majority of voice and data transmissions are in USB, regardless of frequency. The Chinese and Russian militaries are notable exceptions to this, the Chinese really seem to use LSB a lot, and the Russians also use LSB a lot, although I think the majority are still USB.

What kinds of things can be heard when monitoring utility transmissions? Really, what cannot. Last week a US Army Cav unit was in training in the field, probably at NTC. Every day at the same time all of the units reported to either the Brigade or Battalion commander with status updates. Who did what that day, and the results of exercises were discussed, as well as equipment faults and repairs. During the air raids on Libya you could monitor aircraft ingressing and egressing the areas, with reports of activity over the target. You can fairly often monitor USCG rescue operations or drug interdiction operations. A couple times a year you can monitor US aircraft carrier groups doing workups, including the air defense nets with situated attacks and intercepts by missile and aircraft.

While many things these days are encrypted, a surprising number of interesting things still are not. It is a World view from a different angle. Even the encrypted traffic can prove interesting, with some World events resulting in large increases of certain types of data.


When using an SDR, I must add that for HF you’ll need an Upconverter to enable HF reception. You can find an example of one here. With a cheap older used Laptop/Netbook running Linux, a SDR package, and a bunch of wire, you can have a formidable monitoring package for not a lot of money. As Token very accurately points out, a lot of information can be gained by just listening- and if you don’t recognize the value in that you’ve missed the point of this and many other great blogs out there.

9 thoughts on “A Primer on Signal ID with SDR

  1. Interesting post. I’ve run across a lot of WTF “is that” when scrolling through the spectrum.

    SDR is a fantastic tool, not only from the standpoint of listening, but also as a hillbilly analysis device for your own equipment.

    1. Yeah, when I read what he wrote I knew I had to post it.

      It’s a great “how to and why” explanation that I think we all can use.

  2. mtnforge

    In reading various German army officer accounts in WWII there’s frequent mention of the Allies being sloppy with low level transmissions, and how so much intelligence could be gleaned from it, like from order of battle based on fueling equipment to canteens providing chow for numbers of solders.
    Got to thinking about that, and this SDR sure strikes me as a very useful tool for keeping abreast of indicators pertaining to your AO and out aways.
    And aside from the evident practicality in present terms, if things where getting sporty and the pressure is on opfor, people are creatures of habit and like any animal, they prefer the path of least resistance. In other words how sloppy some forces might become under pressures, unexpected and stressful circumstances.
    I’m just throwing that out there on a hunch.
    What are procedures and requirements for employing encryption to all benign every day low level comms and chatter.

    1. It wasn’t just Allies in that regard- they were all quite guilty of the crime of complacency, with pre-Pearl Harbor Japan being very bad about it.

      But indeed; one of the reasons I posted as much about the ongoings in Ukraine/NovoRossyia is to exemplify exactly that principle you pointed out- with regards to communications, most will resort to the easy answer. Those who know how to exploit this reality will be quite successful.

      1. All the more reasons for good reliable nuts and bolts comms and Opsec.
        You know something, coming from never having any experience in comms, it is all beginning to sink in what an amazing resource it all is. You all guys advocating it have offered up a gold mine. There really isn’t anything like it in terms of community and cooperation across such a vast sphere of people and space, the meat, technical and human terrain. Never mind how intelligent and resourceful this community is. Never mind the generosity of sharing it so graciously with everyone interested.
        I can begin to understand why now.

        You guys might find this prophetic.

        ‘What it looks like when the Internet suddenly disappears’

        Jerry usually has an interesting perspective worth taking into consideration.
        I find this particular post in entirety most relative.

  3. The HackRF can go down to DC, so an upconverter is optional. Not for the $20 DVB dongles.
    So ti depends on the radio and/or the SDR

Comments are closed.