Signaling System 7
(it is simply called SS7) is an architecture for performing out-of-band
signaling in support of the call-establishment, billing, routing and
information-exchange functions of the public switched telephone network (PSTN)
or public land mobile network (PLMN). It identifies functions to be performed
by a signaling-system network and a protocol to enable their performance.
switched telephone network (PSTN) or public land mobile
network (PLMN). It identifies functions to be performed by a signaling-system
network and a protocol to enable their performance.
What is Signaling?
Signaling refers to the exchange of information between call
components required to provide and maintain service.
As users of the PSTN, we exchange signaling with network
elements all the time. Examples of signaling between a telephone user and the
telephone network include: dialing digits, providing dial tone, accessing a
voice mailbox, sending a call-waiting tone, etc.
SS7 is a means by which elements of the telephone network
exchange information. Information is conveyed in the form of messages. SS7
messages can convey information such as:
- I’ m
forwarding to you a call placed from 212-555-1234 to 718-555-5678. Look
for it on the trunk 067.
- Someone
just dialed 800-555-1212. Where do I route the call?
- The
called subscriber for the call on trunk 11 is busy. Release the call and
play a busy tone.
- I’m
taking trunk 143 out of service for maintenance.
To initiate a call, a telephone subscriber lifts the handset
off its rest-goes "off hook". This action is a signal to the exchange
that the subscriber wants to make a phone call.
As soon as appropriate receiving equipment has been
connected to the line, the exchange sends a dial tone back to the calling
party, who then can start dialing the wanted number.
The subscriber in due course then receives advice from the
exchange about the status of the call, either a ringing tone, and engaged or
busy tone signal, and equipment busy tone signal (congestion), or some other
specialized tone.
These are some of the signals with which the telephone
subscribers themselves are concerned.
Please note that the Calling Subscriber is always referred
to as the A-subscriber, and the Called Subscriber is called the B -subscriber.
If signaling is to be carried on a different path from the
voice and data traffic it supports, then what should that path look like? The
simplest design would be to allocate one of the paths between each
interconnected pair of switches as the signaling link. Subject to capacity constraints,
all signaling traffic between the two switches could traverse this link. This
type of signaling is known as associated signaling.
Associated signaling works well as a switch’s only signaling
requirements are between itself and other switches to which it has trunks. If
call setup and management was the only application of SS7, associated signaling
would meet that need simply and efficiently. In fact, much of the out-of-band
signaling deployed in Europe today uses
associated mode.
The North American implementers of SS7, however, wanted to
design a signaling network that would enable any node to exchange signaling
with any other SS7-capable node. Cleary, associated signaling becomes much more
complicated when it is used to exchange signaling between nodes which do not
have a direct connection. From this need, the North American SS7 architecture
was born.
A Signaling Point (SP) is a switching
or, processing node in a signaling network, with the functions of SS7
implemented.
All Signaling Points in a SS7 Signaling Network are identified by a unique code (14
bits 0r 24 bits) known as a Signaling Point Code.
A signaling point, at which a signaling message is
generated, is called the Originating Point.
A signaling point, to which a signaling message is destined,
is called a Destination Point.
A signaling point, at which a message is received on one
signaling link and then transferred to another link, without processing the
contents of the message, is called a Signaling Transfer Point (STP).
The common channel signaling system uses Signaling Links
(SLs) to convey the signaling messages between two signaling points.
Physically, a Signaling Link consists of a Signaling
Terminal at each end of the link and some kind of transmission media (normally
a time slot in a PCM -link) interconnecting the two Signaling Terminals.
A number of parallel signaling links that directly
interconnect two signaling points constitute a Signaling Link Set.
SSPs are switches
that originate, terminate, or tandem calls. An SSP sends signaling messages to
other SSPs to setup, manage, and release voice circuits required to complete a
call. An SSP may also send a query message to a centralized database (an SCP)
to determine how to route a call (e.g., a toll-free 1-800/888 call in North America ). An SCP sends a response to the
originating SSP containing the routing number(s) associated with the dialed
number. An alternate routing number may be used by the SSP if the primary
number is busy or the call is unanswered within a specified time. Actual call
features vary from network to network and from service to service.
Network traffic between signaling points may be routed via a
packet switch called an STP. An STP
routes each incoming message to an outgoing signaling link based on routing
information contained in the SS7 message. Because it acts as a network hub, an
STP provides improved utilization of the SS7 network by eliminating the need
for direct links between signaling points. An STP may perform global title
translation, a procedure by which the destination signaling point is determined
from digits present in the signaling message (e.g., the dialed 800 number,
calling card number, or mobile subscriber identification number). An STP can
also act as a "firewall" to screen SS7 messages exchanged with other
networks.
Because the SS7 network is critical to call processing, SCPs
and STPs are usually deployed in mated pair configurations in separate physical
locations to ensure network-wide service in the event of an isolated failure.
Links between signaling points are also provisioned in pairs. Traffic is shared
across all links in the linkset. If one of the links fails, the signaling
traffic is rerouted over another link in the linkset. The SS7 protocol provides
both error correction and retransmission capabilities to allow continued
service in the event of signaling point or link failures.
Message Transfer Part
The Message Transfer Part (MTP) is divided into three
levels. The lowest level, MTP Level 1, is equivalent to the OSI Physical
Layer. MTP Level 1 defines the physical, electrical, and functional
characteristics of the digital signaling link. Physical interfaces defined
include E-1 (2048 kb/s; 32 64 kb/s channels), DS-1 (1544 kb/s; 24 64kb/s
channels), V.35 (64 kb/s), DS-0 (64 kb/s), and DS-0A (56 kb/s).
MTP Level 2 ensures accurate end-to-end transmission
of a message across a signaling link. Level 2 implements flow control, message
sequence validation, and error checking. When an error occurs on a signaling
link, the message (or set of messages) is retransmitted. MTP Level 2 is
equivalent to the OSI Data Link Layer.
MTP Level 3 provides message routing between
signaling points in the SS7 network. MTP Level 3 re-routes traffic away from
failed links and signaling points and controls traffic when congestion occurs.
MTP Level 3 is equivalent to the OSI Network Layer.
ISDN User Part (ISUP)
The ISDN User Part (ISUP) defines the protocol used to
set-up, manage, and release trunk circuits that carry voice and data between
terminating line exchanges (e.g., between a calling party and a called party).
ISUP is used for both ISDN and non-ISDN calls. However, calls that originate
and terminate at the same switch do not use ISUP signaling.
Telephone User Part (TUP)
In some parts of the world (e.g., China ,
Brazil
Signaling Connection Control Part (SCCP)
SCCP provides connectionless and connection-oriented network
services and global title translation (GTT) capabilities above MTP Level 3. A
global title is an address (e.g., a dialed 800 number, calling card number, or
mobile subscriber identification number) which is translated by SCCP into a
destination point code and subsystem number. A subsystem number uniquely
identifies an application at the destination signaling point. SCCP is used as
the transport layer for TCAP-based services.
Transaction
Capabilities Applications Part (TCAP)
TCAP supports the exchange of non-circuit related data
between applications across the SS7 network using the SCCP connectionless
service. Queries and responses sent between SSPs and SCPs are carried in TCAP
messages. For example, an SSP sends a TCAP query to determine the routing
number associated with a dialed 800/888 number and to check the personal
identification number (PIN) of a calling card user. In mobile networks (IS-41
and GSM), TCAP carries Mobile Application Part (MAP) messages sent between
mobile switches and databases to support user authentication, equipment
identification, and roaming.
Operations, Maintenance and Administration Part (OMAP)
and ASE
OMAP and ASE are areas for future definition. Presently,
OMAP services may be used to verify network routing databases and to diagnose
link problems.
What goes over
signaling link?
Signaling information is passed over the signaling link in
messages, which are called signal units (SUs).
Three types of SUs aredefined in the SS7 protocol.
- Message
Signal Units (MSUs)
- Link
Status Signal Units (LSSUs)
- Fill-In
Signal Units (FISUs)
SUs are transmitted continuously in both directions on any
link that is in service. A signaling point that does not have MSUs or LSSUs to
send will send FISUs over the link. The FISUs perform the function suggested by
their name; they fill up the signaling link until there is a need to send
purposeful signaling. They also facilitate link transmission monitoring and the
acknowledgement of other SUs.
All transmission on the signaling link is broken up into
8-bit bytes, referred to as octets. SUs on a link are delimited by a unique
8-bit pattern know as a flag. The flag is defined as the 8-bit pattern
“01111110”. Because of the possibility that data within an SU would contain
this pattern, bit manipulation techniques are used to ensure that the pattern
does not occur within the message as it is transmitted over the link. (The SU
is reconstructed once it has been taken off the link, and any bit manipulation
is reversed.) Thus, any occurrence of the flag on the link indicates the end of
one SU and the beginning of another. While in theory two flags could be placed
between SUs (one to mark the end of the current message and one to mark the start of next message), in
practice a single flag is used for both
purposes.
FISUs themselves
have no information payload. Their purpose is to occupy the link at those times
when there are no LSSUs or MSUs to send. Because they undergo error checking,
FISUs facilitate the constant monitoring of link quality in the absence of
signaling traffic. FISUs also can be used to acknowledge the receipt of
messages using the backwards sequence number (BSN) and backwards indicator bit
(BIB).
LSSUs are used to
communicate information about the signaling link between the nodes on either
end of the link. This information is contained in the status field of the SU.
Because the two ends of a link are controlled by independent processors, there
is a need to provide a means for them to communicate. LSSUs provide the means
for performing this function. LSSUs are used primarily to signal the initiation
of link alignment, the quality of received signaling traffic, and the status of
the processors at either end of the link. Because they are sent only between
the signaling points at either end of the link, LSSUs do not require any
addressing information.
MSUs are the
workhorses of the SS7 network. All signaling associated with call setup and
tear down, database query and response , and SS7 network management takes place
using MSUs. MSUs are the basic envelope within which all addressed signaling
information is placed.
The functionality of the message signal unit lies in the
actual content of the service information octet and the signaling information
field.
The FIB is used in error recovery like the BIB. When a
signal unit is ready for transmission, the signaling point increments the FSN
(forward sequence number) by 1 (FSN = 0..127). The CRC (cyclic redundancy
check) checksum value is calculated and appended to the forward message. Upon
receiving the message, the remote signaling point checks the CRC and copies the
value of the FSN into the BSN of the next available message scheduled for
transmission back to the initiating signaling point. If the CRC is correct, the
backward message is transmitted. If the CRC is incorrect, the remote signaling
point indicates negative acknowledgment by toggling the BIB prior to sending
the backward message. When the originating signaling point receives a negative
acknowledgment, it retransmits all forward messages, beginning with the
corrupted message, with the FIB toggled.
Because the 7-bit FSN can store values between zero and 127,
a signaling point can send up to 128 signal units before requiring
acknowledgment from the remote signaling point. The BSN indicates the last
in-sequence signal unit received correctly by the remote signaling point. The
BSN acknowledges all previously received signal units as well. For example, if
a signaling point receives a signal unit with BSN = 5 followed by another with
BSN = 10 (and the BIB is not toggled), the latter BSN implies successful
receipt of signal units 6 through 9 as well.
The SIO field in an MSU contains the 4-bit SubService
Field followed by the 4-bit Service Indicator. FISUs and LSSUs do
not contain an SIO.
The SubService Field contains the network indicator
(e.g., national or international) and the message priority (0..3 with 3 being
the highest priority). Message priority is considered only under congestion
conditions, not to control the order in which messages are transmitted. Low
priority messages may be discarded during periods of congestion. Signaling link
test messages receive a higher priority than call setup messages. Message
priority, however, is not implemented in
most SS7 networks except in American .
The service indicator specifies the MTP user, thereby
allowing the decoding of the information contained in the SIF.
In ITU-T implementations, the SLS is interpreted as the Signaling
Link Code (SLC) in MTP messages.
In ITU-T Telephone User Part message, a portion of the Circuit
Identification Code (CIC) is stored in the SLS field.
.
The Routing Label which is used by the MTP to route
the messages to the correct destination contains 4 different fields:
Destination Point Code (DPC)
DPC is the part of the Label which uniquely identifies the
Signaling Point to where the MSU is addressed.
Originating Point Code (OPC)
OPC is the part of the Label which uniquely identifies the
Signaling Point that originates the message.
Circuit Identification Code (CIC)
CIC is the part of the Label that uniquely identifies a
telephone or data circuit between the originating and the destination point.
Signaling Link Selection (SLS)
SLS is the 4 least significant bits of the CIC field. The
SLS field is used to select a Signaling Link from a Signaling Link Set,
normally on a load sharing basis.
Heading Codes
Each TUP message also contains an octet (8 bits) with the
two Heading Codes, which uniquely identifies the type of telephone signal.
The rest of the SIF field contains a number of sub-fields
(parameters) with the signaling information.
The telephone signals are transferred in the signaling
network the form of signaling messages. which is the contents in the SIF field
in the Message Signal Units (MSU).
The TUP signaling messages are grouped into a number of
message groups, where each group is identified by a Heading Code H0. See
Heading Code allocation table in this slide.
Each signaling message within a message group is identified
by another Heading Code H1.
The detailed description of the TUP signals are found in the
CCITT Recommendation Q.723.
FAM group
IAM Initial Address
Message
IAI Initial
Address message with additional Information
SAM Subsequent-Address
Message
SAO Subsequent-Address
message with One signal
FSM group
GSM General forward
Set-up Information Message
BSM group
GRQ General Request
Message
SBM group
ACM Address Complete
Message
UBM group
ADI Address
Incomplete message
UNN Unallocated-National-Number
signal
CSM group
ANC Answer signa,l
Charge
ANN Answer signal, No
Charge
CBK Clear-Back
signal
CLF Clear-Forward
signal
H0 = 0001 ---> FAM
- Forward Address Message
H1 = 0001 ---> IAM
- Initial Address Message
Calling Party Category (A -category)
000010 --->
operator, English
001010 --->
ordinary subscriber
Message Indicators
XXXXX1000111 --->
International number, one satellite circuit in connection, continuity check not
required, outgoing half-echo suppresser included
Number of address signals ---> Number of digits in the address field
Address signals
(B -number)
0011 ---> digit 3
1100 ---> digit 12
Each ISUP message
contains a mandatory fixed part
containing mandatory fixed-length parameters. Sometimes the mandatory fixed
part is comprised only of the message type field. The mandatory fixed part may
be followed by the mandatory variable
part and/or the optional part.
The mandatory variable part contains mandatory variable-length parameters. The
optional part contains optional parameters which are identified by a one-octet
parameter code followed by a length indicator ("octets to follow")
field. Optional parameters may occur in any order. If optional parameters are
included, the end of the optional parameters is indicated by an octet containing
all zeros.
1. When a call is placed to an out-of-switch number, the
originating SSP transmits an ISUP initial address message (IAM) to reserve an
idle trunk circuit from the originating switch to the destination switch (1a).
The IAM includes the originating point code, destination point code, circuit
identification code (circuit "5" in this slide), dialed digits and,
optionally, the calling party number and name. In this example, the IAM is
routed via the home STP of the originating switch to the destination switch
(1b). Note that the same signaling link(s) are used for the duration of the
call unless a link failure condition forces a switch to use an alternate
signaling link.
2. The destination switch examines the dialed number,
determines that it serves the called party, and that the line is available for
ringing. The destination switch rings the called party line and transmits an
ISUP address complete message (ACM) to the originating switch (2a) (via its
home STP) to indicate that the remote end of the trunk circuit has been
reserved. The STP routes the ACM to the originating switch (2b) which rings the
calling party's line and connects it to the trunk to complete the voice circuit
from the calling party to the called party.
In this example, the originating and destination switches
are directly connected with trunks. If the originating and destination switches
are not directly connected with trunks, the originating switch transmits an IAM
to reserve a trunk circuit to an intermediate switch. The intermediate switch
sends an ACM to acknowledge the circuit reservation request and then transmits
an IAM to reserve a trunk circuit to another switch. This processes continues
until all trunks required to complete the voice circuit from the originating switch
to the destination switch are reserved.
3. When the called party picks up the phone, the destination
switch terminates the ringing tone and transmits an ISUP answer message (ANM)
to the originating switch via its home STP (3a). The STP routes the ANM to the
originating switch (3b) which verifies that the calling party's line is
connected to the reserved trunk and, if so, initiates billing.
4. If the calling party hangs-up first, the originating
switch sends an ISUP release message (REL) to release the trunk circuit between
the switches (4a). The STP routes the REL to the destination switch (4b). If
the called party hangs up first, or if the line is busy, the destination switch
sends an REL to the originating switch indicating the release cause (e.g., normal
release or busy).
5. Upon receiving the REL, the destination switch
disconnects the trunk from the called party's line, sets the trunk state to
idle, and transmits an ISUP release complete message (RLC) to the originating
switch (5a) to acknowledge the release of the remote end of the trunk circuit.
When the originating switch receives (or generates) the RLC (5b), it terminates
the billing cycle and sets the trunk state to idle in preparation for the next
call.
Note:
ISUP messages may also be transmitted during the connection
phase of the call (i.e., between the ISUP Answer (ANM) and Release (REL)
messages.
In the telephone services, all signaling messages and calls
have some relation with the circuit. In general, the message transmission link corresponds
to the call connection path.
In the GSM system,
non-circuit-related signaling message also needs to be transmitted (e.g.
location update, authorization and so on), so the localization of MTP
transmission emerges. What’s more, Addressing within MTP is performed according
to DPC, however, the signaling point code is not the standard international
code, it is only effective within a certain country. Therefore, MTP can not
provide the location registration function and authorization of the international
roaming subscriber.
On the other hand, the limited capacity of the signaling
point code (14-bit as specified by CCITT) also limits the number of the
signaling points to be marked.
And the 4-bit SI can not satisfy the increased requirements
of the modern communication as well, since it can only be assigned to sixteen
different user parts.
Finally, MTP can only provide the connectionless
transmission. While the development of the telecommunication network needs the
transmission of the large quantity of the non-realtime message, the connection
has to be preset to facilitate the
connection-oriented transmission.
To solve problems described above, in 1984, the CCITT came
up with a new level structure: SCCP. SCCP is based on MTP and provides the
supplementary functions to MTP. When SCCP and MTP is combined together, they
are called as NSP (network service part). SCCP and MTP-3 all locate in the
network layer of the OSI model.
The SCCP provides additional functions to the Message
Transfer Part to provide connectionless and connection-oriented network
services to transfer circuit-related and non-circuit-related signaling
information.
Exchange of information between two peers of the SCCP is
performed by means of a protocol. The protocol is a set of rules and formats by
which the control information (and user data) is exchanged between the two
peers.
SCCP provides a routing function which allows signaling
messages to be routed to a signaling point based on, for example, dialed
digits. This capability involves a translation function which translates the
global title (e.g. dialed digits) into a signaling point code and a subsystem
number.
SCCP also provides a management function, which controls the
availability of the "subsystems", and broadcasts this information to
other nodes in the network which have a need to know the status of the
"subsystem". An SCCP subsystem is an SCCP User.
Functions of the SCCP are also used for the transfer of
circuit related and call related signaling information of the ISDN user part with
or without setup of end-to-end logical signaling connections.
Connectionless services
Similar to the datagram transmission in the packet
switching, the connectionless service does not need the preset connection (that
is, signaling transmission path). SCCP may help to transmit the signaling data
without establishing the signaling connection beforehand. Therefore, SCCP
provides the routing function and may translate the called address into the SP
code required by the MTP service.
The connectionless SCCP offers two services: The class 0
service allows the SCCP to insert SLS values randomly, or with the aim to
achieve an appropriate load sharing within the underlying MTP network; The
class 1 service requires the SCCP to insert the same SLS for all the SCCP-SDUs
(service data unit) associated with the given parameters "sequence
control" and "called address".
These two classes of the SCCP connectionless service are
widely adopted in the GSM network subsystem, also be adopted in the A-interface
with only class 0 service.
Connection-oriented
The connection-oriented service is similar to "virtual
circuit?transmission in the data communication system. Before the message is
sent, Connection-oriented services require the establishment of signaling
connection (virtual connection) between the start point and the destination
point via the reply mode before the transfer of signaling information by
subscribers. In such a case, subscribers need not select routes by using the
SCCP routing function when transferring data but transfer the data via the
established signaling connection. When the transfer of data is finished,
subscribers need to release the signaling connection. This type of services
applies to the transfer of a big amount of data because the destination
position has confirmed to be able to receive data before the data is
transmitted and hence the invalid transmission of a big amount of data can be
prevented. The time delay for the transmission of batches of data can be
effectively curtailed.
DPC
The DPC in an address requires no translation and will
merely determine if the message is destined for that SP (incoming message) or
requires to be routed over the SS7 signaling network via the MTP. For outgoing
messages this DPC should be inserted in the MTP routing label. The DPC is only effective within the defined
signaling network.
In the MTP routing, the SI will determine the ‘user’? e.g.
TUP, SCCP, ISUP and the NI will determine which network is concerned, e.g.
international or national.
SSN
SSN is the local address information employed by SCCP. It is
used to distinguish each SCCP user of the same SP. For example, different SSN
may be used to represent TCAP, ISUP, MAP and so on. And it will eliminate the
disadvantages of the small number of the MTP message user. What’s more, it may
satisfy the future development of the telecommunication service by expanding
the local addressing range of the SI.
When examination of the DPC in an incoming message has
determined that the message is for that SP, examination of the SSN will
identify the concerned SCCP ‘user’? The presence of an SSN without a DPC will
also indicate a message which is addressed to that SP.
The SSN field has an initial capacity of 255 codes with an
extension code for future requirements.
GT
The Global Title (GT) is used when the originating SP does not know the
address of the destination SP, it may comprise of dialed digits or another form
of addresses that will not be recognized in the SS7 network. Therefore, if the
associated message requires to be routed over the SS7 network, translation is
required.
Translation of the GT will result in a DPC being produced
and possibly also a new SSN and GT. A field is also included in the address
indicator to identify the format of the global title.
TCAP Concepts
TC – user An
application using TCAP as a protocol for communication in the network.
Dialogue An
association established between two TC -users exchanging data.
Transaction
An association between two TCAPs.
Operation
The action being requested of the remote end by a TC -user.
Component A
protocol data unit exchanged between TC -users.
TC –primitive
Primitives exchanged between TCAP and TC -user.
The 36 operations in
CS-1 are:
Activate Service Filtering
Activity Test
Activity Test Response
Apply Charging
Apply Charging Report
Assist Request Instruction
Call Gap
Call Information Report
Call Information Request
Cancel Status Report Request
Collect Information
Connect
Connect to Resource
Continue
Disconnect Forward Connection
Establish Temporary Connection
Event Notification Charging
Event Report BCSM
Furnish Charging Information
Initiate DP
Initiate Call Attempt
Release Call
Request Charging Event Notification
Request Report BCSM Event
Request Status Report
Reset Timer
Select Facility
Send Charging Information
Service Filtering Response
Status Report
Assist Request Instruction from SRF
Cancel Announcement
Collected User Information
Play Announcement
Prompt and Collect User Information
Specialized Resource Report
In CS-2, the number of INAP operations has been extended to
145.
Comments are most Welcomed,
Telecom Champ Team
telecomchamp@gmail.com
