As a person who likes to photograph emergency services, it can be very useful to have some inside information on the whereabouts of emergency services vehicles. And since there is not really a conventional way of doing so, except for their audiovisual signals ofcourse, we have to take matters into our own hands.
P2000, C2000 & Tetra
In the Netherlands, there are 2 communication networks currently in use by the emergency services: P2000 and C2000. P2000 is used for pager communication as where C2000 is used for direct communication.
P2000 is an unencrypted network making use of the FLEX pager protocol which can be easily tapped into using cheap hardware. This technology is also where my project 112Centraal is based on.
C2000 however, is a completely different story. This network makes use of the TETRA (Terrestrial Trunked Radio) protocol and in the case of the emergency services, even has a layer of encryption built on top of it. Listening / hacking into this communcation is strictly illegal.
Now What?
Since breaking into C2000 is illegal and not something you can just pull off, we have to get creative... Encrypted or not, there is still radio communication happening here. Maybe we can at least detect the presence of their signals.
Let's have a look at the frequency specifications of C2000:
- 380,000 MHz - 385,000 MHz - Mobile communcation
- 390,000 MHz - 395,000 MHz - Stationary Communication
As I happen to live literally next to a police station, it should be very easy to confirm these ranges. By taking a quick look at the spectrum using an SDR dongle and Airspy, I found some signals:
Them being within the 390,000 MHz - 395,000 MHz range tells me they are from the station itself. Cool, we have an entry point!
Scripting
Having SDR software open all the time, scrolling the spectrum is not very convenient now is it? Luckily, there is software to help us out.
Since both rtl_power and rtl_power_fftw did not really fit my needs, I found out there is a direct Python wrapper for interfacing with RTL-SDR devices: pyrtlsdr.
After a few hours of messing around with pyrtlsdr, I had a working prototype. By throwing together a Raspberry Pi, a powerbank and another SDR dongle, I was ready to hit the road! By using an SSH app and letting my RPI host a WiFi network, I was able to have the detector on my dashboard.
Did it work?
After having driven around for a couple of hours on the highway, I had multiple instances of detection where I was able to physically see the probable sources of these signals: Some police cars. I also had some instances where I was getting passed by a police car and the detector did not report anything. So maybe detection is only possible while actual communication is happening?
This project is still a work-in-progress and I hope to be able to improve on it in the future.