||This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (March 2014) (Learn how and when to remove this template message)|
A baseband processor (also known as baseband radio processor, BP, or BBP) is a device (a chip or part of a chip) in a network interface that manages all the radio functions (all functions that require an antenna); however, this term is generally not used in reference to Wi-Fi and Bluetooth radios. A baseband processor typically uses its own RAM and firmware.
Baseband processors typically run a real-time operating system (RTOS) as their firmware, such as ENEA's OSE, Nucleus RTOS (iPhone 3G/3GS/iPad), ThreadX (iPhone 4), and VRTX. There are more than a few significant manufacturers of baseband processors, including Broadcom, Icera, Intel Mobile Communications (former Infineon wireless division), MediaTek, Qualcomm, Spreadtrum, and ST-Ericsson.
The rationale of separating the baseband processor from the main processor (known as the AP or Application Processor) is threefold:
- Radio performance
- Radio control functions (signal modulation, encoding, radio frequency shifting, etc.) are highly timing-dependent, and require a real-time operating system.
- Some authorities (e.g. the U.S. Federal Communications Commission (FCC)) require that the entire software stack running on a device which communicates with the cellular network must be certified. Separating the BP into a different component allows reusing them without having to certify the full AP.
- Radio reliability
- Separating the BP into a different component ensures proper radio operation while allowing application and OS changes.
Since the software which runs on baseband processors is usually proprietary, it is impossible to perform an independent code audit. By reverse engineering some of the baseband chips, researchers have found security vulnerabilities that could be used to access and modify data on the phone remotely. In March 2014, makers of the free Android derivative Replicant announced they have found a backdoor in the baseband software of Samsung Galaxy phones that allows remote access to the user data stored on the phone.
- Ralf Philipp Weinmann. "DeepSec 2010: All your baseband are belong to us". YouTube. Retrieved 2014-03-15.
- Ralf Philipp Weinmann. "WOOT 2012: Baseband Attacks: Remote Exploitation of Memory Corruptions in Cellular Protocol Stacks" (PDF). USENIX WOOT. Retrieved 2015-04-05.
- "Replicant developers find and close Samsung Galaxy backdoor". Free Software Foundation. Retrieved 2015-10-03.
- Baseband Processor entry at openezx.org, archived from the original on May 5, 2013
- Babin, Steve. Developing software for Symbian OS: A beginner's guide to creating Symbian OS v9 smartphone applications in C++. Symbian Press, 2007, p. 80.