SMS Software Development
Back in 1990 or thereabouts, GSM networks were starting to be rolled out. In a small group of people, sat in a closed room, the development of the SMS standard was being discussed. One wise man commented that people would find it hard to enter SMS via the keypad, and might wish to avail themselves of the larger keyboard and storage facilities of external computers. And thus was born the concept of "external control" of SMS.
In those days, AT commands were strictly for modems. There was no precedent for control of text messages and so we started to develop a protocol called SMS Block Mode which allowed complete control of SMS from a connected external computer or Terminal Equipment (TE). A couple of years later, Nokia, Ericsson and HP got together and produced a comprehensive set of AT commands for GSM, including SMS control. We had a couple of detailed meetings on this, which resulted in the AT commands for SMS being added to GSM 07.05 and the other AT commands going into a new spec GSM 07.07.
Then there were 3 ways to implement SMS control - the original Block Mode, AT commands-based Text Mode, and AT commands-based PDU Mode. These fought it out in the market place, and although the SMS Block Mode was included in Nokia's Cellular Data Card for the 2110 in 1994, the Block Mode has now really faded away and been replaced by PDU Mode.
So what is PDU Mode?
It is a way of sending and receiving SMS messages to/from a mobile phone. The "content" of the message is encoded as hex strings to make it easy to transfer the content.
What are the PDU Commands?
The basic PDU commands are AT+CMGR, AT+CMGL and AT+CMGS.
The easiest way to read out a series of SMS messages from a phone is to issue AT+CMGL=0. This reads all unread messages out. Alternatively, AT+CMGL=4 will read all messages (whether read or not).
So here's an example:
15:38:58 TX:AT
15:39:05 TX:AT+CPMS="ME"
15:39:05 RX:AT+CPMS="ME"
15:39:05 RX:
+CPMS: 15,15,4,10,15,15
15:39:05 RX:
OK
15:39:07 TX:AT+CMGL=0
15:39:07 RX:AT+CMGL=0
15:39:07 RX:
+CMGL: 5,0,,52
15:39:07 RX:07914408020033F40407D0B1582C0600000030525183920028D437082E7FD3CB633A888E2E83EE6F399B0C32CBDF6D10B96C0FCFE9617AFAED76B95C
15:39:07 RX:
OK
Let's analyse the received message. Using the "Insert SMS"
feature of SMS Manager, I can decode the complete message:
IEI: 00
LENGTH: 00
MESSAGE REF: 00
STATUS: 00
SC Address length: 07
SC Address type: 91
Type of number: International
Numbering plan identifier: E.164
SC Address: 44802000334
Message Type Indicator: 04
Message Type: SMS-DELIVER / SMS-DELIVER REPORT
More Messages To Send: No
Status Report Indication: No
Reply Path: No
Originating Address Length: 07
Originating Address type: D0
Type of number: Alphanumeric
Numbering plan identifier: Unknown
Originating Address: 1B85C260
Decoded: 1111
Protocol Identifier: Default
Data Coding Scheme: GSM Default Alphabet
SC Timestamp: 00305251839200
decoded: 00/03/25 15:38:29
Time Zone: GMT+0.00H
User Data Length: 28
decimal: 40
Message: To protect the world from devastation...
So let's take it step by step. SMS Manager is designed to work
with SMS Block Mode, so the first few fields are missing - IEI,
LENGTH, MESSAGE REF and STATUS. This means you need to hit the
BACK << button on SMS Manager 4 time to add 4 bytes on the
front before it will decode.
Then the first part of the message is :
07914408020033F4
07 = number of bytes following within Service Centre address.
91 = TON/NPI. This TON/NPI corresponds to International/E.164
which means you add a + to the front of the number. You may see
other codes in here, but 91 is the most common.
44080200033F4 is the actual Service Centre address. This is
nibble-swapped so the address is:
44802000334F. The last digit is "F" which means that
the length is 1 less.
So we have an address:
+44802000334
Now the next segment is:
04
This is the "header byte" which is a bitmask, when each
bit is set to '1' the meaning is as follows:
10000000
Reply Path - this means that the mobile can reply back through
the SMSC which sent this message (warning: Not all SMSCs set this
bit correctly)
01000000
TP-UDH - a user data header is present
00100000
TP-Status-Report-Indication - a status report is being sent back
to the sender to tell them you have received this message
00010000
00001000
These bits are not used in normal Mobile Terminated SMS.
00000100
TP-More Messages to Send - there are no more messages waiting for
the mobile in the SMSC.
00000010
00000001
The last 2 bits show the type of message - 00 means mobile
terminated SMS and 01 means mobile originated SMS (there are
other values not described here).
So our "04" is a normal MT SMS and there are no more
messages waiting at the SMSC.
More soon...
Kevin Holley
Last updated: 25th March 2000