The global market for radio frequency identification (RFID) continues to expand as the technology repeatedly demonstrates real benefits across multiple application areas at lower cost. To take full advantage of this growing market, companies continue to investigate ways to differentiate themselves through time to market, better performance and research into new implementation methodologies. At the same time, ongoing research is leading to new target applications and standards. For example, the benefit of short-range wireless communication is driving the growth of near field communication (NFC), a technology based on short-range 13.56 MHz RFID, in applications such as tire pressure monitoring and contactless payment.

This pressure to quickly get to market with a differentiated product compounds the already difficult challenges of testing RFID devices. A flexible test strategy is needed to meet current and future test requirements in order to:

• Reuse test and development efforts for existing and developing standards
• Address evolving regional RF regulations
• Enable in-depth analysis leading to performance and interoperability benefits for product differentiation

Such a strategy can benefit greatly from software-defined instrumentation using techniques similar to another fast-growing RF field, software-defined radio. To illustrate these benefits, this article briefly covers the technology behind RFID, the basic testing requirements and a software-defined instrumentation strategy to meet these challenges.

RFID Technology

It is important to note that RFID covers a tremendous range of applications. Each target application has requirements for communication range, managed asset lifetime, regional RF regulations and information to be tracked. This has led to multiple implementation strategies within RFID, containing a variety of RF and communication techniques. However, while there are many different implementations, the basic model remains consistent.

RF Interface

At the heart of RFID technology is the interface between the reader (or interrogator) and the tag (or transponder). Figure 1 shows the basic components of the reader: a transceiver, antenna or coil, and the embedded signal processing that implements a particular standard and application. The tag is composed of an antenna, a silicon memory chip and the substrate on which both are mounted. In the case of active or semi-active tags, an onboard supply provides power. In passive tags, the RF signal sent from the reader supplies the power. The communication initiated from the reader is modulated on a CW signal that generates an AC voltage across the tag’s antenna. This voltage is rectified to supply power, and the tag responds by alternating the loading of the antenna between absorptive and reflective to transmit data back to the reader. This process of backscattering results in small variations in the carrier’s amplitude at about 60 to 70 dB down, which the reader must peak detect and decode according to the modulation and coding schemes defined by the standard. In many ways, implementations of passive tag systems represent the greater challenge for design and development. As a result, this article concentrates on passive design test.

RFID implementations are typically grouped into four frequency bands: low frequency (125 kHz), high frequency (13.56 MHz), ultra-high frequency (860 to 960 MHz) and microwave (2.45 GHz). The long wavelengths of low frequency (LF) and high frequency (HF) RFID standards necessitate the use of electromagnetic or inductive coupling between the reader and the tag. Read distances vary from a few centimeters to about 1 meter. By contrast, true RF links are used in ultra-high (UHF) and microwave standards, and distances in passive tag-based systems can reach 7 to 10 m. In general, higher carrier frequencies are attractive because of higher possible data rates and smaller tag sizes. However, not all applications have the same requirements, and advancements continue in all four categories. As a result, many companies must develop technology across multiple frequency bands. Many components, such as the software powering the embedded processing in the reader, can be used across different RF front ends.

Digital Communications: Modulation and Coding

Regardless of the frequency band, the manner in which data is passed over the RF link follows the fundamental functional blocks of any digital communications system.

Knowing this basic representation of these functional blocks within a receiver and transmitter (see Figure 2) is critical to understanding the benefits of a software-defined approach to test. For RFID, the emphasis is on two of the functional blocks: modulation and baseband signaling.

Modulation techniques for RFID communication are normally chosen for simplicity of design and, in the case of passive-tag systems, the use of the RF carrier as a power source. Common data modulation techniques used in RFID are amplitude-shift keying (ASK), frequency-shift keying (FSK) and phase-shift keying (PSK), although other schemes, such as phase jitter modulation (PJM), are being explored. In the UHF standard 18000-6 Type C, also known as EPC Class1/Gen2, the modulation schemes used for reader-to-tag (R->T) modulation are variations of ASK: double sideband ASK (DSB-ASK), single sideband ASK (SSB-ASK) and phase-reversal ASK (PR-ASK). SSB-ASK and PR-ASK are good examples of how specifications are evolving over time to improve performance. SSB-ASK eliminates one of the sidebands normally present in ASK modulation while maintaining the same information. This results in a reduced occupied bandwidth, which is especially important in regions such as Europe where a smaller spectrum is available in the UHF band. PR-ASK changes phase 180° on every symbol, creating a modulation depth of 100 percent as phase vectors of adjacent symbols cross and sum to zero. This provides for the lowest C/N requirement for error-free communication while minimizing the “off” time of the carrier, which maximizes carrier power for passive tags.

The second functional block of importance is baseband signaling. For RFID, pulse coding is used to convert between the bits representing the data on a tag and the baseband waveforms passed to the modulation block. Coding of a serial bit stream is used primarily to provide a more robust communication link resistant to noise and distortion. Coding schemes such as NRZ, FM and Miller differ in spectral characteristics, methods of error detection, synchronization and noise immunity while balancing simplicity of design and cost of implementation. One common coding scheme used in the uplink (T->R) is Manchester Coding (used in ISO 14443), where additional 1s and 0s are added to the bit stream to guarantee a level transition in the middle of each bit clock period. As a result, the bit stream is self-clocking and thus the complexity of synchronization is reduced within the tag. In a passive tag where power is at a premium, reduced complexity is obviously desirable.


Testing RFID devices is a complex process with measurement requirements from a variety of sources. To begin, all electronic equipment manufacturers must meet regulatory requirements defined by local government bodies. Regulations limit transmitted signals in terms of power, bandwidth and frequency. Most regions also prohibit CW transmissions from devices unless used for a short period of time. Because passive tags use a CW signal from the reader for power as well as communication, accurate timing measurements of independent transmissions become critical. In the case of passive tag-based RFID systems, there is only one true transmitter, the reader. Current regulatory laws do not have well-defined test procedures for passive tags. As a result, test strategies must adjust as different regions evolve their regulations.

Beyond regional regulatory testing, the primary source of test requirements is the RFID standard itself. Each standard contains a precise description of the physical layer of the communication link between tag and reader. RF parameters are often defined by detailed envelopes that illustrate power and timing requirements. Figure 3 shows an example of the RF envelopes for reader-to-tag ASK and PR-ASK modulations defined in the standard for ISO 18000-6 Type C. Measurements must be made for modulation depth, envelope ripple, rise and fall times, and RF pulse width.

In addition, spectral masks define permissible RF emissions in frequency bands adjacent to the carrier under different conditions. Figure 4 shows a spectral mask defined by the ISO 18000-6 Type C standard in an environment with multiple interrogators (readers). This mask is used when the number of interrogators is considerably less than the number of RFID channels available for communication. The standard has a different spectral mask defined for environments where the number of interrogators is large compared to the number of channels.

Finally, designers face the challenge of validating and improving RFID device performance under real-world conditions. Potential RFID device customers evaluate such characteristics as read-range, interoperability with devices from other manufacturers, and speed and robustness of communication in various environments. This results in several opportunities for product differentiation. Testing methodologies to improve performance are often self-imposed by the company developing the product and evolve as expertise with a particular technology improves. Often these are the requirements that drive the need for advanced data visualization in the frequency and time domains.

To meet these challenges, there are two main aspects to a successful validation and verification test strategy:

• Instrumentation that can capture all relevant information necessary for current and future measurements during a communications link between reader and tag

• A reconfigurable measurement layer that can evolve with new standards and test requirements

Instrumentation used for the testing of RFID devices must acquire all relevant information during a communication link. The full range of RFID measurements encompass frequency, power, phase and timing information. Spectral emissions tests and adjacent channel power measurements require that this information be acquired in a frequency band centered around the carrier. These are the key elements of a vector signal analyzer (VSA). The transient nature of RFID adds the requirement of a trigger mode that can start acquisition at the beginning of a pulsed communication link between reader and tag. This can be as simple as a trigger based on the power level contained in an IQ band in which RFID communication is taking place.

The basic setup of an RFID tag test system is illustrated in Figure 5. To provide the actual communications link, a reference (“gold”) reader or RFID simulator is used to initiate a session while the RF VSA is used to record and analyze the link. The VSA, which is set to trigger off the signal generated by the gold reader, captures the entire bandwidth of interest during the communication.

Acquired information can then be analyzed in both the frequency and time domains. Algorithms for RFID measurements, demodulation and decoding are often available as add-on processing packages for modern VSAs. In this case, the VSA provider has to implement the standards-based tests. For standards that are available in the public domain, the delay between advances in a developing standard and instrument capability can impact time to market. For proprietary RFID standards, a significant portion of the market, this is an even bigger problem. The lack of an open measurement layer can prevent measurement automation.

Fortunately, modern advances in instrumentation buses and multicore processors available in PCs enable an alternative test strategy. Instrumentation buses such as PXI and PXI Express have high data-transfer rates, making acquired data from an instrument available to a host processor at near real-time rates. This real-time acquisition, the processing power of multicore processors and the visualization techniques of modern programming environments create a powerful combination. With the ever-evolving nature of RF regulations and RFID standards, using an open-software platform to implement the data measurement and visualization offers many advantages over closed-box solutions with embedded software.

Software-defined Test

Over the last few years, the software-defined radio initiative has gained momentum as a way to maximize efficiency and flexibility within wireless devices covering multiple standards. The same basic methodology of splitting an RF receiver into a generic RF front end and a series of modular software functional blocks can be equally beneficial to test instrumentation.

The architecture of a software-defined test system is a combination of the instrumentation defined previously with software libraries implementing the receiver functional blocks in a digital communications system. Figure 6 illustrates how data from the VSA is made available to processing blocks that process the raw data into its data link elements in the digital communications chain. One of the key aspects of such an architecture is that the information required for RFID testing is broken out at each step of the process.

IQ Data

Spectral measurements dictated by government regulations and standards compliance mandate the measurements of power, frequency and bandwidth. With the VSA, this information is contained in the raw IQ data the instrument acquires. Once that data resides in the host computer, measurements such as carrier frequency, power in-band and spectral emissions can be as simple as calling measurement libraries and passing in the IQ data. For example, the integrated power in a given band simply involves first computing the discrete power spectral density P(n) of the IQ samples and then accumulating this over the bins of interest. For a T duration sampled signal, the integrated power over a band starting at fstart and ending at fstop would be

The same IQ data can be used to make necessary measurements in the time domain. Carrier rise and fall times can be measured to make sure the tag receives enough energy to function while guaranteeing that the link terminates as quickly as possible to improve the transfer rate. Measurements of the implemented modulation scheme, such as those defined in Figure 3, are also straightforward. Modulation depth, fall time, pulse width and rise time can all be derived from the IQ data the VSA acquires.

Symbol Information

Past the demodulation block, symbol data is made available. Figure 7 shows the symbol information for an ISO 18000-6 Type C RFID query transaction acquired by a VSA and passed through the demodulation block. Symbol rate measurements and in-depth analysis of the data encoding done by the tag or reader are possible with this information. By analyzing the symbol information as amplitude versus time, the period between one downlink transmission to the next can be easily calculated. The speed in which a tag can decode a query from a reader and respond under different conditions translates into better real-world performance. This is a critical part of performance optimization.

Data Bits

Finally, the decoding block provides the actual data bits passed between the reader and the tag. Functional test of an RFID device can be performed by verifying that commands and responses are properly formatted and the data is correct. This can be used to test advanced functionality of RFID systems such as multiple read and write tags, encryption algorithms and intelligent tags that perform functions beyond simple inventory tracking. In each case, the measurements and visualization techniques are based on data as it moves from the VSA through the virtual receiver.

Expanding Software-defined Test for RFID

One of the most exciting benefits of a software-defined test platform is the ability to include functionality not available in a traditional test system. By implementing transmitter functional blocks and adding the capability of a vector signal generator (VSG), the requirement for a “gold” reader/tag or a separate RFID simulator is negated. This enables a more controlled test environment with coordinated simulation and measurement.

For example, consider the case of combining a reader emulator and the instrumentation for testing an RFID tag into one cohesive system. The software that handles the modulation and coding for the transmitter communication chain is supplemented with software that initiates and manages the command transactions (a reader’s internal state machine). Additionally, the simulation handles the control of the CW carrier and internal timing parameters of the protocol. While the reader emulator executes a particular transaction, all data is made available to the same configurable measurement layer described in the previous section.

The architecture of the combined system depends on the timing requirements within the communications link between the reader and the tag. In RFID standards where a transaction does not require strict timing between command and response, the reader emulator can be implemented on a host computer connected to modular instrumentation (VSA+VSG). In this case, the test system is modeled as a stimulus-response test with the VSG providing the reader transmission and the VSA acquiring the response from the tag. However, some RFID standards require real-time processing during a transmission with timing on the order of microseconds. In this case, the instrumentation needs some sort of embedded signal processing engine. The National Instruments (NI) PCI-5640R IF Tranceiver is an example of an RF instrument with this functionality, containing an onboard field-programmable gate array (FPGA) that is programmable with the NI LabVIEW graphical programming language. Figure 8 illustrates the architecture of a fully software-defined test system with built-in simulation capability.

Real-time device simulation adds a new dimension to device test and characterization. One of the best differentiators for RFID products is better performance under a wide range of real-world conditions. Bringing one side of the communications link into the test instrumentation allows the device to be characterized under all possible permutations of a standard, a critical step in developing this performance.

One of the best case studies for this test architecture is the characterization of an RFID tag for the ISO 18000-6 Type C standard. A quick study of the standard reveals a number of flexible data rates and link timing parameters implemented to operate under a variety of regional regulations and environmental conditions. Two possible characterization scenarios involve evaluating tag response while:

• Varying data rates from R->T

Data rates from R->T are defined by the minimum pulse duration used in the PIE channel coding. This value, the time interval for a data-zero, is known as a Tari (type A reference) value. At the beginning of transmission, the reader transmits a preamble (see Figure 9) or frame-sync that contains this timing reference. According to the standard, Tari values must be between 6.25 and 25 μs, inclusive. With the test system illustrated in Figure 8, it is now possible to adjust the Tari values within the reader emulator from just under 6.25 to more than 25 μs with a resolution of less than 0.05 μs to characterize the tag’s response.

• Varying turn-around time (TAT) values in link timing

There are four link-timing parameters that specify TAT during a communication session between the reader and the tag. Figure 10 illustrates these timing parameters in a possible inventory round initiated by the reader. Timing parameters controlled by the simulated reader (T2, T3, T4) are swept through full range to get the best characterization of the tag.

In addition to the timing flexibility, parameters such as carrier frequency, output power, modulation depth and the RF envelope characteristics (defined in Figure 3) can all be swept through the range of values permitted by the standard while the tag response is characterized. An incredible amount of information is now available with regard to how the developed product will perform under all conditions.


RFID device testing is a challenging process that is made more difficult by ever evolving technology. Software-defined instrumentation allows for deeper test coverage, including all possible permutations in the implementation of standard, timing and modulation/coding schemes.

Sean Thompson holds bachelor’s and master’s degrees in computer science from Rice University. He is the RF segment manager for National Instruments (NI). During his 16-year career at NI, he has served as business development manager for ATE, field sales engineer for telecom and military accounts, and manager of the VXI Applications Group.