27  Cellular IoT Practical Knowledge

In 60 Seconds

Practical cellular IoT implementation centers on AT commands – the standard serial interface for controlling cellular modems. Key skills include network registration diagnostics (AT+CEREG for NB-IoT, AT+COPS for carrier selection), PDP context activation for data sessions, signal quality assessment (RSRP/RSRQ/SINR), and module selection based on your mobility, data rate, and coverage requirements (SIM7020 for NB-IoT, SIM7070 for LTE-M, BG96 for dual-mode).

Key Concepts

• AT+CEREG: AT command for checking NB-IoT/LTE-M network registration status; response +CEREG: where stat=1 means registered home, stat=5 means registered roaming
• AT+CSQ: Signal quality query returning RSSI (0–31 scale, 99=unknown) and BER; map to dBm: RSSI=-113+2×value; readings <10 indicate poor signal conditions
• SARA-R4/SARA-R5: u-blox cellular IoT modules for NB-IoT/LTE-M respectively; used in production IoT devices with USB/UART AT command interface
• Quectel BG96: Multi-technology cellular module supporting LTE-M, NB-IoT, EGPRS, and integrated GNSS; widely used for asset tracking and cellular IoT development
• Network Registration States: 0=not registered searching, 1=registered home, 2=not registered but searching, 3=registration denied, 5=registered roaming — critical states for application logic
• OTDOA (Observed Time Difference of Arrival): LTE positioning method using timing measurements from multiple base stations; achieves 50–200 m accuracy without GPS for asset tracking
• AT+QCFG: Quectel extended configuration command for setting RAT (Radio Access Technology) preference, band selection, and operating mode; critical for network optimization
• Current Measurement Validation: Verify PSM operation by measuring quiescent current with µA-resolution ammeter; NB-IoT PSM should show <5 µA; any higher indicates PSM failed to activate

For Beginners: Hands-On Cellular IoT

This chapter provides practical knowledge for working with cellular IoT modules:

• AT Commands: The standard way to control cellular modems
• Troubleshooting: How to diagnose and fix common connectivity issues
• Module Selection: Choosing the right hardware for your project
• Real-World Scenarios: Practice exercises based on actual deployment challenges

Work through the examples and quizzes to build confidence before your first deployment.

Sensor Squad: The AT Command Toolkit

“AT commands are how you talk to a cellular modem,” explained Max the Microcontroller, typing on a serial terminal. “Every command starts with AT – short for Attention. Then you add specific instructions. It is like texting the modem and getting text messages back.”

Sammy the Sensor watched the screen. “What are the most important commands?” Max listed them. “AT+CEREG tells you if the device has registered with the network. AT+CSQ shows signal strength. AT+CGDCONT sets up the data connection. And AT+COPS lets you pick which carrier to use. These four commands solve 80 percent of connectivity problems.”

“Module selection matters too,” added Lila the LED. “The SIM7020 is great for NB-IoT only – small, cheap, low power. The SIM7070 handles both NB-IoT and LTE-M, giving you flexibility. And the Quectel BG96 is the Swiss army knife – it does NB-IoT, LTE-M, and even has a GPS receiver built in.”

Bella the Battery shared troubleshooting wisdom. “When things do not work, check in order: Is the SIM card activated? Is the antenna connected? Is the signal strong enough? Is the APN configured correctly? These four checks solve 90 percent of problems. Do not start debugging your code until the hardware basics check out.”

27.1 Learning Objectives

By the end of this chapter, you will be able to:

• Execute AT Commands: Construct and interpret AT command sequences for network registration, signal measurement, and PDP context activation
• Diagnose Connectivity Failures: Apply a systematic troubleshooting workflow to resolve registration, PDP context, and signal quality issues
• Justify Module Selection: Evaluate cellular modules (SIM7020, SIM7000G, BG96, SIM7600) against project requirements including mobility, power budget, and data rate
• Interpret Signal Metrics: Convert CSQ values to RSSI in dBm and assess link margin for NB-IoT/LTE-M deployments
• Contrast Technology Trade-offs: Analyze cost, coverage, and infrastructure differences between cellular IoT and LoRaWAN for specific deployment scenarios

27.2 Prerequisites

Required Chapters:

• Cellular IoT Technology Selection - Technology comparison
• Cellular IoT Power and Cost Optimization - PSM, eDRX, and cost analysis

Technical Background:

• Basic understanding of NB-IoT and LTE-M
• Familiarity with serial communication
• Understanding of IP networking basics

Estimated Time: 30 minutes

27.3 AT Commands Reference

⏱️ ~10 min | ⭐⭐⭐ Advanced | 📋 P09.C21.U04

AT (Attention) commands are the standard interface for controlling cellular modules.

27.3.1 Essential AT Commands

Command	Description	Example Response
AT	Test communication	OK
AT+CREG?	Network registration status	+CREG: 0,1 (registered)
AT+CSQ	Signal quality	+CSQ: 18,99 (good signal)
AT+CGDCONT	Define PDP context (APN)	OK
AT+CGACT	Activate PDP context	OK
AT+CGPADDR	Show IP address	+CGPADDR: 1,"10.0.0.1"
AT+CPSMS	Configure PSM	OK
AT+CEDRXS	Configure eDRX	OK
AT+CNMP	Set network mode	OK
AT+CMNB	Set NB-IoT/LTE-M mode	OK

27.3.2 Network Registration Status (+CREG)

The second value in +CREG: 0,X indicates registration status:

Value	Meaning
0	Not registered, not searching
1	Registered, home network
2	Not registered, searching
3	Registration denied
4	Unknown
5	Registered, roaming

27.3.3 Signal Quality (+CSQ)

The first value (0-31) maps to RSSI:

CSQ Value	RSSI (dBm)	Quality
0-1	< -111	No signal
2-9	-109 to -95	Marginal
10-14	-93 to -85	OK
15-19	-83 to -75	Good
20-31	> -73	Excellent
99	Unknown	Error

Formula: RSSI (dBm) = -113 + (2 × CSQ value)

Putting Numbers to It

Let’s calculate signal quality from AT+CSQ readings. If your module returns +CSQ: 18,99, the first number maps to RSSI using the formula:

\[\text{RSSI (dBm)} = -113 + (2 \times \text{CSQ value})\]

For CSQ = 18: \[\text{RSSI} = -113 + (2 \times 18) = -113 + 36 = -77 \text{ dBm}\]

This is good signal quality (15-19 range). For comparison: - CSQ = 10 → RSSI = -93 dBm (marginal for NB-IoT) - CSQ = 25 → RSSI = -63 dBm (excellent)

The link budget tells us if communication succeeds. With RSRP = -77 dBm and NB-IoT sensitivity of -141 dBm (CE Level 2), the link margin is:

\[\text{Margin} = -77 - (-141) = 64 \text{ dB}\]

This 64 dB margin means the device can tolerate 64 dB of additional path loss (walls, distance) before losing connectivity. Since each concrete wall adds ~20 dB loss, this signal can penetrate 3 walls reliably.

Try It: CSQ Signal Quality Calculator

Adjust the CSQ value returned by AT+CSQ to see the corresponding RSSI in dBm, signal quality rating, and link budget analysis for NB-IoT penetration.

viewof csqValue = Inputs.range([0, 31], {
  value: 18,
  step: 1,
  label: "CSQ Value (0-31)"
})

viewof wallLoss = Inputs.range([5, 40], {
  value: 20,
  step: 1,
  label: "Wall attenuation (dB)"
})

{
  const rssi = -113 + (2 * csqValue);
  const nbiotSensitivity = -141;
  const margin = rssi - nbiotSensitivity;
  const wallsPenetrated = Math.floor(margin / wallLoss);

  let quality, qualityColor;
  if (csqValue <= 1) { quality = "No Signal"; qualityColor = "#E74C3C"; }
  else if (csqValue <= 9) { quality = "Marginal"; qualityColor = "#E67E22"; }
  else if (csqValue <= 14) { quality = "OK"; qualityColor = "#3498DB"; }
  else if (csqValue <= 19) { quality = "Good"; qualityColor = "#16A085"; }
  else { quality = "Excellent"; qualityColor = "#16A085"; }

  const barWidth = 340;
  const rssiNorm = Math.max(0, Math.min(1, (rssi + 113) / 50));

  return html`<div style="background: #f8f9fa; border-radius: 8px; padding: 20px; font-family: Arial, sans-serif;">
    <div style="display: grid; grid-template-columns: 1fr 1fr 1fr; gap: 16px; margin-bottom: 20px;">
      <div style="background: white; border-radius: 6px; padding: 14px; text-align: center; border-left: 4px solid #2C3E50;">
        <div style="font-size: 12px; color: #7F8C8D; text-transform: uppercase;">RSSI</div>
        <div style="font-size: 28px; font-weight: bold; color: #2C3E50;">${rssi} dBm</div>
        <div style="font-size: 11px; color: #7F8C8D;">-113 + (2 x ${csqValue})</div>
      </div>
      <div style="background: white; border-radius: 6px; padding: 14px; text-align: center; border-left: 4px solid ${qualityColor};">
        <div style="font-size: 12px; color: #7F8C8D; text-transform: uppercase;">Quality</div>
        <div style="font-size: 28px; font-weight: bold; color: ${qualityColor};">${quality}</div>
        <div style="font-size: 11px; color: #7F8C8D;">CSQ range: ${csqValue <= 1 ? "0-1" : csqValue <= 9 ? "2-9" : csqValue <= 14 ? "10-14" : csqValue <= 19 ? "15-19" : "20-31"}</div>
      </div>
      <div style="background: white; border-radius: 6px; padding: 14px; text-align: center; border-left: 4px solid #9B59B6;">
        <div style="font-size: 12px; color: #7F8C8D; text-transform: uppercase;">Link Margin</div>
        <div style="font-size: 28px; font-weight: bold; color: #9B59B6;">${margin} dB</div>
        <div style="font-size: 11px; color: #7F8C8D;">NB-IoT sensitivity: -141 dBm</div>
      </div>
    </div>
    <svg width="100%" viewBox="0 0 400 80">
      <defs>
        <linearGradient id="signalGrad" x1="0%" y1="0%" x2="100%" y2="0%">
          <stop offset="0%" style="stop-color:#E74C3C"/>
          <stop offset="30%" style="stop-color:#E67E22"/>
          <stop offset="50%" style="stop-color:#3498DB"/>
          <stop offset="75%" style="stop-color:#16A085"/>
          <stop offset="100%" style="stop-color:#16A085"/>
        </linearGradient>
      </defs>
      <rect x="30" y="10" width="${barWidth}" height="20" rx="4" fill="#ecf0f1"/>
      <rect x="30" y="10" width="${barWidth * rssiNorm}" height="20" rx="4" fill="url(#signalGrad)"/>
      <text x="30" y="50" font-size="10" fill="#7F8C8D" font-family="Arial">-113 dBm</text>
      <text x="${30 + barWidth - 30}" y="50" font-size="10" fill="#7F8C8D" font-family="Arial">-63 dBm</text>
      <line x1="${30 + barWidth * rssiNorm}" y1="8" x2="${30 + barWidth * rssiNorm}" y2="35" stroke="#2C3E50" stroke-width="2"/>
      <text x="${30 + barWidth * rssiNorm}" y="48" font-size="10" fill="#2C3E50" font-family="Arial" text-anchor="middle" font-weight="bold">${rssi} dBm</text>
    </svg>
    <div style="background: white; border-radius: 6px; padding: 14px; margin-top: 10px;">
      <div style="font-weight: bold; color: #2C3E50; margin-bottom: 8px;">Wall Penetration Analysis (${wallLoss} dB per wall)</div>
      <div style="color: #2C3E50;">With a ${margin} dB link margin and ${wallLoss} dB loss per wall, this signal can penetrate <strong style="color: #16A085;">${wallsPenetrated} wall${wallsPenetrated !== 1 ? "s" : ""}</strong> before losing NB-IoT connectivity.</div>
      <div style="margin-top: 8px; font-size: 12px; color: #7F8C8D;">${margin < 20 ? "Warning: Low margin. Consider adding an external antenna (+3-5 dBi)." : margin < 40 ? "Moderate margin. Reliable for light indoor use." : "Strong margin. Suitable for deep indoor or underground deployment."}</div>
    </div>
  </div>`;
}

27.3.4 Basic Connection Sequence

// 1. Test communication
sendAT("AT");
// Response: OK

// 2. Check SIM status
sendAT("AT+CPIN?");
// Response: +CPIN: READY

// 3. Check network registration
sendAT("AT+CREG?");
// Response: +CREG: 0,1 (registered)

// 4. Check signal quality
sendAT("AT+CSQ");
// Response: +CSQ: 18,99 (good signal, -77 dBm)

// 5. Configure APN
sendAT("AT+CGDCONT=1,\"IP\",\"iot.1nce.net\"");
// Response: OK

// 6. Attach to GPRS
sendAT("AT+CGATT=1");
// Response: OK

// 7. Activate PDP context
sendAT("AT+CGACT=1,1");
// Response: OK

// 8. Get IP address
sendAT("AT+CGPADDR=1");
// Response: +CGPADDR: 1,"10.0.0.123"

Check Your Understanding: AT Command Interpretation

27.3.5 LTE-M Fleet Tracker Configuration

void configureLTEMTracker() {
  // Set LTE-only mode
  sendAT("AT+CNMP=38");
  delay(1000);

  // Select Cat-M1 (LTE-M)
  sendAT("AT+CMNB=1");
  delay(1000);

  // Automatic operator selection (for handover)
  sendAT("AT+COPS=0");
  delay(1000);

  // Configure APN
  sendAT("AT+CGDCONT=1,\"IP\",\"iot.carrier.com\"");
  delay(1000);

  // Enable eDRX for battery backup (not PSM due to frequent updates)
  sendAT("AT+CEDRXS=1,4,\"0101\"");  // Wake every 81.92s
  delay(1000);

  Serial.println("LTE-M tracker configured:");
  Serial.println("- Mode: LTE-M (Cat-M1) with handover support");
  Serial.println("- Power: eDRX enabled for battery backup");
}

27.4 Troubleshooting Common Issues

27.4.1 Issue 1: Network Registration Fails

Symptom: +CREG: 0,0 or +CREG: 0,2 (not registered)

Diagnostic Steps:

// Check signal
sendAT("AT+CSQ");
// If CSQ < 10: Signal too weak

// Check SIM
sendAT("AT+CPIN?");
// If not "READY": SIM issue

// Check operator
sendAT("AT+COPS=?");
// Lists available networks

// Force registration
sendAT("AT+COPS=1,2,\"310410\"");  // Example: AT&T

Solutions:

• Improve antenna placement (near window)
• Add external antenna (3-5 dBi gain)
• Check SIM activation with carrier
• Verify NB-IoT/LTE-M coverage in area

27.4.2 Issue 2: PDP Context Activation Fails

Symptom: Module registers (+CREG: 0,1) but HTTP/MQTT fails with timeout

Diagnostic Steps:

// Check PDP context
sendAT("AT+CGDCONT?");
// Should show configured APN

// Check IP address
sendAT("AT+CGPADDR=1");
// If empty: PDP not activated

// Check attachment
sendAT("AT+CGATT?");
// Should be +CGATT: 1

Solutions:

// Correct sequence:
sendAT("AT+CGDCONT=1,\"IP\",\"YOUR_APN\"");  // Configure APN
sendAT("AT+CGATT=1");                         // Attach to GPRS
sendAT("AT+CGACT=1,1");                       // Activate PDP context

Common APNs:

Provider	APN
1NCE	iot.1nce.net
Hologram	hologram
Twilio	wireless.twilio.com
Soracom	soracom.io

27.4.3 Issue 3: Poor Signal Quality

Symptom: CSQ < 10 (marginal signal), frequent disconnections

Solutions:

1. Add external antenna: 3-5 dBi gain improves signal by +3-5 dB
2. Relocate device: Move closer to window (indoor attenuation 10-30 dB)
3. Check carrier coverage: Use carrier coverage maps
4. Try different carrier: Dual-SIM modules can switch carriers

RSRP Thresholds for NB-IoT/LTE-M:

RSRP (dBm)	Quality	Action
> -80	Excellent	Optimal
-80 to -100	Good	Acceptable
-100 to -110	Fair	Consider antenna
-110 to -120	Marginal	External antenna needed
< -120	Poor	Relocate device

Try It: Signal Troubleshooting Diagnostic

Simulate an NB-IoT/LTE-M connection problem by setting signal and registration parameters. The diagnostic engine will walk you through the troubleshooting steps, just like a real deployment.

viewof diagCSQ = Inputs.range([0, 31], {
  value: 6,
  step: 1,
  label: "CSQ Value (AT+CSQ)"
})

viewof diagCREG = Inputs.select(
  ["0 - Not registered, not searching", "1 - Registered, home network", "2 - Not registered, searching", "3 - Registration denied", "5 - Registered, roaming"],
  { value: "2 - Not registered, searching", label: "Registration Status (AT+CREG)" }
)

viewof diagSIM = Inputs.select(
  ["READY", "SIM PIN", "SIM PUK", "NOT INSERTED", "ERROR"],
  { value: "READY", label: "SIM Status (AT+CPIN)" }
)

viewof diagPDP = Inputs.select(
  ["Active (has IP)", "Inactive (no IP)"],
  { value: "Inactive (no IP)", label: "PDP Context Status" }
)

{
  const rssi = -113 + (2 * diagCSQ);
  const cregCode = parseInt(diagCREG.charAt(0));
  const simOK = diagSIM === "READY";
  const pdpActive = diagPDP.startsWith("Active");
  const signalOK = diagCSQ >= 10;
  const registered = cregCode === 1 || cregCode === 5;

  let steps = [];
  let status, statusColor, statusIcon;

  // Step 1: SIM
  if (!simOK) {
    steps.push({ step: 1, title: "SIM Card Issue Detected", status: "FAIL",
      detail: `AT+CPIN? returned "${diagSIM}". ${diagSIM === "SIM PIN" ? "SIM requires PIN entry. Send AT+CPIN=\"1234\" with your PIN." : diagSIM === "SIM PUK" ? "SIM locked. Contact carrier for PUK code." : diagSIM === "NOT INSERTED" ? "No SIM detected. Check SIM card seating and orientation." : "SIM communication error. Try reseating the SIM card."}`,
      command: diagSIM === "SIM PIN" ? 'AT+CPIN="1234"' : "Reseat SIM card" });
    status = "SIM Issue"; statusColor = "#E74C3C"; statusIcon = "X";
  } else {
    steps.push({ step: 1, title: "SIM Card", status: "PASS", detail: "AT+CPIN? returned READY. SIM is properly inserted and activated.", command: null });

    // Step 2: Signal
    if (!signalOK) {
      steps.push({ step: 2, title: "Weak Signal Detected", status: "WARN",
        detail: `CSQ=${diagCSQ} corresponds to RSSI=${rssi} dBm (${diagCSQ <= 1 ? "no signal" : "marginal"}). Target CSQ >= 15 for reliable operation.`,
        command: "Add external antenna (3-5 dBi) or relocate device closer to window" });
    } else {
      steps.push({ step: 2, title: "Signal Quality", status: "PASS", detail: `CSQ=${diagCSQ} (RSSI=${rssi} dBm). Signal is ${diagCSQ >= 20 ? "excellent" : diagCSQ >= 15 ? "good" : "adequate"}.`, command: null });
    }

    // Step 3: Registration
    if (!registered) {
      steps.push({ step: 3, title: "Registration Problem", status: "FAIL",
        detail: `AT+CREG? returned ${cregCode}. ${cregCode === 0 ? "Module is not searching for networks. May need manual trigger." : cregCode === 2 ? "Module is searching but cannot register. Possible causes: weak signal, no NB-IoT/LTE-M coverage, or carrier rejection." : "Registration denied by network. Check SIM activation with carrier."}`,
        command: cregCode === 2 ? "AT+COPS=? (scan available networks, takes ~3 min)" : cregCode === 3 ? "Contact carrier to verify SIM provisioning" : 'AT+COPS=0 (trigger automatic search)' });
      if (!signalOK) {
        status = "Signal + Registration Failure"; statusColor = "#E74C3C"; statusIcon = "X";
      } else {
        status = "Registration Failure"; statusColor = "#E67E22"; statusIcon = "!";
      }
    } else {
      steps.push({ step: 3, title: "Network Registration", status: "PASS", detail: `Registered on ${cregCode === 5 ? "roaming" : "home"} network.`, command: null });

      // Step 4: PDP
      if (!pdpActive) {
        steps.push({ step: 4, title: "PDP Context Not Active", status: "FAIL",
          detail: "Module is registered but has no IP address. Data sessions (HTTP, MQTT) will fail. Need to configure APN and activate PDP context.",
          command: 'AT+CGDCONT=1,"IP","YOUR_APN" then AT+CGACT=1,1' });
        status = "PDP Context Issue"; statusColor = "#E67E22"; statusIcon = "!";
      } else {
        steps.push({ step: 4, title: "PDP Context & Data", status: "PASS", detail: "PDP context active with IP address assigned. Module is fully connected and ready for data.", command: null });
        status = "Fully Connected"; statusColor = "#16A085"; statusIcon = "OK";
      }
    }
  }

  const allPass = steps.every(s => s.status === "PASS");

  return html`<div style="background: #f8f9fa; border-radius: 8px; padding: 20px; font-family: Arial, sans-serif;">
    <div style="background: white; border-radius: 6px; padding: 14px; margin-bottom: 16px; border-left: 4px solid ${statusColor}; display: flex; align-items: center; gap: 12px;">
      <div style="width: 40px; height: 40px; border-radius: 50%; background: ${statusColor}; display: flex; align-items: center; justify-content: center; color: white; font-weight: bold; font-size: 14px;">${statusIcon}</div>
      <div>
        <div style="font-size: 18px; font-weight: bold; color: #2C3E50;">${status}</div>
        <div style="font-size: 12px; color: #7F8C8D;">AT+CSQ: ${diagCSQ} | AT+CREG: 0,${cregCode} | RSSI: ${rssi} dBm</div>
      </div>
    </div>
    ${steps.map(s => html`<div style="background: white; border-radius: 6px; padding: 12px; margin-bottom: 8px; border-left: 4px solid ${s.status === "PASS" ? "#16A085" : s.status === "WARN" ? "#E67E22" : "#E74C3C"};">
      <div style="display: flex; align-items: center; gap: 8px; margin-bottom: 4px;">
        <span style="background: ${s.status === "PASS" ? "#16A085" : s.status === "WARN" ? "#E67E22" : "#E74C3C"}; color: white; font-size: 11px; padding: 2px 8px; border-radius: 3px; font-weight: bold;">${s.status}</span>
        <span style="font-weight: bold; color: #2C3E50;">Step ${s.step}: ${s.title}</span>
      </div>
      <div style="font-size: 13px; color: #2C3E50; margin-top: 4px;">${s.detail}</div>
      ${s.command ? html`<div style="margin-top: 6px; background: #f0f3f5; padding: 6px 10px; border-radius: 4px; font-family: monospace; font-size: 12px; color: #9B59B6;">Fix: ${s.command}</div>` : ""}
    </div>`)}
    ${allPass ? html`<div style="text-align: center; padding: 10px; color: #16A085; font-weight: bold; font-size: 14px;">All checks passed. Module is fully operational and ready for IoT data transmission.</div>` : ""}
  </div>`;
}

27.5 Module Selection Guide

27.5.1 Recommended Modules by Use Case

Use Case	Module	Technology	Key Features
Smart Meters	SIM7020	NB-IoT	Ultra-low power, deep coverage
Asset Tracking	SIM7000G	LTE-M + GPS	Global bands, mobility
Fleet Management	BG96	LTE-M/NB-IoT + GPS	Dual-mode, global
Video Surveillance	SIM7600	4G LTE	High bandwidth
Industrial Gateway	RM500Q	5G	Multi-Gbps, ultra-low latency

27.5.2 Module Comparison Table

Feature	SIM7020	SIM7000G	BG96	SIM7600
Technology	NB-IoT	LTE-M/NB-IoT	LTE-M/NB-IoT	4G LTE
Data Rate	127 kbps	375 kbps	375 kbps	10 Mbps
PSM Sleep	3 µA	7 µA	5 µA	N/A
GPS	No	Yes	Yes	Yes
Price	$8-12	$15-20	$20-25	$35-45
Best For	Static sensors	Mobile tracking	Dual-mode	High BW

Try It: Cellular IoT Module Selector

Select your project requirements below to get a module recommendation with rationale. Adjust parameters to see how different needs lead to different hardware choices.

viewof needMobility = Inputs.select(["No - stationary device", "Low - occasional relocation", "Yes - moving at vehicle speeds"], {
  value: "No - stationary device",
  label: "Mobility Required?"
})

viewof needGPS = Inputs.select(["No", "Yes"], {
  value: "No",
  label: "GPS Needed?"
})

viewof dataRate = Inputs.select(["Very low (<50 kbps)", "Low (<375 kbps)", "Medium (<1 Mbps)", "High (>1 Mbps)"], {
  value: "Very low (<50 kbps)",
  label: "Data Rate Needed"
})

viewof budgetPerUnit = Inputs.range([5, 50], {
  value: 15,
  step: 1,
  label: "Budget per unit ($)"
})

viewof batteryLifeTarget = Inputs.select(["1-2 years", "5+ years", "10+ years", "Mains powered"], {
  value: "5+ years",
  label: "Battery Life Target"
})

{
  const modules = [
    { name: "SIM7020", tech: "NB-IoT", price: 10, maxRate: 127, gps: false, mobility: false, sleepUA: 3, color: "#16A085" },
    { name: "SIM7000G", tech: "LTE-M + NB-IoT + GPS", price: 17, maxRate: 375, gps: true, mobility: true, sleepUA: 7, color: "#3498DB" },
    { name: "BG96", tech: "LTE-M/NB-IoT + GPS", price: 22, maxRate: 375, gps: true, mobility: true, sleepUA: 5, color: "#9B59B6" },
    { name: "SIM7600", tech: "4G LTE + GPS", price: 40, maxRate: 10000, gps: true, mobility: true, sleepUA: null, color: "#E67E22" }
  ];

  const needsMobility = needMobility.startsWith("Yes");
  const needsGPS = needGPS === "Yes";
  const needsHighBW = dataRate === "High (>1 Mbps)";
  const needsMedBW = dataRate === "Medium (<1 Mbps)";
  const mainsPowered = batteryLifeTarget === "Mains powered";

  function scoreModule(m) {
    let score = 100;
    let reasons = [];
    let warnings = [];

    if (needsMobility && !m.mobility) { score -= 60; warnings.push("No handover support for mobile use"); }
    if (needsGPS && !m.gps) { score -= 40; warnings.push("No built-in GPS"); }
    if (needsHighBW && m.maxRate < 1000) { score -= 50; warnings.push("Data rate too low"); }
    if (needsMedBW && m.maxRate < 375) { score -= 20; warnings.push("May struggle with medium data rates"); }
    if (m.price > budgetPerUnit) { score -= 30; warnings.push(`Over budget ($${m.price} > $${budgetPerUnit})`); }
    if (!mainsPowered && m.sleepUA === null) { score -= 50; warnings.push("Not suitable for battery operation"); }
    if (batteryLifeTarget === "10+ years" && m.sleepUA > 5) { score -= 15; warnings.push("Higher sleep current may limit 10+ year target"); }

    if (!needsMobility && !m.mobility && m.price <= budgetPerUnit) { score += 10; reasons.push("Cost-effective for static deployment"); }
    if (m.gps && needsGPS) { reasons.push("Built-in GPS included"); }
    if (m.mobility && needsMobility) { reasons.push("Full handover support"); }
    if (m.sleepUA !== null && m.sleepUA <= 5) { reasons.push(`Ultra-low sleep current (${m.sleepUA} uA)`); }
    if (m.price <= budgetPerUnit) { reasons.push(`Within budget ($${m.price})`); }

    return { ...m, score: Math.max(0, Math.min(100, score)), reasons, warnings };
  }

  const scored = modules.map(scoreModule).sort((a, b) => b.score - a.score);
  const best = scored[0];

  return html`<div style="background: #f8f9fa; border-radius: 8px; padding: 20px; font-family: Arial, sans-serif;">
    <div style="background: white; border-radius: 6px; padding: 16px; margin-bottom: 16px; border-left: 4px solid ${best.color};">
      <div style="font-size: 12px; color: #7F8C8D; text-transform: uppercase; margin-bottom: 4px;">Recommended Module</div>
      <div style="font-size: 24px; font-weight: bold; color: #2C3E50;">${best.name} <span style="font-size: 14px; font-weight: normal; color: #7F8C8D;">(${best.tech})</span></div>
      <div style="font-size: 14px; color: #7F8C8D; margin-top: 4px;">~$${best.price} per unit | ${best.maxRate >= 1000 ? (best.maxRate / 1000) + " Mbps" : best.maxRate + " kbps"} max | ${best.sleepUA !== null ? best.sleepUA + " uA sleep" : "Mains powered"}</div>
    </div>
    <div style="font-weight: bold; color: #2C3E50; margin-bottom: 10px;">All Modules Scored</div>
    ${scored.map(m => html`<div style="background: white; border-radius: 6px; padding: 12px; margin-bottom: 8px; display: flex; align-items: center; gap: 12px;">
      <div style="min-width: 50px; text-align: center;">
        <svg width="50" height="50" viewBox="0 0 50 50">
          <circle cx="25" cy="25" r="22" fill="none" stroke="#ecf0f1" stroke-width="4"/>
          <circle cx="25" cy="25" r="22" fill="none" stroke="${m.score >= 70 ? '#16A085' : m.score >= 40 ? '#E67E22' : '#E74C3C'}" stroke-width="4" stroke-dasharray="${(m.score / 100) * 138.2} 138.2" transform="rotate(-90 25 25)"/>
          <text x="25" y="29" text-anchor="middle" font-size="13" font-weight="bold" fill="#2C3E50" font-family="Arial">${m.score}</text>
        </svg>
      </div>
      <div style="flex: 1;">
        <div style="font-weight: bold; color: #2C3E50;">${m.name} <span style="font-weight: normal; font-size: 12px; color: #7F8C8D;">(${m.tech})</span></div>
        ${m.reasons.length > 0 ? html`<div style="font-size: 12px; color: #16A085; margin-top: 2px;">${m.reasons.join(" | ")}</div>` : ""}
        ${m.warnings.length > 0 ? html`<div style="font-size: 12px; color: #E67E22; margin-top: 2px;">${m.warnings.join(" | ")}</div>` : ""}
      </div>
      <div style="font-size: 13px; font-weight: bold; color: #7F8C8D;">$${m.price}</div>
    </div>`)}
  </div>`;
}

27.6 Practical Exercises

27.6.1 Exercise 1: Mobile Fleet Tracking Scenario

Scenario: A logistics company needs to track 500 delivery vehicles across the country, reporting location and diagnostics every 5 minutes while vehicles move at highway speeds (60-120 km/h).

Requirements Analysis:

Requirement	NB-IoT	LTE-M	Decision
Mobility (60-120 km/h)	No handover	Full handover (160 km/h)	LTE-M
5-min GPS updates	OK	OK	Either
Firmware OTA (200 KB)	6.4s (250 kbps)	1.6s (1 Mbps)	LTE-M
Real-time alerts	1.6-10s latency	10-15 ms latency	LTE-M

Conclusion: LTE-M is required for mobile applications with handover support.

Implementation:

// LTE-M configuration for fleet tracker
sendAT("AT+CNMP=38");      // LTE-only mode
sendAT("AT+CMNB=1");       // Cat-M1 (LTE-M)
sendAT("AT+COPS=0");       // Automatic operator selection (for handover)
sendAT("AT+CGDCONT=1,\"IP\",\"iot.carrier.com\"");  // APN
sendAT("AT+CEDRXS=1,4,\"0101\"");  // Wake every 81.92s for battery backup

27.6.2 Exercise 2: Cellular vs LoRaWAN Comparison

Scenario: Smart parking deployment (1,000 sensors, report every 5 minutes, 10-year battery life)

Cost Analysis:

Factor	Cellular (NB-IoT)	LoRaWAN
Module	$10	$15
SIM/Activation	$5	$0
Data Plan (10 yr)	$10-100	$0
Gateway	N/A	$500 shared
Per Device	$25-115	$16-17
1,000 Devices	$25K-115K	$16K-22K

Battery Life:

Technology	PSM Sleep	Battery Life
NB-IoT	10 µA	10+ years
LoRa	1-2 µA	10+ years

Conclusion: LoRaWAN is 2-5x cheaper for localized deployments where gateways can be installed. Cellular wins for global coverage and no gateway infrastructure.

Try It: Cellular vs LoRaWAN TCO Calculator

Compare the 10-year total cost of ownership for NB-IoT cellular versus LoRaWAN deployments. Adjust device count, data plan costs, and gateway sharing to see which technology is more cost-effective for your scenario.

viewof numDevices = Inputs.range([10, 5000], {
  value: 1000,
  step: 10,
  label: "Number of Devices"
})

viewof cellModuleCost = Inputs.range([5, 25], {
  value: 10,
  step: 1,
  label: "Cellular module cost ($)"
})

viewof annualDataPlan = Inputs.range([0.5, 15], {
  value: 3,
  step: 0.5,
  label: "Annual cellular data plan ($/device)"
})

viewof loraModuleCost = Inputs.range([5, 25], {
  value: 15,
  step: 1,
  label: "LoRaWAN module cost ($)"
})

viewof gatewayCost = Inputs.range([100, 1500], {
  value: 500,
  step: 50,
  label: "LoRa gateway cost ($)"
})

viewof devicesPerGateway = Inputs.range([100, 2000], {
  value: 500,
  step: 50,
  label: "Devices per LoRa gateway"
})

{
  const simCost = 5;
  const years = 10;
  const numGateways = Math.ceil(numDevices / devicesPerGateway);

  const cellPerDevice = cellModuleCost + simCost + (annualDataPlan * years);
  const cellTotal = cellPerDevice * numDevices;

  const loraGatewayPerDevice = (gatewayCost * numGateways) / numDevices;
  const loraPerDevice = loraModuleCost + loraGatewayPerDevice;
  const loraTotal = loraPerDevice * numDevices;

  const cheaper = cellTotal < loraTotal ? "Cellular NB-IoT" : "LoRaWAN";
  const savings = Math.abs(cellTotal - loraTotal);
  const ratio = cellTotal > loraTotal ? (cellTotal / loraTotal).toFixed(1) : (loraTotal / cellTotal).toFixed(1);

  const maxVal = Math.max(cellTotal, loraTotal);
  const cellBarW = (cellTotal / maxVal) * 300;
  const loraBarW = (loraTotal / maxVal) * 300;

  function fmt(n) { return n >= 1000 ? "$" + (n / 1000).toFixed(1) + "K" : "$" + n.toFixed(0); }

  return html`<div style="background: #f8f9fa; border-radius: 8px; padding: 20px; font-family: Arial, sans-serif;">
    <div style="display: grid; grid-template-columns: 1fr 1fr; gap: 16px; margin-bottom: 16px;">
      <div style="background: white; border-radius: 6px; padding: 14px; border-left: 4px solid #3498DB;">
        <div style="font-size: 12px; color: #7F8C8D; text-transform: uppercase;">Cellular NB-IoT (10-Year)</div>
        <div style="font-size: 24px; font-weight: bold; color: #3498DB;">${fmt(cellTotal)}</div>
        <div style="font-size: 12px; color: #7F8C8D; margin-top: 4px;">${fmt(cellPerDevice)}/device (module $${cellModuleCost} + SIM $${simCost} + data $${(annualDataPlan * years).toFixed(0)})</div>
      </div>
      <div style="background: white; border-radius: 6px; padding: 14px; border-left: 4px solid #16A085;">
        <div style="font-size: 12px; color: #7F8C8D; text-transform: uppercase;">LoRaWAN (10-Year)</div>
        <div style="font-size: 24px; font-weight: bold; color: #16A085;">${fmt(loraTotal)}</div>
        <div style="font-size: 12px; color: #7F8C8D; margin-top: 4px;">${fmt(loraPerDevice)}/device (module $${loraModuleCost} + gateway share $${loraGatewayPerDevice.toFixed(1)}) | ${numGateways} gateway${numGateways > 1 ? "s" : ""}</div>
      </div>
    </div>
    <svg width="100%" viewBox="0 0 400 90">
      <text x="10" y="20" font-size="11" fill="#3498DB" font-weight="bold" font-family="Arial">NB-IoT</text>
      <rect x="80" y="8" width="${cellBarW}" height="18" rx="4" fill="#3498DB"/>
      <text x="${82 + cellBarW}" y="22" font-size="11" fill="#2C3E50" font-family="Arial">${fmt(cellTotal)}</text>
      <text x="10" y="52" font-size="11" fill="#16A085" font-weight="bold" font-family="Arial">LoRaWAN</text>
      <rect x="80" y="40" width="${loraBarW}" height="18" rx="4" fill="#16A085"/>
      <text x="${82 + loraBarW}" y="54" font-size="11" fill="#2C3E50" font-family="Arial">${fmt(loraTotal)}</text>
      <text x="200" y="80" text-anchor="middle" font-size="11" fill="#7F8C8D" font-family="Arial">${numDevices.toLocaleString()} devices over ${years} years</text>
    </svg>
    <div style="background: white; border-radius: 6px; padding: 14px; margin-top: 10px; text-align: center;">
      <div style="font-size: 16px; font-weight: bold; color: #2C3E50;"><span style="color: ${cheaper === "LoRaWAN" ? "#16A085" : "#3498DB"};">${cheaper}</span> is ${ratio}x cheaper</div>
      <div style="font-size: 13px; color: #7F8C8D; margin-top: 4px;">Saving ${fmt(savings)} over 10 years for ${numDevices.toLocaleString()} devices</div>
      <div style="font-size: 12px; color: #7F8C8D; margin-top: 8px; font-style: italic;">${annualDataPlan <= 1 ? "Tip: At very low data plan costs, cellular can compete with LoRaWAN on price." : annualDataPlan >= 8 ? "Tip: High data plans make cellular significantly more expensive. Consider LoRaWAN for localized deployments." : "Tip: LoRaWAN advantage grows with more devices sharing fewer gateways."}</div>
    </div>
  </div>`;
}

27.7 Knowledge Check

Quiz: Practical Cellular IoT

27.8 Visual Reference Gallery

AI-Generated Figures: Cellular IoT Technologies

These AI-generated SVG figures provide alternative visual representations of cellular IoT concepts covered in this chapter.

Cellular IoT Technology Comparison

Comparison of NB-IoT, LTE-M, and 5G mMTC technologies

Cellular Handoff Process

Cellular handoff between base stations for mobile IoT devices

IoT Cellular Modem Architecture

Cellular modem components for IoT applications

Cellular IoT Evolution

Evolution from 2G to 5G for IoT applications

Interactive: IoT Troubleshooting Simulator

Worked Example: Troubleshooting NB-IoT Connection Failure in Underground Parking

Scenario: A smart parking deployment uses 200 NB-IoT sensors in an underground parking garage (2 levels below ground). 45% of sensors fail to connect, showing AT+CEREG? → +CEREG: 0,2 (searching but not registered). You need to diagnose and fix the issue within 48 hours before the client cancels the contract.

Step 1: Collect diagnostic data from working vs non-working sensors

Working sensor (surface level):

AT+CSQ
+CSQ: 18,99        // RSSI = -113 + (2 × 18) = -77 dBm (good)
AT+CEREG?
+CEREG: 0,1        // Registered on home network
AT+COPS?
+COPS: 0,2,"310410",9  // AT&T, LTE-M/NB-IoT mode

Non-working sensor (underground level B2):

AT+CSQ
+CSQ: 6,99         // RSSI = -113 + (2 × 6) = -101 dBm (marginal)
AT+CEREG?
+CEREG: 0,2        // Searching, not registered
AT+COPS=?          // Scan for networks (takes 3 minutes)
+COPS: (2,"AT&T","AT&T","310410",9)  // Network visible but weak

Analysis: CSQ=6 (-101 dBm) is below NB-IoT’s typical registration threshold (-100 dBm for normal coverage). Underground sensors need coverage enhancement.

Step 2: Enable NB-IoT Coverage Enhancement Mode

Configure sensors for extended coverage (CE mode):

// Force NB-IoT and enable all coverage levels
AT+NCONFIG="CELL_RESELECTION",0      // Disable cell reselection
AT+NCONFIG="CR_0354_0338_SCRAMBLING",TRUE  // Enable coverage enhancement
AT+NCONFIG="CR_0859_SI_AVOID",FALSE   // Disable system info reduction
AT+CFUN=1,1                           // Radio reset to apply changes

After configuration:

AT+NUESTATS
Signal power: -105 dBm              // Weaker than surface but now sufficient
Coverage Enhancement: 2              // CE Level 2 (max repetitions)
Uplink repetitions: 128×
Downlink repetitions: 2048×
TX time per message: ~12 seconds    // vs 2 seconds in normal coverage

Result: 38 out of 45 failed sensors now register successfully (84% recovery rate).

Step 3: Address remaining 7 sensors with no improvement

Deepest corner sensors still show CSQ < 5 (< -103 dBm). Options:

Option A: Install indoor small cell (rejected - cost $15K)

Option B: External antenna per sensor ($30/sensor)

• Deploy 3 dBi external antenna on each problem sensor
• Route antenna cable to nearest stairwell (closer to surface)
• Signal improvement: -105 dBm → -98 dBm (+7 dB gain)
• Cost: 7 × $30 + installation labor = $350
• Result: All sensors connect

Option C: Relocate 7 sensors to higher coverage areas

• Move from parking spots to nearby columns/walls with better signal
• Acceptable loss: 7 parking spots unmonitored (3.5% of 200)
• Cost: $0
• Result: 193/200 functional (96.5% coverage)

Step 4: Optimize power consumption for CE Level 2

Deep underground sensors use CE Level 2 (128-2048× repetitions), increasing TX energy 100-500×. Adjust PSM timers:

Before (standard config):

AT+CPSMS=1,,,00100100,00001111  // TAU=24h, Active=30s
Battery life estimate: 0.8 years (CE Level 2 drains battery)

After (optimized for CE Level 2):

AT+CPSMS=1,,,01100100,00000101  // TAU=6h, Active=10s
// Rationale: Shorter TAU means more frequent but shorter transmissions
//            reduces per-message energy cost by using fresher channel estimates
// Also: Reduce reporting frequency: once every 2 hours instead of hourly
Battery life estimate: 3.2 years (acceptable for underground deployment)

Step 5: Document deployment parameters for future reference

Zone	CSQ Range	CE Level	Repetitions	TX Time	Battery Life	Coverage
Surface	15-25	0	1×	2s	12 years	100%
B1	10-14	1	8-32×	4-8s	8 years	98%
B2 (90%)	6-9	2	128×	12s	3.2 years	96%
B2 (10%)	< 5	N/A	-	-	-	External antenna

Final Solution Summary:

• 193 sensors: Standard NB-IoT with CE enhancement
• 7 sensors: External antenna + cable routing to stairwell
• Total additional cost: $350 (vs $15K small cell)
• Estimated battery life: 3-12 years depending on depth
• Coverage achieved: 100% (200/200 functional)

Key Lessons:

1. Always enable CE modes for challenging RF environments (AT+NCONFIG)
2. CSQ < 10 requires intervention - either CE enhancement or external antenna
3. Underground deployments: budget 2-4× lower battery life than outdoor sensors
4. Small improvements in signal (-105 → -98 dBm) can make the difference between working and non-working
5. Document per-zone parameters for future maintenance and battery replacement planning

Match: AT Commands and Their Functions

Order: Cellular IoT Troubleshooting Sequence

🏷️ Label the Diagram

💻 Code Challenge

27.9 Summary

This chapter covered practical cellular IoT knowledge:

• AT Commands: Essential commands for module control including AT+CREG, AT+CSQ, AT+CGDCONT, AT+CPSMS
• Signal Interpretation: CSQ values map to RSSI via formula: RSSI (dBm) = -113 + (2 × CSQ); target CSQ >= 15 for reliable operation
• Troubleshooting: Common issues include network registration failure (check signal/SIM), PDP context problems (configure APN correctly), and poor signal (add external antenna)
• Module Selection: SIM7020 for static NB-IoT sensors, SIM7000G for mobile LTE-M tracking, BG96 for dual-mode global deployments
• Technology Comparison: LoRaWAN offers 2-5x lower TCO for localized deployments; cellular wins for global coverage and mobility

Next Steps:

1. Get a SIM7000 module and IoT SIM card (Hologram or 1NCE)
2. Test basic AT commands and network registration
3. Implement MQTT communication to cloud broker
4. Enable PSM/eDRX and measure power consumption
5. Deploy a real-world cellular IoT sensor project

27.10 Concept Relationships

AT command implementation connects to: Cellular IoT Overview architecture (AT+CEREG checks MME registration), Power Optimization (AT+CPSMS/AT+CEDRXS configure timers), and Technology Selection (AT+CNMP/AT+CMNB select NB-IoT vs LTE-M mode). Module selection links to NB-IoT Applications and LTE-M Lab deployment scenarios.

27.11 See Also

• Cellular IoT Technology Selection - Module selection criteria
• Cellular IoT Power Optimization - PSM/eDRX AT commands
• NB-IoT Fundamentals - NB-IoT AT command specifics
• LoRaWAN Overview - Alternative LPWAN technology

Common Pitfalls

1. Sending AT Commands Before Module Initialization Complete

Cellular modules require 1–5 seconds after power-up before they respond to AT commands. Sending AT+CEREG? immediately after asserting PWRKEY low results in no response or garbage characters, causing firmware state machine confusion. Wait for the module’s power-on indication (e.g., “RDY” URC for Quectel modules, “+SYSSTART” for u-blox) before sending any AT commands. Set a 10-second hardware timeout as a fallback if the ready indication is not received.

2. Not Parsing URC (Unsolicited Result Code) Messages

Cellular modules asynchronously emit URCs for network events: +CEREG:5 (roaming registration), +CREG:0 (connection lost), +QIURC: “recv”,0 (data received), +CTZV: (time zone change). Firmware that only polls AT commands and discards unsolicited lines misses critical events like unexpected disconnection or incoming data. Implement a separate UART receive buffer that checks each incoming line against known URC prefixes before assuming it is a response to the last AT command.

3. Assuming AT+CGDCONT APN Takes Effect Immediately

Setting the APN with AT+CGDCONT does not immediately reconnect using the new APN. The device must deactivate the current PDP context (AT+CGACT=0,1) and reactivate it (AT+CGACT=1,1) or restart the module. Changes to APN configuration that are not followed by PDP context reconnection continue using the old APN until the module resets. Always follow APN changes with explicit PDP context management commands and verify connectivity with AT+CGPADDR.

4. Not Implementing Watchdog Reset for Cellular Module Lockup

Cellular modules occasionally lock up due to modem firmware bugs, memory corruption, or unexpected network events. A module that stops responding to AT commands cannot recover without a hardware reset (PWRKEY toggle or module VCC power cycle). Always implement: AT command timeout watchdog (trigger reset if no response in 60 s), periodic heartbeat check (AT every 60 s), and hardware reset capability from MCU GPIO. Log reset events for field diagnostics.

27.12 What’s Next

Now that you understand cellular IoT technologies, explore application-layer protocols:

Next	Chapter	Description
1	MQTT	The most widely-used IoT messaging protocol for cellular connectivity
2	CoAP	Lightweight request-response protocol optimized for constrained NB-IoT devices
3	AMQP	Advanced message queuing for enterprise IoT and reliable delivery
4	NB-IoT Fundamentals	Deep dive into Narrowband IoT technology and AT command specifics
5	LoRaWAN Overview	Alternative LPWAN technology for cost comparison with cellular IoT

Related Chapters

Deep Dives:

• NB-IoT Fundamentals - Narrowband IoT deep dive
• Cellular IoT Fundamentals - Core cellular concepts

Comparisons:

• NB-IoT vs LTE-M - Technology comparison
• LoRaWAN vs Cellular - LPWAN alternatives
• IoT Protocols Review - Cross-technology analysis

Application Protocols:

• MQTT Fundamentals - Messaging over cellular
• CoAP Protocol - Lightweight protocol for NB-IoT

Learning:

• Quizzes Hub - Cellular IoT assessments
• Videos Hub - Cellular technology tutorials