Click for homepage
TETRA
  
C2000
Dutch public safety radio network

In the Netherlands, C2000 is a cryptographically secured digital trunking radio network, used by public services like police, fire and ambulance. It is based on the TETRA standard and forms part of the country's critical infrastructure. It replaced a range of analogue networks, and was planned for introduction in 2000, but due to setbacks it wasn't rolled out until 2004. The last analogue users migrated to C2000 as late as 2007. In 2023, the network had approximately 90,000 users.


C2000 was implemented under the responsibility of the Ministry of the Interior, 1 but was later transferred to the Ministry of Justice and Security. Its backbone is formed by a network of more than 600 fixed and 6 mobile interconnected base stations (masts), similar, but not identical, to GSM telephony. In contrast to analogue networks, evesdropping by means of a radio scanner is not possible on C2000, as its traffic is encrypted by means of the proprietary TEA2 algorithm. 2

Over the years, there have been regular complaints from users (in particular the police and fire services), with respect to coverage and reliability of the network, especially when used inside buildings in critical situations. Such problems appear to be caused by a combination of network issues, incorrect use of the equipment and congestion on saturated talk groups. In 2020, the C2000 hardware was replaced by equipment from the Chinese company Hytera, 3 but this did not reduce the number of incidents. C2000 is scheduled for replacement by NOOVA in 2025.

  1. Dutch: Ministerie van Binnenlandse Zaken en Koninkrijksrelaties (Ministry of Internal and Kingdom Affairs).
  2. TEA = TETRA Encryption Algorithm. Not to be confused with Tiny Encryption Algorithm.
  3. Despite concerns from the Dutch intelligence services AIVD and MIVD.

Setup
C2000 consists of three basic components:

  • T2000
    TETRA network for voice and data communication
  • P2000
    Paging system based on the FLEX protocol
  • M2000
    Dispatch centres (Dutch: Meldkamers)
Note that T2000 and P2000 are two completely different non-integrated systems. T1000 is available to all users, whilst P2000 is mainly used by ambulance and fire services. Apart from T2000 (TETRA), the emergency services (police, ambulance and fire services) also use a new integrated dispatch system — Geïntegreerd Meldkamer Systeem (GMS). In practice, the name C2000 is commonly used by the general public to identify the T2000 TETRA network.


The diagram above shows a simplified setup of the C2000 network. Central to the network are the 600+ base stations, located at strategic positions throughout the country and connected to the Switching and Management Infrastructure (SwMI). Also connected to the SwMI are the various dispatch centres where emergency calls are handled. The 90,000+ users of the network are each assigned a personal handheld or mobile radio. They can speak with eachother and with dispatch via the nearest base station, each of which can handle a finite number of concurrent calls.

C2000 (T2000) equipment can be used in the following modes:

  • TMO
    Trunked Mode Operation, encrypted
  • DMO
    Direct Mode Operation, not encrypted
The preferred mode of operation is TMO, in which all traffic between mobile users is routed via a network of base stations. This mode is also used by the dispatch centres. TMO is suitable for point-to-multipoint communication. In specific situations, mobile stations can switch to DMO for direct communication with other users, without being routed though the network. DMO can only be used at relatively short distances, but nearby mobile DMO/TMO stations can act as repeaters.

C2000 and other TETRA frequencies in the 400 MHz band

The diagram above shows in which part of the radio frequency spectrum C2000 is active. The base stations (i.e. the downlink) operate between 900 and 950 MHz, whilst 800 to 850 MHz is used for the mobile stations (i.e. the uplink). These frequencies are harmonised within Europe, to allow cross-border operation of emergency services. For a detailed overview of the spectrum in The Netherlands check out this poster of the Dutch telecom authority RDI from 2017 [18].


History
Analogue networks
In the 1970s and 80s, many different analogue communication networks were in use with the public safety and emergency services (OOV) throughout the Netherlands, with limited possibilities for interoperability. It was clear that a more uniform and future-proof solution was needed, one in which all services of all regions could communicate with each other, and preferably also with the services of the neighbouring countries. It was also clear that the future would be digital [B].

Planning
Planning for a new system started in the early 1990s, largely at the initiative of the Police Signals Service (PVD) together with the police corpses of the four largest cities: Amsterdam, Rotterdam, The Hague and Utrecht. It was decided to join the initiative for an official open European standard for emergency services — TETRA — endorsed by the European Telecommunications Standards Institute (ETSI). This also raised the opportunity to harmonise the assigned radio frequencies.

Pilots
Pilots were run in three cities: Amsterdam, The Hague and Eindhoven. In Amsterdam, the local Radio Monitoring Service (Bureau Etherbewaking) took part in the pilots and in the planning of the various talk groups. The early pilots coincided with a major restructuring of the Dutch Police into a single region-based national police. 1 The new radio system was advertised to have a better coverage than the old analogue networks, but early tests in the Amsterdam region revealed that sometimes the coverage inside buildings was insufficient. In addition, there were EMC problems. Concern was raised about interference with medical equipment at close proximity — caused by the use of pulsed transmissions (TDMA) — which could lead to dangerous situations.

After evaluation of the results in 1992, the green light was given for development of a police communication system, in which each region would built its own network. The name for the new network was PCS2000 — Politie Communicatie Systeem 2000 (Police Communication System). It soon became clear however, that it would be too expensive for the individual police regions and that it would be better to build one national system for all public safety services. The project was moved to the Interior Ministry (MinBZK) and renamed C2000 (Communicatie 2000).

  1. In the past, the Netherlands had two separate civil police organisations: Gemeentepolitie (city police) and Rijkspolitie (state police). In 1994, the two organisations were dissolved into 25 regional police forces. This situation lasted until 2013, when the regions were merged into one National Police with 10 regions [12].

Encryption
To prevent eavesdropping, which was easy on the old analogue networks, C2000 uses strong encryption. The European Telecommunications Standards Institute (ETSI) had assembled an international group of experts that were united in the Security Algorithms Group of Experts, known as ETSI-SAGE. It was decided to have two algorithm suites — TAA for authentication, and TEA for encryption. TAA was developed at the Royal Holloway University of London (UK), whilst TEA was developed by a small team at Philips Crypto BV in Eindhoven (Netherlands) [13].

After evaluation and approval by the other ETSI-SAGE members, TAA and TEA were implemented as ETSI standards. Initially, there were two flavours of the TEA algorithm: TEA1 which was suitable for civil users and was approved for export, and TEA2 which was intended for exclusive use by public safety services within Europe. TEA2 — the stronger of the two — was used in C2000.

 More about encryption

Trial
C2000 was expected to be ready in 2000, but due to setbacks the target date was pushed forward several times. In the meantime, a real-life trial — Proef in de proef — was held in the Amsterdam region in 2000/01, to test the C2000/TETRA equipment in practice during real and simulated incidents [17]. Afther a positive evaluation, C2000 was approved for implementation.

 Watch the trial video

Implementation
On 29 May 2003, further delays were announced along with a significant budget-overrun [2]. The actual implementation of the network was the responsibility of the newly established company TetraNed — a joint venture of KPN CC and Koning & Hartman (K&H) — with Motorola as the equipment supplier. KPN was the former state-owned monopolist PTT, and K&H was the largest supplier of radio equipment to the public safety sector in The Netherlands. Apart from supplying the TETRA equipment for C2000, TetraNed would also be responsible for its maintenance.

The existing optical fibre network of the Ministry of Defense (NAFIN) was used as the backbone of C2000. It interconnected the base stations and dispatch centres throughout the country. NAFIN was controlled and maintained by the Dutch Defense Telematics Organisation (DTO). 1

To meet the requirements of the Dutch Government, several specific applications were developed by Cuperus Consultants in Delft (Netherlands). On 9 September 2004, TetraNed officially handed the network over to the Dutch Interior Ministry. In October 2007, the last emergency services were migrated from the old analogue networks to the fully digital C2000. The first handheld radios were supplied by Nokia, soon followed by Motorola.

Soon after the introduction of the network, it turned out that the coverage was insufficient, after which additional base stations were added. Although C2000 was initially advertised to be more reliable than the old analogue networks, it became clear that the coverage inside buildings was (far) less than 100%. This was partly 'solved' by making the owner of such buildings responsible for a solution to the problem. 2 In all other buildings, coverage could not be guaranteed.

  1. DTO was later merged with Defensie Materiaal Organisatie (DMO) which in May 2023 was renamed Commando Materieel en IT (Commit).
  2. In the Netherlands, a local government can declare a place or building with insuffient C2000 coverage a special coverage location, after which additional C2000 equipment must be installed at the expense of the owner of the premises [2].

Midlife upgrade
By 2015 it had become clear that at some point the ageing C2000 system had to be replaced [11]. The number of hardware related incidents was rising and spare parts were increasingly difficult to obtain. There was a choice between migrating to 4G/5G technology, or to issue a midlife upgrade of the existing C2000/TETRA network. As the use of mission-critical OOV communi­cation via LTE/5G was still in its infancy, it was decided to go for a midlife upgrade of C2000. In addition, the Dutch company Cuperus Consultants would develop a new solution for the dispatch centres.

The midlife upgrade was awarded to the lowest bidder 1 — a group of companies consisting of 2Way, Eurofunk and Hytera Mobilfunk — despite concerns from the Dutch intelligence services AIVD and MIVD about the participation of the Chinese company Hytera [14]. According to the AIVD, Chinese companies should not be allowed to supply mission-critical infrastructure. 2

The replacement C2000 network would cost an estimated 180 million Euros and was scheduled for release in late 2017. But as problems kept piling up, this appeared to be too optimistic. Most of the problems concerned the interface between the new dispatch centres and the actual C2000 network, which appeared to be more complex than anticipated [15]. In addition, the budget had meanwhile been overrun by 30 to 60 million Euros.

As a result, the old C2000 network had to be kept alive way past its expiry date, despite the fact that spare parts were hardly available. Between April 2015 and August 2017, no less than 2775 C2000-related issues were reported, 33% of which were hardware related [15]. There were even situations in which spare parts had to be obtained from surplus stores and flea markets.

Finally, in January 2020, the old Motorola network was switched off and the new Hytera-supplied C2000 network was taken into service, just five years before its scheduled replacement. Since then there have been numerous reliability issues and incidents with the new network. In June 2020, a software update had to be reverted as it introduced more problems than it fixed [14].

In March 2023, Police Unions filed an official complaint with the Dutch Labor Inspectorate, about C2000 reliability issues and lack of coverage, which leads to dangerous situations. As a result, the government may have to invest in intermediate solutions [8]. In May 2025, the current maintenance contract for C2000 terminates, although it can be extended by another two years.

  1. KPN CC had hoped to be selected for the implementation of the midlife upgrade but lost the tender to Hytera, after which they began promoting IBARC2 as a suitable alternative for fire services [5].
  2. Although Hytera Mobilfunk is registered in Germany, it is a full daughter of the Chinese company Hytera that has strong ties with the Chinese Government. AIVD and MIVD were concerned about the risk of espionage (backdoors) and digital sabotage. Although C2000 is a closed network — it is not directly linked to the internet — Hytera must be given access to the network for maintenance and support. Furthermore it uses the NAFIN fibre network of the Dutch Armed Forces as its backbone.

Successor
Work is underway for a replacement of C2000 that should be ready in 2025. The new system — working title NOOVA — will be based on LTE/5G technology. It seems likely however, that the 2025 deadline will not be met. Until then, the existing C2000 network will have to be serviced and – when necessary – expanded.


Incidents
From the launch of C2000, the network has been plagued with problems, in particular when using the handheld radios inside a building, but also during major incidents in which human lives were at stake. Here are some incidents that reached the press:

  • 2005
    Fire at the immigration detainment centre at Schiphol Airport in Amsterdam
  • 2009
    Crash of Turkish Airlines flight 1951 near Amsterdam
  • 2009
    Attack on Queen's Day near the Dutch Royal Family
  • 2009
    Shootout at the Sunset Grooves festival on the beach of Hoek van Holland
  • 2011
    Major fire near Putte (close to the nuclear power plant of Doel)
  • 2023
    Manhunt for three robbers near Rijsbergen [6]
  • 2023
    3-hour outage of the entire network
  • 2023
    Discovery of vulnerabilities in the encryption
The total number of network-related issues is much higher though. Between April 2015 and August 2017, no less than 2775 issues were reported, 33% of which was hardware relatd [15]. Many fire regions have meanwhile stopped using C2000 for point-to-point communication, by using the direct mode operation (DMO) of the handheld radios. Some regions have even reverted to the use of alternative (analogue) handheld radios for direct communication during incidents.

As a result of recurring problems with the network, Police Unions filed an official complaint with the Dutch Labor Inspectorate, as they claim the safety of police personnel can be at stake during critical incidents [8]. The Inspectorate has meanwhile ruled the claim well-founded, as a result of which the Dutch Government will be forced to make the necessary upgrades to the system [9].


Encryption
On most old analogue networks, voice and data was unencrypted, so that evesdropping was simply a matter of using a radio scanner. Some networks were protected with voice scramblers, but these hardly formed a serious obstacle for the fanatic scanner listeners of the days. On C2000, eavesdropping is no longer possible as it is a digital system with real digital encryption. Rather than using an existing public encryption scheme, it was decided to use the proprietary TEA2 algorithm, which was a European development. TEA2 is protected with an 80-bit key.

Compromise
In July 2023, researchers of the Dutch security firm Midnight Blue revealed that they had found five vulnerabilities in the TETRA protocol set, two of which are deemed critical. One appers to be an intentional backdoor in the TEA1 encryption algorithm (not used by C2000). So far, no vulnerabilities were found in the TEA2 algorithm that is used in C2000.

 More about the TETRA:BURST vulnerabilities


Video footage
C2000 trial 2001
In 2001, when C-2000 was still in its planning and trial stages, it was decided to run a series of real-life tests in the Amsterdam region, in which TETRA equipment was used in actual situations, alongside the existing analogue equipment. In addition, the interconnectivity between police, fire brigade, ambulance and military police were tested in an operational context.

This video is an evaluation of the 2001 trial.

Dutch title: Proef in de proef
Source: MinBZK, 2001 [17].

  

C2000 introduction - Part 1
Video about the introduction of C2000 in The Netherlands for use by police, fire brigade and ambulance service. Issued late 2001. PART 1.

Dutch title:Investeren in Veiligheid
Source: Nick Ringelberg (YouTube)
  

C2000 introduction - Part 2
Video about the introduction of C2000 in The Netherlands for use by police, fire brigade and ambulance service. Issued late 2001. PART 2.

Dutch title:Investeren in Veiligheid
Source: Nick Ringelberg (YouTube)
  

Turkish Airlines flight 1951
This animation shows what went wrong with the C2000 network after the crash of Turkish Airlines 1951 near Schiphol Airport in Amsterdam. 700 rescue workers were present at the scene, whilst the local base station could only handle 11 concurrent conversations. This was later declared insufficient for a high-profile incident near the country's largest airport.

Dutch title: Poldercrash
Source: www.portogewoon.nl, 2012.
  

Instruction trailer
This is a short trailer of a longer instruction video that was used to train new users on the use of the handheld C2000 equipment.

Dutch title: Opleidingsfilm - trailer
Source: www.portogewoon.nl, 2014
  

Migration to the new C2000
This video animation shows the migration from the old Motorola-supplied C2000 network to the new Hytera-supplied C2000 network, which took place on 27 and 28 January 2020.

Dutch title: Migratie naar het nieuwe C2000 netwerk 27 en 28 januari 2020
Source: www.portogewoon.nl, 2020.
  



Specifications
  • System
    Digital secure trunking two-way radio network
  • Purspose
    Critical infrastructure for emergency services
  • Standard
    TETRA
  • Suppliers
    see below
  • Users
    see below
  • Frequency
    T2000: 380-385 MHz (mobile), 390-395 MHz (base)
    P2000: 169.650 MHz
  • Base stations
    600+ 
  • Field stations
    90,000+ 
  • Authentication
    TAA1
  • Encryption
    TEA2
  • Keys
    32 static cipher keys
Users
  1. Dutch: Buitengewoon Opsporingsambtenaren (BOA), handhavers, boswachters, etc.

Suppliers
  • Motorala
    until 2019
  • Dimetra
    until 2019
  • Hytera
    since 2019
  • AccessNet-T
    since 2019
Documentation
  1. Rapport - Communicatienetwerk C2000 en Geïntegreerd Meldkamersysteem
    Algemene Rekenkamer (AR), 17 June 2003.

  2. Rapport Eindevaluatie C2000
    Projectteam C2000 Eindevaluatie (in Dutch language).
    Dutch Government (Min BZK), May 2006.
References
  1. Landelijke Meldkamer Samenwerking (LMS), C2000
    Rijksoverheid (Netherlands). Visited 27 July 2023.

  2. Wikipedia (Netherlands), C2000
    Visited 27 July 2023.

  3. C2000 masten in Nederland
    23 July 2012. Via WayBack machine.

  4. Scannermuseum, Historie: van kristal tot digitaal
    Visited 28 July 2023.

  5. MCCResources, KPN wins Major Digital Radio Tender in The Netherlands
    Control Room Technology, 20 October 2016.

  6. Hapering C2000-systeem tijdens klopjacht veroorzaakt door antenne-installatie
    Security.nl website, 11 March 2023.

  7. C2000; de maat is vol
    TBM, May 2023, p 26-28 (Dutch).

  8. Politiebonden dienen klacht in bij Arbeidsinspectie
    NOS Nieuws, 15 March 2023.

  9. Brian van der Bol,
    Inspectie: veiligheid agenten in geding door gebrekkig communicatiesysteem

    NOS Nieuws, 27 July 2023.

  10. Witold Kepinski, C2000 network wordt pas in 2019 volledig opgeleverd
    Dutch IT Channel, 12 February 2018.

  11. Kamerstuk 25 124-90, Nieuwe infrastructuur mobiele communicatie (C2000)
    Answers to questions from the Dutch Parliament (in Dutch language).
    Dutch Government, Tweede Kamer der Staten Generaal, 5 July 2018.

  12. Dutch Police, Geschiedenis Nederlandse Politie
    History of the Dutch Police. Visited 2 August 2023.

  13. Cees Jansen, TEA co-developer at Philips Crypto BV
    Personal correspondence. Crypto Museum, July 2023.

  14. Rik Sanders, Nieuwe softwarerelease C2000 teruggedraaid
    Computable, 4 June 2020.

  15. Zembla, Calamiteit 2000
    BNNVARA Television, 15 May 2018

  16. Evert Brouwer, OPS wijst C2000 de weg
    Dutch Ministry of Defense. Materiaalgezien 07, 2 November 2015.

  17. C-2000 Proef in de proef (video)
    Evaluation video about C2000 trials in the Amsterdam region (in Dutch).
    Dutch Ministry of Internal Affairs, 25 July 2001.

  18. Poster Het Nederlandse Frequentiespectrum
    RDI, 23 October 2017.
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Sunday 30 July 2023. Last changed: Saturday, 26 August 2023 - 09:19 CET.
Click for homepage