This week I worked on getting the measurement script working as a whole. Currently, for each channel (1~11), the script sniffs for access points, inject a beacon frame with its TIM bitmap set for each access point to get responses from all the devices (thus getting all devices connected to the access point), and send each device a null packet to get a response (for the ToF and RSS measurement). Current issue that we’re facing is that while the null and ACK packets clearly exist as detected by wireshark and scapy, PicoScenes seems to be failing to detect those packets for some reason. Another possible way to measure might be using the RTS/CTS instead of null packet/ACK for the measurement as described in the polite wifi paper, but it might be only possible with an unassociated device.
The outstanding issue currently is whether PicoScenes can be used to detect the null/ACK packets from the polite wifi mechanism, because without that we may need to find a completely different method.