Bluetooth Version 1.1 / IEEE 802.15.1
Bluetooth Version 1.1 / IEEE 802.15.1
Bluetooth Version 1.1 / IEEE 802.15.1
TM8100 Karin Sallhammar 30.03.2004. References: Multimedia Wireless Networks, Technologies, Standards and QoS A. Ganz, Z. Ganz, K. Wongthavarawat, Prentice Hall 2004. Overview over the Bluetooth technology M. Cardei, Wireless Networking Seminar, University of Minnesota, 2002. Bluetooth Architecture Overview, J. Kardach, Intel 1998. Figures from various sources as indicated in the presentation
3/30/2004
Background
A standard for wireless personal area networks defined by the Bluetooth Special Interest Group (SIG), originally founded by Ericsson, IBM, Intel, Nokia and Toshiba. Eliminates cables and wires between devices Facilitates both data and voice communication Enables ad-hoc networks between multiple Bluetooth devices Goal: 5/device (2002: 50/USB bluetooth)
IrDA-Data and IrDA-Control (Infrared Data Association) has high throughput for point-to-pont communication. However, Bluetooth has larger range, does not require line of sight and is not prone to light interferences
2 3/30/2004
Overview
Bluetooth 1.1 specifies a wireless technology in the unlicensed 2.4 GHz Industrial, Scientific and Medical (ISM) band. Supports a range of 10 (100) meters Requires the use of spread spectrum transmission technology resistant to interference. Bluetooth deploys fast rate frequency hopping (FHSS) to provide robust data transmission Supports simultaneous transmission of both voice and data with approximately 1 Mbit/s (720 kbps) data rate
3/30/2004
Network Topology
Bluetooth defines three topologies: point-to-point, single cell (piconet) and multi-cell (scatternet) Up to eight active data devices can be connected in a piconet Each piconet has one master and the rest serve as slaves. Slaves within a piconet only have links to the master. Up to 10 piconets can exist within a 10 meter range Multi-hop communication is obtained through a scatternet. Additionally devices can be in parked (non-active) mode, occasionally listening to the master for synchronization and broadcast messages
3/30/2004
Network Topology
3/30/2004
Source: PWC 2000 Technology Forecast
Network Topology
3/30/2004
Source: Essential Guide to Wireless Communications Applications, Andy Dornan
Protocol Stack
3/30/2004
Protocol Stack
Radio Layer: specifies details of the air interface: Uses unlicensed ISM band, around 2.45GHz Spread spectrum with frequency hopping frequency hops are fixed at 2402+k MHz, where k= 0,1,...,78 hop rate is 1600 hops per second (hop slot of 625 microseconds) FH sequence is determined by the master as a function of its BA Radio communication uses TDD, medium access technique is TDMA Each device is classified into power classes 1, 2, and 3. Baseband (Link Controller): connection establishment within a piconet, addressing, packet format, timing and power control. Link Manager Protocol (LMP): responsible for link setup and link management. Includes security aspects (encryption & authentication). Logical Link Control and Adaptation Protocol (L2CAP): adapts upper layer protocols to the baseband layer. Provides both connectionless and connection oriented services.
8
3/30/2004
Protocol Stack
SDP (Service discovery protocol): queries a device for device information, services and service characteristics. HCI (Host control interface): allows the implementation of lower Bluetooth functions on the Bluetooth device and higher protocol functions on a host machine. RFCOMM: a reliable transport protocol, which provides emulation of RS232 serial ports over the L2CAP protocol. TCS BIN (telephony control specification): bit oriented protocol that defines the call control signaling for the establishment of speech & data calls between BD. OBEX : object exchange protocol. Provides functionality similar with HTTP. It provides a model for representing objects and operations. Examples of formats transferred are vCard and vCalendar.
3/30/2004
Source: Wireless Networking Seminar 2002 at University of Minnesota
Protocol Stack
10
3/30/2004
Source: Wireless Networking Seminar 2002 at University of Minnesota
Physical Channel
Polling-based TDD packet transmission Master polls slaves according to a polling scheme (625 s time slots) Slave transmits only after it has been polled. NULL packet Master schedules the traffic in both the uplink and downlink. Need intelligent scheduling mechanisms
11
3/30/2004
Physical Channel
Single and multi-slot packets (3-slot or 5-slot): Packets are sent on a single-hop carrier The packet will be transmitted with the hopping frequency of the first time slot for the entire duration of packet transmission (Figure 8.6 in textbook)
12
3/30/2004
Physical Links
Synchronous Connection Oriented (SCO) Link : allocates a fixed bw between a point-to-point connection involving the master and one slave. Circuit-switch style of connection (the master reserves slots periodically). It primarily supports time-bounded information like voice. SCO packets do not include a CRC and are never retransmitted. The master can support up to 3 simultaneous SCO links Asynchronous connectionless (ACL) Link : a point-to-multipoint link between the master and all slaves in the piconet. Packet-switch style of connection (polling access scheme) No bandwith reservation possible Delivery may be guaranteed through error detection and retransmission Only a single ACL link between a master and a slave can exist The slaves transmission of a ACL packet is controlled by a POLL packet from the master 3/30/2004
13
Logical Channels
Bluetooth defines five logical channels used to transfer different types of information Link Control (LC) Channel: carries low-level link control information such as flow control and payload characterization Link Manager (LM) Channel: carries control information exchanged between the masters LMs and the slaves User Asynchronous (UA) Channel: carries L2CAP transparent asynchronous user data. These data may be transmitted in one or more baseband packets User Isochronous (UI) Channel: carries L2CAP transparent isochronous user data. These data may be transmitted in one or more baseband packets User Synchronous (US) Channel: carries L2CAP transparent synchronous user data. This channel is carried over the SCO link. See Figure 8.8 in textbook.
3/30/2004
14
Format of Packets
Access code is used as a direct-sequence code in access operations. Channel Access Code (CAC): used to identify a piconet Device Access Code (DAC): used to identify a device and is uniquely defined by the device address. DAC is used for paging procedures. Inquiry Access Code (IAC): used for inquiry procedures More about paging and inquiry procedures later....
3/30/2004
15
Format of Packets
Packet header contains link control (LC) information - 3-bit slave address (active member address) - 4-bit packet type code to define 16 different payload types - 1-bit flow control, 1-bit ack. indication and 1-bit seq.no. - 8-bit header error check
An ACL packet contains data payload and an SCO packet contain voice payload (or data payload) The LC can use either ACL or SCO packet with or without payload (e.g. the NULL and POLL packets do not have payload, while FHS packet include control information in the payload)
3/30/2004
16
Types of Packets
4 control packets ID (identification packet) - used for signaling NULL - consists only of access code + header (no ack.) POLL - used by a master to force a slave to return a response FHS (frequency hop synchronization) - used to exchange clock and ID information between devices 12 types packets for synchronous and asynchronous services 6 packet types for single time slot transmission 2 packet types for 3-slot transmission 2 packet types for 5-slot transmission
17
3/30/2004
PAGE
PAGE SCAN
INQUIRY SCAN
INQUIRY
MASTER RESPONSE
SLAVE RESPONSE
INQUIRY RESPONSE
18
19
Inquire Procedure
To search for other devices Invoked when a potential master identifies devices in range that wish to participate in a piconet In Inquiry state, master sends an IAC (Inquiry Access Code) over each of 32 wake-up carriers (out of 79) in turn Devices in the Standby state periodically enter Inquiry Scan state to search for IAC messages When a device receives the inquiry, it enters Inquiry Response state and returns an FHS packet with its device address and timing info. Then it moves to the Page scan state to await for a page from the master to establish the connection If a collision occurs in Inquiry Response phase (more devices respond to an inquiry), no page will be received and the device may need to return in Inquiry Scan state The master does not respond to FHS packets and may remain in Inquiry state until it is satisfied with all radios found 3/30/2004
20
Page Procedure
To connect to a specific device For each device, the master uses the devices addr to calculate a page FHS The master pages by using an ID packet, with a DAC of the specific slave The slave responds by returning the same DAC ID packet to the master in the same FHS used by the master Master responds in the next master-to-slave slot with its own FHS packet containing its device address and Bluetooth clock value Slave sends a response DAC ID packet to confirm the receipt of the masters FHS ( Slave Response Connection ) The master may continue to page until it has connected all desired slaves then enters the Connection state
21
3/30/2004
Connection State
At the connection state, a Bluetooth station is a member of a piconet. A POLL packet is sent by the master to verify that the slave has switch to masters timing and FHS. The slave can respond with any type of packet The slave can be in following modes of operation: Active: the slave actively participate in the piconet by listening, transmitting and receiving packets. The master periodically transmits to the slaves for to maintain synchronization Sniff: The slave listens on specified slots for its messages. It can operate in a reduced-power status the rest of the time. The master designates a reduced no. of time slots for transmitting to a specific slave Hold: the device can participate only in SCO packet exchanges and runs in reduced-power status. While it is no active, the device can participate in another piconet. Park: a low power mode with very little activity. Used when a slave does not need to participate in a piconet, but still is retain as part of it. The device is changing AM_ADDR PM_ADDR. With this mode, a piconet may have more than 7 slaves.
3/30/2004
22
&RQQHFW Q L R
&RQQHFW Q L R
23
3/30/2004
24
Bluetooth Security
4 parameters for authentication and encryption at the link layer: Unit address 48 bits unique device address, publicly known Secret authentication key a secret 128 bit key Secret privacy key a secret key with length 4-128 Random number a 128 bit random no. derived from a pseudorandom generator algorithm, executed in the Bluetooth unit.
25
3/30/2004
Bluetooth Security
Only the packet payload is encrypted For each packet, a new encryption key is generated E0 is a LFSR ( Linear Feedback Shift Register )
3/30/2004
26
Error Correction
At the baseband level, Bluetooth uses 3 error correction schemes: 1/3 rate FEC (Forward Error Correction) Used in high quality voice packets This scheme sends 3 copies of each bit. Each received triple of bits is mapped into whichever bit is the majority 2/3 rate FEC Used in data or voice packets Uses Hamming code: can correct all single errors and detect all double errors in each codeword ARQ (Automatic Repeat Request) Used with data or voice packets Error detection: destination discards packets in error. Uses a CRC error detecting code Positive ack: destination returns a positive ACK to error-free packets Retransmission after time-out Nack and retransmission: destination returns a NACK to packets in3/30/2004 error. The source retransmits such packets.
27
28
3/30/2004
Conclusions
Bluetooth is a global, RF-based (ISM band: 2.4GHz), short-range, connectivity solution for portable, personal devices
it is not just a radio, it is an end-to-end solution
Implanting Bluetooth technology in a single chip will allow many devices to be Bluetooth-enabled Limitations of Bluetooth need to be addressed The impact of Bluetooth is still to be seen Future Bluetooth 2.0 standard discusses higher speeds, improved functionality, different radios, support for ad hoc peer-to-peer networks, support for high-end multimedia, etc.
3/30/2004
29