1

An Introduction to Bluetooth

Ing. Alessandro Di Nepi (dinepi@uniroma3.it)

COMLAB – DEA

Università “ROMA TRE”

Agenda

� Introduzione

� Ciclo di sviluppo

� Strumenti di supporto

� Ambienti di sviluppo

� Esempi:

� RFCOMM sotto Linux.

� L2CAP sotto Windows.

� OBEX in Java

2

Riferimenti

� Standard Bluetooth (http://www.bluetooth.org/).

� Bluetooth Designer (http://www.btdesigner.com/)

� Bluez (http://www.bluez.org/).

� MSDN (http://msdn.microsoft.com).

� Java:

� SUN Developer Network (http://developers.sun.com/).

� JavaBluetooth (http://www.javabluetooth.org)

Introduzione

� Bluetooth nasce nel 1998 da un consorzio tra

Ericsson, IBM, Intel, Nokia and Toshiba.

� Standard aperto per trasmissioni via radio a corto

raggio di voce o dati sia per applicazioni punto-

punto che multipunto.

� Ad oggi ci sono più di 1100 compagnie che lo

adottano

� Il nome ed il logo sono ispirati ad Harald Blåtand

(tradotto Blue Tooth), re di Danimarca tra 940 ed

il 985, che ha unito la Danimarca e la Norvegia ed

ha portato il Cristianesimo in Scandinavia.

3

Caratteristiche

� Tecnologia radio a bassa potenza e portata limitata

nella banda 2.4GHz (ISM)

� Banda ISM regolata ma non soggetta a licensa.

� Supporto per voce e dati: velocità fino a 723.1

kbit/s (1.2) e 2.1Mbit/s (2.0).

� Non c’è bisogno che i dispositivi siano in “vista”.

� Supporto alla sicurezza

� Economicità dei dispositivi.

� Grandissima penetrazione nel mercato.

Applicazioni

� Sistema “cable replacement”:

� Scambio dati via seriale (vcard, file, messaggi).

� Collegamento di modem cellulari (internet, LAN).

� Collegamento di tastiere, mouse, stampanti.

� Applicazioni Audio:

� Sistemi handsfree (auricolari, autoradio, etc.).

� Medicali:

� Cartella medica wireless, consultazione remota,

defibrillatori ZOLL, data collecting, etc.).

� Limitate dalla fantasia del progettista e

dall’interpretazione non corretta delle specifiche.

4

Tecnologie Radio

Applicazioni Bluetooth

Landline

Data/Voice Access Points

Personal Ad-hoc Connectivity

Cable Replacement

5

Una panoramica

BluetoothPromise

Wireless Connections Made Easy

BluetoothValues

Freedom, Simplicity, Reliability, Versatility and Security

UsageScenarios

What the technology can do

SpecificationProfiles

How to implement the usage scenarios

CertificationTesting

Interoperability

License free IP for adopters: producttesting to ensure interoperability;protect the Bluetooth brand

Esempio

6

Bluetooth: pila protocollare

� A hardware/software description

� An application framework

Application Framework and Support

Link Manager and L2CAP

Radio & Baseband

Host Controller Interface

RF

Baseband

AudioLink Manager

L2CAP

TCP/IP HID RFCOMM

Applications

Data

Con

trol

Radio� frequency synthesis: frequency hopping

� 2.402 + k MHz, k=0, …, 78

� 1,600 hops per second

� conversion bits into symbols: modulation

� GFSK (BT = 0.5; 0.28 < h < 0.35);

� 1 MSymbols/s

� transmit power

� 0 dbm (up to 20dbm with power control)

� receiver sensitivity

� -70dBm @ 0.1% BER

7

Link fisico

� Point to point link

� Relazione master – slave;

� Le radio possono funzionare in modalitàmaster o slave

� Piconet

� Master può avere connessi fino a 7 slave

� Ogni piconet ha una capacità massimadi 1Mbps

� Il master determinal il percorso dihopping

m s

ss

m

s

M

M

SS

S

S

P

sb

sb

P

P

The Bluetooth network topology� Radio designation

� Connected radios can be master or

slave

� Radios are symmetric (same radio can

be master or slave)

� Piconet� Master can connect to 7 simultaneous

or 200+ inactive (parked) slaves per

piconet

� Each piconet has maximum capacity (1

Mbps)

� Unique hopping pattern/ID

� Scatternet� High capacity system

� Minimal impact with up to 10 piconets

within range

8

Baseband protocol

• Standby– Waiting to join a piconet

• Inquire– Ask about radios to connect

to

• Page– Connect to a specific radio

• Connected– Actively on a piconet

(master or slave)

• Park/Hold– Low-power connected states

Inquiry Page

ConnectedAMA

TransmitdataAMA

HOLDAMA

PARKPMA

T =2mstpcl

Low- powerstates

Activestates

Standby

Connectingstates

Unconnected:Standby

Detach

T =2mstpcl

T =0.6stpcl

T =2stpcl

releasesAMA address

Baseband link types� Polling-based (TDD) packet transmissions

� 1 slot: 0.625msec (max 1600 slots/sec)

� master/slave slots (even-/odd-numbered slots)

� polling: master always “polls” slaves

� Synchronous connection-oriented (SCO) link

� “circuit-switched”

• periodic single-slot packet assignment

� symmetric 64Kbps full-duplex

� Asynchronous connection-less (ACL) link

� packet switching

� asymmetric bandwidth

• variable packet size (1-5 slots)

� max. 721 kbps (57.6 kbps return channel)

� 108.8 - 432.6 kbps (symmetric)

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

SCO

ACL

master

slave

9

Bluetooth security features

� Fast frequency hopping (79 channels)

� Low transmit power (range <= 10m)

� Authentication of remote device

� based on link key (128 Bit)

� May be performed in both directions

� Encryption of payload data

� Stream cipher algorithm (≤ 128 Bit)

� Affects all traffic on a link

� Initialization

� PIN entry by user

Key generation and usagePIN

E2

Link Key

Encryption Key

E3

Encryption

Authentication

PIN

E2

Link Key

Encryption Key

E3

User Input(Initialization)

(possibly)PermanentStorage

TemporaryStorage

10

Procedure di funzionamento

� Bluetooth prevede differenti modalità di

funzionamento dei dispositivi:

� Inquiry procedure;

� Paging procedure;

� Connected mode;

� Sniff mode;

� Hold mode;

� Park mode;

Inquiry Procedure

� Procedura utilizzata per localizzare eventuali

dispositivi bluetooth presenti all’interno dell’area di

copertura del segnale radio (raggio di cella).

� E’ una procedura asimmetrica:

� un dispositivo (inquiry device) esegue la ricerca inviando

alcuni pacchetti di inquiry request per localizzare i

dispositivi nelle vicinanze.

� Un dispositivo che può essere raggiunto da una inquiry

request, prende il nome di discoverable device, e

periodicamente ascolta e risponde alle inquiry requests.

11

Connection Setup

� Inquiry - scan

protocol

� to learn about the

clock offset and device

address of other nodes

in proximity

Inquiry on time axis

Slave1

Slave2

Master

Inquiry hoppingsequence

f1 f2

12

Paging Procedure

� Procedura asimmetrica con cui un

dispositivo invita un altro dispositivo

bluetooth a partecipare alla sottorete, e ad

instaurare una connessione.

� Il dispositivo con il quale si vuole instaurare

una connessione deve essere stato

precedentemente localizzato con successo.

Piconet formation

Master

Active Slave

Parked Slave

Standby

� Page - scan

protocol

� to establish links

with nodes in

proximity

13

Stato di un dispositivo connesso

� Un dispositivo connesso ad una rete può essere in uno dei seguenti stati:

� Connected mode: esiste un canale fisico della rete e dei collegamenti logici tra le unità, attraverso i quali possono scambiare dati.

� Sniff mode: modalità di funzionamento a basso consumo, in cui un dispositivo slave si attiva per la ricezione di messaggi provenienti dall’entità master solo ad intervalli prefissati.

� Hold mode: modalità di funzionamento a basso consumo, in cui un dispositivo slave non comunica per un certo intervallo temporale.

� Park mode: modalità di funzionamento a basso consumo energetico in cui un dispositivo slave si “parcheggia” fino alla ricezione di un particolare pacchetto.

Addressing� Bluetooth device address (BD_ADDR)

� 48 bit IEEE MAC address

� Active Member address (AM_ADDR)

� 3 bits active slave address

� all zero broadcast address

� Parked Member address (PM_ADDR)

� 8 bit parked slave address

14

Piconet MAC protocol : Polling

m

s1

s2

625 λλλλsec

f1 f2 f3 f4

1600 hops/sec

f5 f6

FH/TDD

Multi slot packets

m

s1

s2

625 µsec

f1 f4 f5 f6

FH/TDD

Data rate depends on type of packet

15

Physical Link Types

m

s1

s2

SCO SCO SCO

� Synchronous Connection Oriented (SCO) Link � slot reservation at fixed intervals

� Asynchronous Connection-less (ACL) Link

� Polling access method

SCO SCO SCOACL ACL ACLACL ACL ACL

Packet Types

Controlpackets

Data/voicepackets

ID*NullPollFHSDM1

Voice data

HV1HV2HV3DV

DM1DM3DM5

DH1DH3DH5

16

Packet Format

72 bits 54 bits 0 - 2744 bits

Access code

Header Payload

DataVoice CRC

No CRCNo retries

625 µs

master

slave

header

ARQ

FEC (optional) FEC (optional)

Access Code

� Synchronization

� DC offset compensation

� Identification

� Signaling

Access code

Header Payload

72 bits

Purpose

� Channel Access Code (CAC)� Device Access Code (DAC)� Inquiry Access Code (IAC)

Types

X

17

Packet Header

� Addressing (3)

� Packet type (4)

� Flow control (1)

� 1-bit ARQ (1)

� Sequencing (1)

� HEC (8)

Access code

Header Payload

54 bits

Purpose

Encode with 1/3 FEC to get 54 bits

Broadcast packets are not ACKed

For filtering retransmitted packets

18 bitstotal

ss

m

s

16 packet types (some unused)

Max 7 active slaves

Verify header integrity

Voice Packets (HV1, HV2, HV3)

Access code

Header

Payload

72 bits 54 bits 240 bits

30 bytes

= 366 bits

10 bytes

+ 2/3 FEC

+ 1/3 FEC

20 bytes

30 bytesHV3

HV2

HV1

3.75ms (HV3)2.5ms (HV2)

1.25ms ( HV1)

18

Data rate calculation: DM1 and DH1

Payload

Accesscode

Header

72 bits 54 bits 240 bits

30 bytes

= 366 bits

2/3 FEC

1 17 2DM1

1 27 2DH1

625 µs

625 µs

1 2

172.

8

27↑↑↑↑172.

8

27↓↓↓↓

108.

8

17↓↓↓↓

108.

8

160

0/2

17↑↑↑↑Rat

e

FreqSiz

e

Di

r

Data rate calculation: DM3 and DH3

Payload

Access code

Header

72 bits

54 bits

1500 bits

187 bytes

= 1626 bits

2/3 FEC

2 121 2DM3

2 183 2DH3

1875 µs

1875 µs

585.

6183↑↑↑↑

86.4

27↓↓↓↓

54.4

17↓↓↓↓

387.

2

160

0/4

121↑↑↑↑Rat

e

FreqSiz

e

Di

r

1 2 3 4

19

Data rate calculation: DM5 and DH5

Payload

AccessCode Header

72 bits

54 bits

2744 bits

343 bytes

= 2870 bits

2/3 FEC

2 224 2DM5

2 339 2DH5

3125 µs

3125 µs 625 µs

1 2 3 4 5 6

723.

2339↑↑↑↑

57.6

27↓↓↓↓

36.3

17↓↓↓↓

477.

8

160

0/6

224↑↑↑↑Rat

e

FreqSiz

e

Di

r

Data Packet Types

DM1

DM3

DM5

DH1

DH3

DH5

2/3 FEC

No FEC

Symmetric Asymmetric

36.3

477.

8

286.

7

54.4

387.

2

258.

1

108.

8

108.

8

108.

8

Symmetric Asymmetric

57.6723.

2

433.

9

86.4585.

6

390.

4

172.

8

172.

8

172.

8

20

Inter piconet communication

Cell phone Cordlessheadset

Cordlessheadset

Cell phone

Cordlessheadset

Cell phone

mouse

Scatternet

21

Scatternet, scenario 2

How to schedule presence in two piconets?

Forwarding delay ?

Missed traffic?

Baseband: Summary

� TDD, frequency hopping physical layer

� Device inquiry and paging

� Two types of links: SCO and ACL links

� Multiple packet types (multiple data

rates with and without FEC)

Baseband Baseband

L2CAPL2CAPLMPLMP

Physical

Data link

Device 2Device 1

22

Link Manager Protocol

Setup and management of Baseband connections

• Piconet Management• Link Configuration• Security

LMP

RFBaseband

AudioLink Manager

L2CAP

Data Con

trolSDP RFCOMM

IP

Applications

Piconet Management� Attach and detach slaves

� Master-slave switch

� Establishing SCO links

� Handling of low power modes ( Sniff, Hold, Park)

req

response

Paging

Mast

er

Sla

ve

ss

m

s

23

Low power mode (hold)

Slave

Hold duration

Hold offset

Master

Low power mode (Sniff)

Master

Slave

Sniff period

Sniff offset

Sniff duration

� Traffic reduced to periodic sniff slots

24

Low power mode (Park)

Master

Slave

Beacon interval

Beacon instant

� Power saving + keep more than 7 slaves in a

piconet

� Give up active member address, yet maintain

synchronization

� Communication via broadcast LMP messages

Sharing Common Data…

Usage scenarios: Synchronization

User benefits

� Proximity synchronization

� Easily maintained database

� Common information database

25

Wireless Freedom…

Usage scenarios: Headset

User benefits

� Multiple device access

� Cordless phone benefits

� Hand’s free operation

PSTN, ISDN,LAN, WAN, xDSL

Remote Connections...

Usage scenarios: Data access points

User benefits

� No more connectors

� Easy internet access

� Common connection experience

26

Software architecture goals� Support the target usage scenarios

� Support a variety of hardware platforms

� Good out of box user experience

� Enable legacy applications

� Utilize existing protocols where possible

Bluetooth protocols� Host Controller Interface (HCI)

� provides a common interface between the

Bluetooth host and a Bluetooth module

• Interfaces in spec 1.0: USB; UART; RS-232

� Link Layer Control & Adaptation (L2CAP)

� A simple data link protocol on top of the

baseband

• connection-oriented & connectionless

• protocol multiplexing

• segmentation & reassembly

• QoS flow specification per connection (channel)

• group abstraction

27

Bluetooth protocols

� Service Discovery Protocol (SDP)

� Defines a service record format

• Information about services provided by attributes

• Attributes composed of an ID (name) and a value

• IDs may be universally unique identifiers (UUIDs)

� Defines an inquiry/response protocol for

discovering services

• Searching for and browsing services

Bluetooth protocols

� RFCOMM (based on GSM TS07.10)

� emulates a serial-port to support a large base of legacy

(serial-port-based) applications

� allows multiple “ports” over a single physical channel

between two devices

� Telephony Control Protocol Spec (TCS)

� call control (setup & release)

� group management for gateway serving multiple devices

� Legacy protocol reuse

� reuse existing protocols, e.g., IrDA’s OBEX, or WAP for

interacting with applications on phones

28

Interoperability & Profiles

ProfilesP

roto

cols

Applications� Represents default

solution for a usage

model

� Vertical slice through the

protocol stack

� Basis for interoperability

and logo requirements

� Each Bluetooth device

supports one or more

profiles

Profiles� Generic Access Profile

� Service Discovery Application Profile

� Serial Port Profile

• Dial-up Networking Profile

• Fax Profile

• Headset Profile

• LAN Access Profile (using PPP)

• Generic Object Exchange Profile

� File Transfer Profile

� Object Push Profile

� Synchronization Profile

� TCS_BIN-based profiles

• Cordless Telephony Profile

• Intercom Profile

29

Conclusioni

� La sviluppo di applicazioni Bluetooth permette di

integrare collegamenti radio in modo efficace.

� I sistemi di sviluppo offrono caratteristiche simili

su piattaforme diverse: scegliere la piattaforma

più adatta alla nostra applicazione.

� I sistemi embedded offrono capacità di sviluppo

integrate a basso costo.

� I profili maggiormente utilizzati sono: RFCOMM,

OBEX, HEADSET.