A Bluetooth Overviewby N.G.Alexiou
School of Computing & Mathematics Sciences
Liverpool John Moores University
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 2
A Bluetooth OverviewWhat is Bluetooth?Bluetooth DevelopmentBluetooth Administrative StructureBluetooth Technology
Baseband LayerSingle & Multi-Slot FramePower Class TableThe Protocol StackNetwork TopologyConnection States
Forming a PiconetSecurity in BluetoothBluetooth Profile Structure
Bluetooth Vs Wireless TechnologiesBluetooth CompetitorsPlanned Future WorkReferences
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 3
What is Bluetooth? (i)
Bluetooth is a Radio System (Radio Frequency Standard) which defines the concept of PANs (Personal Area Network)Nominal Link Range up to 10m/ 0dBm (~100m with 20dBm)Transmitting between 2.402Ghz – 2.480Ghz (79 channels / on a frequency hopping scheme)Reaching Speeds up to 720KbpsNo line-of-sight RestrictionsHigh Security
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 4
What is Bluetooth? (ii)
A Bluetooth Network can consist of 7 slave devices and 1 master deviceUntil Bluetooth no other global cellular technology for mobile users existed Solve a simple problem, Replace cables used on mobile devices and their peripherals with radio frequency wavesThus Bluetooth tries to emulate cost, security and capabilities of cable for mobile users
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 5
Bluetooth DevelopmentBluetooth as a word derived from the 10th century king of Denmark (Harald Blatand)As a research started in 1994 by Ericsson Mobile Communications with one goal to relief cables carried by mobile phone usersIn February 1998 Bluetooth SIG (Special Interest Group) founded, under the core promoters of
Ericsson, Intel, IBM, Toshiba and NokiaIn 1999 more core promoters added
Microsoft, Agere, 3Com and MotorolaNow exceeding 2500 members
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 6
Bluetooth SIG Administrative Structure
Program Management Board
Regulatory Legal Committee
Japan Regulation
s
Marketing Bluetooth Qualification Review Board
Test & Interoperability
Architecture Review Board
Sub groupsRF Regulation
s
Aviation Regulation
s
Security Regulation
s
Management Services (ADMIN)
Bluetooth Technical Advisory
Board
Bluetooth Qualification
Admin
Bluetooth Qualification
Body
Technical Working Groups
Expert Groups
Errata owners and review pool
Bluetooth SIG Administrative Structure
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 7
Bluetooth Baseband Layer (i)
Bluetooth operates in ISM (Industrial Scientific Medical) band of 2.4GHzBetween 2.402GHz and 2.480GHz with the spacing of 1MhzUsing a Frequency Hopping Spread Spectrum (FHSS) instead of Direct Sequence Spread Spectrum (DSSS)The FHSS scheme provides 1600 hops / second and every hop is 625μsBluetooth packets can be multible slots, each packet can be composed of 1, 3 or 5 slots of 625μs each.
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 8
Bluetooth Baseband Layer (ii)
Voice and Data links in Bluetooth RF can be divided into two types ACL & SCO (Also a third type which combines both – DV):
ACL (Asynchronous Connection-Less)
Made for non-critical dataProvides largest data rate of 723.3 Kb/s in one directionAsynchronousPacket-switchedConstructed of 72 bit access code54 bit packet header and 16 bit CRC
SCO (Synchronous Connection Oriented)
SCO functionality is for critical data and voiceSCO occurs after the ACL if neededCircuit SwitchedA master can support up to 3 SCO LinksConstructed of 72 bit access code54 bit packet headerUses slot reservation at fixed intervalsData rate of 30b/sDoesn’t have CRC (Cyclic Redundancy Code)
DV (Data Voice)Has no flow Control or CRC (similar to SCO)The Data part supports flow control and retransmission
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 9
Bluetooth Single & Multi-Slot Frame
Master
Slave
625μs
F(1) F(5)
t
t
One Slot
F(2)+F(3)+F(4)
Multi slot
Bluetooth frame packets slots
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 10
Bluetooth Power Class Table
Power ClassMax Output
PowerMax Output
PowerExpected
RangeRange in
Free Space
Class 1 100mW 20dBm 42m 300m
Class 2 2.5mW 4dBm 16m 50m
Class 3 1mW 0dBm 10m 30m
Bluetooth Power Class Table
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 11
Bluetooth SIG Complete Protocol Stack (i)
vCard/vCal
OBEX
WAE
WAP
UDP TCP
IP
PPP
AT-Commands
RFCOMM
TCS BIN SDP
L2CAP
Host Controller Interface LMP
BaseBand
Bluetooth Radio/RF
Audio
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
Complete Protocol Stack
A Bluetooth Overview 12
Bluetooth Protocol Stack (ii)
The Bluetooth protocol stack may differs from application to application, depending on the needs of the implementing Bluetooth Chip.Bluetooth Radio/RF: Broadcasting in between 79 channels (2.402GHz-2.480GHz) on a FHSS (Frequency Hopping Spread Spectrum) scheme at 1600 hops/secBaseband Layer: Prepares the packets and arranges the communication channels (ACL-SCO)LMP (Link Manager Protocol): Responsible for setting up the link between two Bluetooth radios (Security aspects and control issues on Baseband packet sizes) – Also LMP in charge of Bluetooth power modes and connection states.L2CAP (Logical Link Control & Adaptation Protocol): L2CAP acts as a bridge between the upper layer protocols and the baseband layer. Adapts data and converts them into different packet sizes. Sometimes works in parallel with LMP, only for ACL links.SDP (Service Discovery Protocol): Provides service discovery and is required in all usages models, by SDP we can interact-query other Bluetooth devices in the area about their status and their services.
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 13
Bluetooth Protocol Stack (iii)
RFCOMM Protocol: Cable replacement protocol, emulates RS-232 control and signals, thus provides transport to data for upper layer services such as OBEX or PPP.TCP (Telephony Control Protocol):
Telephony Control Binary: Defines the call control signalling for establishments of speech and data cellsTelephony Control AT Commands: Controls the modem and the mobile phone commands
(Adopted Protocols)PPP (Peer-to-Peer Protocol): Mainly for peer-to-peer networking usageTCP/UDP/IP (Transfer Control Protocol/User Datagram Protocol/Internet Protocol): Mainly for usage on internetOBEX (IrOBEX): Emulates the HTTP (HyperText Transfer Protocol), in common word is the web browser of the Bluetooth.WAP (Wireless Application Protocol): Supports the usage of wireless Computer applications developed for WAE (WAP Application Environment)VCARD & VCalendar: Type of format which data supported, not a protocol or mechanism
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 14
Bluetooth Network Topology
M
S
i) Piconet (Point-to-Point)
M
SS
S
S
ii) Piconet (Multipoint)
M
S S S
M
S S
Master/Slave
iii) Scatternet
Bluetooth devices have the ability to work as a slave or a master in an ad hoc network. The types of network configurations for Bluetooth devices can be three.
i. Single point-to-point (Piconet): In this topology the network consists of one master and one slave device.
ii. Multipoint (Piconet): Such a topology combines one master device and up to seven slave devices in an ad hoc network.
iii. Scatternet: A Scatternet is a group of Piconets linked via a slave device in one Piconet which plays master role in other Piconet.
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 15
Bluetooth Connection States
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
E
A
G
H
C
D
I
H
C
B
F
Master
There are four Connection states on Bluetooth Radio:
1. Active: Both master and slave participate actively on the channel by transmitting or receiving the packets (A,B,E,F,H)
2. Sniff: In this mode slave rather than listening on every slot for master's message for that slave, sniffs on specified time slots for its messages. Hence the slave can go to sleep in the free slots thus saving power (C)
3. Hold: In this mode, a device can temporarily not support ACL packets and go to low power sleep mode to make the channel available for things like paging, scanning etc (G)
4. Park: Slave stays synchronized but not participating in the Piconet, then the device is given a Parking Member Address (PMA) and it loses its Active Member Address (AMA) (D,I)
Bluetooth Connection States
A Bluetooth Overview 16
Bluetooth Forming a Piconet
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
Master
Inquiry
Inquiry Scan
Inquiry Response
Page
Page Scan
Slave Response
Master Response
ConnectionConnection
Slave1. Inquiry: Inquiry is used to find the identity of the Bluetooth devices in the close range.
2. Inquiry Scan: In this state, devices are listening for inquiries from other devices.
3. Inquiry Response: The slave responds with a packet that contains the slave's device access code, native clock and some other slave information.
4. Page: Master sends page messages by transmitting slave's device access code (DAC) in different hop channels.
5. Page Scan: The slave listens at a single hop frequency (derived from its page hopping sequence) in this scan window.
6. Slave Response: Slave responds to master's page message
7. Master Response: Master reaches this substate after it receives slave's response to its page message for it.
3
2
4
1
5
7
6
Forming a Piconet Procedures
A Bluetooth Overview 17
Bluetooth Security
Three Security Modes Available in Bluetooth:Security Mode 1- This is the most insecure security mode in which the Bluetooth device does not initiate any security procedure. Security Mode 2- This mode enforces security after establishment of the link between the devices at the L2CAP level. Security Mode 3- This mode enforces security controls such as authentication and encryption at the Baseband level itself, before the connection is set up.
And three Security Controls for restricting access to services:Access to Services would need Authorization (Authorization always includes authentication). Only trusted devices would get automatic access.Access to Services would need only Authentication. I.e. the remote device will need to get authenticated before being able to connect to the applicationAccess to Services would need Encryption. The link between the two devices must be encrypted before the application can be accessed.
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 18
Bluetooth Profile Structure
Generic Access Profile TCS-BIN-based ProfilesCordless Telephony Profile
Intercom ProfileService Discovery Profile
Serial Port ProfileDial-up Networking Profile
Fax Profile
Headset Profile
LAN Access Profile
Generic Object Exchange Profile
File Transfer Profile
Object Push Profile
Synchronization Profile
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
Bluetooth Profile Structure
A Bluetooth Overview 19
Bluetooth Vs Wireless Technologies
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
HyperLAN2
DECT – DMAP (DependedOn the Antenna)
IEEE802.11(Depended on the Antenna)
Gro
ss
Da
ta R
ate
Distance to Access Point
1 Mbps
100 Kbps
10 Mbps
100 Mbps
10 m 100 m 1000 m 10000 m
IrDA V1.0(SIR)
IrDA V1.1(FIR)
IrDA(VFIR)
Bluetooth
HomeRF1.2
HomeRF2.0
HomeRF2.1IEEE802.11b
HyperLan
GSM / WAP
GPRS
UMTS (FDD)
UMTS (TDD)
IEEE802.11a
Wireless Technologies Graph – Distance Vs Data Rate
A Bluetooth Overview 20
Bluetooth WLANs Competitors
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
Bluetooth HomeRF 802.11b HyperLAN 802.11aHyperLAN
2Frequency Band 2.4GHz 2.4GHZ 2.4GHz 2.4GHz 5GHz 5GHz
TechnologyFrequency
Hopping Spread Spectrum
Frequency Hopping Spread
Spectrum
Direct Sequence
Spread Spectrum
Guassian Minimum
Shift Keying
Orthogonal Frequency
Division Multiplexing
Orthogonal Frequency
Division Multiplexing
Performance 720Kbps 1.6Mbps 11Mbps 23Mbps ~50Mbps ~50Mbps
Range 10-100 m 50 m ~100-1000 m ~100-500m ~100-1000m ~100-1000m
Power Very Low Medium Medium Medium Medium/High Medium/High
Relative Cost Low/Very Low Medium/Low Medium Medium High High
Target Applications
Cable Replacement, Wireless Data, Wireless Voice,
PANs
Wireless Data, Wireless Voice
Wireless Data Wireless Data Wireless Data Wireless Data
Key FeaturesVery Low Power,
Low Cost,
Voice & Data
Voice & Data,
Moderate CostGood
PerformanceGood
PerformanceHigh
PerformanceHigh
Performance
Promoters 2500+ <50 ~100 <50 ~100 <50
Regional Support Global US US/Asia Europe US Europe
Comparison Table of the most popular WLANs Technologies
A Bluetooth Overview 21
Planned Future WorkPlanned Future work will concentrate on:
•Analyzing and studying deeper the capabilities on Bluetooth Technology Vs the Rest Wireless Family•Verifying that currently developed Bluetooth technology covers all the needs & necessities required for such a technology (If any further development could be done in major areas such as security or protocols)•Visualizing the procedures followed by a Bluetooth Master device to create a Piconet, in order to specify how Bluetooth interacts in Real-Time Environments•Creating a middleware platform able to interact “openly” in a Master Bluetooth device for monitoring communication issues between the Master Device and Slave Devices in a Bluetooth Piconet
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences
A Bluetooth Overview 22
ReferencesSpecification of Bluetooth System, Profiles Version 1.1, February 22 2001, Specification Volume 2, Bluetooth SIG (www.bluetooth.org)Bluetooth Architecture Overview, James Kardach, Mobile Computing Group, Intel CorporationDirect Sequence vs. Frequency Hopping, Wave Wireless Networking, 2000, www.wavewireless.comBluetooth Security Architecture, Version 1.0, 15 July 1999, Thomas Muller, (www.bluetooth.org)How Bluetooth’s unusual operating characteristics impact test decisions, Teit Poulsen, September 1 2002, PRIMEDIA Business Magazines & MediaBluetooth Protocol Architecture, Version 1.0, August 25th 1999, Riku Mettala, (www.bluetooth.org)Bluetooth Security, 2000-05-25, Juha T. Vainio, Department of Computer Science and Engineering Helsinki University of Technology
Liverpool John Moores UniversitySchool of Computing and Mathematical Sciences