BLUETOOTH

Bluetooth
Bluetooth is a new standard developed by a group of electronics manufacturers that will allow any sort of electronic equipment -- from computers and cell phones to keyboards and headphones -- to make its own connections, without wires, cables or any direct action from a user. A key difference with other existing wireless technologies is that bluetooth enables combined usability models based on functions provided by different devices.

 The Bluetooth Special Interest Group comprises more than 1000 companies.The major companies who created the technology include
Intel 3 com Ericcson IBM Motorola Nokia Toshiba

The Name Bluetooth?

The name is attributed to Herald Bluetooth was king of Denmark around the turn of the last millennium. Choosing this name for the standard indicates how important companies from the Baltic region (nations including Denmark, Sweden, Norway and Finland) are to the communications industry

 Present wireless technology like infra red data communication has two problems 1)Line of Sight 2) One to One Using data synchronizing e.g. hot syn on a PDA --- problem of using the right cradle and cable. BLUETOOTH OVERCOMES THESE PROBLEMS

 It provides agreement at the physical level -Bluetooth is a radio-frequency standard. Provides agreement at the data link level where products have to agree on when bits are sent how many will be sent at a time how the parties in a conversation can be sure that the message received is the same as the message sent

IEEE 802.15.1 Global setting

The Basic Idea

Bluetooth is a standard for a small , cheap radio chip to be plugged into computers, printers, mobile phones, etc Bluetooth chip is designed to replace cables.Information normally carried by the cable, is transmitted at a special frequency to a receiver Bluetooth chip. These devices can form a quick ad-hoc secure piconet and start communication. Connections in the piconets can occur even when mobile.

Piconet

A collection of devices connected via Bluetooth technology in an ad hoc fashion. A piconet starts with two connected devices, and may grow to eight connected devices. Ten such Piconets can coexist in the same coverage range of Bluetooth radio. All Bluetooth devices are peer units and have identical implementations. However, when establishing a piconet, one unit will act as a Master (piconet controller)and the other(s) as slave(s) for the duration of the piconet connection.

Requirements
Low cost as cables chip $5 Secure as cables must support authentication and encryption Must support both data and voice. Must connect to a variety of devices. Must be able to function in a noisy environment. Data rates 721kbps , using the 2.45Ghz radio frequency band I.S.M (Industrial, scientific and medical) Must support many simultaneous and private piconets. Must be low power, compact and global.

Usage Models- Voice/Data Access Points

Connecting a computing device to a communicating device. Allows any device with a bluetooth chip to connect to the internet while located within the range of the access point. Example- a notebook could link to the internet using a mobile phone as an access point. Envisions public data access points

Usage models-Peripheral Interconnects

Standard peripheral devices like keyboard, mike, headsets etc working over a wireless link. The same device can be used in multiple functions e.g a headset can access phones while in the office and can interface with a cellular phone when mobile.

Usage model- Personal Area Networking.(PAN) Allows dynamic formation and breakdown of PICONETS--ad-hoc personal networks.

Bluetooth Architecture
Core Specification -Deals with the lower layers of the architecture and describes how the technology works. Profile Specification Focuses on how to build interoperating devices using the core technology.

Bluetooth Protocol Stack

Usage Models
File transfer Internet bridge LAN access Synchronization Three-in-one phone Headset

RF Layer / Bluetooth Radio

The Radio (layer) is the lowest defined layer of the Bluetooth specification. It defines the requirements of the Bluetooth transceiver device operating in the 2.4GHz ISM band.

RF Layer
In order to minimize interference the nominal antenna power is 1 mW which can be extended to 100mW. The low power limits the range to about 10 centimeters to 10 meters. With higher power of 100mW range of 100meters can be achieved. It uses a packet switching protocol based on a technology called spread-spectrum frequency hopping to spread the energy across the ISM band.

Spread-Spectrum frequency hopping

A device will use 79 individual randomly chosen frequencies within a designated range, changing from one to another on a regular basis. The designated range is from 2.402GHz to 2.480GHz, in steps of 1MHz. The frequency hopping is done at a rate of 1600 times a second. This allows more devices to use the limited time slice and secondly reduces the chance of two transmitters being on the same frequency at the same time.

 Baseband layer This layer defines the timing, framing, packets and flow control on the link. Link Manager Protocol Responsible for managing connection states(authentication & encryption), enforcing fairness among slaves & power management. Host Controller Interface (HCI) provides a command interface to the Baseband Link Controller and Link Manager, and access to hardware status and control registers. Logical Link Layer Handles multiplexing, segmentation and reassembly of large packets and device discovery. Audio The audio data is directly mapped to the baseband layer.

RFCOMM-This protocol provides emulation of serial ports over the L2CAP protocol. The protocol is based on the ETSI standard TS 07.10. Service Discovery Protocol (SDP) provides a means for applications to discover which services are provided by or available through a Bluetooth device. It also allows applications to determine the characteristics of those available services.

Bluetooth Frame
Each frame consists of a transmit packet and a receive packet. Each packet may have either 1, 3 or 5 slots of 625s. Single slot packet max data rate of 172Kbps Multislot frames support higher rates 721Kbps or a max. of 3 voice channels.

Bluetooth Packet format

Timing Sync, offset comp, paging &inquiry
LSB

Identify packet type & to carry Protocol control information

contains user data and a payload header

MSB

ACCESS CODE HEADER

68/72b 54b

PAYLOAD
0-2745b

Access code format

PREAMBLE [4]
PREAMBLE SYNC WORD TRAILER

SYNC WORD [64]

TRAILER [4]

Preamble is a fixed zero-one pattern of 4 symbols used to facilitate DC compensation. Sync word is a 64 bit code used for timing synchronization. Trailer is a fixed zero-one pattern of four symbols. Trailer may be used for DC compensation also.

Three Types of Access Codes: 1. Channel Access Code(CAC): Identifies a Piconet 2. Device Access Code(DAC): Used for Paging and its responses. 3. Inquiry Access Code(IAC): Used for Inquiry purposes

Header format
AM_ADDR [3] TYPE [4] FLOW [1] ARQN [1] SEQN [1] Header Error Control [8] HEC

AM_ADDR TYPE

3-bit active member address to distinguish active members in a piconet. 4-bit type code to distinguish between 16 different types of packets.

FLOW
ARQN SEQN HEC

1-bit flow control over ACL link.

1-bit acknowledgement indication of success of transfer of the packet. SEQN bit provides a sequential numbering scheme to order the data packet stream. 8-bit header error check to check the header integrity.

Payload Header for single slot L_CH(2)

L_CH FLOW LENGTH

FLOW [1]

LENGTH [5]

L_CH determines the logical channel used. Flow indicator is used to control the flow at the L2CAP level. Length indicator indicates the number of bytes in the payload excluding the payload header and the CRC code. Payload Header for multi-slot

L_CH [2]

FLOW [1]

LENGTH [9]

UNDEFINED [4]

Network Topology
All units have a unique global ID(BD_Addr) address ( 48 bits) The unit that initializes the connection is assigned as the master which controls the traffic of the connection. A master can simultaneously connect upto seven slaves. The master/slave roles can be swapped. A device can be a master in only one piconet at a time.

Network Topology

Piconets
Nodes can assume the role of master or slave
One or more slaves can connect to a master, forming a piconet The master sets the hopping pattern for the piconet, and all slaves must synchronize to that pattern Maximum of 7 slaves controlled by a master (3-bit addresses used)

Other operational states

Parked: device does not participate in the piconet, but is known to the master and can be quickly reactivated Standby: device does not participate in the piconet

Piconet
Star Toplogy 1 Master, up to 7 active slaves Unlimited number of parked slaves Master: determines hopping scheme and timing Administers piconet (polling) Logical Channels Asynchronous, packet oriented Synchronous, connectionoriented (voice, slot reservation)

master active slave

parked slave standby

Operational States
Operational States A piconet Master Slave

SB
SB

Parked*
Standby* * Low power states

M
S S SB

Forming a Piconet (1)

Initially, devices know only about themselves No synchronization Everyone monitors in standby mode All devices have the capability of serving as master or slave
D O J I K C E F A B H G P

M Q

Forming a Piconet (2)

Unit establishing the piconet automatically becomes the master
It sends an inquiry to discover what other devices are out there

Addressing
Active devices are assigned a 3-bit active member address (AMA) Parked devices are assigned an 8-bit parked member address (PMA) Standby devices do not need an address

Connection Establishment

INQUIRY

PAGE

CONNECTION

Inquiry
Note that a device can be Undiscoverable D F H N G M

A O J I 10 meters E K

B L

Q C

States
standby
Typical = 2s

disconnected
connecting
Typical = 0.6s

detach

inquiry

page

Transmit AMA

Connected AMA

active
Typical = 2ms

Park PMA

Hold AMA

Sniff AMA

low power

AMA = Active Member Address PMA = Parked Member Address

Connecting to a Piconet
Device in standby listens periodically If a device wants to establish a piconet, it sends an inquiry, broadcast over all wake-up carriers It will become the master of the piconet If inquiry was successful, device enters page mode Devices in standby may respond to the inquiry with its device address It will become a slave to that master
standby

inquiry

page

Transmit AMA

Connected AMA

Park PMA

Hold AMA

Sniff AMA

Page and Connect States

After receiving a response from devices, the master can connect to each device individually An AMA is assigned Slaves synchronize to the hopping sequence established by the master In active state, master and slaves listen, transmit and receive A disconnect procedure allows devices to return to standby mode
standby

inquiry

page

Transmit AMA

Connected AMA

Park PMA

Hold AMA

Sniff AMA

Low Power States

Sniff state Slaves listen to the piconet at a reduced rate Master designates certain slots to transmit to slaves in sniff state Hold state Slave stops ACL transmission, but can exchange SCO packets Park state Slave releases its AMA Still FH synchronized and wakes up periodically to listen to beacon
standby

inquiry

page

Transmit AMA

Connected AMA

Park PMA

Hold AMA

Sniff AMA

Channel Control

Scatternets (1)
Piconets with overlapping coverage use different hopping sequences
Collisions may occur when multiple piconets use the same carrier frequency at the same time

Devices can participate in multiple piconets simultaneously, creating a scatternet

A device can only be the master of one piconet at a time A device may serve as master in one piconet and slave in another A device may serve as slave in multiple piconets

Scatternets (2)
D F H G M N

A O

B K L

E
J I

625 s f(k)

Multi-Slot Packets Reduced Overhead

f(k+1) f(k+2) f(k+3) f(k+4) f(k+5) f(k+6)

f(k)

f(k+3)

f(k+4)

f(k+5) f(k+6)

f(k)

f(k+5) f(k+6)

Data Rates (kbit/s)

Packet Type symmetric asymmetric

DM1 DH1 DM3 DH3

108.8 172.8 256.0 384.0

108.8 172.8 384.0 576.0

108.8 172.8 54.4 86.4 triple slot packets five slot packets single slot packets

DM5
DH5

286.7
432.6

477.8
721.0

36.3
57.6

DM1, DM3, DM5 use rate 2/3 coding

 Shows a bunch of bluetooth devices in proximity of each other. Each device has its own ID and its clock offset

 Radio A has become the master and has formed a piconet with B and C as the slaves. Both B and C now share As ID and and clock offset.

 When a radio joins a piconet it is assigned a 3 bit Active Member Address(AMA). Once the piconet has eight radios, the master assigns puts a radio into the PARK mode. This is one of the low power states, in which the radio releases its AMA for a 8 bit PMA (Passive Member Address). The freed AMA can be assigned to another radio wishing to join the piconet. Though upto 256 radios can actively reside on a piconet, only 8 of them with AMAs can transfer data.

Inquiry Scan
One radio performs a page function on a special Inquiry ID global address. Listening radios perform an inquiry scan on a unique sequence of 32 channels. The radio will listen every 1.25 seconds on each of these 32 channels for 10ms and will then repeat the same for the next channel. The inquiring radio issues a number of pages on the inquire channels and then listens for a response for 1.25 seconds for 16 of the 32 channels.

 If a listening radio was doing a page scan on one of these inquire channels it will respond with its FHS packet. The sequence is repeated for the second set of 16 channels. After an inquire scan is performed the inquiring radio will have a list of all the FHS packets of all the radios within its range.

Page Scan
A page scan is done by a radio in the Standby mode if the address of the device to connect is known. Each radio has a unique sequence of 32 paging frequencies and 32 response frequencies based on its Global ID. The radio will listen for a page of its global ID on each of the 32 paging frequency for 10ms, changing frequency every 1.25 seconds. The paging radio will continuously page using the paged radios Global ID on one of the set of 16 paging frequency for 1.25seconds.

 The paging radio estimates the 16 frequencies on which to start paging based on the last known clock offset. If the paging radio receives no response then it will page on the remaining 16 frequencies for the next 1.25 seconds. Connecting time Clock offset Clock offset how recently were they were connected.

 Once a radio joins the piconet and has an AMA it can direct data to other devices on the piconet. In order to remain in the connected state within a piconet, the radio needs to maintain the frequency hopping pattern and offset while consuming low power. To achieve this the connected radios can be placed in either PARK, HOLD or SNIFF modes.

HOLD MODE When data needs to be transmitted very infrequently, thus conserving power. In this mode only an internal timer is running. No data is transferred when in HOLD mode. The master can put slaves on HOLD mode. SNIFF MODE A slave device listens to the piconet at a reduced rate. The SNIFF interval is programmable. In both the HOLD and SNIFF states the device retains its AMA.

PARK MODE The device has given up the AMA and has become passive. The parked device will occasionally listen to see if the master has sent any broadcast data asking it to become active.

Physical Links
Asynchronous Connectionless Link This is a packet switched link between a master and slave. Supports both isochronous and asynchronous data.

Types of Links and Packets

Synchronous Connection Oriented(SCO) Point to point full duplex link. Typically used for voice data. These packets do not use CRC and are not retransmitted. Needs an asynchronous connectionless (ACL) type link to be first established.

Error Correction Scheme

Forward error correction(1/3 and 2/3) 1/3 rate FEC(18-BIT PKT HEADER) 2/3 rate FEC Automatic Repeat Request scheme -Error Detection(CRC) -Positive Acknowledgement -Retransmission After timeout -Negative Acknowledgement and Retransmission

Radio Specification of Bluetooth

Radio Specification
Classes of transmitters (on which Bluetooth products are available):
Class 1: Outputs 100 mW for maximum range
Power control mandatory Provides greatest distance up to 100 m Products: still available

Class 2: Outputs 2.4 2.5 mW at maximum

Power control optional Transmission distance 10 m Products: most common

Class 3: Nominal output is 1 mW

Lowest power Transmission distance 10 cm 1 m Products - rare

Security
Authentication and encryption is provided at the Link Manager layer. The PIN is translated into a 128 bit link key which is used for authentication. After authentication the radios will settle on a suitable length encryption key to be used. Bluetooth relies on PIN codes to establish trusted relationships between devices.

Link Manager Protocol (LMP)

Used for link set-up, security and control. All LMP messages are single slot packets. Priority higher than user data (L2CAP). Payload body for LM PDUs

LMP: General PDUs

LMP_accepted PDU
Opcode = 3 Content = Opcode accepted.

LMP_not_accepted PDU
Opcode = 4 Content
Opcode rejected Reason

LMP: Connection Establishment

Paging unit
Baseband page procedures
LMP procedures requiring no interaction between LM and higher layers

Paged unit

LMP_host_connection_request

LMP_accepted/LMP_not_accepted
Other LMP procedures LMP_setup_complete LMP_setup_complete

LMP PDUs: Other procedures depending on their function

LMP exchanges are also used for:
Authentication, pairing, encryption. Exchanging clock/slot offset information. Switching of master/slave roles. Changing power modes. QoS negotiation.

Logical Link Control and Adaptation Protocol (L2CAP)

Defined for only ACL links. L2CAP layer provides protocol multiplexing, segmentation & reassembly, QoS control. L_CH field in the payload header:
10, start of L2CAP packet. 01, continuation of L2CAP packet.

Provides connection-oriented and connectionless service.

L2CAP: Functional requirements

Protocol multiplexing: Distinguishes between upper-layer protocols like SDP, RFCOMM. Segmentation of larger packets from higher layers into smaller baseband packets. Allows QoS parameters to be exchanged during connection establishment. Allows efficient mapping of protocol groups to piconets.

L2CAP: General Operation

L2CAP channel end-points are represented by channel identifiers (CIDs). An L2CAP channel is uniquely defined by 2 CIDs and device addresses. Reserved CIDs
0x0001: Signaling channel 0x0002: Connection-less reception 0x0003-0x003F: Reserved for future use

L2CA layer: Operation between layers

Transfers data between higher layer protocols and lower layer protocols. Signaling with peer L2CAP implementation. L2CA layer should be able to accept events from lower/upper layers. L2CA layer should be able to take appropriate actions in response to these events.

L2CA layer: Events and Actions

L2CA layer: Events

Types of events: LP to L2CA events, e.g. LP_ConnectCfm: confirms connection at the baseband. LP_ConnectInd: informs of a new baseband connection. L2CAP to L2CAP signaling events, e.g. L2CAP_ConnectReq: Received a connection request pkt. L2CAP_ConnectRsp: Positive response received. L2CAP to L2CAP data event: data packet received. Upper layer to L2CAP events, e.g. L2CA_ConnectReq: Request for L2CAP channel.

L2CA layer: Actions

Types of actions:
L2CA to LP actions, e.g. LP_ConnectReq: Request lower layer for a connection. LP_ConnectRsp: Accepting previous connection indication. L2CAP to L2CAP signaling actions, e.g. L2CAP_ConnectReq: Transmitted a connection request pkt. L2CAP_ConnectRsp: Positive response transmitted. L2CAP to L2CAP data action: data packet transmitted. Upper layer to L2CAP actions, e.g. L2CA_ConnectInd: Indicates to upper layer that a connection request has been received.

L2CAP Channels

L2CAP: Signaling
Signaling command are sent on CID=0x0001. L2CAP signaling is used for:
L2CAP channel establishment. Configuring parameters related to
Quality of service. Specifying MTU.

Closing an L2CAP channel.

Exchanging application specific information.

LMP-PDU Formats

Other Bluetooth protocols

RFCOMM: Provides emulation of serial ports over L2CAP. Service Discovery Protocol (SDP):
Provides attribute based searching of services. Provides for browsing through available services. Provides means of discovering new services. Provides removal of unavailable services.