(Jon Inouye) Introduction To Bluetooth™ Wireless PDF

Introduction to Bluetooth
Wireless Technology
Jon Inouye
Staff Software Engineer
Mobile Platforms Group
Intel Corporation
Bluetooth
Bluetoothisisaatrademark
trademarkowned
ownedby
byBluetooth
BluetoothSIG
SIGInc.
Inc.USA
USA
IEEE Oregon Section Bluetooth Seminar April 27, 2001
Radio Technology
l
Cellular
Licensed spectrum
Voice driven
Data services emerging
E.g., 3G, GPRS, WAP*
Wireless LAN
Proliferation occurring
E.g., IEEE 802.11b
WWAN
Km
WLAN
100
m
text
text
WPAN
10 m
Wireless PAN
Relative newcomer
E.g., Bluetooth*, 802.15
*Third-party marks and brands are the property of

their respective owners.
WHAT IS BLUETOOTH?
Applications
Data
Audio
Co
ntro
l
TCP/IP HID RFCOMM
L2CAP
Link Manager
Baseband
RF
l
a hardware description
an application framework
OUTLINE
l Radio
l Baseband
l Connection Management
l Channel Operation
l Piconet Management
l Software Stack
l Profiles
RADIO
RADIO PARAMETERS (1)

l Frequency hopping
l ISM band at 2.45 GHz
l 2402 + k MHz, k = 0, , 78
l device-specific hopping sequence
l nominal rate 1600 hops/s
l Modulation
l binary FSK
l Gaussian shaping
l BT = 0.5; 0.28 < h < 0.35
l -20dB bandwidth of 1 MHz
RADIO PARAMETERS (2)

l Transmit power
l nominal 0 dBm
l up to 20 dBm provided power control
l Receiver sensitivity
l -70 dBm @ 0.1% BER
BASEBAND OPERATIONS
DISCOVERY
AND
CONNECTION ESTABLISHMENT
INQUIRY
l Radio wanting to discover other radios
l Repetitively probe first set of 16 frequencies
l Probes two frequencies every 625 microseconds
l Repeat at least 256 times
l Repetitively probe second set of 16 frequencies
l Repeat entire cycle at least two times
l Radio wanting to be discovered

l Listen to one of 32 frequencies for at least 11.25 ms
l Sleep no longer than 2.56 seconds
l Wake up and listen to another frequency
l Repeat cycle
INQUIRY OPERATION
10
CREATING A PICONET
page
B
11
CREATING A PICONET
master A
connected
slave B
12
CREATING A PICONET
slave C
slave D
master A
slave B
13
OPERATIONAL STATES
master
active slave
parked slave
standby
14
ADDRESSING
l Bluetooth Device Address (BD_ADDR)
l 48-bit IEEE 802 address
l 24-bit lower address part (LAP)
l 8-bit upper address part (UAP)
l Active Member Address (AM_ADDR)

l 3-bit active slave address
l all-zero broadcast address
l Parked Member Address (PM_ADDR)

l 8-bit parked slave address
15
BASEBAND OPERATIONS
PICONET CHANNEL
16
FH/TDD CHANNEL
f(2k)
f(2k+1)
f(2k+2)
master
t
slave
t
625 s
17
FREQUENCY HOPPING
freq
2.402
2.480
master
slave
time
18
PHYSICAL CHANNEL
l master BD_ADDR hop sequence
l master CLOCK
phase
slave 2
slave 1
master
slave 3
slave 4
19
HOP SELECTION
phase
NATIVE CLK
HOP
sequence
offset
MASTER BD_ADDR
20
PACKET FORMAT
72b
0-2745b
54b
access code packet header
payload
21
ACCESS CODE
34
24
PRT
LAP
BRK
PREAMBLE
LSB
64
SYNC WORD
TRAILER
MSB
22
ACCESS CODE TYPES

l Device
access code (DAC)
unit identifier
l derived from unit LAP
l
l Channel
access code (CAC)
channel identifier
l derived from master LAP
l
l Inquiry
access code (IAC)
reserved identifier
l derived from reserved address
l
23
PACKET HEADER
3
AM_ADDR
TYPE
FLOW
parameter
AM_ADDR
ARQN
SEQN
HEC
information
slave active member address
TYPE
payload type
FLOW
LC flow control
ARQN
ACK/NAK
SEQN
retransmit ordering
HEC
header error check
24
PHYSICAL LINK DEFINITION
Purpose:
Mixing:
MULTI-MEDIA SUPPORT
l circuit switching
l packet switching
25
PHYSICAL LINK TYPES

l Synchronous Connection-Oriented (SCO) Link
l circuit switching
l symmetric, synchronous services
l slot reservation at fixed intervals
l Asynchronous Connection-Less (ACL) Link

l packet switching
l (a)symmetric, asynchronous services
l polling access scheme
26
MIXED LINK EXAMPLE

SCO
ACL
SCO
ACL
ACL
SCO
SCO
ACL
MASTER
SLAVE 1
SLAVE 2
SLAVE 3
27
PACKET TYPES
segment
type
0000
0001
0010
0011
0100
0101
0110
0111
1000
1001
1010
1011
1100
1101
1110
1111
SCO link ACL link

NULL
POLL
FHS
DM1
NULL
POLL
FHS
DM1
DH1
HV1
HV2
HV3
DV
AUX1
DM3
DH3
DM5
DH5
28
MULTI-SLOT PACKETS
625 s
f(k)
f(k+1)
f(k+2)
f(k)
f(k+3)
f(k+4)
f(k+5)
f(k+3)
f(k+4)
f(k+5)
f(k)
f(k+5)
29
DATA RATES (kb/s)

type
symmetric
asymmetric
DM1
108.8
108.8
108.8
DH1
172.8
172.8
172.8
DM3
258.1
387.2
54.4
DH3
390.4
585.6
86.4
DM5
286.7
477.8
36.3
DH5
433.9
723.2
57.6
30
LINK CONTROL PACKETS

l ID packet
l NULL packet
l POLL packet
l FHS packet
31
FHS PACKET
l BD_ADDR
l DAC
l AM_ADDR
l class of device
l paging class
l real-time clock
32
ERROR CORRECTION
l Forward-Error Correction (FEC)
l 1/3 rate: bit-repeat code
l 2/3 rate: (15,10) shortened Hamming code
l Automatic Retransmission Query (ARQ)

l 1-bit fast ACK/NAK
l 1-bit sequence number
l header piggy-backing
33
ARQ OPERATION
A
MASTER
SLAVE 1
SLAVE 2
NAK
ACK
34
CVSD WAVEFORM CODING
1 1 0 0 0 0 0 0 1 0 1 1 1 1 1 0 1 0 0 0 0 1 1 1 0 0 0 1 0 1 0 1 0 . . . . . . .
35
BASEBAND OPERATIONS
PICONET MANAGEMENT
36
OPERATIONAL STATES
l
stand-by, scan
page, inquiry
connection
active
l hold
l sniff
l park
l
37
SIMPLIFIED STATE MACHINE

Unconnected
Standby
Standby
De
tac
h
Waiting to join a piconet

l
Inquire
Connecting
States
Discover radios
l
Page
Active
States
Page
Transmit
data
AMA
Ttypical=0.6s
Connected
AMA
Connected
Ttypical=2 ms
Active on a piconet
l
Inquiry
Ttypical=10.25s
Connect to a specific radio

l
Standby
Park/Hold/Sniff
Low Power connected states
Low Power
States
Releases
AMA
Address
PARK
PMA
Ttypical=2 ms
SNIFF
HOLD
AMA
38
HOLD MODE
ACL
ACL
ACL
ACL
ACL
ACL
ACL
MASTER
LOST
SLAVE 1
HOLD INTERVAL
SLAVE 2
39
SNIFF MODE
ACL
ACL
ACL
MASTER
LOST
SLAVE 1
SNIFF INTERVAL
SLAVE 2
40
PARK MODE
active slave
master
parked slaves
l BEACON
l PM_ADDR
41
PARK MODE
PARK INTERVAL
BC
ACL
ACL
BC
MASTER
SLAVE X
SLAVE 2
SLAVE Y
42
SCATTERNET
slave 3
slave 1
slave 6
master A
slave 4 / master B
slave 5
slave 2
43
BASEBAND OPERATIONS
SECURITY
44
SECURITY COMPONENTS
Authentication
Payload encryption
Key handling
45
AUTHENTICATION
l
To verify claimed identity
Challenge-response system
Algorithm E1:
l Input: RAND (128 bit), Claimant addr. (48 bit),
link key (128)
SRES (32 bit), ACO (96 bit)
l Output:
One-sided or mutual authentication

ACO = Authenticated Ciphering Offset
46
ENCRYPTION
l
To prevent (un)intentional eavesdropping
Stream ciphering
Algorithm E0:
l Input: RAND (128 bit), master addr./clock,
Kc (128 bit)
l Output: cipher stream
LFSR restart for every slot
Encryption of payload only
Point-to-point or point-to-multipoint
47
KEY TYPES
Link
Linkkeys
keys
Encryption
Encryption key
key
Temporary
Temporary
Master
Master
Key
Key
Semi-permanent
Semi-permanent
Unit
Unit
Key
Key
Combination
Combination
Key
Key
Initialization
Initialization
Key
Key
48
RADIO/BB SUMMARY
l Frequency hopping radio at 2.4 GHz
l Intrinsic support for voice and data
l Maximum 723 Kbps MAC throughput
l Low power modes
l Point-to-multipoint configuration
l Support of basic security mechanisms
49
SOFTWARE STACK
50
Outline
l
l
l
l
Software scope and goals

Protocol Review
Profile Review
Summary
51
Software Architecture
Applications
SDP
RFCOMM
Cover This
Co
ntro
l
TCS
Data
L2CAP
Audio
Link Manager
LMP
LMP
Baseband
RF
52
Software Architecture Goals

l
l
l
Support the target usage models

Support a variety of hardware platforms
Protocol reuse
Avoid duplicating existing technology
Promote better harmonization across technologies
Good out of box user experience

Interoperability
53
Outline
l
l
l
l
Software goals
Protocol Review
Profile Review
Summary
54
Bluetooth Protocol Stack

Still Image
HID
Service Discovery
WAE
vCard/vCal*
WAP*
OBEX*
TCP/UDP
Audio
Printing
RFCOMM
IP
TCS
L2CAP
Host Controller Interface

*Third-party marks and brands are the property of their respective owners.
55
HCI
Bluetooth Host
Host Drives and Applications
Host Controller
Interface (HCI)
provides a common
interface between
the Bluetooth Host
and the Bluetooth
Module
HCI
Bluetooth HCI driver

Bluetooth HCI Transport driver
(USB*, PC Card*, PCI*)
Transport Bus
HCI Transport Firmware
Bluetooth Host Controller

Link Manager
Bluetooth Baseband
*Third-party marks and brands are the property of
their respective owners.
Bluetooth Radio
Bluetooth Module
56
Link Layer Control and

Adaptation Protocol
l
l
l
Also known as L2CAP

Basic data link layer protocol over Baseband
Support for:
Protocol Multiplexing
Segmentation and Reassembly (SAR)
Quality of Service
Groups
57
L2CAP Architecture
l
Connection-oriented
Channel identifier (CID) used to label each connection
endpoint
Channels may be uni-directional or bi-directional
QoS flow specification assigned to each channel direction
Connectionless
Supports group abstraction
58
L2CAP Channels
Connection-Oriented Data Channel
Connectionless Data Channel
CID
Device #1
CID
CID
CID
CID
L2CAP
CID
L2CAP
CID
L2CAP Signalling Channel
L2CAP
Device #2
CID
CID
L2CAP
L2CAP
Device #3
Device #4
59
Service Discovery Protocol

l
Bluetooth SDP enables Bluetooth devices to

discover the characteristics and capabilities of
other Bluetooth devices within RF proximity
Within Bluetooth SDP, a service is:

any information, resource, or facility that is provided by (or
through) one Bluetooth device that is advertised as
available to nearby Bluetooth devices
Bluetooth SDP does not provide a general

purpose service access/usage mechanism; SDP
only enables discovery of services
60
Service Discovery
l
Two parts
Service record format
Information about service provided by attributes
Attributes composed of an ID and a value
Ids may be universally unique identifiers (UUID)
Session protocol for enabling discovery
Searching for and browsing services
61
Typical SDP Client/Server

Interactions
Server
Client
ServiceSearchRequest(SearchPattern)
ServiceSearchResponse(ServiceRecordHandleList)
ServiceAttributeRequest(ServiceRecordHandle,
AttributeIDList)
ServiceAttributeResponse(AttributeList)
62
SDP Scope
l
Many Service Discovery Protocols

Service Location Protocol (SLP), Jini*, Universal Plug and
Play (UPnP*), etc.
Bluetooth SDP focuses on service discovery

within Bluetooth environment
SDP does not compete with other technologies.
SDP compliments them by enabling their use in

Bluetooth environments
63
RFCOMM
l
Supports a large base of legacy applications

using the serial port as the primary
communications mechanism.
Reuse GSM TS 07.10 as an existing standard for
multiplexing a single physical channel and V.24
emulation.
Designed to allow multiple ports over a single
physical channel between a PC and a GSM
handset
64
TCS Protocol
l Telephony
Control Protocol Specification
Group management
Call Control
Gateway may serve more
Call setup and release
cordless devices
Symmetrical derivative of
Distributes group information
Q.931
65
TCS Impact
l
Cordless Telephony Example

Phone moves into range of voice access point and
establishes link
Phone link placed into a low power state
Incoming call is broadcast to all phones
On answer, a voice (SCO) link is setup
Intercom
Supports direct phone-to-phone communication
66
Reuse and Recycle

l
Desire to reuse IrDA* applications on mobile

phones and PCs
Decision to merge with IrDAs OBEX (Object Exchange)
protocol on top of RFCOMM or TCP.
Enables harmonized API across PAN technologies
Interaction with applications on phones

Handset manufacturers have agreed on an application
framework called WAP*.
Bluetooth is treated as a WAP bearer in a manner similar
to GSM.
Reuse browser interface on mobile phone.
67
Outline
l
l
l
l
Software goals
Protocol Review
Profile Review
Summary
68
Interoperability and Profiles

l
Protocols define the communication language

spoken between devices
How do you avoid the Tower of Babel problem?
Solution: Mandate the language spoken for a

given usage model
69
Profiles
l
l
l
l
Represents the default solution for a specific

usage model
Vertical slice through the protocol stack
Basis for interoperability and logo requirements
Each Bluetooth device supports one or more
profiles
70
Protocols and Profiles
Relationship
between
Protocols
and Profiles
Protocols
Applications
Profiles
71
Profiles in the Bluetooth

Specification 1.1
Generic Access Profile
TCS-BIN-based Profiles
Service Discovery
Application Profile
Cordless Phone
Profile
Intercom Profile
Serial Port Profile

Dial-up Networking
Profile
Fax Profile
Headset Profile
LAN Access Profile
Generic Object Exchange

Profile
File Transfer
Profile
Object Push Profile
Synchronization
Profile
72
Example: Dialup Networking

Profile
PPP
AT Commands
RFCOMM
L2CAP
LMP
ACL
SCO
Bluetooth Baseband
73
Software Summary
l Protocols
l Profiles
l Existing
defined for communication
defined to promote interoperability

protocols used where possible
74

(Jon Inouye) Introduction To Bluetooth™ Wireless PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

(Jon Inouye) Introduction To Bluetooth™ Wireless PDF

Uploaded by

Copyright:

Available Formats

Introduction to Bluetooth

*Third-party marks and brands are the property of

IEEE Oregon Section Bluetooth Seminar April 27, 2001

TCP/IP HID RFCOMM

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

RADIO PARAMETERS (1)

RADIO PARAMETERS (2)

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

l Radio wanting to be discovered

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

l Active Member Address (AM_ADDR)

l Parked Member Address (PM_ADDR)

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

access code packet header

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

ACCESS CODE TYPES

access code (DAC)

access code (CAC)

access code (IAC)

IEEE Oregon Section Bluetooth Seminar April 27, 2001

header error check

IEEE Oregon Section Bluetooth Seminar April 27, 2001

PHYSICAL LINK DEFINITION

IEEE Oregon Section Bluetooth Seminar April 27, 2001

PHYSICAL LINK TYPES

l Asynchronous Connection-Less (ACL) Link

IEEE Oregon Section Bluetooth Seminar April 27, 2001

MIXED LINK EXAMPLE

IEEE Oregon Section Bluetooth Seminar April 27, 2001

SCO link ACL link

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

DATA RATES (kb/s)

IEEE Oregon Section Bluetooth Seminar April 27, 2001

LINK CONTROL PACKETS

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

l Automatic Retransmission Query (ARQ)

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

CVSD WAVEFORM CODING

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

SIMPLIFIED STATE MACHINE

Waiting to join a piconet

Connect to a specific radio

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

IEEE Oregon Section Bluetooth Seminar April 27, 2001

(USB, PC Card, PCI*)