University Institute of Engineering

DEPARTMENT OF COMPUTER SCIENCE

& ENGINEERING
Bachelor of Engineering (Computer Science & Engineering)
Subject Name : Foundation Course in Wireless and Mobile
Communication
Subject Code: ECO-455
Topic: Lecture-3.3.1
Lecture- Prepared by: Naveen Chander

DISCOVER . LEARN . EMPOWER

 What is Bluetooth?
Applications

TCP/IP HID RFCOMM Application Framework

and Support

ol
Data Host Controller

ntr
Co
Interface

L2CAP Link Manager and

Audio
Link Manager LMP L2CAP

Baseband
Radio & Baseband
RF
Latest Version on
• A hardware description Bluetooth Website:
• An application framework www.Bluetooth.com
 What is Bluetooth?
Software
Applications

TCP/IP HID RFCOMM

ol
Data

ntr
Co
L2CAP
Audio
Link Manager LMP

Baseband

RF

• A hardware description
Modules
• An application framework
 Testing to Specification
Applications Application Framework Certification

TCP/IP HID RFCOMM

ol
Data

ntr
Co
L2CAP
Audio
Link Manager LMP Basic Layer Certification

Baseband

RF

• Bluetooth devices will be tested against the specification

• Bluetooth Qualified Test Facilities (BQTF)
Bluetooth Core Specifications
• A: Radio
• B: Baseband
• C: Link Manager
• D: Logical Link Control
• E: Service Discovery
• F: RFCOMM, IrDA, Telephony, WAP
• H: Host Controllers, USB, Serial, UART
• I: Compliance: Test modes, Test control interfaces
Bluetooth RF Specifications
Specified for low cost, single chip implementation
• Noise floor margin for substrate noise and low current Low
Noise Amplifier (LNA)
• Linearity set by near-far problem
• In-band image allows low-cost low IF
• VCO phase noise enables integrated VCO
• TX-RX turn around time enables single synthesizer
• 2.4 ISM band chosen for global use and process capabilities

Sensitivity traded for low cost integration of

transceiver and baseband
 Basic Baseband Protocol
Frame Frame
fk fk+1 fk fk+1

One
Master Slot Three Slot Packet
Packet Master

One
Slave Slot
Packet Slav
One
Slot
Packet
e
625 us
625 us
One Slot
One Slot

• Spread spectrum frequency hopping radio

• 79 or 23* one MHz channels (*country dependent)
• Hops every packet
• Packets are 1, 3, or 5 slots long
• Frame consists of two packets
• Transmit followed by receive
• Nominally hops at 1600 times a second (1 slot packets)
 Network Topology
• Radio Designation
• Connected radios can be master or slave
• Radios are symmetric (same radio can be master or slave)
• Piconet
• Master can connect to 7 simultaneous or 200+ active slaves per piconet
• Each piconet has maximum capacity (1 MSPS)
• Unique hopping pattern/ID
• Scatternet
• High capacity system
• Minimal impact with S
up to 10 piconets
within range P
M M
• Radios can
share piconets! sb P

S
sb
P S S
 The
ID dPiconet IDa
ID d

ID a D ID a P

A M
ID e
ID e
sb
E
ID a
ID b B ID b S IDa
ID c C ID c S

• All devices in a piconet hop together

• In forming a piconet, master gives slaves its clock and device ID
• Hopping pattern determined by device ID (48-bit) ID a
• Phase in hopping pattern determined by Clock
• Non-piconet devices are in standby sb

• Piconet Addressing M or S

• Active Member Address (AMA, 3-bits)

• Parked Member Address (PMA, 8-bits) P
 Functional Overview
• Standby
Unconnected
• Waiting to join a piconet Standby
Standby

• Inquire

t
• Ask about radios to connect

ec
nn
to

co
Ttypical=2s

D is
• Page Connecting Inquiry Page
• Connect to a States
specific radio
Ttypical=0.6s
• Connected Transmit
• Actively on a piconet Active data
Connected
AMA
(master or slave) States AMA

• Park/Hold/Sniff Ttypical=2 ms Ttypical=2 ms Ttypical=2 ms

• Low Power
connected states
Releases PARK SNIFF HOLD
Low Power AMA
PMA AMA AMA
States Address
 Packet Types/Data Rates
Packet Types Data Rates (Kbps)
SEGMENT SCO link ACL link symmetric
TYPE TYPE asymmetric

0000 NULL NULL DM1 108.8 108.8 108.8

0001 POLL POLL
1
0010 FHS FHS DH1 172.8 172.8 172.8
0011 DM1 DM1
DM3 256.0 384.0 54.4
0100 DH1
0101 HV1 DH3 384.0 576.0 86.4
0110 HV2
2
0111 HV3 DM5 286.7 477.8 36.3
1000 DV
1001 AUX1 DH5 432.6 721.0 57.6
1010 DM3
1011 DH3
3
1100
1101
1110 DM5
4
1111 DH5

• ASL –Packet like behavior

• SCO – Circuit like behavior
 Mobile = Battery Life
• Low power consumption*
• Standby current < 0.3 mA
• Þ 3 months
• Voice mode 8-30 mA
• Þ 75 hours
• Data mode average 5 mA
• (0.3-30mA, 20 kbit/s, 25%)
• Þ 120 hours
• Low Power Architecture
• Programmable data length (else radio sleeps)
• Hold and Park modes 60 µA
• Devices connected but not participating
• Hold retains AMA address, Park releases AMA, gets PMA address
• Device can participate within 2 ms
• *Estimates calculated with 600 mAh battery and internal amplifier, power
will vary with implementation
 Error Handling
72b 54b 0-2745b

access code header payload

• Forward-error correction (FEC)

• headers are protected with 1/3 rate FEC and HEC
• payloads may be FEC protected
• 1/3 rate: simple bit repetition (SCO packets only)
• 2/3 rate: (10,15) shortened Hamming code
• 3/3 rate: no FEC
• ARQ (ACL packets only)
• 16-bit CRC (CRC-CCITT) & 1-bit ACK/NACK
• 1-bit sequence number

®
Bluetooth Security Model
 Bluetooth Security Features
• Fast Frequency Hopping (79 channels)
• Low Transmit Power (range <= 10m)
• Authentication of remote device
• Based on link key (128 Bit)
• May be performed in both directions
• Encryption of payload data
• Stream cipher algorithm ( 128 Bit)
• Affects all traffic on a link
• Initialization
• PIN entry by user
 Application Level Security
• Builds on-top of link-level security
• Creates trusted device groups
• Security levels for services
• Authorization required
• Authentication required
• Encryption required
• Different or higher security requirements could
be added:
• Personal authentication
• Higher security level
• Public key
 Bluetooth Is Global
• One version for the world
• Architecture compliant with global
emission rules
(2.4 GHz ISM band)
• Working through FCC, EC,
MPT for spectrum, and
power harmonization
• Architecture compliant and safe for
use on airlines
• Working with FAA, JAA, FCC, airplane
manufacturers, and airlines
• Reviewing security architecture with
affected countries
Bluetooth Radio Modules
• Complete radio on a module
• Designed to meet “Limited Module Compliance”
(LMA) requirements
• Pre-certified to meet global regulatory requirements
• Allows devices assembled with modules to be “self-certified”
• USB Interface
• Solder-ball connections
• External Antennae

Compact
FLASH
Card

25 mm dia 17x33mm 36x43mm

 Bluetooth Protocols
WAE vCard/vCal Audio

Still Image Printing

WAP OBEX

HID TCP/UDP RFCOMM

Service Discovery IP TCS

L2CAP

Host Controller Interface

- Bluetooth Specific - Reused Spec - Modified

 Bluetooth protocols
• Host Controller Interface (HCI)
• provides a common interface between the Bluetooth
host and a Bluetooth module
• Interfaces in spec 1.0: USB; UART; RS-232
• Link Layer Control & Adaptation (L2CAP)
• A simple data link protocol over baseband
• connection-oriented & connectionless
• protocol multiplexing
• segmentation & reassembly
• QoS flow specification per connection (channel)
• group abstraction
 Bluetooth protocols
• Service Discovery Protocol (SDP)
• Defines a service record format
• Information about services provided by attributes
• Attributes composed of an ID (name) and a value
• IDs may be universally unique identifiers (UUIDs)
• Defines a inquire/response protocol for discovering services
• Searching for and browsing services
 Bluetooth protocols
• RFCOMM (based on GSM TS 07.10)
• emulates a serial-port to support a large base of legacy
(serial-port-based) applications
• allows multiple “ports” over a single physical channel
between two devices
• Telephony Control Protocol Spec (TCS)
• call control (setup & release)
• group management for gateway serving multiple devices
• Legacy protocol reuse
• Re-use existing protocols, e.g., IrDA’s OBEX, or WAP for
interacting with applications on phones