BLE

The BLE protocol is commonly used but complex, so I decided to glance at its framework.

TBD: security, sniffer. course site

• Basic Concepts:

  • Protocol Stack

  • Host

    • L2CAP(Logical Link Control & Adaptaion Protocol): encapsulating service for upper layers
    • SMP(Security Manager Protocol): defines and provides secure communication
    • ATT(Attribute Protocol): pieces of data exposed to other devices
    • GATT(Generic Attribute Profile): sub-procedures for using the the ATT layer
    • GAP(Generic Access Profile): devices discovery and connection-related services

  • Controller:

    • PHY(Physical Layer): modulate datas onto the waves and receive data from waves
    • LL(Link Layer): manage the state(standby, advertising, scanning, initialing, connection) of the radio

  • Roles

    • Advertising & Scanning
    • Central & Peripheral
      The central scans the packets advertising by the peripherals and can initial a connection by sending a connection request.
      Peripheral generally use less power than central
    • Broadcast & Observer Broadcast & Listen advertisement without connection.

  • GATT

    • Server: store data and provide methods for client to access data.

    • Client: access data on the server

    • Attribute: a standard data representation format

    • The Generic Attribute Profile

    • GATT defined by the Bluetooth SIG(Special Interest Group)

  • Radio Modes

    • 1M PHY / 2M PHY: xMbps
    • coded PHY: S symbols represent 1 bit to achieve longer communication.
• Advertising
  • channels: 40 channels in BLE, 3 primary channels is mainly for advertisement and 37 secondary channels mainly used for data transfer after connecting.
  • Scan Interval & Scan Window(the time in each interval)
  • Scan Request & Response:
    • Request: sent by central to request extra information without adevertising
    • Response: respond to a scan request
  • Extended advertising: the primary advertisement channels are pointing to supplementary information that is being advertised on the secondary advertisement channel.
  • types:
    • connectable & non-connectable
    • scannable & non-scannable
    • directed & undirected
  • Address: a unique 48-bit address
    • Public address: pay and register with IEEE registration authority
    • Random address:
      • static or private
      • private: resolvable or non-resolvable
        resolvable: use a pre-shared key IRK(Identity Resolving Key) to generate and resolve the random address.
  • Packet Structure
    • PDU(Protocol Data Unit):
      • Advertising (channel) PDU
      • Data (channel) PDU
    • Advertisement PDU Header
      • RFU: Reserved for future use
      • ChSel: set to 1 if LE Channel Selection Algorithm #2 is supported
      • TxAdd: 0/1. transmitter address is public or random
      • RxAdd: 0/1. receiver address is public or random
      • Length: payload length
    • Advertisement PDU Payload
      • AdvA: Bluetooth address of the advertising device (48bits)
      • AdvData: data packet
• Connection
  • Disconnect: by application, by supervision timeout
  • Parameters:
    • Connection interval
      
    • Supervision timeout: successfully receiving the last packet before the connection is considered lost
    • Peripheral latency: allow skip waking up for a certain number of connection events if it doesn’t have any data to send
    • PHY radio modes: 1/2M, coded PHY
    • Data Length & MTU(Maximum Transfer Unit): MTU is the number of bytes that can be sent in one GATT operation. Data Length is the number of bytes can be sent in one BLE packet.
      • DLE(Data Length Extension): allow the data length increases from 27 bytes to 251 bytes to save time and power.
    • Update the connection parameters
      • connection interval, supervision timeout and peripheral latency: directed by the central, but the peripheral can request changes
      • PHY radio modes, data length and MTU: set to the default values when a connection is first established. Either device can request to update the parameters, the other device will then either its supported values or state it is not supported.
• Data Exchange in BLE
  • GATT operations
    • client-initiated: read, write, write without response
    • server-initiated: notify, indicate(an acknowledgement is required from client)
      Though the operations initiated by the server, the client is required to enable them first by subscribing the characteristic and enabling either notifications or indications.
  • ATT layer
    • Attributes
      • Handle: 16-bit unique index in the attribute table assigned by the stack
      • UUID: universally unique id tell the attribute type
        • First Type: SIG defined 16-bit UUID
        • Second Type: vendor-specific 128-bit UUID. Insert custom 16-bit IDs in the base UUID
      • Permission: sercurity level(encryption and authorization)
      • Value: the actual data or the information about other attributes
    • Services and Characteristics
      • Service
        • Service declaration attribute: starts a service
        • Characteristic definition attribute:
          • Characteristic declaration attribute: holds the metadata about the Characteristic value attribute
          • Characteristic value attribute: holds the actual user data
          • Characteristic descriptor attribute(optional): holds more metadata about the characteristics
            
          • CCCD(Client Characteristic Configuration Descriptor): writable for client to enable/disable server-initiated operations notify and indicate