650 likes | 662 Views
CSE 4215/5431: Mobile Communications Winter 2011. Suprakash D at ta datta@cs.yorku.ca Office: CSEB 3043 Phone: 416-736-2100 ext 77875 Course page: http://www.cs.yorku.ca/course/4215 Some slides are adapted from the book website. Today. Wrap up 802.11 Bluetooth Introduction (Ch 7.5).
E N D
CSE 4215/5431:Mobile Communications Winter 2011 Suprakash Datta datta@cs.yorku.ca Office: CSEB 3043 Phone: 416-736-2100 ext 77875 Course page: http://www.cs.yorku.ca/course/4215 Some slides are adapted from the book website CSE 4215, Winter 2010
Today • Wrap up 802.11 • Bluetooth Introduction (Ch 7.5) CSE 4215, Winter 2010
Bluetooth Basic idea Universal radio interface for ad-hoc wireless connectivity Interconnecting computer and peripherals, handheld devices, PDAs, cell phones – replacement of IrDA Embedded in other devices, goal: 5€/device (already < 1€) One of the first modules (Ericsson). CSE 4215, Winter 2010
Bluetooth - contd • Available globally for unlicensed users • Devices within 10 m can share up to 720 kbps of capacity • Supports open-ended list of applications • Data, audio, graphics, video CSE 4215, Winter 2010
Applications • Data and voice access points • Real-time voice and data transmissions • Cable replacement • Eliminates need for numerous cable attachments for connection • Ad hoc networking • Device with Bluetooth radio can establish connection with another when in range CSE 4215, Winter 2010
Bluetooth - history • History • 1994: Ericsson (Mattison/Haartsen), “MC-link” project • Renaming of the project: Bluetooth according to Harald “Blåtand” Gormsen [son of Gorm], King of Denmark in the 10th century • 1998: foundation of Bluetooth SIG, www.bluetooth.org • 2001: first consumer products for mass market, spec. version 1.1 released • 2005: 5 million chips/week • Special Interest Group • Original founding members: Ericsson, Intel, IBM, Nokia, Toshiba • Added promoters: 3Com, Agere (was: Lucent), Microsoft, Motorola • > 10000 members • Common specification and certification of products CSE 4215, Winter 2010
History and hi-tech… 1999: Ericsson mobile communications AB reste denna sten till minne av Harald Blåtand, som fick ge sitt namn åt en ny teknologi för trådlös, mobil kommunikation. CSE 4215, Winter 2010
…and the real rune stone Located in Jelling, Denmark, erected by King Harald “Blåtand” in memory of his parents. The stone has three sides – one side showing a picture of Christ. Inscription: "Harald king executes these sepulchral monuments after Gorm, his father and Thyra, his mother. The Harald who won the whole of Denmark and Norway and turned the Danes to Christianity." This could be the “original” colors of the stone. Inscription: “auk tani karthi kristna” (and made the Danes Christians) Blåtand means “of dark complexion” (not having a blue tooth…) CSE 4215, Winter 2010
Characteristics 2.4 GHz ISM band, 79 (23) RF channels, 1 MHz carrier spacing Channel 0: 2402 MHz … channel 78: 2480 MHz G-FSK modulation, 1-100 mW transmit power FHSS and TDD Frequency hopping with 1600 hops/s Hopping sequence in a pseudo random fashion, determined by a master Time division duplex for send/receive separation Voice link – SCO (Synchronous Connection Oriented) FEC (forward error correction), no retransmission, 64 kbit/s duplex, point-to-point, circuit switched Data link – ACL (Asynchronous Connection Less) Asynchronous, fast acknowledge, point-to-multipoint, up to 433.9 kbit/s symmetric or 723.2/57.6 kbit/s asymmetric, packet switched Topology Overlapping piconets (stars) forming a scatternet CSE 4215, Winter 2010
Standards Documents • Core specifications • Details of various layers of Bluetooth protocol architecture • Profile specifications • Use of Bluetooth technology to support various applications CSE 4215, Winter 2010
Protocol Architecture • Bluetooth is a layered protocol architecture • Core protocols • Cable replacement and telephony control protocols • Adopted protocols • Core protocols • Radio • Baseband • Link manager protocol (LMP) • Logical link control and adaptation protocol (L2CAP) • Service discovery protocol (SDP) CSE 4215, Winter 2010
Protocol Architecture • Cable replacement protocol • RFCOMM • Telephony control protocol • Telephony control specification – binary (TCS BIN) • Adopted protocols • PPP • TCP/UDP/IP • OBEX • WAE/WAP CSE 4215, Winter 2010
Usage Models • File transfer • Internet bridge • LAN access • Synchronization • Three-in-one phone • Headset CSE 4215, Winter 2010
Piconets and Scatternets • Piconet • Basic unit of Bluetooth networking • Master and one to seven slave devices • Master determines channel and phase • Scatternet • Device in one piconet may exist as master or slave in another piconet • Allows many devices to share same area • Makes efficient use of bandwidth CSE 4215, Winter 2010
Piconet Collection of devices connected in an ad hoc fashion One unit acts as master and the others as slaves for the lifetime of the piconet Master determines hopping pattern, slaves have to synchronize Each piconet has a unique hopping pattern Participation in a piconet = synchronization to hopping sequence Each piconet has one master and up to 7 simultaneous slaves (> 200 could be parked) P S S M P SB S P SB P=Parked SB=Standby M=Master S=Slave CSE 4215, Winter 2010
Forming a piconet All devices in a piconet hop together Master gives slaves its clock and device ID Hopping pattern: determined by device ID (48 bit, unique worldwide) Phase in hopping pattern determined by clock Addressing Active Member Address (AMA, 3 bit) Parked Member Address (PMA, 8 bit) P S SB SB S M P SB SB SB SB S SB P SB SB SB SB CSE 4215, Winter 2010
Radio Specification • Classes of transmitters • Class 1: Outputs 100 mW for maximum range • Power control mandatory • Provides greatest distance • Class 2: Outputs 2.4 mW at maximum • Power control optional • Class 3: Nominal output is 1 mW • Lowest power CSE 4215, Winter 2010
Frequency Hopping in Bluetooth • Provides resistance to interference and multipath effects • Provides a form of multiple access among co-located devices in different piconets CSE 4215, Winter 2010
Frequency Hopping • Total bandwidth divided into 1MHz physical channels • FH occurs by jumping from one channel to another in pseudorandom sequence • Hopping sequence shared with all devices on piconet • Piconet access: • Bluetooth devices use time division duplex (TDD) • Access technique is TDMA • FH-TDD-TDMA CSE 4215, Winter 2010
Frequency selection during data transmission 625µs fk fk+1 fk+2 fk+3 fk+4 fk+5 fk+6 M S M S M S M t fk fk+3 fk+4 fk+5 fk+6 M S M S M t fk fk+1 fk+6 M S M t CSE 4215, Winter 2010
Physical Links between Master and Slave • Synchronous connection oriented (SCO) • Allocates fixed bandwidth between point-to-point connection of master and slave • Master maintains link using reserved slots • Master can support three simultaneous links • Asynchronous connectionless (ACL) • Point-to-multipoint link between master and all slaves • Only single ACL link can exist CSE 4215, Winter 2010
Scatternet Linking of multiple co-located piconets through the sharing of common master or slave devices Devices can be slave in one piconet and master of another Communication between piconets Devices jumping back and forth between the piconets Piconets (each with a capacity of 720 kbit/s) P S S S P P M M SB S M=Master S=Slave P=Parked SB=Standby P SB SB S CSE 4215, Winter 2010
Bluetooth protocol stack audio apps. NW apps. vCal/vCard telephony apps. mgmnt. apps. TCP/UDP OBEX AT modem commands TCS BIN SDP Control IP BNEP PPP Audio RFCOMM (serial line interface) Logical Link Control and Adaptation Protocol (L2CAP) Host Controller Interface Link Manager Baseband Radio AT: attention sequence OBEX: object exchange TCS BIN: telephony control protocol specification – binary BNEP: Bluetooth network encapsulation protocol SDP: service discovery protocol RFCOMM: radio frequency comm. CSE 4215, Winter 2010
Bluetooth Packet Fields • Access code – used for timing synchronization, offset compensation, paging, and inquiry • Header – used to identify packet type and carry protocol control information • Payload – contains user voice or data and payload header, if present CSE 4215, Winter 2010
Types of Access Codes • Channel access code (CAC) – identifies a piconet • Device access code (DAC) – used for paging and subsequent responses • Inquiry access code (IAC) – used for inquiry purposes CSE 4215, Winter 2010
Access Code • Preamble – used for DC compensation • 0101 if LSB of sync word is 0 • 1010 if LSB of synch word is 1 • Sync word – 64-bits, derived from: • 7-bit Barker sequence • Lower address part (LAP) • Pseudonoise (PN) sequence • Trailer • 0101 if MSB of sync word is 1 • 1010 if MSB of sync word is 0 CSE 4215, Winter 2010
Packet Header Fields • AM_ADDR – contains “active mode” address of one of the slaves • Type – identifies type of packet • Flow – 1-bit flow control • ARQN – 1-bit acknowledgment • SEQN – 1-bit sequential numbering schemes • Header error control (HEC) – 8-bit error detection code CSE 4215, Winter 2010
Payload Format • Payload header • L_CH field – identifies logical channel • Flow field – used to control flow at L2CAP level • Length field – number of bytes of data • Payload body – contains user data • CRC – 16-bit CRC code CSE 4215, Winter 2010
Baseband link types Polling-based TDD packet transmission 625µs slots, master polls slaves SCO (Synchronous Connection Oriented) – Voice Periodic single slot packet assignment, 64 kbit/s full-duplex, point-to-point ACL (Asynchronous ConnectionLess) – Data Variable packet size (1, 3, 5 slots), asymmetric bandwidth, point-to-multipoint SCO ACL SCO ACL SCO ACL SCO ACL MASTER f14 f0 f6 f12 f18 f8 f4 f20 SLAVE 1 f1 f7 f13 f19 f9 SLAVE 2 f17 f5 f21 CSE 4215, Winter 2010
Error Correction Schemes • 1/3 rate FEC (forward error correction) • Used on 18-bit packet header, voice field in HV1 packet • 2/3 rate FEC • Used in DM packets, data fields of DV packet, FHS packet and HV2 packet • ARQ • Used with DM and DH packets CSE 4215, Winter 2010
ARQ Scheme Elements • Error detection – destination detects errors, discards packets • Positive acknowledgment – destination returns positive acknowledgment • Retransmission after timeout – source retransmits if packet unacknowledged • Negative acknowledgment and retransmission – destination returns negative acknowledgement for packets with errors, source retransmits CSE 4215, Winter 2010
Robustness Slow frequency hopping with hopping patterns determined by a master Protection from interference on certain frequencies Separation from other piconets (FH-CDMA) Retransmission ACL only, very fast Forward Error Correction SCO and ACL Error in payload (not header!) NAK ACK A C C F H MASTER SLAVE 1 B D E SLAVE 2 G G CSE 4215, Winter 2010
Baseband states of a Bluetooth device standby unconnected inquiry page connecting detach transmit AMA connected AMA active park PMA hold AMA sniff AMA low power Standby: do nothing Inquire: search for other devices Page: connect to a specific device Connected: participate in a piconet Park: release AMA, get PMA Sniff: listen periodically, not each slot Hold: stop ACL, SCO still possible, possibly participate in another piconet CSE 4215, Winter 2010
Power consumption/CSR BlueCore2 Typical Average Current Consumption1 VDD=1.8V Temperature = 20°C Mode SCO connection HV3 (1s interval Sniff Mode) (Slave) 26.0 mA SCO connection HV3 (1s interval Sniff Mode) (Master) 26.0 mA SCO connection HV1 (Slave) 53.0 mA SCO connection HV1 (Master) 53.0 mA ACL data transfer 115.2kbps UART (Master) 15.5 mA ACL data transfer 720kbps USB (Slave) 53.0 mA ACL data transfer 720kbps USB (Master) 53.0 mA ACL connection, Sniff Mode 40ms interval, 38.4kbps UART 4.0 mA ACL connection, Sniff Mode 1.28s interval, 38.4kbps UART 0.5 mA Parked Slave, 1.28s beacon interval, 38.4kbps UART 0.6 mA Standby Mode (Connected to host, no RF activity) 47.0 µA Deep Sleep Mode2 20.0 µA Notes: 1 Current consumption is the sum of both BC212015A and the flash. 2 Current consumption is for the BC212015A device only. CSE 4215, Winter 2010
Example: Bluetooth/USB adapter CSE 4215, Winter 2010
SDP – Service Discovery Protocol Inquiry/response protocol for discovering services Searching for and browsing services in radio proximity Adapted to the highly dynamic environment Defines discovery only, not the usage of services Caching of discovered services Gradual discovery Service record format Information about services provided by attributes Attributes are composed of an 16 bit ID (name) and a value values may be derived from 128 bit Universally Unique Identifiers (UUID) CSE 4215, Winter 2010
Channel Control • States of operation of a piconet during link establishment and maintenance • Major states • Standby – default state • Connection – device connected CSE 4215, Winter 2010
Channel Control • Interim states for adding new slaves • Page – device issued a page (used by master) • Page scan – device is listening for a page • Master response – master receives a page response from slave • Slave response – slave responds to a page from master • Inquiry – device has issued an inquiry for identity of devices within range • Inquiry scan – device is listening for an inquiry • Inquiry response – device receives an inquiry response CSE 4215, Winter 2010
Inquiry Procedure • Potential master identifies devices in range that wish to participate • Transmits ID packet with inquiry access code (IAC) • Occurs in Inquiry state • Device receives inquiry • Enter Inquiry Response state • Returns FHS packet with address and timing information • Moves to page scan state CSE 4215, Winter 2010
Page Procedure • Master uses devices address to calculate a page frequency-hopping sequence • Master pages with ID packet and device access code (DAC) of specific slave • Slave responds with DAC ID packet • Master responds with its FHS packet • Slave confirms receipt with DAC ID • Slaves moves to Connection state CSE 4215, Winter 2010
Slave Connection States • Active – participates in piconet • Listens, transmits and receives packets • Sniff – only listens on specified slots • Hold – does not support ACL packets • Reduced power status • May still participate in SCO exchanges • Park – does not participate on piconet • Still retained as part of piconet CSE 4215, Winter 2010
Bluetooth Audio • Voice encoding schemes: • Pulse code modulation (PCM) • Continuously variable slope delta (CVSD) modulation • Choice of scheme made by link manager • Negotiates most appropriate scheme for application CSE 4215, Winter 2010
Bluetooth Link Security • Elements: • Authentication – verify claimed identity • Encryption – privacy • Key management and usage • Security algorithm parameters: • Unit address • Secret authentication key • Secret privacy key • Random number CSE 4215, Winter 2010
Security User input (initialization) PIN (1-16 byte) PIN (1-16 byte) Pairing Authentication key generation (possibly permanent storage) E2 E2 Authentication link key (128 bit) link key (128 bit) Encryption key generation (temporary storage) E3 E3 Encryption encryption key (128 bit) encryption key (128 bit) Keystream generator Keystream generator Ciphering payload key payload key Cipher data Data Data CSE 4215, Winter 2010
Link Manager Protocol PDUs • General response • Security Service • Authentication • Pairing • Change link key • Change current link key • Encryption CSE 4215, Winter 2010
LMP PDUs • Time/synchronization • Clock offset request • Slot offset information • Timing accuracy information request • Station capability • LMP version • Supported features CSE 4215, Winter 2010
LMP PDUs • Mode control • Switch master/slave role • Name request • Detach • Hold mode • Sniff mode • Park mode • Power control CSE 4215, Winter 2010
LMP PDUs • Mode control (cont.) • Channel quality-driven change between DM and DH • Quality of service • Control of multislot packets • Paging scheme • Link supervision CSE 4215, Winter 2010
L2CAP - Logical Link Control and Adaptation Protocol Simple data link protocol on top of baseband, with a number of services Protocol multiplexing RFCOMM, SDP, telephony control Segmentation & reassembly Up to 64kbyte user data, 16 bit CRC used from baseband QoS flow specification per channel Follows RFC 1363, specifies delay, jitter, bursts, bandwidth Group abstraction Create/close group, add/remove member CSE 4215, Winter 2010