Home CheatSheet - BLE
Post
Cancel

CheatSheet - BLE

Posted Jun 15, 2021 Updated Oct 4, 2023
By Adeesh Kale
6 min read

BLE (Bluetooth Low Energy)

  • 2 types of Bluetooth Communication are there
    • BR/EDR – Bluetooth Basic data Rate / Enhanced data Rate
    • BLE – Bluetooth Low Energy
  • LE Designed for lower power consumption, lower complexity and lower cost than Bluetooth BR/EDR
  • BLE Protocol stack

BLE Channels

  • Controller has the PHY and LL (Link Layer). This is made separate from Host because multiple host can use the same controller

  • Controller’s job is to take a packet and manage the medium access and physical transmission

  • Uses the 2.402 GHz to 2.480 GHz band. Has 40 channels of 2 MHz each:

BLE Channels

  • 37 channels (with index 0 till 36) are connection oriented channels
  • 3 channels (index 37, 38 and 39) are broadcast oriented channels
  • Uses Frequency Hopping Spread Spectrum carrier
  • PHY uses 2 data rates
    • 1M PHY has 3 types
      • Uncoded, so 1 Mbps is the data rate
      • S=2 Coded PHY, so 500 Kbps is data rate
      • S=8 Coded PHY, so 125 Kbps is data rate
    • 2M PHY
      • Only has uncoded, so 2 Mbps is data rate
  • Both FDMA and TDMA is used for Multiple access
    • 37 data channels participate in FDMA
    • Each channel is subdivided using TDMA into events
    • Each event, one device only is allowed to speak
  • 4 types of Events
    • Advertising event
    • Extended advertising event
    • Periodic advertising event
    • Connection event (where actual application payload is transmitted)

Advertising

  • Advertising happens on the broadcast channels
  • channels 37, 38 and 39 are for primary advertisement
  • connection oriented channels can be used for secondary advertisement

BLE Mesh

  • BLE Mesh stack:

BLE Mesh Stack

  • Uses the BLE layer up to GAP as the “PHY” Layer for Mesh
  • 2 types of bearers for bearer layer:
    • Advertising bearer which uses only the primary advertisement channels of BLE
    • GATT bearer which uses GATT connections for proxy support and legacy support
  • Network layer manages:
    • decryption on network PDU
    • decision whether to relay/transport
    • decision whether to pass this packet up to lower transport layer based on address
  • Lower transport layer manages:
    • Segmentation and Reassembly
  • Upper transport layer manages:
    • app layer encryption decryption
    • message integrity
  • Access layer manages:
    • Binding of keys and models
    • controling of encryption/decryption at upper transport layer
    • forwarding the correct packet to correct element
  • Model layer manages:
    • definitions of messages, states and models to build and maintain the mesh network
  • BLE mesh uses a managed flooding approach instead of routing
    • Routing requires more code and memory to maintain and manage routes, neighbour tables and routing tables
    • In flooding approach, each device rebroadcasts a packet that is not meant for itself
    • To control flooding, 2 things are required
      • Network Message Cache – Table to remember and discard recently received messages to avoid infinite loops
      • TTL value in network PDU is used as a hop counter. With each hop TTL is decreased. If TTL is 0, message won’t be rebroadcasted. Max TTL value is 126
  • There are 2 security keys, network key and app key. Since BLE Mesh is a prodcast network, the definition of a network is not through physical channels but through encryption.
  • A network is defined by its netkey. All nodes in the same network share the same netkey. This is the network layer key required to decrypt the network PDU.
  • The provisioner creates the netkey and appkey.

Key terminologies and definitions

  • Network – Network in a BLE Mesh means collection of all devices which share the following four resources:
    • Network Key – Used to secure the network payload and define the network
    • App Key – Used to secure the access payload and provide extra security
    • Network Address - For addressing at network layer
    • IV Index - Used for encryption as well as to extend network life
  • Provisioner – Special device with Network Address 0 that provisions a new node into the network and provides it a unique unicast address
  • Configuration Client model – Model responsible for assigning and maining the remaining network resources to any device.
    • It has the capability to modify the configuration of a mesh node.
    • It binds network key and app key to models on another device that implements configuration server
    • It also knows the device key used to distribute changed network and app keys later.
  • Device – Devices can be of two types
    • Unprovisioned device – Doesn’t have the network resources. Advertises its presence to a provisioner who can decide whether to accept this device.
    • Node (Provisioned Device) – Is part of at least one network. Any node can be part of more than 1 networks. Nodes might implement 3 additional features
      • Relay node
      • Friend node
      • Low power node

Network topology

blemesh nwk topology

  • Message – Example of Mesh message payload (unsegmented access message total = 29 bytes):
Network header Lower Transport header Access Header User data Upper Transport Layer Footer
13 bytes 1 byte 1 or 3 bytes 10 or 8 bytes 4 bytes

  • Application layer can transmit at most 10 bytes using SIG models and 8 bytes using custom vendor models per packet. This is mentioned clearly in section 2.3.3 of Mesh Profile

  • Network PDU

IVI NID CTL TTL SEQ SRC DST Transport PDU NetMIC
1 bit 7 bit 1 bit 7 bit 24 bit 16 bit 16 bit upto 128 bit 32 or 64 bit
  • Network layer continued
    • SRC and DST are the network address fields. Each element has exactly one Unicast address assigned to it during provisioning. The valid range of unicast addresses is 1 to 32767. This means total number of nodes in a mesh network can be 32767
    • SEQ number increments with each packet sent out of this node.
    • SRC is the unicast address of the node that sent this packet
    • DST is the destination address, it can be either a unicast or group or virtual address
    • Addresses are of 5 types
      • 0 is the unassigned address
      • 0x0001 – 0x7FFF are unicast addresses (total = 32767)
      • 0x8000 – 0xBFFF are virtual addresses (total = 16383)
      • 0xC000 – 0xFEFF are group addresses (total = 16127)
      • 0xFF00 – 0xFFFF are reserved group addresses (total = 256)
  • LPN (Low Power Node) and Friend Node
    • Battery powered nodes
    • Sleep, therefore need to be managed. Require a Friend node
    • Friend Node is AC powered. It buffers messages for the LPN it is friend of
    • LPN should wake up every PollTimeout seconds and poll the friend for any packets that are buffered for it. Min = 1 sec, Max = 345,599 sec (Ref Table 3.27 of Mesh Profile)

In depth (To be done)

  • Provisioning
  • Segmentation and Reassembly
  • Security
  • Beacons
  • Proxy Feature
  • LPN and Friendship details

References

[1] Bluetooth.com overview

[2] Mathworks BLE waveform generation

[3] Mathworks BLE Stack

[4] BLE Mesh Profile

Interview-prep, BLE
This post is licensed under CC BY 4.0 by the author.
Recently Updated
Contents