PART 1)

Bluetooth?
 Logo

Hagall
Berkanan
 Origin
Develoed in 1994
Jaap Haartsen and Sven Mattison
Ericsson Mobile platform. Lund,
Sweden

In 1998
Ericsson, Nokia, IBM, Intel and Toshiba join
Special Interest Group (SIG)
 Name
• Bluetooth old version of Old
Norse Blatonn or Danish
Blatand.
• Tenth-century king Harald I
Baltand of Denmark
– United devided Danish tribes
into a single Kingdom.
 Versions
Version Data Rate Specification
Bluetooth 2.0 + Data transfer rate is 2.1
EDR 3 Mb/s Mb/s
    Lower power consumption
     
Bluetooth 2.1 +
EDR 3 Mb/s Extended inquiry response
    Sniff subbroting
    Encryption pause resume
    Secure simple paring
    NFC cooperation
 Short range wireless
   
Bluetooth 3.0 28 Mb/s Very fast
    High quality
     
 What is Bluetooth?
Applications
TCP/IP HID RFCOMM Application Framework
and Support

ol
Data

ntr
Host Controller

Co
Interface

L2CAP Link Manager and

Audio
Link Manager LMP L2CAP

Baseband
Radio & Baseband
RF

• A hardware description
• An application framework
 What is Bluetooth?
Software
Applications
TCP/IP HID RFCOMM

ol
Data

ntr
Co
L2CAP
Audio
Link Manager LMP
Baseband
RF

• A hardware description
Modules
• An application framework
 Specification
• FHSS-CDMA
• GFSK
– Chops up Data and transmits up to 79 frequency
(channels)
• Data rate at 1 Mb/s to 480Mb/s
– Unlicensed
– Secure
– Replacing short-range wireless application
• Frequency of 2.4 GHz
• Developed by Special Interest Group (SIG)
 Uses
• Low power Consumption
• Short range
– Class & Range
• 100m Class 1
• 10m Class 2
• 1m Class 3
• Low-cost transceiver microchip
• Transmits 720 kilobits per second
• Peripherals at distances up to 30 ft
 FHSS and DSSS Power Spectral Densities
t1 t0 t2

2.400 GHz 2.4835 GHz

FHSS Networks are Frequency Agile

2.400 GHz 2.4835 GHz

DSSS Networks typically use 3 fixed non-overlapping Channels
 Interference Model
625 sec BT Transmission slots

259 sec

1.94 dwell periods

1500 byte DSSS Hi Rate Packet

(1210 sec)
•The basic piconet physical channel is divided into time
slots, each 625 μs in length.

•The time slots are numbered according to the most

significant 27 bits of the Bluetooth clock CLK28-1 of the
piconet master.

•The slot numbering ranges from 0 to 227-1 and is

cyclic with a cycle length of 227. The time slot number
is denoted as k.
Collision Analysis for a Multi-
Bluetooth Picocells Environment
- byTing-Yu Lin and Yu-Chee Tseng
 Bluetooth RF Specifications

Specified for low cost, single chip implementation

– Noise floor margin for substrate noise and low
current LNA
– Linearity set by near-far problem
– In-band image allows low-cost low IF
– VCO phase noise enables integrated VCO
– TX-RX turn around time enables single synthesizer
– 2.4 ISM band chosen for global use and process
capabilities
 F ra m e F ra m e
fk

O ne
Basic Baseband Protocol
fk+1 fk fk+ 1

M a s te r S lo t
P acket
M a s te r T h r e e S lo t P a c k e t

O ne O ne
S la v e S lo t S la v e S lo t
Packet
P acket

625 us 625 us
O n e S lo t O n e S lo t

• Spread spectrum frequency hopping radio

– 79/23 one MHz channels
– Hops every packet
• Packets are 1, 3 or 5 slots long
– Frame consists of two packets
• Transmit followed by receive
– Nominally hops at 1600 times a second (1 slot packets)
• Radio Designation Network
– Connected radios can be master
Topology
or slave S

– Radios are symmetric (same radio M

P
M
can be master or slave)
sb P
• Piconet
– Master can connect to 7 S
simultaneous or 200+ active sb
P S S
slaves per piconet
– Each piconet has maximum
capacity (1 MSPS)
• Unique hopping pattern/ID
• Scatternet
– High capacity system
• Minimal impact with up to 10
piconets within range
– Radios can share piconets!
 The Piconet
ID d
IDa

ID d

ID a D ID a P

A M

ID e ID e
E sb
ID a
ID b B ID b S IDa
ID c C ID c S

• All devices in a piconet hop together

– In forming a piconet, master gives slaves its clock and device ID
ID a
• Hopping pattern determined by device ID (48-bit)
• Phase in hopping pattern determined by Clock
• Non-piconet devices are in standbys b
• Piconet Addressing M or S

– Active Member Address (AMA, 3-bits) P

– Parked Member Address (PMA, 8-bits)
 Functional Overview
U n c o n n e c te d
• Standby S ta n d b y
S ta n d b y

– Waiting to join a piconet

• Inquire
T t y p ic a l= 2 s
– Ask about radios to connect to
C o n n e c tin g I n q u ir y Page
• Page S ta te s

– Connect to a specific radio T t y p ic a l= 0 . 6 s

• Connected A c tiv e
T r a n s m it
d a ta
C o n n e c te d
AM A
– Actively on a piconet (master S ta te s AM A

or slave)
T t y p ic a l= 2 m s
T ty p ic a l= 2 m s
• Park/Hold
– Low Power connected states R e le a s e s PARK H O LD
Low Pow er AM A
PM A AM A
S ta te s A d d re s s
 fk f
Master
f’ f’
Pagingf
a slavef fm
k+1 k k+1 k+2 k+2

Master FH
ID a S
ID a
ID c ID c ID c ID c

fk+1
Slave
ID c

625 s
• Master pages slave (packet has slave ID) at slave page frequency (1 of 32)
– Master sends page train of 16 most likely frequencies in slave hop set
• Slave ID sent twice a transmit slot on slave page frequency
• Master listens twice at receive slot for a response
– If misses, master sends second train on remaining 16 frequencies
• Slave listens for 11 ms (page scan)
– If correlater triggers, slave wakes-up and relays packet at response frequency
– Master responds with FHS packet (provides master’s Device ID and Clock)
– Slave joins piconet
 Packet Types/Data Rates
Packet Types
Data Rates (Kbps)

SEGMENT TYPE SCO ACL

link link TYPE symmetri asymmetric
c
0000 NULL NULL
0001 POLL POLL DM1 108.8 108.8 108.8
1
0010 FHS FHS
0011 DM1 DM1 DH1 172.8 172.8 172.8
0100 DH1 DM3 256.0 384.0 54.4
0101 HV1
0110 HV2 DH3 384.0 576.0 86.4
2
0111 HV3
1000 DV DM5 286.7 477.8 36.3
1001 AUX1
1010 DM3 DH5 432.6 721.0 57.6
1011 DH3
3
1100
1101
1110 DM5
4
1111 DH5
 Mobile = Battery life
•Low power consumption*
– Standby current < 0.3 mA
3 months
– Voice mode 8-30 mA
75 hours
– Data mode average 5 mA
(0.3-30mA, 20 kbit/s, 25%)
 hours
•Low Power Architecture
– Programmable data length (else radio sleeps)
– Hold and Park modes 60 µA
• Devices connected but not participating
• Hold retains AMA address, Park releases AMA, gets PMA address
• Device can participate within 2 ms

* Estimates calculated with 600 mAh battery and internal amplifier, power will vary with implementation
 Bluetooth Security
• Provides link layer security between any two Bluetooth
radios
– Authentication (E1 algorithm)
• Challenge/Response system
– Encryption (privacy)
• Encrypts data between two devices
• Stream cipher with E0 algorithm
– Key management and usage
• Configurable Encryption key length (0-16 bytes)
– Government export regulations
– Radio negotiate key size
• Key generation with E2-E3 algorithms
– Authentication and Encryption keys
 Bluetooth Radio Modules
• Complete radio on a module
– Designed to meet “Limited Module Compliance” requirements
• Pre-certified to meet global regulatory requirements
• Allows devices assembled with modules to be “self-certified”
– USB or Serial Interface
– Solder-ball connections
– External Antennae

Com pact
FLASH
C a rd
P r o d u c tio n
M o d u le

25 mm dia 17x33mm 19x35mm 25x25mm 36x43mm

 The international 2.4 GHz ISM band
• Requirements
– Channel bandwidth limited to 1
MHz
– Spectrum spreading must be
employed
– Multiple uncoordinated networks
may exist and cause interference
– Microwave ovens also use this
band
– 2.4 GHz IC electronics must run at
high current levels
• Bluetooth solution
– 1 Mb/s symbol rate exploits
maximum channel bandwidth
– Fast frequency hopping and short
data packets avoids interference
– CVSD voice coding enables
operation at high bit error rates
– Air interface tailored to minimize
current consumption
– Relaxed link budget supports
low cost single chip
integration
 Bluetooth is global
• One version for the world
– Architecture compliant with global
emission rules (2.4 GHz ISM band)
• Working through FCC, EC, MPT for
spectrum and power harmonization
– Architecture compliant and safe for
use on airlines
• Working with FAA, JAA, FCC, airplane
manufacturers and airlines
– Reviewing security architecture with
affected countries
 Example Software Implementation
Still Image COMM
Bluetooth Speaker Networking
(User mode apps &
Adviser Phone Apps
driver) Obex user

• PC Windows* HID class

Streaming
RFCOMM
Network
kernel

Class Virtual Transport

example supporting driver
Driver
Still
COMM
Port
Protocols

Image Emulation
the Bluetooth usage HID Audio
Driver NDIS
miniport
NDIS
miniport
minidriver minidriver TS 07.10 (Access
model Points)
(PAN)

RF Bus Driver Interface

– WDM Driver
• Windows* 2000 RF Bus Driver (RFBD)
HCI Driver
• Windows 98*
USB Minidriver

MS USB Driver Stack PC Card driver

SW

HW
SYSTEM BUS

USB Interface & PC Card Interface &

Host Controller Host Controller

Bluetooth LM Bluetooth LM

Bluetooth Baseband Bluetooth Baseband

PART 2)
Facts & Trends
 Pairing
• SMS
• Setting up connection.
– Inquire for an access with other device
• Device name
• Device class
• List of services
• Technical information
• Only available to connect to one device
– Preventing for connect with other while being use
• Inquires for an address
– 48-bit address
• Not shown in inquires
• Other readable name set by user.
– Appear when being scan
 Pairing
• Legacy pairing
– Available for devices earlier than 2.1
• Limited input devices
– Hand free
• Numeric input devices
– Mobile phone
• Alpha-numeric input device
– PC, Smartphone
 Pairing
• Secure simple pairing
– Requirement of 2.1 or later version
• Justwork
– No user interaction required
– Headsets
• Numeric comparison
– Binary input(yes/no)
– 6-digits passkey
• Passkey entry
– Display and input key
• MITM
– Man In The Middle
 Health concern
•Bluetooth uses the microwave radio frequency
•Between 2.4 GHz and 2.4835 GHz
•Maximum power output are
•100 mW for Class 1
• 2.5 mW for Class 2
•1 mW for Class 3
•Same level power output as mobile phone for class 1
•Less dangerous for class 2 and 3
 Bluetooth and Hacking
• A2DPS

• Bluejacking

• Bluesnarfing

• Bluebugging
BLUETOOTH SPECIFICATION Version 3.0 + HS [Vol 0
Bluetooth Compliance Requirements
1 INTRODUCTION
The Bluetooth Qualification Program Reference Document (PRD) is the primary
reference document for the Bluetooth Qualification Program and defines
its requirements, functions, and policies. The PRD is available on the Bluetooth
Web site.
Passing the Bluetooth Qualification Process demonstrates a certain measure
of compliance and interoperability, but because products are not tested for
every aspect of this Bluetooth Specification, qualification does not guarantee
compliance. Passing the Bluetooth Qualification Process only satisfies one
condition of the license grant. The Member has the ultimate responsibility to
ensure that the qualified product complies with this Bluetooth Specification and
interoperates with other products.
TYPES OF BLUETOOTH PRODUCTS

Bluetooth Product – Any product containing an implementation of

Bluetooth wireless technology.
All Bluetooth Products shall be one of the following:

• Bluetooth End Product

• Bluetooth Host Subsystem Product
• Bluetooth Controller Subsystem Product
• Bluetooth Profile Subsystem Product
• Bluetooth Component Product
• Bluetooth Development Tool
• Bluetooth Test Equipment
Bluetooth End Product - An implementation of Bluetooth wireless technology that implements, at a
minimum, all mandatory requirements in Radio, Baseband, Link Manager, Logical Link Control and
Adaptation Protocol, Service Discovery Protocol and Generic Access Profile parts of the Specification.
Bluetooth Subsystem Product - An implementation of Bluetooth wireless technology
that implements only a portion of the Specification, in compliance with
such portion of the Specification, and in accordance with the mandatory
requirements as defined herein. Bluetooth Subsystem Products can be qualified
solely for distribution and the use of Bluetooth wireless technology in Bluetooth
Subsystem Products require such Bluetooth Subsystem Products to be
combined with a complementary Bluetooth End Product or one or more complementary
Bluetooth Subsystem Products such that the resulting combination
satisfies the requirements of a Bluetooth End Product. There are three types of
Bluetooth Subsystem Products as defined below:
• Bluetooth Host Subsystem Product – A Bluetooth Subsystem Product containing,
at a minimum, all the mandatory requirements defined in the Host
Controller Interface, Logical Link Control and Adaptation Protocol, Service
Discovery Protocol and Generic Access Profile parts of this Specification,
but none of the protocols below Host Controller Interface (HCI). In addition,
a Bluetooth Host Subsystem Product may contain, at a minimum, all the
mandatory requirements defined in one or more of the protocols and profiles
above HCI.
• Bluetooth Controller Subsystem Product – A Bluetooth Subsystem Product
containing, at a minimum, all the mandatory requirements defined by the
Bluetooth Radio, Baseband, Link Manager, HCI and optionally any of the
AMP Protocol Adaptation Layer parts of this Specification, but none of the
Protocols and Profiles above HCI.
• Bluetooth Profile Subsystem Product – A Bluetooth Subsystem Product containing,
at a minimum, all the mandatory requirements defined in one or
more of the profile specifications.
Bluetooth Component Product - An implementation of Bluetooth wireless technology,
which does not meet the requirements of a Bluetooth End Product or
Bluetooth Subsystem product, but implements, at a minimum, all the mandatory
requirements, if any, of either one or more of any of the protocol and profile
parts of the Specification in compliance with such portion of the Specification.
Bluetooth Component Products can be qualified solely for distribution and the
use of the Bluetooth wireless technology in Bluetooth Component Products
require such Bluetooth Component Products to be incorporated in Bluetooth
End Products or Bluetooth Subsystem Products.
Bluetooth Development Tool - An implementation of Bluetooth wireless technology,
intended to facilitate the development of new Bluetooth designs. Bluetooth
Development Tools can be qualified solely for distribution and the use of
the Bluetooth wireless technology in development of new Bluetooth Products.
Bluetooth Test Equipment - An implementation of Bluetooth wireless technology,
intended to facilitate the testing of new Bluetooth Products. Bluetooth Test
Equipment can be qualified solely for distribution and the use of the Bluetooth
wireless technology in testing of new Bluetooth Products. Where necessary,
Bluetooth Test Equipment may deviate from the Specification in order to fulfill
the test purposes in the Bluetooth Test Specifications.
 PART 3)

Bluetooth
Qualification Program

IEEE 802.15 Meeting

September 11 - 17, 1999
 Qualification vs. Type Approval
Bluetooth Devices

Complies with
the specification ?
Qualification Process Regulatory Type Approval

'Bluetooth License' 'License to sell'

&

Global Market

IEEE 802.15 Meeting

September 11 - 17, 1999
 Qualification Program: Mission
• Protect the Bluetooth Brand by ensuring

– good performance of products

– interoperability of products
– clearly stated product capabilities

IEEE 802.15 Meeting

September 11 - 17, 1999
 Compliance requirements

• Radio link
• Protocols (lower layers)
• Profiles
• Capability information to end-users

IEEE 802.15 Meeting

September 11 - 17, 1999
 Authorization of the Program
Bluetooth SIG -PM
Manage/review/improve Know-how exchange &
qualification process forum for problems
related to testing and
Bluetooth Qualification qualification
Review Board (BQRB)

Bluetooth Bluetooth Bluetooth Bluetooth

Qualification Qualification Qualification Technical
Administrator Test Facility Body Advisory Board
(BQA) (BQTF) (BQB) (BTAB)

Administration of Recognized test facility Checking declarations,

qualification program for Bluetooth products review test reports
IEEE 802.15 Meeting
September 11 - 17, 1999
 Bluetooth Qualification Process
Insert into Database:
Product Qualified!

Test Report BQA

& TCF BQB

Qualified
Products
Application Database
BQTF & Declaration Qualification
Program
of Compliance
Documents

Manufacturer
Test Sample
Pull Documents
& TCF
from Web site

IEEE 802.15 Meeting

September 11 - 17, 1999
PART 4)
Ongoing project & H/W
implementation
Kansas State University
Project Goal
Bluetooth is a new standard developed jointly by a host of companies to provide low-cost (< $5 OEM target), high data-rate (approx 1Mb/s), short-range (< 30meters)
communication links between consumer devices, ranging from desktop and portable computers to cellular phones and digital cameras.  It operates in the 2.4 GHz ISM
band using Frequency-Hopped Spread Spectrum (FHSS) FSK modulation, with transmit powers in the range of 0 dBm (1 milliwatt).  A complete Bluetooth product
would include an RF transceiver, digital packet and protocol processing circuits, and an associated host interface.
SPECIFICATIONS
Bluetooth 2.0+EDR USB Module
QBTM400-02 (T6)
• Device Overall Description
The QBTM400 is designed to provide Bluetooth2.0 + EDR function on a
small form factor. The Bluetooth function is based on CSR BlueCore4-ROM
Single Chip Bluetooth System, which implements the full speed class 2
Bluetooth operations with full 7 slave Piconet support. The interface of
QBTM400 to host system is USB and full compliant with USB V1.1 and
compatible with USB V2.0 Full Speed (12Mbits/s).
• Bluetooth
Features
- CSR BlueCore4-ROM Single Chip Bluetooth System
- Bluetooth 2.0 + EDR support
- Full Speed Class 2 Bluetooth operation with full 7 slave Piconet support
- Full Speed USB interface compliant with USB V1.1 and compatible with
USB V2.0
- Printed PCB antenna on board
Specification Compliance
- Bluetooth Specification V1.1, V1.2, and V.2.0 compliant
Bluetooth Block Diagram
PART 5)
MATLAB Simulink
Application
Bluetooth Full Duplex Voice and Data Transmission
PART 6)
Race
 Bluetooth Current
BLUETOOTH TECHNOLOGY GETS FASTER WITH BLUETOOTH 3.0
Tokyo, Japan – April 22, 2009

Bluetooth Core Specification Version 3.0 High Speed

Bluetooth 3.0 gets its speed from the 802.11 radio protocol.

Inclusion of 802.11 Protocol Adaptation Layer (PAL) -> increased

throughput of data transfers at the approximate rate of 24
Mbps.

In addition, mobile devices including Bluetooth 3.0 will realize

increased power savings due to enhanced power control built in.
 Target Markets
•Telecommunications

Bluetooth Headsets
Bluetooth Enabled Phone

• Networking
 Target Markets
• Industrial

When you arrive

at the office..

When you are in a meeting.. When inspecting equipments..

 Target Markets
• Automotive Car Remote by Bluetooth

• Medical

Bluetooth enabled Sphygmomanometer

 Target Markets
• Vertical Markets
• (Hotels, Airports)

You arrive at the airport.. You are sitting or waiting in the lounge
Bluetooth Devices
Bluetooth Keyboard
Bluetooth Printer

Bluetooth Projector
Bluetooth Camera

Bluetooth Ultra Mobile PC

Bluetooth MP3 Player

 Bluetooth Future
• Mike Foley, executive director of
The Bluetooth SIG
Outlet-Free Houses:
“I thought this was about as wireless power was going until I visited the Ministry of Internal
Affairs and Communications in Tokyo.
There, I was told of a project they are working on dubbed "Wall outlet-free houses"
to deliver power throughout the house”
Predicting the Winner
• “I think the results will be determined “on the court.”
This is exactly why the members of the Bluetooth SIG continue to enhance the specifications
and thus the technology to ensure it is the best solution for new use cases such as health and
fitness, RF remote controls, home energy management and more.
As such, you’ll keep seeing new and exciting Bluetooth products hitting the market as the
technology continues to win on the court.”