Transcript Networks

CCM 4300 Lecture 5
Computer Networks: Wireless and
Mobile Communication Systems
Dr E. Ever
School of Computing Science
1
Lesson objectives
 To acquire a basic understanding of GSM, GPRS,
EDGE, Satellite systems, UMTS and Bluetooth and
you will be able:
- to make informative decision regarding
which technology to use and why
- explore the history and architecture of such
technologies
- identify some of the advantages and
disadvantages of using these technologies.
2
Session Content
 Introduction – what is GSM?
 GSM and GPRS Components
 Why the interest in 2G, 3G and 4G technologies?
 UMTS
 Bluetooth
 Satellites: HEO, MEO, LEO
3
Wide Area mobile connectivity-GSM
• Circuit-switched
• Second generation (2G):
• digital
• GSM (2G):
• digital
• secure (?)
• international roaming
• 13Kb/s voice
• 2.4kb/s - 9.6Kb/s data (uses FEC)
• SMS:
• up to 160 chars of text
• GSM flavours:
• GSM900 – vanilla GSM
• GSM1800, PCN,
(Europe)
• GSM1900, PCS (US)
• GPRS (2.5G)
• UMTS (3G)
• 4G systems:
• 20Mb/s – 100Mb/s
4
GSM: An overview I
GSM
formerly:
now:
Groupe Spéciale Mobile (founded 1982)
Global System for Mobile Communication
Pan-European
standard (ETSI, European Telecommunications Standardisation
Institute)
simultaneous
introduction of essential services in three phases (1991, 1994, 1996) by
the European telecommunication administrations (Germany: D1 and D2)
 seamless roaming within Europe possible
today
many providers all over the world use GSM (more than 214 countries in Asia,
Africa, Europe, Australia, America)
more
than 2 billion subscribers
more
than 70% of all digital mobile phones use GSM
Countries
which are using GSM networks on larger scales are Russia, china Pakistan,
United States, India.
over
360 billion SMS per year worldwide
5
What happens within the network?
GSM Network
?
GSM Subscriber
fixed network
Fixed network
subscribers
Other mobile
subscribers
6
GSM Physical layer
• Phy:
• 900MHz (1.8GHz, 1.9GHz)
• 2x25Mhz bands
890-915MHz uplink
935-960MHz downlink
• 124 carriers per band
• 200KHz bandwidth per
carrier
• Channel allocation:
• TDMA/FDMA
• multiple frequency channels
• TDMA in each channel
• (slow FH possible)
S indicates user or network control data
0
tail bits
0
data bits
7
frame
(8 bursts)
(~4.615ms)
stealing bit (S)
training sequence
Stealing bits
data bits
guard bits
Tail bits
25
multi-frame (26 frames)
(120ms)
frame 12 for signalling
frame 25 unused
tail: 3 bits
stealing: 1 bit
data: 57 bits
training: 26 bits
guard: 8.25 bits
7
GSM Physical layer
8
GSM coding overhead
• 114 bits every 4.615ms 
~31Kb/s
• So why do we only get
13Kb/s speech and
9.6Kb/s data?
• Error coding!
• plus other overhead
• Large amount of error
correction coding:
• speech uses CRC + 1/2
rate convolutional
coding for Forward
Error Correction
• need better FEC for data
• 260 bits of speech
produces 456 bits for
transmission!
• 13Kbs  ~23Kb/s
• “high-speed” data
available now - HSCSD:
• 14.4Kb/s or 28.8Kb/s
on 2 channels
• May be able to improve
on this with 3G CDMA:
• less overhead required?
9
FEC (simple example)
A simple example would be an analog to digital converter that samples three
bits of signal strength data for every bit of transmitted data.
The simplest example of error correction is for the receiver to assume
the correct output is given by the most frequently occurring value in
each group of three.
Triplet received
Interpreted as
000
0
001
0
010
0
100
0
111
1
110
1
101
1
011
1
10
GSM Network Structure I
• Digital mobile service:
• data/voice
• extendable network
• allows international
roaming
• Network topology:
• cells
• base-transceiver station
(BTS)
• GSM cell clusters:
• 4, 7, 12, 21 cells
• pattern repeats to cover area
base-transceiver station (BTS)
• BTS network:
• interconnected by a
terrestrial network
11
GSM network structure II
d
f3
f5
f4
f2
f6
f1
r
f3
f5
f4
f7
Handoff
region
f1
f2
• d/r > 2.5
• Network scaling:
• reduce cell-size
• increase number of cells
12
Handoff for Wireless Systems (cont`d)
• Handoff!!
•
The process of transferring a mobile user from one
channel or base station to another.
Performability Modelling for Wireless and Mobile
Communication Systems
13
Equations
•
The average number of calls in the systems, NS
•
However, since only i channels operative at any time,
the MQL can now be represented by Ni where i is the
S
number of operative channel.
So overall MQL is as
N   qi N i
follows:


 S iS
i 
 S i S M

i

S!
 p0
N S     i
 i 0 i! i  S 1

[ S  ( j  S )  cd ] 


j  S 1


i 0
Performability Modelling for Wireless and Mobile
Communication Systems
Performability Modelling of Handoff (cont`d)
Why does no hand-off has the worst performance?
Performability Modelling for Wireless and Mobile
Communication Systems
GSM Network Structure III
OMC, EIR,
AUC
HLR
NSS
with OSS
VLR
MSC
GMSC
VLR
fixed network
MSC
BSC
BSC
RSS
AuC authentication centre
BSC base-station controller
BTS base-transceiver station
EIR equipment identity register
HLR home location register
MSC mobile switching centre
VLR visitor location register
OMC Operation and maintenance systems
16
GSM network structure IV
•MS:
• sends beacon to BTS
• BSC:
• talks to all BTS in an area
• assigns channels
• performs authentication
• sends updates for VLR
• communicates with other
BSCs and a single MSC
• Roaming:
• updates to VLR via MSC
BSC base-station controller
BTS base-transceiver station
HLR home location register
MSC mobile switching centre
VLR visitor location register
OMC Operation and maintenance systems
MS Mobile station
• Hand-off:
• BTS  BTS (same BSC)
• BSC BSC (same MSC)
• MSC  MSC
• Location information:
• mobile is tracked
• location registers kept
updated
17
GSM cell types
Hot spots:
• cell-within-a-cell
fast-moving MS,
• Macro-cells:
many-hand-offs
• large, sparsely populated areas
e.g. car, train, etc
• Micro-cells:
• densely populated areas. By splitting the existing
areas into smaller cells, the number of channels
available is increased as well as the capacity of the
cells. The power level of the transmitters used in these
cells is then decreased, reducing the possibility of
interference between neighbouring cells.
• Selective cells:
• not-360° coverage
• special antenna give “shape” . e.g.Cells that may be
located at the entrances of tunnels where a selective cell
with a coverage of 120 degrees is used.
• Umbrella cells:
•covers several micro-cells
• used for “high-speed” MS
Umbrella cell
Umbrella
cell
18
Power Management
Hand-off
• Quality vs. power
• Maintain quality:
• mobile increases transmit
power
• maintains quality
• hand-off when quality is
low
• Conserve power:
• set transmit power
threshold
• hand-off when threshold
reached
Silence suppression
• DTX (Discontinuous transmission a
method of momentarily powering-down)
• No “speech” for ~40% of
call duration:
• perhaps more for data
• Background noise at MS:
• not easy to detect …
• detect “no speech”
• Switch off transmission:
• when “no speech”detected
• saves power
• Receiver:
• comfort noise
19
Security
Terminal
• SIM:
• subscriber identity
module
• IMSI:
• subscriber identity (on
SIM)
• IMEI:
• MS identity (in MS)
• Stream cipher used:
• key+algorithm from SIM
• random number XOR’d
with data/voice bits
Network
• EIR:
• stores known IMEI numbers
• AuC:
• uses IMSI and IMEI
(plus
interaction with EIR)
• authenticates user
• checks service
subscription
• (updates VLR and other
location information)
20
•
Security in GSM
Security services
–
access control/authentication
•
•
user  SIM (Subscriber Identity Module): secret PIN (personal identification number)
Security services
– access control/authentication
• user  SIM (Subscriber Identity Module): secret PIN (personal identification
number)
• SIM  network: challenge response method
one party presents a question ("challenge") and another party
must provide a valid answer ("response") to be authenticated.
•
•
SIM  network: challenge response method
“between you and I”:
• A3 and A8 available via
the Internet
• network providers can
use stronger mechanisms
– confidentiality
• voice and signaling encrypted on the wireless
link (after successful authentication)
– anonymity
• temporary identity TMSI (Temporary Mobile Subscriber Identity)
• newly assigned at each new location update (LUP)
• encrypted transmission
3 algorithms specified in GSM
– A3 for authentication (“secret”, open interface)
– A5 for encryption (standardised)
– A8 for key generation (“secret”, open interface)
GSM - authentication
SIM
mobile network
Ki
RAND
128 bit
AC
RAND
128 bit
RAND
Ki
128 bit
128 bit
A3
A3
SIM
SRES* 32 bit
MSC
SRES* =? SRES
SRES
SRES
32 bit
Ki: individual subscriber authentication key
32 bit
SRES
SRES: signed response
22
GSM - key generation and encryption
MS with SIM
mobile network (BTS)
Ki
AC
RAND
128 bit
RAND
128 bit
RAND
128 bit
A8
cipher
key
BSS
Ki
128 bit
SIM
A8
Kc
64 bit
Kc
64 bit
data
A5
encrypted
data
SRES
data
MS
A5
23
Beyond 2G systems: GPRS I
•Uses existing GSM infrastructure:
• requires some changes to
• Packet radio service:
support new signalling
• “always on”
• Same RF spectrum as GSM
• shared media access
• multiple bursts per user
• one frame could carry voice
Point-to-point (PTP) service:
and data
internetworking with the Internet (IP
• On demand allocation:
protocols) and X.25 networks.
• user signals network for
channel/burst(s) allocation
Point-to-multipoint (PT2MP) service:
point-to-multipoint multicast and point- • Requires new terminal:
• mobile phones may need to be
to-multipoint group calls
upgraded or replaced (done)
General Packet Radio Service
(GPRS)
24
GPRS II
• Better network utilisation
• Good for general data:
• suits bursty applications
• GPRS + IP integration:
• How to charge?
• volume – per packet?
• flat rate?
• QoS:
• may not be suitable for real-time
applications
• “real-time extensions” in 3G
25
EDGE
Enhanced Data-rates for Global
Evolution:
• builds on GPRS mechanism
• packet interface
• Available now in North
America and some parts of
Europe
• “Peak rates” of 384Kb/s:
• “pedestrian” rate
• “Normal rate” of 144Kb/s:
• “high mobility” rate
Requires new RF spectrum:
• 2x50MHz
• 1.9GHz and 2.1GHz bands
being used in some parts of
the world
High-Speed Packet Access
(HSPA). Peak bit-rates of up to
1Mbit/s and typical bit-rates of
400kbit/s can be expected.
26
UMTS: universal mobile telecommunications services
3G –• Voice:
• 2G GSM-like services
• Data:
• 64Kb/s – ~2Mb/s
• ISDN-like services
• WCDMA(Wideband Code
Division Multiple Access)
10Mb/s
• Packet and circuit services
• International roaming
Needs new RF spectrum!
W-CDMA a pair of 5MHz
frequency band,
for the uplink, 19000 MHz range,
for the downlink, 2100 MHz range.
• Requires new or upgraded
infrastructure
• Potential for broadband wireless
services
Since 2006, UMTS networks in many
countries have been or are in the
process of being upgraded with High
Speed Downlink Packet Access
(HSDPA), sometimes known as 3.5G.
27
Up to 21 Mbit/s.
IMT-2000
• ITU’s approach to 3G wireless
• “Umbrella” activity from ITU:
• mainly European interest, though international in theory
• Intended to provide:
• coordination between different 2.5/3G systems
• harmonisation of services to allow use efficient of
Spectrum
• http://www.umts-forum.org/imt2000.html
IMT: international Mobile Communications
28
Simplified Roadmap – one to another
2G
2.5G
GSM
only
(+SMS)
GSM
GSM + GPRS
3G (IMT-2000)
EDGE
UMTS
GSM
only
(+SMS)
29
CT0/1
AMPS
NMT
CT2
IMT-FT
DECT
IS-136
TDMA
D-AMPS
TDMA
FDMA
Development of mobile telecommunication systems
GSM
PDC
EDGE
GPRS
IMT-SC
IS-136HS
UWC-136
IMT-DS
UTRA FDD / W-CDMA
CDMA
IMT-TC
UTRA TDD / TD-CDMA
IMT-TC
TD-SCDMA
1G
IS-95
cdmaOne
cdma2000 1X
2G
2.5G
IMT-MC
cdma2000 1X EV-DO
1X EV-DV
(3X)
3G
30
GLOBAL EVOLUTION TO
3G MULTIRADIO NETWORKS
UMTS Multiradio
Network
TDMA
GSM
WCDMA(Wideband Code Division Multiple Access)
Internet, multimedia, video and other capacity-demanding applications.
PDC
cdmaOne
GSM/GPRS/EDGE
GSM/GPRS
?
cdma2000 1x
2G
cdma2000 1xEV-DV
cdma2000 1xEV-DO
First Steps to 3G
3G Phase 1
Evolved 3G Networks
Performance characteristics of GSM (wrt. analog sys.)
Communication
mobile,
wireless communication; support for voice and data services
Total mobility
international
access, chip-card enables use of access points of different
providers
Worldwide connectivity
one
number, the network handles localization
High capacity
better
frequency efficiency, smaller cells, more customers per cell
High transmission quality
high
audio quality and reliability for wireless, uninterrupted phone calls at
higher speeds (e.g., from cars, trains)
Security functions
access
control, authentication via chip-card and PIN
32
Disadvantages of GSM
There is no perfect system!!
no
end-to-end encryption of user data
no
full ISDN bandwidth of 64 kbit/s to the user,
no transparent B-channel
reduced
concentration while driving
electromagnetic
abuse
of private data possible
roaming
high
radiation
profiles accessible
complexity of the system
several
incompatibilities within the GSM
standards
33
GSM and 3G – more information can be found at ...
•http://www.gsmworld.com/
• http://www.umts-forum.org/
• http://www.uwcc.org/
Universal Wireless Communications Consortium
• http://www.3gpp.org/
Third Generation Partnership Project
• Not covered in these notes, however, …
http://www.wapforum.org/
Wireless Application Protocol Forum
34
Satellite systems
•LEO and MEO:
• satellite constellations
• no terrestrial network
support
• “total” area coverage
• Very expensive:
• to construct and maintain
to use
• Complex:
• hand-off between satellites
• routing
•Service providers finding
it hard to break into the market
• Safety concerns:
• MS power output
• Voice only systems
• Voice and data systems
• Broadband systems
• Will they succeed?
35
4G Systems
Totally packet-based:
• IPv6
• Higher data rates:
• up to 100Mb/s
• Better security
• Totally digital
36
Classical satellite systems
Inter Satellite Link
(ISL)
Mobile User
Link (MUL)
Gateway Link
(GWL)
MUL
GWL
small cells
(spotbeams)
base station
or gateway
footprint
ISDN
PSTN: Public Switched
Telephone Network
PSTN
GSM
User data
37
Orbits I
Four different types of satellite orbits can be identified
depending on the shape and diameter of the orbit:
GEO:
geostationary orbit, ca. 36000 km above earth
surface
LEO
(Low Earth Orbit): ca. 500 - 1500 km
MEO
(Medium Earth Orbit) or ICO (Intermediate
Circular Orbit): ca. 6000 - 20000 km
HEO
(Highly Elliptical Orbit) elliptical orbits
38
Geostationary satellites
Orbit 35,786 km distance to earth surface, orbit in equatorial plane
(inclination 0°)

complete rotation exactly one day, satellite is synchronous to
earth rotation
fix
antenna positions, no adjusting necessary
satellites
typically have a large footprint (up to 34% of earth surface!),
therefore difficult to reuse frequencies
bad
elevations in areas with latitude above 60° due to fixed position
above the equator
high
transmit power needed
high
latency due to long distance (ca. 275 ms)

not useful for global coverage for small mobile phones and data
transmission, typically used for radio and TV transmission
39
LEO systems
Orbit ca. 500 - 1500 km above earth surface
visibility of a satellite ca. 10 - 40 minutes
global radio coverage possible
latency
comparable with terrestrial long distance
connections, ca. 5 - 10 ms
smaller footprints, better frequency reuse
but now handover necessary from one satellite to another
many satellites necessary for global coverage
more complex systems due to moving satellites
Examples:
Iridium (start 1998, 66 satellites)
Bankruptcy
in 2000, deal with US DoD (free use,
saving from “deorbiting”)
Globalstar (start 1999, 48 satellites)
Not many customers (2001: 44000), low stand-by times
for mobiles
40
MEO systems
Orbit ca. 5000 - 12000 km above earth surface comparison with LEO
systems:
slower
less
moving satellites
satellites needed
simpler
for
system design
many connections no hand-over needed
higher
latency, ca. 70 - 80 ms
higher
sending power needed
special
antennas for small footprints needed
Example:
ICO (Intermediate Circular Orbit, Inmarsat) start ca. 2000
Bankruptcy,
planned joint ventures with Teledesic, Ellipso – cancelled again
41
Routing (Passing Information Between satellites)
• One solution: inter satellite links (ISL)
• reduced number of gateways needed
• forward connections or data packets within the satellite network
as long as possible
• only one uplink and one downlink per direction needed for the
connection of two mobile phones
• Problems:
• more complex focusing of antennas between satellites
• high system complexity due to moving routers
• higher fuel consumption thus shorter lifetime
• Iridium and Teledesic planned with ISL
• Other systems use gateways and additionally terrestrial networks
42
Localisation of Mobile Stations
• Mechanisms similar to GSM
• Gateways maintain registers with user data
– HLR (Home Location Register): static user data
– VLR (Visitor Location Register): (last known) location of the mobile
station
– SUMR (Satellite User Mapping Register):
• satellite assigned to a mobile station
• positions of all satellites
• Registration of mobile stations
– Localisation of the mobile station via the satellite’s position
– requesting user data from HLR
– updating VLR and SUMR
• Calling a mobile station
– localization using HLR/VLR similar to GSM
– connection setup using the appropriate satellite
43
Handover in Satellite Systems
• Several additional situations for handover in satellite systems compared to
cellular terrestrial mobile phone networks caused by the movement of the
satellites
– Intra satellite handover
• handover from one spot beam to another
Spot beams are used so that only earth stations in a particular intended
reception area can properly receive the satellite signal.
• mobile station still in the footprint of the satellite, but in another cell
– Inter satellite handover
• handover from one satellite to another satellite
• mobile station leaves the footprint of one satellite
– Gateway handover
• Handover from one gateway to another
• mobile station still in the footprint of a satellite, but gateway leaves the
footprint
– Inter system handover (VERTICAL?)
• Handover from the satellite network to a terrestrial cellular network
• mobile station can reach a terrestrial network again which might be
44
cheaper, has a lower latency etc.
Bluetooth: “Personal Area” wireless connectivity
•Universal radio interface for ad-hoc wireless connectivity
•Interconnecting computer and peripherals, handheld
devices, PDAs, cell phones – replacement of IrDA
•Embedded in other devices, goal: £5/device (2002:
£50/USB bluetooth), (Mini Bluetooth Network adapter
USB £6)
•Short range (10m), low power consumption, license-free
2.45 GHz ISM
•Voice and data transmission, approx. 1 Mbit/s gross data
rate
•Bluetooth 2.0 Enhanced Data Rate (EDR) 2.1 Mbit/s
45
Inter-device connections
Scenario 1:
• PDA, mobile phone, laptop
• PDA  mobile phone: 1 cable
• PDA  laptop: another (different) cable
• mobile phone  laptop: yet another (different) cable
Scenario 2:
• desktop computer, PDA, laptop all need to use printer
• again, more cables, hard to configure
• standard wireless inter-device
communication?
46
Bluetooth: The Rational
• Standard, convenient device inter-connectivity
• Mobile phones, headsets, PDAs, laptops:
• coffee machines, utility meters, hi-fi equipment, etc.
• Simple, low-cost, radio-based system:
• simple, “wire-replacement” system, re-use existing
standards
• aiming for cost of ~£5 to build into a device
• uses ISM radio band (2.4000-2.4835GHz)
• http://www.bluetooth.com/
• Named after a Viking called Harald Bluetooth
47
Bluetooth: Characteristics
• 2.4 GHz ISM band, 79 (23) RF channels, 1 MHz carrier spacing
– Channel 0: 2402 MHz … channel 78: 2480 MHz
– G-FSK modulation, 1-100 mW transmit power
• FHSS and TDD
– Frequency hopping with 1600 hops/s
– Hopping sequence in a pseudo random fashion, determined by a
master
– Time division duplex for send/receive separation
• Voice link – SCO (Synchronous Connection Oriented)
– FEC (forward error correction), no retransmission, 64 kbit/s
duplex, point-to-point, circuit switched
• Data link – ACL (Asynchronous Connectionless)
– Asynchronous, fast acknowledge, point-to-multipoint, up to 433.9 kbit/s
symmetric or 723.2/57.6 kbit/s asymmetric, packet switched
• Topology - Overlapping piconets (stars) forming a scatternet
48
Bluetooth Architecture: An overview
•Two link types:
• synchronous, connection oriented (SCO)
• asynchronous, connection-less (ACL)
• Bi-directional link (symmetric and asymmetric data rates)
• Can use existing protocols, e.g. IP
• Several profiles defined:
• e.g. dial-up networking, headset, fax, LAN access
• Products now becoming available in all almost all new
mobile phones and some laptops
49
Bluetooth: Basic Components
Four basic components to architecture:
1. RF component: for receiving and transmitting
2. Link control: for processing information to/from
RF component
3. Link management: manages transmission process
(media access)
4. Supporting applications: uses other three
components through a well-defined interface
50
Bluetooth: Link Types
SCO
ACL
• Packet-based
• For data
• Mainly for voice
• Asymmetric:
• Up to 3 simultaneous
• 721Kb/s (either direction)
channels supported
+ 57.6Kb/s reverse
(64Kb/s each)
direction
• Can be used in parallel • Symmetric:
with an ACL channel
• 432.6Kb/s
51
Basic Communication
Characteristics
• Antenna power of 0dBm
(1mW):
• ~10m range
• Optionally, 20dBm
(100mW):100m range
1Mb/s max:
• 721Kb/s available
to user after protocol
overhead
Radio
• 2.402-2.480GHz:
• minor change in ES, FR, JP
• FH-SS:
• 79 channels
• (23 channels, ES, FR, JP)
• 1MHz spacing
• Hop rate – 1600 hops/s:
• 625ms timeslot
• TDM slots
• Possible interference:
• 2.4GHz band used by
IEEE802.11 wireless LANs
52
Basic Communication
•Master-slave relationship
• master initiates
communication using
PAGE or INQUIRY
message
• odd timeslots for
master
• even timeslots for
slave(s)
• Master-slave set-up:
• 255 slaves, 8-bit
address
• 7 active slaves, 3-bit
addresses
•TDM timeslots are numbered:
• use clock from master
• 227 slots
• Transmission in packets
• Packet normally uses one
timeslot:
• one packet per freq. hop
• can use up to 5 timeslots
• Master-slave sync:
• use of clocks, slaves
sync with master
53
Basic Communication
•Every device has a unique 48-bit
•Piconet (single pico-cell):
address.
• single master
•Instead, friendly Bluetooth names
P
• up to 255 slaves
areS used, which can be set by the
• only 7 active slaves
at any
S
user.
time
M •If address
P
of another device
• At power on:
known:
SB
• in standby (sniff mode)
S
• send PAGE message
• listen every 1.28s P SB
• If address not known:
• check one of 32 hop
• send INQUIRY message
frequencies for other
• SDP is used to discover
devices
device capabilities
SDP- service discovery protocol
54
Basic Communication … continues…
General packet format
• Header:
• AM_ADDR (3)
• type (4)
• flow control (1)
• ARQN (1)
• SEQN (1)
• HEC (8)
68(72)
54
access code packet header
AM_ADDR active member address
ARQN automatic repeat request number
HEC head error correction
SEQN sequence number
0-2745
payload
Access code:
• provides receiver sync
• Payload:
• indicates length and number
of timeslots that will be
used
• contains CRC
• if FEC used used, 5 parity
bits added after each 10
bits, including CRC bits
• padding may be required
for FEC usage
access code header payload
72bits 54bits 0-2745 bits
55
Forming a piconet
• All devices in a piconet hop together
– Master gives slaves its clock and device ID
• Hopping pattern: determined by device ID (48 bit,
unique worldwide)
• Phase in hopping pattern determined by clock
• Addressing
– Active Member Address (AMA, 3 bit)
– Parked Member Address (PMA, 8 bit) P 
S
SB 
SB
S
SB
M
P
SB
SB
SB
S
SB
SB
P 
SB
SB StandBy
SB 
56
SB
Error Correction
3 options:
• 1/3 rate FEC
• 2/3 rate FEC
• CRC + ARQ
• Packet header:
• always uses 1/3 rate FEC
• Data:
• 2/3 rate FEC
• (15,10) shortened
Hamming code
•Corrects all 1-bit errors in
10 bits and detects all 2-bit
errors
•may need 0-9 bits of
padding
• CRC + ARQ:
• (not always used)
• ACK or NAK for each pkt
• Un-numbered scheme, i.e.
stop-wait scheme
ARQ: automatic repeat request
57
Power Saving Modes
•Different power modes:
• conserve battery life
• Active mode:
• normal operation
• Sniff mode:
• less power than active mode
• listen to network
• e.g. standby
Hold mode:
• less power than sniff mode
• clock remains sync’d
• e.g. inactive slave, retains
8-bit piconet address
• Park mode:
• less power than hold mode
• no contact with master
• does not retain piconet addr
58
Interface Support
• Can emulate different interface protocols, e.g.:
• USB (universal serial bus)
• RS232
• PC card (for laptops)
• Uses a serial cable emulation protocol:
• allows use of PPP etc. (point-to-point protocol)
• Allows use of telephony protocols:
• TCS binary (telephony control protocol)
• Hayes AT commands
59
Bluetooth Protocol Stack
TCP/UDP
AT modem
commands
IP
TCS BIN
SDP
BNEP PPP
Audio
RFCOMM (serial line interface)
Logical Link Control and Adaptation Protocol (L2CAP)
Link Manager Protocol
Baseband
Bluetooth Radio
AT: attention sequence
TCS BIN: telephony control protocol specification – binary
BNEP: Bluetooth network encapsulation protocol
SDP: service discovery protocol
RFCOMM: radio frequency comm.
60
Protocol Architecture
•Bluetooth radio:
• transmit and receive
• Baseband:
• physical RF control
• LMP(Link Manager Protocol):
• link setup
• authentication
• power mode control
• connection states in piconet
(master or slave)
L2CAP(logical link control and
adaptation):
• SCO and ACL link types
• segmentation and
reassembly (max SDU size
is 64Kbytes)
• SDP(Service Discovery):
• selects usage model or
profile
• exchange of device
capability information
• RFCOMM(Radio Freq.
Communications:
• serial line “emulation”61
Protocol Architecture
Addressing
Transmission control
• 48-bit IEEE address
(similar to Ethernet
address) BD_ADDR
• Within a piconet:
• one master
• many slaves
• members of piconet
• 8-bit piconet PM_ADDR
• 3-bit AM_ADDR
• Freq. hopping sequence:
• derived from BD_ADDR of
master
• Access codes used for
signalling:
• derived from BD_ADDR
• access codes used as part
of the every packet
• allows sync of receiver
clock
BD-ADDR - Bluetooth device address
62
Example usage methods
Modern emulator or driver
PPP
AT modem
commands
Modern emulator or driver
SDP
RFCOMM
(L2CAP)
IP
SDP
PPP
RFCOMM
(L2CAP)
•Dial-up networking:
• serial line emulation
• e.g. wireless modem for
access
• LAN access:
• dial-up server emulation
• e.g. wireless access point
for multiple users
63
Security
•Easy wireless connectivity
for roaming devices
• Bluetooth security modes
1, 2, 3
• Mode 1: insecure
• Mode 2: servicelevel security (not
required at link setup)
• Mode 3: link-level
security (required at
link set-up)
•Authentication:
• challenge-response
• device authentication
• Link-level encryption:
• Bluetooth specific algorithms
• Key generation mechanism:
• private user key (128bits)
used to generate session
encryption key (8-128bits)
• Random number generation
64
Security … continues
User input (initialization)
PIN (1-16 byte)
Pairing
PIN (1-16 byte)
E2
Authentication key generation
(possibly permanent storage)
E2
link key (128 bit)
Authentication
link key (128 bit)
E3
Encryption key generation
(temporary storage)
E3
encryption key (128 bit)
Encryption
encryption key (128 bit)
Keystream generator
Keystream generator
payload key
Ciphering
payload key
Cipher data
Data
Data
65
Networking
Piconet:
• a single Bluetooth cell
• multiple cells could overlap
• devices in overlap of cells
can form an ad hoc
piconet
P
scatternet
• Scatternet – a single
device:
• is in multiple piconets
• has more than one master
• still maturing – may be
used in IEEE802.15 WPANs
S
P
S
M
P
Scatternet
S
S
S
P
SB
M
M=Master SB
S=Slave
P=Parked
SB=Standby
P
P
M
SB
S
Piconets
(each with a
capacity of
< 1 Mbit/s)
S
P
SB
SB
S
Piconet 1 Piconet 2
66
Summary
•Inter-device communication:
• many standards
• many different cables
• Bluetooth provides:
• common wireless connectivity (not really mobility)
• cheap
• potentially, standard connectivity for any device,
including consumer electronics
• primitive networking - scatternet
67