Documente Academic
Documente Profesional
Documente Cultură
By
V.Muniraju Naidu,
Assoc.Prof, CSE, NECN 1
Characteristics of wireless LANs
Advantages
• Flexibility: very flexible within the reception area
• Planning: Ad-hoc networks without previous planning possible
• Design: (almost) no wiring difficulties (e.g. historic buildings, firewalls)
• Robustness: more robust against disasters like, e.g., earthquakes, fire or users
pulling a plug
• Cost: Adding additional users to a wireless network will not increase the cost.
Disadvantages
• Quality of service: typically very low bandwidth compared to wired networks
(1-10 Mbit/s)
• Proprietary solutions: many proprietary solutions, especially for higher bit-
rates, standards take time (e.g. IEEE 802.11). Now, 802.11g is a popular
solution.
• Restrictions: products have to follow many national restrictions if working
wireless, it takes long time to establish global solutions like, e.g., IMT-2000
• Safety and security: Precautions have to be taken to prevent safety hazards.
Secrecy and integrity must be assured.
2
Fundamentals of WLANs
Differences between wireless and wired transmission
• Address is not equivalent to physical location
• Dynamic topology and restricted connectivity
• Medium boundaries are not well-defined
• Error-prone medium
Use of WLANs
• Users can access the Internet on the move.
• WLANs are handy in areas affected by earthquakes or other disasters.
• WLANs are good solutions in places where wiring may not be permitted.
3
Design goals for wireless LANs
Operational simplicity
Power-efficient operations
License-free operation: no special permissions or licenses needed
to use the LAN
Tolerance to interference
Global usability
Security: security (no one should be able to read my data), privacy
(no one should be able to collect user profiles),
Safety requirement (low radiation)
Quality of service requirements
Compatibility with other technologies and applications
4
Comparison: Infrastructure vs. Ad-hoc
networks
WLANs can be classified into two types:
• Infrastructure networks contains access points (APs) and mobile station
(STAs).,Access Point(AP) is a networking h/w device that allows other
Wi-Fi devices to connect to a wired n/w.
• Ad hoc LANs do not need any fixed infrastructure.
Infrastructure networks
• Provide access to other networks
• Include forwarding functions
• Medium access control
Ad-hoc networks is a group of computers each with wireless
adapters, connected as an independent wireless LAN.
• Each node can communicate with other nodes
5
Comparison: infrastructure vs. ad-hoc
networks
Infrastructure
Network
AP: Access Point
AP
AP Wired network
AP
Ad-hoc network
6
802.11 Services
Distribution Services (for APs)
• Association – mobile stations connect themselves to base stations
• Reassociation – a station may change its preferred base station
• Disassociation – the station or base station breaks the association
Distribution – determines how to route frames sent to the base station
• Integration – handles the translation from the 802.11 format to the format
of the destination network
Intracell Services (for STAs and APs)
• Authentication – a station must authenticate itself before permitted to send
data.
• Deauthentication – a authenticated station wanting to leave the network is
deauthenticated.
• Privacy – manages the encryption and decryption. The algorithm specified
is RC4 by Ronald Rivest of MIT.
• Data Delivery – not reliable.
7
IEEE 802.11 Standard
IEEE 802.11b is known as Wi-Fi (wireless Fidelity).
Mobile Stations (MTs) can operate two modes:
• Infrastructure mode, in which MTs can communicate with one or more APs
which are connected to a WLAN.
• Ad hoc mode, in which MTs can communicate directly with each other
without using an AP.
IEEE 802.11 supports two medium in the physical layer:
• Infrared
• Radio wave
The physical layer is subdivided into physical medium dependent
(PMD) sublayer and physical layer convergence protocol (PLCP).
• IEEE 802.11 used CSMA/CD for MAC.
8
802.11 - Architecture of an infrastructure
network
802.11 LAN
802.x LAN Station (STA)
• terminal with access mechanisms to
the wireless medium and radio
STA1 contact to the access point
BSS1
Portal Basic Service Set (BSS)
Access
Point • group of stations using the same
radio frequency
Distribution System
Access Point (AP)
Access
ESS Point • station integrated into the wireless
LAN and the distribution system
BSS2 Portal
• bridge to other (wired) networks
Distribution System
STA2 802.11 LAN STA3 • interconnection network to form
one logical network (EES:
Extended Service Set) based
on several BSS 9
802.11 - Architecture of an ad-hoc network
802.11 LAN
Direct communication
within a limited range
STA1
IBSS1 STA3
• Station (STA):
terminal with access
mechanisms to the wireless
medium
STA2
• Independent Basic Service Set
(IBSS):
group of stations using the
IBSS2 same radio frequency
STA5
10
IEEE standard 802.11
fixed
terminal
mobile terminal
infrastructure
network
access point
application application
TCP TCP
IP IP
LLC LLC LLC
802.11 MAC 802.11 MAC 802.3 MAC 802.3 MAC
802.11 PHY 802.11 PHY 802.3 PHY 802.3 PHY
11
Comparison: infrared vs. radio transmission
Infrared Radio
• uses IR (Infra-Red) diodes, • typically using the license free ISM
diffuse light, multiple
reflections (walls, furniture (Industrial, Scientific, Medical) band at
etc.) 2.4 GHz
• Advantages • Advantages
• simple, cheap, available in • experience from wireless WAN and
many mobile devices
mobile phones can be used
• no licenses needed
• simple shielding possible • coverage of larger areas possible
• Disadvantages (radio can penetrate walls, furniture
• interference by sunlight, etc.)
heat sources etc. • Disadvantages
• many things shield or • limited license free frequency bands
absorb IR light
• low bandwidth • shielding more difficult, interference
• Example with other electrical devices
• IrDA (Infrared Data • Example
Association) interface • WaveLAN (Lucent), HIPERLAN,
available everywhere 12
Bluetooth
802.11 - Layers and functions
PMD (Physical Medium Dependent) : modulation, encoding/decoding (coding)
PLCP (Physical Layer Convergence Protocol):
• provide a uniform abstract view for the MAC sublayer
• service access point (SAP) abstract the channel that offers up to 1 or 2 Mbps
• clear channel assessment (CCA) signal (carrier sense) used for CSMA/CA
PHY Management: channel selection, Management Information Base (MIB)
Station Management: coordination of all management functions
MAC: access mechanisms, fragmentation, encryption
MAC Management: synchronization, roaming, authentication, MIB, power
management
Station Management
LLC
DLC
PLCP
PHY
PHY Management
PMD 13
802.11 Physical Layers
Infrared – 1 Mbps and 2 Mbps
• 850-950 nm, infra-red light, typical 10 m range, encoded using PPM
FHSS (Frequency Hopping Spread Spectrum) uses 79 channels,
each 1 MHz wide, starting in the 2.4 GHz band.
• A psudorandom number generator is used to produce the sequence of
frequencies hopped to.
• The amount of time spent at each frequency, dwell time, is adjustable.
• spreading, despreading, signal strength, typical 1 Mbit/s
• min. 2.5 frequency hops/s (USA), 2-level GFSK modulation, 4-level GFSK
for 2Mbit/s
DSSS (Direct Sequence Spread Spectrum) delivers 1 or 2 Mbps in
the 2.4 GHz band.
• DBPSK modulation for 1 Mbit/s (Differential Binary Phase Shift Keying),
DQPSK for 2 Mbit/s (Differential Quadrature PSK)
• preamble and header of a frame is always transmitted with 1 Mbit/s, rest of
transmission 1 or 2 Mbit/s
• chipping sequence: +1, -1, +1, +1, -1, +1, +1, +1, -1, -1, -1 (Barker code)
• max. radiated power 1 W (USA), 100 mW (EU), min. 1mW
14
802.11 - Physical layer
802.11a uses OFDM (Orthogonal Frequency Division
Multiplexing) to deliver up to 54 Mbps in the 5 GHz band.
Orthogonal Frequency Division Multiplexing, an FDM
modulation technique for transmitting large amounts of digital
data over a radio wave. OFDM works by splitting the radio signal
into multiple smaller sub-signals that are then transmitted
simultaneously at different frequencies to the receiver
802.11b uses HR-DSSS (High Rate Direct Sequence Spread
Spectrum) to achieve 11 Mbps in the 2.4 GHz band.
802.11g uses OFDM to achieve 54 Mbps in the 2.4 GHz band.
The physical layer sensing is through the clear channel
assessment (CCA) signal provided by the PLCP. The CCA is
generated based on sensing of the air interface by:
• Sensing the detected bits in the air: more slowly but more reliable
• Checking the received signal strength (RSS): faster but no so precise
15
The 802.11 Protocol Stack
t
The OFDM scheme uses advanced digital signal processing
techniques to distribute the data over multiple carriers at precise
frequencies.
• Suppose the lowest-frequency subcarrier uses the base frequency fb. The other
subcarriers are integer multiples of the base frequency, 2fb, 3fb, etc.
• The precise relationship among the subcarriers is referred to as orthogonality.
• The result is the maximum of one subcarrier frequency appears exactly at 17 a
frequency where all other subcarriers equal zero
Orthogonal Frequency Division
Multiplexing (OFDM)
Superposition of frequencies in the same frequency range
Amplitude subcarrier:
sin(x)
SI function=
x
Properties
• Lower data rate on each subcarrier less intersymbol interference (ISI)
• interference on one frequency results in interference of one subcarrier only
• no guard space necessary
• orthogonality allows for signal separation via inverse FFT on receiver side
• precise synchronization necessary (sender/receiver)
Advantages
• no equalizer necessary
• no expensive filters with sharp edges necessary
• better spectral efficiency (compared to CDM)
Application: 802.11a, 802.11g, HiperLAN2, DAB (Digital Audio Broadcast), 18
DVB (Digital Video Broadcast), ADSL
802.11 FHSS PHY Packet Format
Synchronization: synch with 010101... pattern
SFD (Start Frame Delimiter): 0000110010111101 start pattern
PLW (PLCP_PDU Length Word): length of payload incl. 32
bit CRC of payload, PLW < 4096
PSF (PLCP Signaling Field): data of payload (1 or 2 Mbit/s)
HEC (Header Error Check): CRC with x16+x12+x5+1
80 16 12 4 16 variable
synchronization SFD PLW PSF HEC payload bits
19
802.11 DSSS PHY Packet Format
Synchronization: synch., gain setting, energy detection,
frequency offset compensation
SFD (Start Frame Delimiter): 1111001110100000
Signal: data rate of the payload (0A: 1 Mbit/s DBPSK; 14: 2
Mbit/s DQPSK)
Service: future use, 00: 802.11 compliant
Length: length of the payload
HEC (Header Error Check): protection of signal, service and
length, x16+x12+x5+1
21
IEEE 802.11a – PHY Frame Format
PLCP header
22
Operating channels for 802.11a / US U-NII
36 40 44 48 52 56 60 64 channel
5150 5180 5200 5220 5240 5260 5280 5300 5320 5350 [MHz]
16.6 MHz
center frequency =
5000 + 5*channel number [MHz]
149 153 157 161 channel
23
OFDM in IEEE 802.11a (and HiperLAN2)
OFDM with 52 used subcarriers (64 in total)
48 data + 4 pilot
(plus 12 virtual subcarriers)
312.5 kHz spacing
pilot 312.5 kHz
96 µs 2, 5.5 or 11 Mbit/s
26
Channel Selection (Non-overlapping)
Europe (ETSI)
27
WLAN: IEEE 802.11g
Data rate Availability
• OFDM: 6, 9, 12, 18, 24, 36, 48, 54 • more products, more vendors
Mbit/s CCK: 1, 2, 5.5, 11 Mbit/s
Connection set-up time
• User throughput (1500 byte packets):
5.3 (6), 18 (24), 24 (36), 32 (54) • Connectionless/always on
• 6, 12, 24 Mbit/s mandatory Quality of Service
Transmission range • Typ. best effort, no guarantees (same
• 300m outdoor, 30m indoor as all 802.11 products)
• E.g., 54 Mbit/s up to 5 m, 48 up Manageability
to 12 m, 36 up to 25 m, 24 up to
30m, 18 up to 40 m, 12 up to 60 • Limited (no automated key
m distribution, sym. Encryption)
Frequency Special Advantages/Disadvantages
• Free 2.4 – 2.497 GHz ISM-band • Advantage: fits into 802.x standards,
Security free ISM-band, available, simple
system
• Limited, WEP insecure, SSID
• Disadvantage: heavy interference on
Cost: Check market
ISM-band, no service guarantees
• Adapter $50, base station $50
28
Wireless LAN Standard
29
Wireless LANS Devices
Laptops
LAN
32
The 802.11 MAC Sublayer Protocol
36
802.11 MAC Sublayer
PCF and DCF can coexist within one cell by carefully defining
the interframe time interval. The four intervals are depicted:
• SIFS (Short InterFrame Spacing) is used to allow the parties in a single
dialog the chance to go first including letting the receiver send a CTS and
an ACK and the sender to transmit the next fragment.
• PIFS (PCF InterFrame Spacing) is used to allow the base station to send
a beacon frame or poll frame.
• DIFS (DCF InterFrame Spacing) is used to allow any station to grab the
channel and to send a new frame.
• EIFS (Extended InterFrame Spacing) is used only by a station that has
just received a bad or unknown frame to report the bad frame.
The result MAC scheme used in 802.11 is carrier sensing
multiple access with collision avoidance (CSMA/CA) that is
based on MACAW.
• Use NAV (Network Allocation Vector) to indicate the channel is busy.
37
The 802.11 MAC Sublayer Protocol
38
802.11 MAC Sublayer
Access methods
• DFWMAC-DCF (distributed foundation wireless medium access control-
Distributed Coordination Function) CSMA/CA (mandatory)
• collision avoidance via randomized „back-off“ mechanism
• minimum distance between consecutive packets
• ACK packet for acknowledgements (not for broadcasts)
• DFWMAC-DCF w/ RTS/CTS (optional)
• avoids hidden terminal problem
• DFWMAC- PCF (Point Coordination Function) (optional)
• access point polls terminals according to a list
• Completely controlled by the base station. No collisions occur.
• A beacon frame which contains system parameters is periodically (10
to 100 times per second) broadcasted to invite new stations to sign up
for polling service.
39
802.11 - CSMA/CA access method
contention window
DIFS DIFS (randomized back-off
mechanism)
direct access if t
medium is free DIFS slot time
boe busy
station2
busy
station3
busy medium not idle (frame, ack etc.) boe elapsed backoff time
DIFS
data
sender
SIFS
ACK
receiver
DIFS
other data
stations t
waiting time contention
42
802.11 – DFWMAC
Sending unicast packets
• station can send RTS with reservation parameter (transmission duration)
after waiting for DIFS (reservation determines amount of time the data
packet needs the medium)
• acknowledgement via CTS after SIFS by receiver (if ready to receive)
• sender can now send data at once, acknowledgement via ACK
• other stations set its net allocation vector (NAV) in accordance with the
duration field.
DIFS
RTS data
sender
SIFS SIFS
CTS SIFS ACK
receiver
The deal with the problem of noisy channels, 802.11 allows frames
to be fragmented.
DIFS
RTS frag1 frag2
sender
SIFS SIFS SIFS
CTS SIFS ACK1 SIFS ACK2
receiver
NAV (RTS)
NAV (CTS)
NAV (frag1) DIFS
other NAV (ACK1) data
stations t
contention
44
DFWMAC-PCF
A super frame comprises a contention-free period and a
contention period.
• D for downstream
• U for upstream
• CF for an end maker
t0 t1
SuperFrame
45
DFWMAC-PCF
t2 t3 t4
PIFS SIFS
D3 D4 CFend
point
coordinator SIFS
U4
wireless
stations
stations‘ NAV
NAV contention free period contention t
period
46
802.11 MAC Frame format
Types
• control frames, management frames, data frames
Sequence numbers
• important against duplicated frames due to lost ACKs
Addresses
• receiver, transmitter (physical), BSS identifier, sender (logical)
Miscellaneous
• sending time, checksum, frame control, data
bytes 2 2 6 6 6 2 6 0-2312 4
Frame Duration/ Address Address Address Sequence Address
Data CRC
Control ID 1 2 3 Control 4
bits 2 2 4 1 1 1 1 1 1 1 1
Protocol To From More Power More
Type Subtype Retry WEP Order 47
version DS DS Frag Mgmt Data
MAC address format
scenario to DS from address 1 address 2 address 3 address 4
DS
ad-hoc network 0 0 DA SA BSSID -
infrastructure 0 1 DA BSSID SA -
network, from AP
infrastructure 1 0 BSSID SA DA -
network, to AP
infrastructure 1 1 RA TA DA SA
network, within DS
bytes 2 2 6 6 4
Request To Send RTS
Frame
Duration
Receiver Transmitter
CRC
Control Address Address
bytes 2 2 6 4
Frame Receiver
Clear To Send CTS
Control
Duration
Address
CRC
49
802.11 - MAC management
Synchronization
• try to find a LAN, try to stay within a LAN
• Synchronize internal clocks and generate beacon signals
Power management
• periodic sleep, frame buffering, traffic measurements
• sleep-mode without missing a message
Roaming for Association/Reassociation
• integration into a LAN
• roaming, i.e. change networks by changing access points
• scanning, i.e. active search for a network
MIB - Management Information Base
• All parameters representing the current state of a wireless station and an
access point are stored in a MIB.
• A MIB can be accessed via SNMP.
50
Synchronization using a Beacon
(infrastructure)
Timing synchronization function (TSF) is needed for:
• Power management
• Coordination of the PCF and for synchronization of the hopping
sequence
A beacon contains a timestamp and other management
information.
The access point tries to schedule transmissions according to
the excepted beacon interval (target beacon transmission time).
beacon interval
B B B B
access
point
busy busy busy busy
medium
t
value of the timestamp B beacon frame 51
Synchronization using a Beacon (ad-hoc)
The standard random backoff algorithm is also applied to the
beacon frames in the ad-hoc networks.
beacon interval
B1 B1
station1
B2 B2
station2
52
Power management
Idea: switch the transceiver off if not needed
States of a station: sleep and awake
Timing Synchronization Function (TSF)
• stations wake up at the same time
Infrastructure
• Traffic Indication Map (TIM)
• list of unicast receivers transmitted by AP
• Delivery Traffic Indication Map (DTIM)
• list of broadcast/multicast receivers transmitted by AP
Ad-hoc
• Ad-hoc Traffic Indication Map (ATIM)
• announcement of receivers by stations buffering frames
• more complicated - no central AP
53
• collision of ATIMs possible (scalability?)
Power saving with wake-up patterns
(infrastructure)
TIM interval DTIM interval
D B T T d D B
access
point
busy busy busy busy
medium
p d
station
t
T TIM D DTIM awake
54
Power saving with wake-up patterns (ad-
hoc)
ATIM
window beacon interval
B1 A D B1
station1
B2 B2 a d
station2
t
B beacon frame random delay A transmit ATIM D transmit data
55
802.11 - Roaming
Roaming: moving from one access point to another
No or poor connection? Then perform:
Scanning
• scan the environment, i.e., listen into the medium for beacon signals or send
probes into the medium and wait for an answer
Reassociation Request
• station sends a request to one or several AP(s)
Reassociation Response
• success: AP has answered, station can now participate
• failure: continue scanning
AP accepts Reassociation Request
• signal the new station to the distribution system
• the distribution system updates its data base (i.e., location information)
• typically, the distribution system now informs the old AP so it can release
56
resources
WLAN: IEEE 802.11 – Current and Future
Developments
802.11c provides required information to ensure proper bridge
operations.
802.11d: Regulatory Domain Update – completed in 2001, amended in
2003
802.11e: MAC Enhancements – QoS – ongoing
• Enhance the current 802.11 MAC to expand support for applications with Quality
of Service requirements, and in the capabilities and efficiency of the protocol.
802.11f: Inter-Access Point Protocol – completed in 2003
• Establish an Inter-Access Point Protocol for data exchange via the
distribution system.
802.11h: Spectrum Managed 802.11a (DCS, TPC) – completed in 2003
802.11i: Enhanced Security Mechanisms – completed in 2004
• Enhance the current 802.11 MAC to provide improvements in security and
replace Wired Equivalent Privacy (WEP). 57
ETSI - HIPERLAN
ETSI standard
• European standard, cf. GSM, DECT, ...
• Enhancement of local Networks and interworking with fixed networks
• integration of time-sensitive services from the early beginning
HIPERLAN family
• one standard cannot satisfy all requirements
• range, bandwidth, QoS support
• commercial constraints
• HIPERLAN 1 standardized since 1996 – no products!
higher layers
medium access logical link
network layer
control layer control layer
channel access medium access
data link layer
control layer control layer
physical layer physical layer physical layer
60
Bluetooth
Idea
• The need to interconnect computer and peripherals, handheld devices, PDAs,
cell phones – replacement of IrDA led to the emergence of personal area
networks (PANs)
• Universal radio interface for ad-hoc wireless connectivity
• Embedded in other devices, goal: $5/device (2005: $40 bluetooth headset)
• Short range (10 m), low power consumption, license-free 2.45 GHz ISM
• Voice and data transmission, approx. 1 Mbit/s gross data rate
1999:
Ericsson mobile
communications AB
reste denna sten till
minne av Harald
Blåtand, som fick ge
sitt namn åt en ny
teknologi för trådlös,
mobil kommunikation.
63
…and the real rune stone
Located in Jelling, Denmark,
erected by King Harald “Blåtand”
in memory of his parents.
The stone has three sides – one side
showing a picture of Christ.
Inscription:
"Harald king executes these sepulchral
monuments after Gorm, his father and
Thyra, his mother. The Harald who won the
whole of Denmark and Norway and turned
the Danes to Christianity."
This could be the “original” colors
Btw: Blåtand means “of dark complexion” of the stone.
(not having a blue tooth…) Inscription:
“auk tani karthi kristna” (and
made the Danes Christians) 64
Characteristics
2.4 GHz ISM band, 79 RF channels, 1 MHz carrier spacing
• Channel 0: 2402 MHz … channel 78: 2480 MHz
• GFSK modulation, 1-100 mW transmit power
FHSS and TDD
• Frequency hopping with 1600 hops/s
• Hopping sequence in a pseudo random fashion, determined by a master
• Time division duplex for send/receive separation
Two type of links:
• Voice link – SCO (Synchronous Connection Oriented)
• FEC (forward error correction), no retransmission, 64 kbit/s duplex, point-
to-point, circuit switched
• Data link – ACL (Asynchronous Connectionless)
• Asynchronous, fast acknowledge, point-to-multipoint, up to 433.9 kbit/s
symmetric or 723.2/57.6 kbit/s asymmetric, packet switched
Topology: Overlapping piconets (stars) forming a scatternet 65
Protocol Specification
The Bluetooth specification can be divided into:
• A core specification which describes the protocols from physical layer to the
data link control
• Profile specifications describe many protocols and functions need to adapt
the wireless Bluetooth technology to legacy and new applications.
The protocol stack of Bluetooth is logically partitioned into three
layers: the core protocol group, the middleware group, and the
application group.
The transport protocol group comprise the following elements:
• Radio: specification of the air interface – frequencies, modulation, power
• Baseband: connection establishment, packet formats, timing, QoS
• Link management protocol: link set-up and management between devices
including security functions and parameter negotiation
• Logical link control and adaptation protocol (L2CAP): adaptation of higher
layers to the baseband
• Service discovery protocol: Device discovery plus querying of service
characteristics
66
Bluetooth Specification
The Bluetooth specification can be divided into:
• A core specification which describes the protocols from physical layer to the
data link control
• Profile specifications describe many protocols and functions need to adapt
the wireless Bluetooth technology to legacy and new applications.
The core protocols comprise the following elements:
• Radio: specification of the air interface – frequencies, modulation, power
• Baseband: connection establishment, packet formats, timing, QoS
• Link management protocol: link set-up and management between devices
including security functions and parameter negotiation
• Logical link control and adaptation protocol (L2CAP): adaptation of higher
layers to the baseband
67
Bluetooth Specification
The middleware protocol group comprises of:
• Radio Frequency Communications (RFCOMM) emulates a serial line
interface such as EIA-232 or RS-232
• Service discovery protocol (SDP): Device discovery plus querying of service
characteristics
• Infrared Data Association (IrDA)
• The telephony control protocol specification – binary (TCS BIN) describes a
bit-oriented protocol that defines voice and data calls between Bluetooth
devices.
• The host controller interface (HCI) provides a command interface to the
baseband controller and link manager, and access to the hardware status and
control registers.
• TCP/IP can run on PPP or Bluetooth network encapsulation protocol (BNEP).
The application group consists of applications:
• Modem dialer
• Web-browsing client
• Calendar and business card objects (vCalendar/vCard) can be exchanged
68
using the object exchange protocol (OBEX).
Bluetooth protocol stack
audio apps. NW apps. vCal/vCard telephony apps. mgmnt. apps.
TCP/UDP OBEX
AT modem
IP
commands
TCS BIN SDP
BNEP PPP Control
Baseband
Radio
69
Forming a Bluetooth Network: Piconet
Collection of devices connected in an
ad hoc fashion P
S
One unit acts as master and the others S
as slaves for the lifetime of the piconet M P
Master determines hopping pattern,
SB S
slaves have to synchronize
Each piconet has a unique hopping P SB
pattern
Participation in a piconet =
synchronization to hopping sequence M=Master P=Parked
S=Slave SB=Standby
Each piconet has one master and up to
7 simultaneous slaves (> 200 could be
parked)
70
Forming a Piconet
All devices in a piconet hop together
• Master gives slaves its clock and device ID
• Hopping pattern: determined by device ID (48 bit, unique worldwide)
• Phase in hopping pattern determined by clock
Addressing
• Active Member Address (AMA, 3 bit)
• Parked Member Address (PMA, 8 bit)
P
SB S
SB S
SB M P
SB SB
SB S
SB SB P
SB SB
SB 71
Scatternet
Linking of multiple co-located piconets through the sharing of
common master or slave devices
• Devices can be slave in one piconet and master of another
• As soon as a master leaves a piconnet, all traffic within this piconet is
suspended until the master returns.
Communication between piconets Piconets
• Devices jumping back and forth between the piconets (each with a
capacity of
< 1 Mbit/s)
P
S S
S
P
P
M
M=Master M
SB S
S=Slave
P=Parked P SB SB
SB=Standby
S 72
Operational States of a Bluetooth Device
standby unconnected
74
Frequency selection during data
625 µs
transmission
fk fk+1 fk+2 fk+3 fk+4 fk+5 fk+6
M S M S M S M
t
M S M S M
t
fk fk+1 fk+6
M S M
t
75
Baseband
Piconet/channel definition
Low-level packet definition
• Access code
• Channel, device access, e.g., derived from master
• Packet header
• 1/3-FEC, active member address (broadcast + 7 slaves), link
type, alternating bit ARQ/SEQ, checksum
4 64 (4) 3 4 1 1 1 8 bits
preamble sync. (trailer) AM address type flow ARQN SEQN HEC
76
SCO (Synchronous Connection-
Oriented) payload types
Bluetooth offers two types of links:
• Synchronous connection-oriented link for classical telephone (voice)
connections: HV (High quality Voice), DV (Data and Voice)
• Asynchronous connectionless link for typical data applications: DM1
(Data Medium rate) and DH3 (Data High rate) with 3 slots
payload (30)
DV audio (10) header (1) payload (0-9) 2/3 FEC CRC (2)
77
(bytes)
ACL (Asynchronous connectionless
Link) Payload types
payload (0-343)
79
Baseband link types
Polling-based TDD packet transmission
• 625µs slots, master polls slaves
SCO (Synchronous Connection Oriented) – Voice
• Periodic single slot packet assignment, 64 kbit/s full-duplex, point-to-point
ACL (Asynchronous ConnectionLess) – Data
• Variable packet size (1,3,5 slots), asymmetric bandwidth, point-to-multipoint
SLAVE 1
f1 f7 f9 f13 f19
SLAVE 2
f5 f17 f21
80
Robustness
Slow frequency hopping with hopping patterns determined by a
master
• Protection from interference on certain frequencies (FHSS)
• Separation from other piconets (FH-CDMA)
Retransmission
Error in payload
• ACL only, very fast
(not header!)
Forward Error Correction
NAK ACK
• SCO and ACL
MASTER A C C F H
SLAVE 1 B D E
SLAVE 2 G G 81
Link manager protocol
The link manager protocol (LMP) has the following functions:
• Authentication, pairing, and encryption
• Synchronization
• Capability negotiation: negotiate
• Quality of service negotiation
• Power control
• Link supervision
• State and transmission mode change
Major baseband states are: Standby, inquiry, page, active, low
power
To save battery power, a Bluetooth device can go into one of three
low power states:
• Active: A Bluetooth device actively participates in the piconet.
• Sniff: listen periodically, not each slot
• Hold: stop ACL, SCO still possible, possibly participate in another piconet
82
• Park: release AMA, get PMA
Example: Power consumption/CSR
BlueCore2
Typical Average Current Consumption (1)
VDD=1.8V Temperature = 20°C
Mode
SCO connection HV3 (1s interval Sniff Mode) (Slave) 26.0 mA
SCO connection HV3 (1s interval Sniff Mode) (Master) 26.0 mA
SCO connection HV1 (Slave) 53.0 mA
SCO connection HV1 (Master) 53.0 mA
ACL data transfer 115.2kbps UART (Master) 15.5 mA
ACL data transfer 720kbps USB (Slave) 53.0 mA
ACL data transfer 720kbps USB (Master) 53.0 mA
ACL connection, Sniff Mode 40ms interval, 38.4kbps UART 4.0 mA
ACL connection, Sniff Mode 1.28s interval, 38.4kbps UART 0.5 mA
Parked Slave, 1.28s beacon interval, 38.4kbps UART 0.6 mA
Standby Mode (Connected to host, no RF activity) 47.0 µA
Deep Sleep Mode(2) 20.0 µA
Notes:
(1) Current consumption is the sum of both BC212015A and the flash.
(2) Current consumption is for the BC212015A device only. 83
(More: www.csr.com )
Example: Bluetooth/USB adapter (2005:
$10)
84
L2CAP - Logical Link Control and
Adaptation Protocol
Simple data link protocol on top of baseband
Connection oriented, connectionless, and signalling channels
Protocol multiplexing
• RFCOMM (Radio Frequency Communication), SDP (Service Discovery
Protocol), telephony control
Segmentation & reassembly
• Up to 64 kbyte user data, 16 bit CRC used from baseband
QoS flow specification per channel
• Follows RFC 1363, specifies delay, jitter, bursts, bandwidth
Group abstraction
• Create/close group, add/remove member
85
L2CAP logical channels
Slave Master Slave
Connection-oriented PDU
2 2 0-65535 bytes
length CID payload
1 1 2 0
code ID length data
87
Security
Paring – user input a secret PIN into both devices
Authentication – link keys are typically stored in a persistent
storage
Encryption – the device address and the current clock are generated
for ciphering user data
Ciphering – simple XOR of the user data and the payload key
88
Security
User input (initialization)
PIN (1-16 byte) Pairing PIN (1-16 byte)
89
Middleware Protocol Group: SDP
Bluetooth needs to know what devices or services are available in
radio proximity.
SDP is a Inquiry/response protocol for discovering services
• Searching for and browsing services in radio proximity
• Adapted to the highly dynamic environment
• Can be complemented by others like SLP (Service Location Protocol), Jini,
Salutation, …
• Defines discovery only, not the usage of services
• Caching of discovered services
• Gradual discovery
Service record format
• Information about services provided by attributes
• Attributes are composed of an 16 bit ID (name) and a value
• values may be derived from 128 bit Universally Unique Identifiers (UUID)
90
Middleware Protocol Group
RFCOMM
• Emulation of a serial port (supports a large base of legacy applications)
• Allows multiple ports over a single physical channel
Telephony Control Protocol Specification (TCS)
• Call control (setup, release)
• Group management
OBEX (Object Exchange)
• Exchange of objects, IrDA replacement
WAP
• Interacting with applications on cellular phones
91
Profiles
Represent default solutions for a certain usage model Applications
Protocols
• Basis for interoperability
Generic Access Profile
Service Discovery Application Profile
Cordless Telephony Profile
Intercom Profile Profiles
Additional Profiles
Serial Port Profile
Advanced Audio Distribution
Headset Profile PAN
Dial-up Networking Profile Audio Video Remote Control
Fax Profile Basic Printing
LAN Access Profile Basic Imaging
Extended Service Discovery
Generic Object Exchange Profile Generic Audio Video Distribution
Object Push Profile Hands Free
File Transfer Profile Hardcopy Cable Replacement
Synchronization Profile
92
WPAN: IEEE 802.15.1 – Bluetooth
Data rate
Connection set-up time
• Synchronous, connection-oriented: 64
• Depends on power-mode
kbit/s
• Max. 2.56s, avg. 0.64s
• Asynchronous, connectionless
Quality of Service
• 433.9 kbit/s symmetric
• Guarantees, ARQ/FEC
• 723.2 / 57.6 kbit/s asymmetric
Manageability
Transmission range
• Public/private keys needed, key
• POS (Personal Operating Space) up to 10 management not specified, simple system
m integration
• with special transceivers up to 100 m
Special Advantages/Disadvantages
Frequency • Advantage: already integrated into several
• Free 2.4 GHz ISM-band products, available worldwide, free ISM-
Security band, several vendors, simple system,
simple ad-hoc networking, peer to peer,
• Challenge/response (SAFER+), hopping
scatternets
sequence
• Disadvantage: interference on ISM-band,
Cost limited range, max. 8
• $30 adapter, drop to $5 if integrated devices/network&master, high set-up
Availability latency
• Integrated into some products, several 93
vendors
WPAN: IEEE 802.15 – Current
Developments
802.15.2: Coexistance
• Coexistence of Wireless Personal Area Networks (802.15) and Wireless
Local Area Networks (802.11), quantify the mutual interference
802.15.3: High-Rate
• Standard for high-rate (20Mbit/s or greater) WPANs, while still low-
power/low-cost
• Data Rates: 11, 22, 33, 44, 55 Mbit/s
• Quality of Service isochronous protocol
• Ad hoc peer-to-peer networking
• Security
• Low power consumption
• Low cost
• Designed to meet the demanding requirements of portable consumer imaging
and multimedia applications 94
WPAN: IEEE 802.15 – Current
Development
802.15-4: Low-Rate, Very Low-Power, approved in May 2003
• Low data rate solution with multi-month to multi-year battery life and very
low complexity
• Potential applications are sensors, interactive toys, smart badges, remote
controls, and home automation
• Data rates of 20-250 kbit/s, latency down to 15 ms
• Master-Slave or Peer-to-Peer operation
• Support for critical latency devices, such as joysticks
• CSMA/CA channel access (data centric), slotted (beacon) or unslotted
• Automatic network establishment by the PAN coordinator
• Dynamic device addressing, flexible addressing format
• Fully handshaked protocol for transfer reliability
• Power management to ensure low power consumption
• 16 channels in the 2.4 GHz ISM band, 10 channels in the 915 MHz US ISM
band and one channel in the European 868 MHz band 95
History of HomeRF
HomeRF is the technique that aimed at offering voice, data and
video image at home or small scale office with a low cost by radio
frequency instead of wiring.
The HomeRF standard was developed by HomeRF Working Group
that is composed of major companies such as Compaq, Intel,
Motorola, National Semiconductor, Proxim and Siemens.
The HomeRF standard diverged from the original 802.11 FHSS
standard and incorporated the Digital Enhanced Cordless
Telephone (DECT) technology used for cordless telephones in
Europe.
HomeRF follows shared wireless access protocol (SWAP).
SWAP is used to set up a network that provides access to a public
network telephone, the Internet (data), entertainment networks
(cable television, digital audio, and video), transfer and sharing of
data resources (disks, printer), home control, and automation. 96
History of HomeRF and Infrared
The SWAP can support up to 127 devices, each identified by a 48-
bit network identifier.
• Connection point is a gateway to the public switched telephone network
(PSTN).
• Asynchronous data node is used to communicate with other nodes.
The demise of HomeRF
• In 2001, Intel has started the process of abandoning the HomeRF standard for
in-home networking and is switching to IEEE 802.11b.
• Eventually, HomeRF lost its supporters and market and HomeRF Working
Group disbanded in 2003.
The infrared technology (IrDA) has the following characteristics:
• The infrared rays can be blocked by obstacles.
• The effective range of infrared communications is about one meter.
• The power consumed by infrared devices is extremely low.
• Data rates of 4 Mbps are easily achievable.
• The cost of infrared devices is low.
Despite the restriction of line of sight (LoS), infrared devices are
very popular because they cost less and consume less power.
97
HomeRF Standard
Data rate Connection set-up time
• 0.8, 1.6, 5, 10 Mbit/s • 10 ms bounded latency
Transmission range Quality of Service
• 300m outdoor, 30m indoor • Up to 8 streams A/V, up to 8 voice
Frequency streams, priorities, best-effort
• 2.4 GHz ISM Manageability
Security • Like DECT & 802-LANs
• Strong encryption, no open
access Special Advantages/Disadvantages
• Advantage: extended QoS support,
Cost
host/client and peer/peer, power
• Adapter ?, base station ?
saving, security
Availability • Disadvantage: future uncertain due to
• Several products from different DECT-only devices plus 802.11a/b for
vendors data
98
RFID – Radio Frequency Identification
RFID (radio frequency identification) is a technology that
incorporates the use of electromagnetic or electrostatic coupling in
the radio frequency (RF) portion of the electromagnetic spectrum
to uniquely identify an object, animal, or person.
RFID is coming into increasing use in industry as an alternative to
the bar code.
The advantage of RFID is that it does not require direct contact or
line-of-sight scanning.
An RFID system consists of three components: an antenna and
transceiver (often combined into one reader) and a transponder (the
tag).
The antenna uses radio frequency waves to transmit a signal that
activates the transponder. When activated, the tag transmits data
back to the antenna. 99
RFID – Radio Frequency Identification
The data is used to notify a programmable logic controller that an
action should occur. The action could be as simple as raising an
access gate or as complicated as interfacing with a database to
carry out a monetary transaction.
Low-frequency RFID systems (30 KHz to 500 KHz) have short
transmission ranges (generally less than six feet). High-frequency
RFID systems (850 MHz to 950 MHz and 2.4 GHz to 2.5 GHz)
offer longer transmission ranges (more than 90 feet). In general, the
higher the frequency, the more expensive the system.
RFID is sometimes called dedicated short range communication
(DSRC).
100
RFID – Radio Frequency Identification
Data rate Connection set-up time
• Transmission of ID only (e.g., 48 bit, • Depends on product/medium access
64kbit, 1 Mbit)
scheme (typ. 2 ms per device)
• 9.6 – 115 kbit/s
Quality of Service
Transmission range
• Passive: up to 3 m • none
• Active: up to 30-100 m Manageability
• Simultaneous detection of up to, e.g., • Very simple, same as serial interface
256 tags, scanning of, e.g., 40 tags/s Special Advantages/Disadvantages
Frequency • Advantage: extremely low cost, large
• 125 kHz, 13.56 MHz, 433 MHz, 2.4 experience, high volume available, no
GHz, 5.8 GHz and many others power for passive RFIDs needed,
Security large variety of products, relative
• Application dependent, typ. no crypt. speeds up to 300 km/h, broad temp.
on RFID device range
Cost • Disadvantage: no QoS, simple denial
• Very cheap tags, down to $1 of service, crowded ISM bands, typ.
(passive) one-way (activation/ transmission of
Availability ID) 101
• Many products, many vendors
RFID – Radio Frequency Identification
Function
• Standard: In response to a radio interrogation signal from a reader (base
station) the RFID tags transmit their ID
• Enhanced: additionally data can be sent to the tags, different media access
schemes (collision avoidance)
Features
• No line-of sight required (compared to, e.g., laser scanners)
• RFID tags withstand difficult environmental conditions (sunlight, cold, frost,
dirt etc.)
• Products available with read/write memory, smart-card capabilities
Categories
• Passive RFID: operating power comes from the reader over the air which is
feasible up to distances of 3 m, low price (1€)
• Active RFID: battery powered, distances up to 100 m
102
RFID – Radio Frequency Identification
Applications
• Total asset visibility: tracking of goods during manufacturing, localization of
pallets, goods etc.
• Loyalty cards: customers use RFID tags for payment at, e.g., gas stations,
collection of buying patterns
• Automated toll collection: RFIDs mounted in windshields allow commuters
to drive through toll plazas without stopping
• Others: access control, animal identification, tracking of hazardous material,
inventory control, warehouse management, ...
Levels of interference
• Physical layer: interference acts like noise
• Spread spectrum tries to minimize this
• FEC/interleaving tries to correct © Fusion Lighting, Inc.
109
802.11 vs. 802.15/Bluetooth
Bluetooth may act like a rogue member of the 802.11 network
• Does not know anything about gaps, inter frame spacing etc.
f [MHz]
2480 802.11b
DIFS
DIFS
SIFS
ACK
1000 byte 3 channels
(separated by
installation)
DIFS
DIFS
DIFS
SIFS
SIFS
ACK
ACK
500 byte 500 byte 500 byte
802.15.1
79 channels
DIFS
DIFS
DIFS
DIFS
DIFS
SIFS
SIFS
SIFS
SIFS
SIFS
ACK
ACK
ACK
ACK
ACK
100 100 100 100 100
byte byte byte byte byte (separated by
2402 hopping pattern)