bluetooth le - dodging the bullets
TRANSCRIPT
![Page 1: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/1.jpg)
Bluetooth LEDodging The BulletsDaniel Kummer.NCamp. 2016.
NCamp. 2016. 1
![Page 2: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/2.jpg)
DisclaimerMinimal Technical StuffAt the end there will be !
NCamp. 2016. 2
![Page 3: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/3.jpg)
Preface - Mental Health
To keep everyone calm and relaxed after stressful slides, cute kittens will be shown
NCamp. 2016. 3
![Page 4: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/4.jpg)
AgendaEntry
▸▸ Origins ▸ Basics ▸ iOS/Android ▸ Hardware
Experience
▸▸ Advertising ▸ Pairing ▸ Bonding ▸ Operation
Exit
▸▸ Data Quantities ▸ Survival Tips ▸ Tools
NCamp. 2016. 4
![Page 5: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/5.jpg)
Bluetooth OriginsHistory Side Trip
NCamp. 2016. 5
![Page 6: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/6.jpg)
King Harald Blåtand958 - 986
NCamp. 2016. 6
![Page 7: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/7.jpg)
Blueooth Low Energy» 4.0 (2010)▸▸ Wibree (Nokia) aka Bluetooth Smart, GATT, 25Mbit/s, 60m
» 4.2 (2014)▸▸ IoT key features, focus on security
» 5.0 (2017)▸▸ 50MBit/s, 240m
NCamp. 2016. 7
![Page 8: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/8.jpg)
BLE Basics2'000 pages core spec ▸▸ 2 slides
NCamp. 2016. 8
![Page 9: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/9.jpg)
Terminology
NCamp. 2016. 9
![Page 10: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/10.jpg)
GATTGeneric Attribute Profile
Your main battlefield
» Data exchange
» Use case specific
» SIG defined (Glucose Profile, HID, ...)
» Vendor defined
NCamp. 2016. 10
![Page 11: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/11.jpg)
Shootin' time!Dodge + CoverNCamp. 2016. 11
![Page 12: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/12.jpg)
iOS / Android
NCamp. 2016. 12
![Page 13: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/13.jpg)
iOSSince iPhone 4s / iOS 5
» ! More reliable and failure tolerant than Android
» ! Works on one device, works on all
» " Restrictive API
» " Restrictive peripheral mode (acting as server)
NCamp. 2016. 13
![Page 14: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/14.jpg)
AndroidSince Android 4.3
» ! High API freedom
» " Issues below Android 5.0 (API Level 21)(it's #)
» " Android Problem Multiplexer
NCamp. 2016. 14
![Page 15: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/15.jpg)
Android Problem Multiplexer
» No predictions possible
» Approach ▸ Test and verifyNCamp. 2016. 15
![Page 16: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/16.jpg)
HardwareNuts and Bolts
NCamp. 2016. 16
![Page 17: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/17.jpg)
Hardware Issues» Bad and worse chipsets out
there
» Practically all have issues
» Bad and complicated (and/or wrong) documentation
“Imaging an universal power adapter not fitting into a plug”
NCamp. 2016. 17
![Page 18: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/18.jpg)
Hardware Advice» Get target hardware asap
» Stick to BLE core functionality
» Get in contact with the chipset manufacturer
Chipset Hints
» Nordic !, Texas Instruments ", Qualcomm #
NCamp. 2016. 18
![Page 19: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/19.jpg)
RelaxationKitten #1 ▸
NCamp. 2016. 19
![Page 20: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/20.jpg)
AdvertisingHello, I'm here
NCamp. 2016. 20
![Page 21: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/21.jpg)
Bluetooth Advertising» Like the beam of a lighthouse
» Shortly visible, in periods
» Not much information transfer possible
» 26 Characters1 - that's it
» Usually device/functionality identifiers
1 Bytes
NCamp. 2016. 21
![Page 22: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/22.jpg)
Advertising Hints» Plan ahead - Define early what goes into
advertising
» Request company identifier from Bluetooth SIG
» Use scan response and active scanning
» Advertising should be static data, scan response changing data
NCamp. 2016. 22
![Page 23: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/23.jpg)
iOS Advertising» iOS uses obsfucated device identifier, not the MAC
address
» When mocking a peripheral:
» No full control of advertising data (ex: Manufacturer Specific Data)
» MAC will change randomly
NCamp. 2016. 23
![Page 24: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/24.jpg)
iOS Advertising Hints» Implement independent from identifier (especially
for cross-platform apps)
» Know your mock limitations
NCamp. 2016. 24
![Page 25: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/25.jpg)
Android Advertising Hints» The Android BLE stack(s) are ! - period!
» Lagging initial discovery time (up to 30 sec)
» Devices dropping out of cache when too many other devices are advertising
❗ Android will fall back to BR/EDR mode on dual mode chipsets
» Android 4.3 cannot filter 128Bit UUIDs
NCamp. 2016. 25
![Page 26: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/26.jpg)
Dodge Android Advertising» Maintain your own list of BLE devices in app-code
» Don't rely on SDK provided filtering
» Don't use dual-mode chipsets on the target hardware
» Don't use Android < 5.0 (API Level 21)
NCamp. 2016. 26
![Page 27: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/27.jpg)
RelaxationKitten #2 ▸
NCamp. 2016. 27
![Page 28: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/28.jpg)
Pairing + BondingShort- & longterm Relationships
NCamp. 2016. 28
![Page 29: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/29.jpg)
Goldfish vs. Elephant
» Pairing - Short term, forget after disconnect
» Bonding - Long term, rememberNCamp. 2016. 29
![Page 30: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/30.jpg)
Focus BondingSwallow the fish, free the elephant
NCamp. 2016. 30
![Page 31: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/31.jpg)
Bonding» Initiated after first encrypted characteristic
read attempt (iOS)
» Extremely hardware and stack dependent
» Increased overall complexity
NCamp. 2016. 31
![Page 32: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/32.jpg)
Bonding Suggestions» Determine whether truly necessary - usually not
» Include early in development
» Don't assume working without verifying (Android ❗)
NCamp. 2016. 32
![Page 33: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/33.jpg)
Final Bonding Advice1# Don't use it2# Implement app-side
NCamp. 2016. 33
![Page 34: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/34.jpg)
RelaxationKitten #3 ▸
NCamp. 2016. 34
![Page 35: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/35.jpg)
Connection ManagementHello? Are you still there?
NCamp. 2016. 35
![Page 36: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/36.jpg)
Connection Management» Random and frequent disconnects will occur
» Connections remain open without active disconnects
» Limited amount of services and characteristics
» Lots of possible errors can occur
NCamp. 2016. 36
![Page 37: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/37.jpg)
Connection Management Suggestions» Implement auto-reconnect yourself
» Do not use non-standard MTU3
» Be very failure tolerant
» Limit characteristic usage
3 https://www.adafruit.com/product/2269
NCamp. 2016. 37
![Page 38: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/38.jpg)
Connection ManagementAndroid Supplement
NCamp. 2016. 38
![Page 39: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/39.jpg)
Android Supplement» Do not use the autoConnect feature
» States can be stale - don't trust them too much
» Many undocumented status codes can occur - implement retry
» 'Restart Phone' is a valid problem solving approach
» Always close GATT after disconnect
NCamp. 2016. 39
![Page 40: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/40.jpg)
RelaxationKitten #4 ▸
NCamp. 2016. 40
![Page 41: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/41.jpg)
OperationIs the smoke normal?
NCamp. 2016. 41
![Page 42: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/42.jpg)
Operation» All communication is async - but you cannot do two
things at once
» Chipsets sometimes limit GATT UUID formats
» Characteristic descriptors (read/write/indicate/notify/...) are frickle
» Reliable read / write operations aren't reliable
» Many problems might lead to inconsistent stack
NCamp. 2016. 42
![Page 43: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/43.jpg)
Operation Proposals» Limit notification characteristics as much as
possible
» Implement 'heartbeat' for tracking connection loss
» Implement your own synchronization layer where necessary
NCamp. 2016. 43
![Page 44: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/44.jpg)
Data QuantitiesHow much? Seriously?
NCamp. 2016. 44
![Page 45: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/45.jpg)
Data Quantities» GATT is not intended for large transfer volumes
» 20 Bytes per characterisic
» 'Roll your own' complex implementation
» Don't try to transfer larger volumes!
» Data where integrity is important
» Firmware upgrades, control code, ...
NCamp. 2016. 45
![Page 46: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/46.jpg)
Data Quantities Proposals“GATT services and characteristics are not always the right approach!”Anonymous
» Later changes are extremely expensive
» SPP (Serial Port Profile) alternative
» RS232 over Bluetooth - RX and TX
» Use-case based descision
NCamp. 2016. 46
![Page 47: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/47.jpg)
RelaxationKitten #5 ▸
NCamp. 2016. 47
![Page 48: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/48.jpg)
Survival TipsThe Art of staying alive
NCamp. 2016. 48
![Page 49: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/49.jpg)
Do NotReally! Seriously!
» Commit to fixed timelines
» Guarantee functionality / device support
» Blindly estimate testing efforts
NCamp. 2016. 49
![Page 50: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/50.jpg)
DoAt least try to
» Do Proof of concepts early
» Organize your mobile test devices (phones)
» Stick to core functionality
» Get your hands on real hardware (peripherals) asap
» Debug Frequently
» Log extensively
NCamp. 2016. 50
![Page 51: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/51.jpg)
ToolsSpoon?
NCamp. 2016. 51
![Page 52: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/52.jpg)
ToolsAndroid - nRF Connect App - HCI Snoop Protocol + WireShark
iOS - LightBlue Explorer App
Hardware - Bluefruit LE Sniffer3
3 https://www.adafruit.com/product/2269
NCamp. 2016. 52
![Page 53: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/53.jpg)
Resources» Ask someone with experience▸▸ Really!
» O'Reilly - Getting Started with Bluetooth Low Energy▸▸ Good but very shallow
» Bluetooth.org + Core Specification▸▸ You'll have to even if you don't want to
NCamp. 2016. 53
![Page 54: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/54.jpg)
Closing Thoughts
NCamp. 2016. 54
![Page 55: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/55.jpg)
The ! is a lie!» Well, not completely
» The technology is there BUT it's often not as good as advertised
» Don't go off just using it for everything without having a plan
» Don't be overconfident
NCamp. 2016. 55
![Page 56: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/56.jpg)
! You can and will get it to work! With enough time and compromises
NCamp. 2016. 56
![Page 57: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/57.jpg)
Final relaxation kitten
NCamp. 2016. 57
![Page 58: Bluetooth LE - Dodging the Bullets](https://reader033.vdocuments.mx/reader033/viewer/2022042706/58a2eaad1a28abc9648b6643/html5/thumbnails/58.jpg)
Thank you
NCamp. 2016. 58