Building Bluetooth Low Energy Systems

5 (1 reviews total)
By Muhammad Usama bin Aftab
    What do you get with a Packt Subscription?

  • Instant access to this title and 7,500+ eBooks & Videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
  1. Free Chapter
    BLE and the Internet of Things
About this book

Bluetooth Low Energy (BLE) is a Wireless Personal Area network technology aimed at novel applications for smart devices. High-tech BLE profiles and services are being increasingly used by application developers and hardware enthusiasts to allow devices to interact with the surrounding world.

This book will focus on a technical introduction to BLE and how it is reshaping small-distance communication. We will start with IoT, where many technologies such as BLE, Zigbee, and IEEE 802.15.4 Mesh will be introduced. The book will present BLE from an engineering perspective, from which the protocol stack, architecture, and layers are discussed. You will learn to implement customized projects for Peripheral/Central communication, BLE Beacons, indoor navigation using triangulation, and the Internet gateway for Bluetooth Low Energy Personal Network, all using various code samples and APIs on Android, iOS, and the Web. Finally, the book will conclude with a glimpse into future technologies destined to be prominent in years to come.

Publication date:
April 2017


Chapter 1. BLE and the Internet of Things

This book is a practical guide to the world of the Internet of Things (IoT), where you will not only learn the theoretical concepts of the Internet of Things but also will get a number of practical examples. The purpose of this book is to bridge the gap between the knowledge base and its interpretation. Much literature is available for the understanding of this domain but it is difficult to find something that follows a hands-on approach to the technology. In this chapter, readers will get an introduction of Internet of Things with a special focus on Bluetooth Low Energy (BLE). There is no problem justifying the fact that the most important technology for the Internet of Things is Bluetooth Low Energy as it is widely available throughout the world and almost every cell phone user keeps this technology in his pocket. The chapter will then go beyond Bluetooth Low Energy and will discuss many other technologies available for the Internet of Things.

In this chapter we'll explore the following topics:

  • Introduction to Internet of Things
  • Current statistics about IoT and how we are living in a world which is going towards M2M communication
  • Technologies in IoT (Bluetooth Low Energy, Bluetooth beacons, Bluetooth Mesh and Wireless Gateways and so on)
  • Typical examples of IoT devices (catering wearables, sports gadgets and autonomous vehicles and so on)
  • Bluetooth introduction and versioning
  • Restructuring of Bluetooth architecture in version 4.0 (BLE) explaining its protocol stack
  • Technical terminologies used in BLE and BLE beacons
  • Understanding of BLE security mechanism with special focus on Bluetooth pairing, bonding and the key exchange to cover the encryption, privacy, and user data integrity

Internet of Things

The Internet is a system of interconnected devices which uses a full stack of protocols over a number of layers. In early 1960, the first packet-switched network ARPANET was introduced by the United States Department of Defense (DOD) which used a variety of protocols. Later, with the invention of TCP/IP protocols the possibilities were infinite. Many standards were evolved over time to facilitate the communication between devices over a network. Application layer protocols, routing layer protocols, access layer protocols, and physical layer protocols were designed to successfully transfer the Internet packets from the source address to the destination address. Security risks were also taken care of during this process and now we live in the world where the Internet is an essential part of our lives.

The world had progressed quite a far from ARPANET and the scientific communities had realized that the need of connecting more and more devices was inevitable. Thus came the need for more Internet addresses. Internet Protocol version 6 (IPv6) was developed to give support to an almost infinite number of devices. It uses 128 bit address, allowing 2^128 (3.4 e38) devices to successfully transmit packets over the Internet. With this powerful addressing mechanism, it was now possible to think beyond the traditional communication over the Internet. The availability of more addresses opened the way to connect more and more devices. Although, there are other limitations in expanding the number of connected devices, addressing scheme opened up significant ways.

Modern day IoT

The idea of a modern day Internet of Things is not significantly old. In 2013, the perception of the Internet of Things evolved. The reasons being the merger of wireless technologies, increase the range of wireless communication and significant advancement in embedded technology. It was now possible to connect devices, buildings, light bulbs and theoretically any device which has a power source and can be connected wirelessly. The combination of electronics, software, and network connectivity has already shown enough marvels in the computer industry in the last century and Internet of Things is no different.

Internet of Things is a network of connected devices that are aware of their surrounding. Those devices are constantly or eventually transferring data to its neighboring devices in order to fulfill certain responsibility. These devices can be automobiles, sensors, lights, solar panels, refrigerators, heart monitoring implants or any day-to-day device. These things have their dedicated software's and electronics to support the wireless connectivity. It also implements the protocol stack and the application level programming to achieve the required functionality:

An illustration of connected devices in the Internet of Things

Real life examples of the Internet of Things

Internet of Things is fascinatingly spread in our surroundings and the best way to check it is to go to a shopping mall and turn on your Bluetooth. The devices you will see is merely a drop in the bucket of the Internet of Things. Cars, watches, printers, jackets, cameras, light bulbs, street lights, and other devices that were too simple before are now connected and continuously transferring data. It is to keep in mind that this progress in the Internet of Things is only three years old and it is not improbable to expect that the adoption rate of this technology will be something that we have never seen before.

The last decade tells us that the increase in the Internet users was exponential where it reached the first billion in 2005, the second in 2010 and the third in 2014. Currently, there are 3.4 billion Internet users in the world. Although this trend looks unrealistic, the adoption rate of the Internet of Things is even more excessive. The reports say that by 2020, there will be 50 billion connected devices in the world and 90% of the vehicles will be connected to the Internet. This expansion will bring $19 trillion in profits by the same year. By the end of this year, wearables will become a $6 billion market with 171 million devices sold.

As the section suggests, we will discuss different kinds of IoT devices available in the market today. The section will not cover them all, but to an extent where the reader will get an idea about the possibilities in future. The reader will also be able to define and identify the potential candidates for future IoT devices.


The most important and widely recognized form of Internet of Things is wearables. In the traditional definition, wearables can be any item that can be worn. The wearables technology can range from fashion accessories to smart watches. Apple Watch is a prime example of wearables. It contains fitness tracking and health-oriented sensors/apps which work with iOS and other Apple products. A competitor of Apple Watch is Samsung Gear S2 which provides compatibility with Android devices and fitness sensors. Likewise, there are many other manufacturers who are building smart watches, including Motorola, Pebble, Sony, Huawei, Asus, LG and Tag Heuer. The reason that makes them a part of the Internet of Things is that they are more than just watches. It can now transfer data, talk to your phone, read your heart rate and connect directly to Wi-Fi. For example, a watch can now keep track of your steps and transfer this information to the cell phone:

Fitbit Blaze and Apple Watch

The fitness tracker

The fitness tracker is another important example of the Internet of Things where the physical activities of the athlete are monitored and maintained. Fitness wearables are not confined to the bands, there are smart shirts that monitor the fitness goals and progress of the athlete. We will discuss two examples of fitness trackers in this section. Fitbit and Athos smart apparel. The Fitbit Blaze is a new product from the company which resembles a smart watch. Although it can be categorized in the smart watch, the company philosophy makes it a fitness-first watch. It provides step tracking, sleep monitoring, and 24/7 heart rate monitoring. Some of Fitbit's competitors like Garmin Vivoactive watch provides a built-in GPS too. Athos apparel is another example of fitness wearable which provides heart rate and EMG sensors. Unlike fitness tracker, their sensors are spread across the apparel.


The theoretical definition of wearables may include Augmented and Virtual Reality headsets and Bluetooth earphones/headphones in the list.

Smart home devices

The evolution of the Internet of Things is transforming the way we live our daily lives. People have already started using wearables and many other Internet of Things devices. The next big thing in the field of the Internet of Things is the Smart Home. Home Automation or simply Smart Homes is a concept when we extend our home by including automated controls to the things like heating, ventilation, lighting, air-conditioning, and security. This concept is fully supported by the Internet of Things which demands the connection of devices in an environment. Although the concept of smart home came on the surface in the 1990s, it hardly got any significant popularity in the masses. In the last decade, many smart home devices came into the market by major technology companies.

Amazon Echo

One of the important development in the world of home automation was the launch of Amazon Echo in late 2014. Amazon Echo is a voice-enabled device that performs tasks just by recognizing your voice. The device responds to the name Alexa, a keyword that can be used to wake up the device and perform tasks. This keyword can be used followed by a command to perform specific tasks. Some basic commands that can be used to fulfill home automation tasks are:

  • Alexa, play some Adele.
  • Alexa, play playlist XYZ.
  • Alexa, turn the bedroom lights on (Bluetooth enabled lights bulbs (for example Philips Hue) should be present in order to fulfill this command).
  • Alexa, turn the heat up to 80 (a connected thermostat should be present to execute this command).
  • Alexa, what is the weather?
  • Alexa, what is my commute?
  • Alexa, play audiobook a Game of Thrones.
  • Alexa, Wikipedia Packt Publishing.
  • Alexa, how many teaspoons are in one cup?
  • Alexa, set a timer for 10 minutes.

With these voice commands, Alexa is fully operable:

Amazon Echo, Amazon Tap and Amazon Dot (from left to right)

Amazon Echo's main connectivity is through Bluetooth and Wi-Fi. It uses Internet network to run the commands. On the other hand, it uses Bluetooth to connect to other devices in the home. For example, the connectivity to Philips Hue and Thermostat is through Bluetooth.

In Google IO 2016, Google announced a smart home device that will use Google as a backbone to perform various tasks. The device will challenge the power of Alexa on the commercial level. This will be a significant step for Google in the smart home market.


Amazon also launched Amazon Dot and Amazon Tap. Amazon Dot is a smaller version of Echo which does not have speakers. External speakers can be connected to the Dot in order to get full access to Alexa. Amazon Tap is a more affordable, cheaper and wireless version of Amazon Echo.

Wireless bulbs

Philips Hue Wireless Bulb is another example of smart home devices. It is a Bluetooth connected light bulb that give full control to the user through his cellphone. The bulbs can change millions of colors and can be controlled remotely through away from home feature. The lights are smart enough to sync with the music:

Illustration of controlling Philips Hue Bulbs with smartphones

Smart refrigerators

Home automation is incomplete without kitchen electronics and Samsung stepped into this race. Family Hub Refrigerator is a smart fridge that let you access the Internet and runs many applications. It is also categorized in the Internet of Things devices as it is fully connected to the Internet and provides various controls to the users:

Samsung Family Hub Refrigerator with touch controls

Television and online media

Internet of Things marked its victory in the Media Electronics as well. An example of the Internet of Things in this domain is the Google Chromecast.

Google Chromecast

It is a digital media player that converts a normal television into a Smart TV. It is designed as a small dongle that connects through HDMI and uses WLAN to wirelessly connect to the cell phone. It lets you cast YouTube, Netflix, Google Photos and many other applications through your cell phone. Google also launched an audio version of the Chromecast that lets you cast your music to any wired speaker.

The advantage of this technology is that it enables a non-smart electronics device to become smart by connecting it remotely to the cell-phone. Google Chromecast was one of its kind portable device to perform a plug-and-play functionality to any television and audio device. Google Chromecast 2nd Generation runs 1.2 GHz ARM-Cortez A7 processor with 512 MB of DDR3L RAM.


For a complete list of the applications supported by Google Chromecast, follow the link:

In the following topic, we will discuss how the industry giant Apple is running the best home entertainment smart device:

Google Chromecast Audio and Google Chromecast (2nd Generation) from left to right.

Apple TV

While Chromecast provides portability and ease to connect to Android devices, Apple TV runs tvOS (based on iOS) and provides a solid base of the operating system. There are many TV services that provide their services through Apple TV and there is no scarcity of supported applications. It supports Bluetooth, HDMI, Wi-Fi and USB-Type C connectivity. The 4th Generation of Apple TV features an A8 processor with 2GB RAM and up to 64GB of internal storage.


For a complete list of application supported by Apple TV 4th Generation, follow the link

Moving forward, we will discuss how the Internet of Things made its way in the automotive industry with the help of incredible software stack and smart sensors:

Apple TV 4th Generation

Automotive industry

The discussion on the Internet of Things is incomplete without talking about its impact on the automotive industry. Tesla Motors, a silicon-valley based company was built on the philosophy of smart vehicles. Named after the world's greatest scientist Nikola Tesla, the company sells electric cars, electric vehicle powertrain, and batteries. Tesla Roadster was the first fully electric sports car, launched in 2008. This model was followed by Tesla Model S:

Tesla autonomous driving with GPS navigation on 17" touch screen display

Beginning September 2014, all Model S were equipped with a camera mount on the windshield, forward facing RADAR, and ultrasonic acoustic location sensors giving the car an ability to sense 360-degree buffer. At that time, Model S had the ability to recognize obstacles and road signs. This well-equipped car was given the capability of auto-pilot in October 2015 in the software v7.0 which allows hands-free driving. The update on January (software v7.1) contained "summon" feature that allows the car to park itself automatically without the driver. Another big thing to know here is that the software updates for Tesla are over-the-air unlike some of its competitor. The autonomous driving feature ignites a mixed reaction from the community where some users were excited, others were doubtful about the safety. The update resulted in this car to become a true Internet of Things marvel as it satisfies the requirements perfectly.The car is now fully aware of its surroundings and can make decisions to navigate safely on the road. Industry experts showed concerns regarding the autonomous driving but Tesla CEO and Google's director of self-driving cars showed their confidence in the technology:

Tesla Model S and Model X (from left to right)


Tesla Motors has two models after Model S, Model X and Model 3. While Model X is an SUV style vehicle, Model 3 is the most affordable model.


Technologies in the Internet of Things

The Internet of Things is a network of smart devices who are aware of their surroundings. These devices achieve this awareness by constantly or eventually send/receive data with the connected devices. The user, on the other hand, can get access to these devices remotely. In some cases, these IoT devices can let the user perform things autonomously. For example, Tesla cars let the user drive it automatically and Robotic Vacuum Cleaner cleans the house without any master. These functionalities are only possible when these devices are connected and constantly learning about their surroundings. The connectivity is an integral part of these smart devices.

History tells us that the evolution of the Internet was not an easy task. Many standards came and went by before Internet started to converge towards a single most widely used standard. For example, there use to be many networks like ARPANET, UUCP, CYCLADES, NPL and many others before they started to converge under TCP/IP layer model which is now globally used as a standard. It was not before 1984 when CERN began the operation and implementation of TCP/IP as its basic computer networking scheme. The penetration of this new standard was seen in Asia when South Korea adopted TCP/IP communication model in 1982. Australia, on the other hand, was hesitant to adopt this new standard but later in 1989 Australia managed to get rid of their standards before forming AARNet (Australian Academic and Research Network) which provided a dedicated IPv4 based network throughout the country.

The devices in the Internet of Things are connected through one way or another. Sometimes a device can contain multiple modes of communication in order to perform multiple tasks. For example, a smart watch contains Bluetooth to communicate with the cell phone and Wi-Fi to talk directly to the Internet. Similarly, 2nd Generation Chromecast provides Wi-Fi for local and the Internet connectivity and uses HDMI to connect the Television. In IoT, the emphasis is more towards the wireless standards to ensure portability. That is the reason why many experts consider the connectivity of smart devices to smartphones really important. Thus, special emphasis on the wireless technologies will be seen in this book.

Wireless Local Area Network (WLAN)

Wireless Local Area Network or simply WLAN is a network that connects two or more devices wirelessly. A full TCP/IP protocol stack is followed in order to achieve end-to-end communication. This technology is based on IEEE 802.11 standard in which the communication between devices is achieved by a centralized hub/router. The devices are commonly referred to as nodes and the centralized router is referred to as wireless access point. In a usual situation, the wireless access point has a fixed location where the nodes can freely roam around within the coverage area of the access point. The connected devices can be tablet computers, laptops, desktops, cell phones or any IoT device (such as a smartwatch or Google Chromecast). Residentially, a typical access point covers an apartment but in commercial situations multiple access points can be bind to one SSID. If a node travels from Router 1's coverage area to Router 2's coverage area, they will perform a seamless handover between each other. Modern day WLAN are advertised under the Wi-Fi brand name.

Following mentioned diagram shows how Wi-Fi router communicates to its nodes. It is a typical working model of a WLAN:

Wireless Local Area Network architecture

This technology is proven to be very effective in modern day Internet of Things because the architecture is simple and can easily be implemented on a device with limited capabilities. Moreover, IPv6 gives us approximately 3 x 10^38 addresses which are more than enough to give identity to every atom in the world, let alone smart devices.


WLAN is sold under the name Wi-Fi and can work on five different spectrums. 5.9 GHz, 5 GHz, 4.9 GHz, 3.6 GHz and 2.4 GHz. Each frequency range is further divided into many channels and countries impose their radio regulations independently.

Wireless Local Area Network is an important technology in the Internet of Things and devices like smart watches, media players and autonomous vehicles often use this technology to transfer information. Sometimes, this technology is used to give a control to the smart devices over a long distance.

Wireless Ad-hoc Networks

Wireless Ad-hoc Networks lies under the umbrella of IEEE 802.11 standard as well but unlike WLAN, they don't have a centralized hub/router. The devices are responsible for routing the packets across the networks. Wireless Mesh Network (WMN) is a sibling of Ad-hoc Networks with the only difference of traffic abnormalities and mobility. Ad-hoc networks are more dynamics as compare to WMN and they have more traffic irregularity than WMN.

In Ad-hoc networks, the device acts as a router to transmit traffic between peers if the destination device is not directly connected to the sender device. This formation of devices is reliable because each device is connected to another device in a mesh, giving alternate routes to any possible incoming packet. These networks are also self-organized, so if a device leaves the network, the network will reconfigure itself for new potential routes for forwarding packets. Due to their architecture, they are widely used in small and large networks. They run on TCP/IP based model and can easily be implemented in any lite-weight smart device.

Since they are connected to one another directly, they are also called peer-to-peer networks. The architecture of Ad-hoc networks is different than WLAN which brings advantage and disadvantage at the same time. Ad-hoc networks are fast and don't contain a single point of failure like a router, but they are more prone to network attacks. Ad-hoc networks are easily scalable networks where devices can come and go at their will. On the other hand, those devices are responsible for routing the packets, which make them weak for Man in the Middleattacks.

Wireless Ad-hoc Networks are further classified into five types:

  • Mobile Ad-hoc Networks (MANETs)
  • Smartphone Ad-hoc Networks (SPANs)
  • Vehicular Ad-hoc Networks (VANETs)
  • Internet-based Mobile Ad-hoc Networks (iMANETs)
  • Military Mobile Ad-hoc Networks


Further information on Ad-hoc networks can be found on

The inclusion of Ad-hoc networks in the smart device makes them vulnerable because they normally contain personal and sensitive information. This brings a threat to the Internet of Things. On the other hand, Ad-hoc is almost the perfect topology for IoT devices as they are fast, scalable, easily maintainable and cheap.

To understand how a mesh is connected, consult the following figure:

An illustration of a fully connected Ad-hoc Network


ZigBee is a wireless mesh network built on IEEE 802.15.4 standard. With the advancement in sensors and low-powered smart devices, there was a need for a technology that can connect them wirelessly in the form of a mesh. The ZigBee technology was introduced which works on a Personal Area Network and works on low power. Internet of Things searches for the technology with low power consumption because it is built with the devices with limited power capabilities. For that purpose, ZigBee is considered as a technology with a seamless connection flexibility, ideal power consumption, and reliability.

ZigBee gives a 10-100m line of sight coverage for connectivity. Typically, it works on a 2.4 GHz band (ISM) but can be found on other frequency like 784 MHz, 868 MHz, and 915 MHz. With the wide variety in the spectrum, the data rates in ZigBee varies from 20 Kbit/s to 300 Kbit/s. The ZigBee module can be of 0.5 inches which are easily implementable in any Internet of Things device. One of the attractive parts of ZigBee is that it has out of the box capabilities of wireless mesh, star and tree architecture:

ZigBee Logo

A significant disadvantage of ZigBee lies in its adoption in computing devices. Typically, a smartphone or a laptop does not come with this module. Computers and cellular phones are the basic connection points for IoT devices. For example, if a person has ZigBee-based smart-home device, he will not be able to control it with his cellular phone or laptop without connecting additional hardware. This is a very crucial disadvantage as IoT devices mostly, if not always, rely on a smartphone-based remote control. Philips Hue (a smart bulb) can not be remotely controlled by a smartphone if its major technology of communication is ZigBee.

This disadvantage leaves a question mark on the technology but the other side can not be neglected as well. ZigBee is the only lite-weighted-low-power-consumption technology available in the market which supports mesh communication out of the box. Companies like smart plugs and smart energy interface use ZigBee as their main mode of communication. Let's take the example of Philips Hue Wireless dimming kit. It comes with a separate controller which talks to the smart bulb without any need of the smartphone. In this scenario, ZigBee can be the most practical solution.

A demonstration of the Philips Hue smart bulb can be seen here:

Phillips Hue wireless dimming kit with ZigBee technology


Bluetooth Low Energy

Started by Dr. Nils Rydbeck, Bluetooth was first conceptualized in 1989 and later built by Ericsson in 1994. The name Bluetooth was given after the tenth-century king of Denmark, Herald Bluetooth. The king united Danish tribes and introduced them to Christianity. This name was given to the technology by Jim Kardach in 1997. The name was adopted because the core concept of Bluetooth was to build a system that can connect a phone to the computer. The idea of Bluetooth was supported by Nokia and Intel who were thinking to migrate towards a universally interoperable wireless technology. Later, companies including Ericsson, Intel, Toshiba, Nokia and IBM came together in Lund, Sweden, in 1996 to agree on the foundation of Special Interest Group (SIG). This group is responsible for designing and maintaining the Bluetooth technology. Nowadays, the group is called Bluetooth SIG.


King Herald Blatand was given the nickname Bluetooth because of his habit of eating blueberries.

Bluetooth technology was invented to connect mobile devices to computers over a short distance. It was standardized by IEEE 802.15 working group which describes Wireless Personal Area Network (WPAN) standards. IEEE 802.15.1 defines physical and Media Access Control (MAC) layer specifications for short distance wireless connectivity for Bluetooth. Version 1.0 was developed by the SIG but resulted in interoperability problems which were later fixed in v1.1. The technology was never to be used as a replacement of any wireless Internet technology like Wi-Fi. It was to only use for the limited range and with a limited amount of data. Even though Bluetooth today can transfer a huge amount of data, it is still being used for short distance communication only.

Bluetooth versions

From 1999 till 2009, many versions of Bluetooth were released. Solving many problems from the initial release while increase the speed and the connection quality. It was not until the version 3.0 when Bluetooth could achieve a speed of 24 Mbit/s. During this evolution, a continuous change in the protocol stack can be observed to solve various issues in the technology. For example, in Bluetooth v3.0, Logical Link Control and Adaption Protocol (L2CAP) was introduced to multiplex multiple logical connections between various devices using different protocols. Service Discovery Protocol (SDP) was also introduced to connect to the Bluetooth devices like headsets etc. During this period of time, the member companies of Bluetooth SIG rose to 12,000 and by 2010, it surpassed a total of 13,000 companies.

The next step in the history of Bluetooth was a significant one. The SIG decided to take a step back and rethink the protocol stack being used in Classic Bluetooth. Bluetooth Core Specification 4.0 or simply Bluetooth Low Energy came into being in 2011. It was previously known as Wibree by Nokia which replaced the entire protocol stack of the previous technology and concentrated on the speed and the simple architecture. 2011 was the same year when SIG surpassed 15,000 companies, Apple and Nordic Semiconductor joined SIG Board of Directors, Apple released first two computers with Bluetooth 4.0 support and Microsoft announced Windows 8 phone with Bluetooth 4.0 Core Specifications.

Unlike classic Bluetooth, Bluetooth Low Energy focused on the low power consumption. That was a very important step from the SIG as it was realized that in future, the technology will not be just fast but less power hungry as well:

Bluetooth SIG official Logo

Bluetooth v4.1 came as a software update rather a hardware update. The update focused on the usability and implemented Bluetooth Core Specification Addenda. Previously, the Bluetooth radio and LTE radio didn't coexist and resulted in interference. The issue was causing performance issue and fast battery drainage. Bluetooth 4.1 enabled both these technologies to co-exist in one device with high data rates. BLE v4.1 was the first version which enabled any device to become a server and client. On the other hand, the smart connectivity was introduced which let devices manage their power better by enabling manufacturers to define their own reconnection time intervals. The version of Bluetooth was commercially available in early 2013. In the same year, Google also announced the native BLE support to Android.

With power efficiency and server/client flexibility, Bluetooth Low Energy officially stepped into the Internet of Things.

The evolution in the Bluetooth leads us to Bluetooth v4.2. In December 2014, Bluetooth SIG announced the next version of Bluetooth with some special features supporting IoT. Bluetooth Low Energy v4.2 provided flexible Internet connectivity options to achieve power efficiency. IPv6 support was given to the standard with an ability to make Bluetooth Smart Internet Gateway (GATT) architecture. The concept will be discussed in detail later in the chapter.

In Bluetooth 4.2, LE privacy and LE Secure Connections were also introduced by Bluetooth SIG. Two-factor authentication via BLE was introduced to provide better security. The new version also claimed that it is not 2.5 times faster with 10-fold extension in data length. The over-the-air firmware update was also introduced in this version which provides manufacturers to remotely update the firmware without even touching the device. Bluetooth 4.2 is backward compatible with version 4.0 and 4.1 which were also Bluetooth Low Energy.


iOS, Android, Windows Phone, BlackBerry, OS X, Linux and Windows 8 natively support Bluetooth Low Energy.

Bluetooth Low Energy Key Concepts

Bluetooth Low Energy is a standard with millions of devices running it. Discussing Bluetooth Core Specification in full-length is almost an impossible task as it has many technicalities. So the key concepts that will help you develop the Bluetooth Low Energy applications will be discussed in the book.

The layer stack of Bluetooth Low Energy corresponds to the OSI layer. In this book, we will not discuss the lower level layers (that is, from PHY to L2CAP) as they are out of the scope. The main concepts covered in this book will be Attribute Protocol, Generic Attribute Profile (GATT), Generic Access Profile (GAP) and the top layer Bluetooth Application. The book will give practical examples of how to write the Bluetooth Application based on the GATT server/client architecture.

The protocol stack of the Bluetooth Low Energy can be seen in the following figure:

Bluetooth Layered Model

Attribute Protocol (ATT) and Generic Attribute Profile (GATT)

Bluetooth Low Energy brought two core specifications and every Low Energy profile is supposed to use them. Attribute Protocol and Generic Attribute Profile.

Attribute Protocol is a low-level layer that defines how to transfer data. It identifies the device discovery, reading and writing attributes on a fellow device. On the other hand, Generic Attribute Profile is built on the top of ATT to give high-level services to the manufacturer implementing LE. These services are basically used to manage the data transfer process in a more systematic way. For example, GATT defines if a device's role is going to be Server or Client.

An interesting thing about ATT and GATT is that they are not transport-layer specifications, that means that they can be implemented on BR/EDR or LE. GATT is a mandatory entity in LE and used to discover services and characteristics. The GATT server listens to an ATT requests and confirmations sent by GATT client. GATT server stores, process and transfer the data to the client. Another role of the GATT is that it defines the data arrangement on the server side so that the client can read it accordingly. The data transfer between GATT server and GATT client is called an "Attribute". An attribute is uniquely identified by a Universally Unique Identifier (UUID) which is 128 bits long string ID.


The Bluetooth system consists of four base layers. Radio (Physical layer), Baseband, Link Layer, and L2CAP. More information about the working on these layers can be found in the core specification document:

GATT Server and GATT Client

Any device that wants to transfer data over Bluetooth can adopt a role based on the requirement. A device can act as a GATT Server which welcomes requests from the client, process data accordingly and returns back the value. GATT Server is responsible for processing and making data attribute available to the client.

GATT client, on the other hand, initiates the request to the server and receive the responses. A GATT client needs to perform a service discovery process in order to know the server's attributes. Once it is done identifying the services, it can read or write data attribute.

Universally Unique Identifiers (UUIDs)

A UUID is a unique identifier that is guaranteed to be globally unique all the time. It is a 128-bit identifier out of which some pre-allocated values are used for registration purposes as described by the Bluetooth SIG. One of the very first pre-allocated values for UUID is known as Bluetooth Base UUID and has a value of 00000000-0000-1000-8000- 00805F9B34FB. Pre-allocated values in the UUID often has 16-bits or 32-bits aliases that can be used to generate your own UUIDs. The formula for generating a 128-bits UUID with pre-allocated alias is:

128-bit-UUID = 16-bit-value * 2 ^ 96 + Bluetooth-Base-UUID
128-bit-UUID = 32-bit-value * 2 ^ 96 + Bluetooth-Base-UUID

Bluetooth SIG provides UUIDS for services and profiles and they are made for a specific purpose. If it doesn't specify a particular need, a new UUID can be created. Using the Bluetooth-Base-UUID is recommended by the SIG for this purpose.

GATT-based Bluetooth Profile Hierarchy

Generic Attribute Profile describes the structure following which a profile exchange data from one device to another. The basic elements of a profile are services and characteristics. Typically, a profile is made in order to achieve the desired task. Services and characteristics are the main components of a profile which can be described as the subtasks.

The division of the GATT-based hierarchy is given here:

GATT based profile model with services, characteristics, and descriptors.


A service is a collection of characteristics designed to fulfil a particular task. It can also reference another sub-service which then comprises of characteristics. For example, a profile can have a Heart Rate Monitor service which is to expose heart rate for fitness purposes. This service can have Heart Rate Measurement, Body Sensor Location, and Heart Rate Control Point characteristics which are the subtasks of the Heart Rate Monitor service.


A characteristic contains a value, properties, and configuration information. Characteristic is the combination of characteristic properties, characteristic declaration, characteristic value, and a descriptor. Characteristic properties define the level of access that characteristic grants. For example, if a characteristic is read-only it will be defined in the properties. The characteristic declaration can be seen as a characteristic overview where the name, description, type and the requirements of the characteristic is mentioned. Descriptors are used to define a characteristic value.

The following diagram shows a view of the BLE characteristics:

Heart Rate Measurement characteristic with overview, properties, security and descriptor

The example in the figure is describing a Heart Rate Measurement characteristic. The overview describes the functionality of the characteristics and the requirement level. The requirement tells if it is mandatory or optional for the service. The properties show the access-level of this characteristic. In this particular scenario, the characteristic is only used to notify. The descriptor identifies the value or permits configurations of the GATT server with respect to the characteristic value.

Generic Access Profile (GAP)

Bluetooth Low Energy specifies a generic profile that enables BLE devices to communicate with each other. It can be understood as a base profile which is the same throughout the BLE devices. It defines basic requirements of a Bluetooth device. This generic profile is used to tie all the layers together and identifies all the layers from PHY to L2CAP. It helps to universally maintain all the layers of Bluetooth Low Energy.

Generic Access Profile defines security by implementing cryptographic algorithms that enable devices to securely transfer data attributes. This functionality is achieved by Security Manager which is implemented on the protocol stack. As GAP is universally spread over all the layers, it can maintain and dictate the standard to all the layers. The Advanced Encryption Standard (AES) is used for secure key exchange between the peers to start a communication. GAP sets the procedures for security by giving the trust to the peers to carry sensitive data across the Bluetooth connection.

Generic Access Profile (GAP) also defines the roles used in the Bluetooth Low Energy. These roles are Broadcaster, Observer, Peripheral, and Central. These roles are really important to understand as the foundation of BLE is based on it. Based on the implementation, a BLE device can operate under one role at a time. This multi-role scenario is only possible if the underlying controllers support those roles.


Broadcaster is a role to the device that wants to periodically or constantly broadcast the information. A Bluetooth beacon is a good example of this when all it needs to do is to broadcast information. Theoretically, the role of broadcasting is given to the transmit-only devices, but practically it can be given to any device that transmits and receives. Another important information about the broadcasters it that the data sent is not a result of any connection. Broadcaster always transmits data irrespective of who is listening. These packets are special advertising packets and should not be confused with the connection data packets from GATT Server and Client.


The role of Observer is to listen to the packets broadcast from the Broadcaster. Typically, they are meant to be for receive-only applications. The observer is able to read the advertised packets and listen to the data coming out of the Broadcaster. Just like Broadcasters, they do not support incoming connections.


The role of Central can be understood as a role of master in a master-slave architecture. It is capable of making a connection to the peer. A central can connect to multiple peers at the same time. A central can be a smartphone/tablet which can initiate a session by connecting to various BLE peer. A smartphone has the capability to connect to the Bluetooth headphones and Bluetooth smartwatch both at the same time. Central is also the originator of the connection request which means that no other role can start the connection request.


Peripheral, on the other hand, resembles a slave in a master-slave architecture. It broadcasts advertisement packets for the central so that it can find it and then accepts the connection request. Even though it advertises the data, it is power and processing efficient.


Bluetooth Low Energy works on 40 channels with 2MHz spacing where the discovery is done by advertising. BLE supports a maximum data rate of about 1Mbps and provides AES-CCM encryption for confidentiality. 50-100 meters is the practical range of BLE with 10mW maximum power output.

Bluetooth Low Energy Security

Bluetooth Low Energy provides five features for its security including pairing, bonding, encryption, authentication and message integrity. These satisfy three pillars of security which are Authentication, Confidentiality, and Authorization. Attacks against improperly secured Bluetooth implementation can provide hackers with unauthorized access to the sensitive information and unauthorized use of the Bluetooth device. The main security features in Bluetooth Low Energy are:

  • Pairing is the process of generating shared keys (on both ends) known as Short Term Key (STK)
  • Bonding is the subsequent process of pairing where they store the STK in order to form a trusted pair
  • Device authentication is when two devices identify if they have same keys
  • Encryption is for message confidentiality
  • Message integrity is to avoid attackers to forge the data

Key Generation

Key generation is a process done while a device wants to pair with another device. The process is independent of any other LE device. The reason to generate a key and pair the device with another device are:

  • Securing device identity
  • Authentication of the unencrypted data.
  • Confidentiality

For key generation purposes the devices exchange required information and then the Short Term Key (STK) is calculated. The link is then encrypted used AES-CCM cryptography. While the key generation is not performed on the controller, the actual encryption is performed on the controller.

Association Models in Pairing

These models describe the negotiations between the device to generate Short Term Key (STK). BLE provides four association models:

  • Numeric Comparison
  • Just Works
  • Out of Bands (OOB)
  • Passkey Entry
Numeric Comparison

This model is defined when both BLE devices are designed with a display. This display is used to show a six-digit number and both are capable to verifies those numbers with a simple yes or no. For example, a user is shown a six-digit number 453145 on both screens and then asked if the numbers appeared on both ends are same. If the user answer yes, the pairing is successful. This model provides security from man-in-the-middle attacks and also serves the purpose if the user is connected to the right device.

Just Works

This model is defined for the scenarios where one or more devices do not have a display to show any pin or any digit. In this model, the user is not shown any digits, rather, a numeric comparison happens and then the user is asked to accept the connection. This model is not secure from man-in-the-middle (MITM) attack , where a person is listening to the channel constantly.

An example of this model is when a cellular phone tries to connect to a headset. At the headset end, there is no display to show the digits. Hence, the numeric comparison happens and the user is just asked to accept the connection.

Out of Band (OOB)

This model is applicable in the scenarios where devices are capable of using another technology like NFC. It is called Out of Band mechanism to discover both devices as well as to exchange cryptographic numbers. The model provides security from MITM attacks. The practical example of this model is NFC-based connection between a cellular phone and a Bluetooth headphone. The user needs to touch the headset in order to pair it with the phone.

Passkey Entry

This model is for the scenarios where one device has input functionality but not the display functionality and other devices have only display functionality. The user is shown a six-digit number 456654 on the device with a display and then asked to enter the number on the other device. If the number entered in the other device is correct, the connection is paired.


According to Bluetooth SIG, Just Works and Passkey Entry do not provide any passive eavesdropping protection. This is because Secure Simple Pairing uses Elliptic Curve Diffie-Hellman and LE legacy pairing does not.

Signing the Data

Signing the data is a very important concept in terms of message integrity. If the encryption is not available, BLE has the ability to send authenticated data over an unencrypted link between two devices. This is done by signing a data using a Connection Signature Resolving Key (CSRK). This signature is placed after the Packet Data Unit (PDU). The receiving device verifies the signature and considers it coming from a trusted source. The signature is made by a Message Authentication Code (MAC) which can sometime use Hash Functions. This MAC is made upon counter value which protects the replay attack.


Bluetooth Low Energy provides a unique feature that diminishes the ability to track an LE device by changing the Bluetooth device address frequently. This is an important privacy feature as it allows an advertiser to hide. These Bluetooth device addresses are temporary and are randomly generated that can only be recognized by bonded device. Whenever a device is bonded to another device for the first time, an identity key (IRK) is generated which is later used to generate a private address. This address must be resolvable by the other devices in order to keep the privacy.


Bluetooth Low Energy for the Internet of Things

Bluetooth Low Energy was built to fulfill the requirements of the Internet of Things. Bluetooth SIG took a significant step when they decided to revamp the protocol stack of the Bluetooth. Bluetooth Classic was successfully transformed into Bluetooth Low Energy and adopted rapidly in the IoT devices and more importantly, in cellular phones. Bluetooth low energy can be summarized in two basic factors: power efficiency and simple architecture. While ZigBee is commercially successful and has been used for quite a while, Wi-Fi and Bluetooth Low Energy are the only famous and widely spread standards used in consumer electronics. If the judgment criteria are strictly on the basis of the adoption rate, Bluetooth Low Energy surpasses ZigBee as the adoption rate of the ZigBee is almost zero in the smartphones.

Applications of BLE in IoT

In the past five years, the work in the Internet of Things is significant in comparison to the previous times. Many manufacturers and start-ups are focusing on this technology in order to make accessories for the smartphones. The reason manufacturers are more focused towards the BLE as compared to any other technology is that they want to increase the adaptability of their IoT devices. As most of the smartphones exist have Bluetooth technology in it, the adoption rate of these accessories is tremendous as compared to any other standard. People want to use their smartphones to control and interact with things. It would be great if they can control the bedroom light from their smartphone or turn off the stove from their cell phone.

The promity sensing, indoor navigation, fitness tracking and other countless applications have already found their way in the Bluetooth Low Energy. Users do not have to sacrifies the battery life while enjoying the connection with their favorite IoT devices. At this moment, it is not clear if the future of IoT lies in the combination of several wireless standards in one device (for example, combining Wi-Fi and BLE both in a single device) or there should be one stand-alone standard which is the master of everything. It is sensible to predict that there is no significant loss if there are multiple standards in one device as the architecture and technology become cheaper. The companies in consumer electronics will not hesitate to go to multi-standard solutions in the longer run.

Bluetooth World event organized by Bluetooth SIG in Santa Clara, United States

Companies like Google, Apple, and Intel are already backing up the BLE standard. The progress and the agreement of the industry can be seen in the work of the Bluetooth SIG because as of June 2016, SIG announced a new version of BLE as Bluetooth 5. Quadrupling the range and doubling the speed will make Bluetooth Low Energy compete more aggressively in the market. In Bluetooth World 2016, which is an annual event organized by the Special Interest Group, many manufacturers were present to show their products. It showed the diversity how companies are changing the way we think about Bluetooth technology. CSRMesh which is acquired by Qualcomm, showed off their mesh technology built over Bluetooth to take this standard to another level and truly threat ZigBee as it is the only standard that provides a low powered mesh architecture.

Bluetooth Low Energy Beacons

The modes of communication of Bluetooth Low Energy are already discussed in this chapter that is why it is a good point to introduce the Bluetooth Low Energy Beacons. They are the broadcast only devices that advertise certain information to the users around them. This functionality enables a user to receive information from the beacon and in some cases take actions too. These broadcast happens in a limited proximity and can be changed by modifying the properties of the beacons.

Bluetooth Low Energy Beacon use-case

A use-case of Bluetooth Low Energy Beacons is their implementation in the bus stops. Instead of putting the bus timings on the transit board, it would be better if the bus stop broadcasts this information through Bluetooth. Since BLE is a low power consuming technology, it is completely feasible for the user to receive this information from the bus stop. Another use-case can be the boutique sales. Instead of putting up the banners, shops can broadcast the information through Bluetooth beacons and the shoppers around them receive a notification in their cell-phone about the sale.

The battle between Google and Apple can be seen by these logos:

Apple iBeacon and Google Eddystone logos

Communication model of BLE Beacons

Bluetooth Low Energy Beacons are based on the one-way communication model. This is important because it will be inappropriate if someone changes the broadcast data on the beacons. Bluetooth Low Energy Beacons are supported by two of the best companies in the consumer electronics market. Google and Apple have their own protocols made for Bluetooth beacons. Google Eddystone is an Apache 2.0-licensed cross platform profile available for Bluetooth beacons. It works on different frame types like Eddystone-UID, Eddystone-URL, and Eddystrong-TLM. iBeacons, on the other hand, is a protocol developed by Apple in 2013 serving the same purpose. These topics are discussed in a greater detail in Chapter 4, Bluetooth Low Energy Beacons.

Bluetooth mesh networks

The mesh networking is a proven technology in terms of design and scalability. Information Technology has already seen the advantages of this technology in the form of wireless mesh networks, wireless sensor networks, mobile ad-hoc networks and vehicular ad-hoc networks. In the Bluetooth World 2016, SIG showed their interest in the mesh technology and announced that they are working with Qualcomm to build a first generation mesh technology by next year.

The mesh technology is a significant advantage of ZigBee in the latest times because it is fully developed and fully functional mesh mechanism to support upto 65,000 nodes mesh. Bluetooth, on the other hand, does not support mesh technology. By entering in the mesh networking, Bluetooth Low Energy will become powerful enough to replace ZigBee in the commercial industry. Logical prediction can be made that the adoption of the Bluetooth mesh will be much faster as it will be supported by the cellular phones, tablets, and laptops.

A much detailed overview and a practical hands-on approach on the Bluetooth Mesh will be discussed in Chapter 6, Bluetooth Mesh Technology.



In this chapter we spoke about the Internet of Things technology and how it is rooting in our real lives. The introduction of the Internet of Things was given in the form of wearable devices, autonomous vehicles, smart light bulbs, and portable media streaming devices. Internet of Things technologies like wireless local area network, mobile ad-hoc networks and ZigBee was discussed in order to have a better understanding of the available choices in the IoT. The technology discussion led us to the Bluetooth Low Energy, where the concepts and the technical structure of the Bluetooth Low Energy were discussed in great detail. The chapter introduced us to the Bluetooth stack and the key concepts like Attribute Profile, Generic Attribute Profile, GATT Server, GATT Client, UUIDs, Generic Access Profile, Service, Characteristics and the Bluetooth Security. Later we discussed Key Generation mechanism in the Bluetooth Low Energy, pairing, bonding, privacy and signing mechanisms. In the end we concluded with two major IoT platforms Bluetooth Low Energy brings and how Bluetooth beacons and Bluetooth Mesh can be the next big things in the Internet of Things.

In the next chapter we'll discuss different Hardware and Software tools available for Bluetooth Low Energy development.

About the Author
  • Muhammad Usama bin Aftab

    Muhammad Usama bin Aftab is a software engineer at one of the leading solar lighting manufacturers in North America. At Carmanah Technologies, he works closely with the product development and management teams to develop software for embryonic technologies such as Bluetooth Low Energy. He also focuses on full-stack development using Angular 2 and Java. His main areas of interest range from mobile application development to information security. Mr. Aftab is an alumnus of the University of Victoria, Canada, where he received his master's degree in applied science in electrical and computer engineering. Mr. Aftab has experience in Android, iOS, and cross-platform gaming technologies (such as Unity 3D), which led him to coauthor Learning Android Intents for Packt in 2014.

    Browse publications by this author
Latest Reviews (1 reviews total)
See my customer experience
Building Bluetooth Low Energy Systems
Unlock this book and the full library FREE for 7 days
Start now