winfred lu, profile picture
Uploaded bywinfred lu
PDF, PPTX5,289 views

Bluetooth Low Energy Packet Format

The document outlines the Bluetooth Low Energy (BLE) packet formats, including details on various types of packets such as advertising and data channel PDUs. It specifies the structure and content of packet headers, payloads, and CRC checks. Additionally, it covers specific advertising packet types like iBeacon and Eddystone beacons, as well as their corresponding data formats.

Technologyâ—¦

Embed presentation

Download as PDF, PPTX
Bluetooth Low Energy (BLE) Packet Format Winfred LU AMG GCSA STMicroelectronics
BLE Protocol Stack
Link Layer Packet Format 1 byte 4 bytes 2 – 39 (33*) bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC Data Channel PDUAdvertising Channel PDU 2 bytes 6 – 37 bytes Header Payload 2 bytes 0 – 27 bytes 4 bytes Header Payload MIC* * 33 bytes for Data Channel PDUs w/o DPLE * MIC: Message Integrity Check (option) • Advertising Payload • Scan Request/Response Payload • Connection Request Payload • Link Layer Control Payload • Data Payload
Advertising Channel Packets
Advertising Packet 1 byte 4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 6 – 37 bytes Header Advertising payload 6 bytes 0 – 31 bytes ADV Address Advertising Data AD0 AD … … ADn Advertising Channel PDU 0x8E89BED6 1 byte 1 byte AD Length (≤ 29 bytes) AD Length AD Type AD Data 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 0 0000 ADV_IND 0001 ADV_DIRECT_IND 0010 ADV_NONCONN_IND 0011 SCAN_REQ 0100 SCAN_RSP 0101 CONNECT_REQ 0110 ADV_SCAN_IND
Scan Request 1 byte 4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 12 bytes Header Scan Request payload 6 bytes 6 bytes Scanner Address Advertising Address Advertising Channel PDU 0x8E89BED6 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 123 0000 ADV_IND 0001 ADV_DIRECT_IND 0010 ADV_NONCONN_IND 0011 SCAN_REQ 0100 SCAN_RSP 0101 CONNECT_REQ 0110 ADV_SCAN_IND
Connection Request 1 byte 4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 34 bytes Header Connection Request payload 6 bytes 6 bytes 22 bytes Initiator Address Advertising Address Link Layer Data Advertising Channel PDU 0x8E89BED6 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 5 34 4 bytes 3 bytes 1 byte 2 bytes 2 bytes 2 bytes 2 bytes 5 bytes 5 bits 3 bits AA CRCInit WinSize WinOffset Interval Latency Timeout ChM Hop SCA 5 - 16 for data channel PDUs 0000 ADV_IND 0001 ADV_DIRECT_IND 0010 ADV_NONCONN_IND 0011 SCAN_REQ 0100 SCAN_RSP 0101 CONNECT_REQ 0110 ADV_SCAN_IND
Advertising Packet : iBeacon 1 byte 4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 36 bytes Header Advertising payload 6 bytes 30 bytes ADV Address Advertising Data AD0 AD1 Advertising Channel PDU 0x8E89BED6 1 byte 1 byte 1 byte AD Length AD Type Flags 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 0x02 0x01 0x06 1 byte 1 byte 2 bytes 1 byte 1 byte 16 bytes 2 bytes 2 bytes 1 byte AD Length AD Type Com. ID iBcn Type iBcn Length Proximity UUID Major Minor TX power 0x1A 0xFF 0x004C 0x02 0x15 Manufacturer specific Apple, Inc. b0: limited discoverable b1: general discoverable b2: BR/EDR supported b3: BR/EDR controller b4: BR/EDR host Proximity beacon Tx Power • at 1 m for iBeacon • at 0 m for Eddystone
Advertising Packet : Eddystone Beacon 1 byte 4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes ≤ 37 bytes Header Advertising payload 6 bytes ≤ 31 bytes ADV Address Advertising Data AD0 AD1 AD2 Advertising Channel PDU 0x8E89BED6 1 byte 1 byte 1 byte AD Length AD Type Flags 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 0x02 0x01 0x06 1 byte 1 byte 2 bytes ≤ 20 bytes AD Length AD Type Eddystone UUID Eddystone Frame 1 byte 1 byte 2 bytes AD Length AD Type Eddystone UUID 0x03 0x03 0xFEAA • UID frame • URL frame • TLM frame 0x16 0xFEAA
Eddystone Beacon Cont. 6 bytes ≤ 31 bytes ADV Address Advertising Data AD0 AD1 AD2 1 byte 1 byte 1 byte AD Length AD Type Flags 0x02 0x01 0x06 1 byte 1 byte 2 bytes ≤ 20 bytes AD Length AD Type Eddystone UUID Eddystone Frame 1 byte 1 byte 2 bytes AD Length AD Type Eddystone UUID 0x03 0x03 0xFEAA 0x16 0xFEAA 1 byte 1 byte 2 bytes 2 bytes 4 bytes 4 bytes Frame Type Version Battery Voltage Beacon Temp Adv PDU Count since boot Time since boot 1 byte 1 byte 1 byte 0 – 17 bytes Frame Type Tx Power URL Schem Encoded URL 1 byte 1 byte 10 bytes 6 bytes 2 bytes Frame Type Tx Power Namespace ID Instance ID RFU 0x00 0x10 0x20 0x00 UID frame URL frame TLM frame Tx Power • at 1 m for iBeacon • at 0 m for Eddystone Not covered: • EID frame • Type = 0x30 • Encrypted TLM • Version = 0x01
Data Channel Packets
Link Layer Control Packet 1 byte 4 bytes 2 – 29 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC Data Channel PDU 2 bytes 0 – 27 bytes Header Data payload 2 bits 1 bit 1 bit 1 bit 3 bits 8 bits LLID NESN SN MD RFU Length 0xAA 0~ or 0x55 1~ 01: LL Data PDU – Continuation or Empty 10: LL Data PDU – Start of message 11: LL Control PDU 3 1 byte 0 – 26 bytes Opcode Control Data 0x00: LL_CONNECTION_UPDATE_IND 0x01: LL_CHANNEL_MAP_IND 0x02: LL_TERMINATE_IND ……: Refer to Spec 6,B,2.4.2
Data Packet 1 byte 4 bytes 2 – 257 (33*) bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes ≤ 251 (27*) bytes Header Data payload * 39,33,27,23: without DPLE * MIC: Message Integrity Check 4 bytes ≤ 247 (23*) bytes ≤ 251 (27*) w/o MIC L2CAP Header 1 byte ≤ 246 (22*) bytes ≤ 250 (26*) w/o MIC Opcode Data L2CAP protocol PDU Data Channel PDU ATT protocol PDU 0xAA 0~ or 0x55 1~ 4 bytes MIC*
LE Data Packet Length Extension (DPLE) 1 byte 4 bytes 2 – 257 (33*) bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bits 1 bit 1 bit 1 bit 3 bits 5 bits 3 bits LLID NESN SN MD RFU Length RFU Data Channel PDU 2 bytes ≤ 255 (31*) bytes Header Data payload, including optional MIC 2 bits 1 bit 1 bit 1 bit 3 bits 8 bits LLID NESN SN MD RFU Length Core Spec 4.1 • Max length = 11111b = 31 Core Spec 4.2 • Max length = 11111111b = 255 0xAA 0~ or 0x55 1~ 01: LL Data PDU – Continuation or Empty 10: LL Data PDU – Start of message 11: LL Control PDU * 33, 31: without DPLE
L2CAP Fragmentations (w/o DPLE) 1 byte 4 bytes ≤ 33 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 0xAA 0~ or 0x55 1~ 2 bytes ≤ 27 bytes Header Data payloadData Channel PDU 4 bytes MIC* 4 bytes 23 bytes L2CAP Header ATT protocol PDU 27 bytes ATT protocol PDU L2CAP protocol PDU 27 bytes or less ATT protocol PDU …….. Fragment 1 Fragment 2 Fragment n 2 bytes 2 bytes Length Channel IDL2CAP Header ≤ ATT_MTU (up to 512)
Attribute (ATT) Protocol PDU 1 byte ≤ ATT_MTU - 1 Opcode Data ATT protocol PDU Attribute Parameters 12 bytes Authentication Signature 2 bytes 2 or 16 bytes variable length implementation specific Attribute Handle Attribute Type Attribute Value Attribute Permissions 1 0x2800 0x1801 Read 2 0x2803 20 03 00 05 2a Read … …
Thank you

More Related Content

PDF
Bluetooth Low Energy (BLE) Packet Format
bywinfred lu
 
PDF
Bluetooth Low Energy - A Case Study
byFReeze FRancis
 
PPTX
Introduction to Bluetooth Low Energy
byyeokm1
 
DOCX
SOFTWARE DEFINED RADIO
byKartikeyPatwal
 
PPTX
Introduction to LoRa for developers
byRobin Harris
 
PPT
Chapter#5
bySyed Muhammad ALi Shah
 
PPTX
Packet radio protocol
byPriya Kaushal
 
PDF
LPWAN Technologies for Internet of Things (IoT) and M2M Scenarios
byPeter R. Egli
 
Bluetooth Low Energy (BLE) Packet Format
bywinfred lu
 
Bluetooth Low Energy - A Case Study
byFReeze FRancis
 
Introduction to Bluetooth Low Energy
byyeokm1
 
SOFTWARE DEFINED RADIO
byKartikeyPatwal
 
Introduction to LoRa for developers
byRobin Harris
 
Chapter#5
bySyed Muhammad ALi Shah
 
Packet radio protocol
byPriya Kaushal
 
LPWAN Technologies for Internet of Things (IoT) and M2M Scenarios
byPeter R. Egli
 

What's hot

PDF
Overview of Spanning Tree Protocol (STP & RSTP)
byPeter R. Egli
 
PPTX
Introduction to Bluetooth low energy
byNEEVEE Technologies
 
PPTX
IMS + VoLTE Overview
byHamidreza Bolhasani
 
PPTX
Ble overview and_implementation
byStanley Chang
 
PPTX
Network Layer
byDr Shashikant Athawale
 
PPT
SDH Principle - Huawei
byMohamed Sewailam
 
PDF
VoLTE Interfaces , Protocols & IMS Stack Explained
byVikas Shokeen
 
PPTX
SDH Frame Structure
bySamadhan Tambe
 
PPTX
Arp (address resolution protocol)
bytigerbt
 
PPTX
Point To Point Protocol
byPhan Vuong
 
PPSX
ARP
byselvakumar_b1985
 
PPT
Lte most used command rev1
byChristofer Dinamiko
 
PPTX
Bluetooth low energy
bySaptadeep Pal
 
PDF
Asynchronous Transfer Mode ATM
byMadhumita Tamhane
 
PPT
Public Switched Telephone Network (PSTN)
byJ.T.A.JONES
 
PPTX
IPv4 Addressing
byTheGodfather HA
 
PDF
Lte system signaling procedures
bytharinduwije
 
PPTX
Mpls technology
byNaveen Sihag
 
PPTX
LTE Basic
byneerav_adhikari
 
PDF
CCNAv5 - S1: Chapter 10 Application Layer
byVuz Dở Hơi
 
Overview of Spanning Tree Protocol (STP & RSTP)
byPeter R. Egli
 
Introduction to Bluetooth low energy
byNEEVEE Technologies
 
IMS + VoLTE Overview
byHamidreza Bolhasani
 
Ble overview and_implementation
byStanley Chang
 
Network Layer
byDr Shashikant Athawale
 
SDH Principle - Huawei
byMohamed Sewailam
 
VoLTE Interfaces , Protocols & IMS Stack Explained
byVikas Shokeen
 
SDH Frame Structure
bySamadhan Tambe
 
Arp (address resolution protocol)
bytigerbt
 
Point To Point Protocol
byPhan Vuong
 
ARP
byselvakumar_b1985
 
Lte most used command rev1
byChristofer Dinamiko
 
Bluetooth low energy
bySaptadeep Pal
 
Asynchronous Transfer Mode ATM
byMadhumita Tamhane
 
Public Switched Telephone Network (PSTN)
byJ.T.A.JONES
 
IPv4 Addressing
byTheGodfather HA
 
Lte system signaling procedures
bytharinduwije
 
Mpls technology
byNaveen Sihag
 
LTE Basic
byneerav_adhikari
 
CCNAv5 - S1: Chapter 10 Application Layer
byVuz Dở Hơi
 

Similar to Bluetooth Low Energy Packet Format

PPTX
Basic of MODBUS Communication/Protocol
byShivam Singh
 
PPTX
Serial Communication in 8051
bySudhanshu Janwadkar
 
PPT
Np unit2
byvamsitricks
 
PPTX
Webinar: Comunicação TCP/IP segura
byEmbarcados
 
PDF
Extending Bluetooth with Mesh Networking
bySilicon Labs
 
PPT
Chapter 2 point-to-point protocol (ppp)
byCliff Stephen Pike-Dimagiba
 
PPTX
The presentation is about USART and serial communication
bysinaankhalil
 
PPTX
5-Tut3_Networking_with_Python.pptx good intro
byssuser0b643d
 
PPTX
Gl embedded starterkit_ethernet
byRoman Brovko
 
PPTX
serial porserial porserial porserial port.pptx
byssuserb93dee1
 
PDF
Bluetooth
bySri Manakula Vinayagar Engineering College
 
PDF
The TCP/IP stack in the FreeBSD kernel COSCUP 2014
byKevin Lo
 
PPTX
WEEWModbus 140128223239-phpapp01
byAbm Duong
 
PDF
Data Networking Concepts
byPeter R. Egli
 
ODP
Philip polstra
byPhilip Polstra
 
PPT
Design device driver for wireless device using 32 bit microcontroller
bykantha123
 
PDF
Workshop-How_to_use_btlejack.pdfWorkshop-How_to_use_btlejack
byGerdaStimmel
 
PPTX
Chapter 1.2 OSI Layer.pptx
byNetworkRhinos
 
PDF
Chapter 1.2 OSI Layer.pdf
bymanojkumar595505
 
PPTX
Chapter 1. introduction to tcpip networking
byVishnu Vardhan
 
Basic of MODBUS Communication/Protocol
byShivam Singh
 
Serial Communication in 8051
bySudhanshu Janwadkar
 
Np unit2
byvamsitricks
 
Webinar: Comunicação TCP/IP segura
byEmbarcados
 
Extending Bluetooth with Mesh Networking
bySilicon Labs
 
Chapter 2 point-to-point protocol (ppp)
byCliff Stephen Pike-Dimagiba
 
The presentation is about USART and serial communication
bysinaankhalil
 
5-Tut3_Networking_with_Python.pptx good intro
byssuser0b643d
 
Gl embedded starterkit_ethernet
byRoman Brovko
 
serial porserial porserial porserial port.pptx
byssuserb93dee1
 
Bluetooth
bySri Manakula Vinayagar Engineering College
 
The TCP/IP stack in the FreeBSD kernel COSCUP 2014
byKevin Lo
 
WEEWModbus 140128223239-phpapp01
byAbm Duong
 
Data Networking Concepts
byPeter R. Egli
 
Philip polstra
byPhilip Polstra
 
Design device driver for wireless device using 32 bit microcontroller
bykantha123
 
Workshop-How_to_use_btlejack.pdfWorkshop-How_to_use_btlejack
byGerdaStimmel
 
Chapter 1.2 OSI Layer.pptx
byNetworkRhinos
 
Chapter 1.2 OSI Layer.pdf
bymanojkumar595505
 
Chapter 1. introduction to tcpip networking
byVishnu Vardhan
 

Recently uploaded

PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
API-First Architecture in Financial Systems
bycyy111112
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PPTX
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
PPTX
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
API-First Architecture in Financial Systems
bycyy111112
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 

Bluetooth Low Energy Packet Format

  • 1.
    Bluetooth Low Energy(BLE) Packet Format Winfred LU AMG GCSA STMicroelectronics
  • 2.
  • 3.
    Link Layer PacketFormat 1 byte 4 bytes 2 – 39 (33*) bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC Data Channel PDUAdvertising Channel PDU 2 bytes 6 – 37 bytes Header Payload 2 bytes 0 – 27 bytes 4 bytes Header Payload MIC* * 33 bytes for Data Channel PDUs w/o DPLE * MIC: Message Integrity Check (option) • Advertising Payload • Scan Request/Response Payload • Connection Request Payload • Link Layer Control Payload • Data Payload
  • 4.
  • 5.
    Advertising Packet 1 byte4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 6 – 37 bytes Header Advertising payload 6 bytes 0 – 31 bytes ADV Address Advertising Data AD0 AD … … ADn Advertising Channel PDU 0x8E89BED6 1 byte 1 byte AD Length (≤ 29 bytes) AD Length AD Type AD Data 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 0 0000 ADV_IND 0001 ADV_DIRECT_IND 0010 ADV_NONCONN_IND 0011 SCAN_REQ 0100 SCAN_RSP 0101 CONNECT_REQ 0110 ADV_SCAN_IND
  • 6.
    Scan Request 1 byte4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 12 bytes Header Scan Request payload 6 bytes 6 bytes Scanner Address Advertising Address Advertising Channel PDU 0x8E89BED6 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 123 0000 ADV_IND 0001 ADV_DIRECT_IND 0010 ADV_NONCONN_IND 0011 SCAN_REQ 0100 SCAN_RSP 0101 CONNECT_REQ 0110 ADV_SCAN_IND
  • 7.
    Connection Request 1 byte4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 34 bytes Header Connection Request payload 6 bytes 6 bytes 22 bytes Initiator Address Advertising Address Link Layer Data Advertising Channel PDU 0x8E89BED6 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 5 34 4 bytes 3 bytes 1 byte 2 bytes 2 bytes 2 bytes 2 bytes 5 bytes 5 bits 3 bits AA CRCInit WinSize WinOffset Interval Latency Timeout ChM Hop SCA 5 - 16 for data channel PDUs 0000 ADV_IND 0001 ADV_DIRECT_IND 0010 ADV_NONCONN_IND 0011 SCAN_REQ 0100 SCAN_RSP 0101 CONNECT_REQ 0110 ADV_SCAN_IND
  • 8.
    Advertising Packet :iBeacon 1 byte 4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes 36 bytes Header Advertising payload 6 bytes 30 bytes ADV Address Advertising Data AD0 AD1 Advertising Channel PDU 0x8E89BED6 1 byte 1 byte 1 byte AD Length AD Type Flags 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 0x02 0x01 0x06 1 byte 1 byte 2 bytes 1 byte 1 byte 16 bytes 2 bytes 2 bytes 1 byte AD Length AD Type Com. ID iBcn Type iBcn Length Proximity UUID Major Minor TX power 0x1A 0xFF 0x004C 0x02 0x15 Manufacturer specific Apple, Inc. b0: limited discoverable b1: general discoverable b2: BR/EDR supported b3: BR/EDR controller b4: BR/EDR host Proximity beacon Tx Power • at 1 m for iBeacon • at 0 m for Eddystone
  • 9.
    Advertising Packet :Eddystone Beacon 1 byte 4 bytes ≤ 39 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes ≤ 37 bytes Header Advertising payload 6 bytes ≤ 31 bytes ADV Address Advertising Data AD0 AD1 AD2 Advertising Channel PDU 0x8E89BED6 1 byte 1 byte 1 byte AD Length AD Type Flags 4 bits 2 bits 1 bit 1 bit 6 bits 2 bits PDU type RFU TxAdd RxAdd Length RFU 0xAA 0x02 0x01 0x06 1 byte 1 byte 2 bytes ≤ 20 bytes AD Length AD Type Eddystone UUID Eddystone Frame 1 byte 1 byte 2 bytes AD Length AD Type Eddystone UUID 0x03 0x03 0xFEAA • UID frame • URL frame • TLM frame 0x16 0xFEAA
  • 10.
    Eddystone Beacon Cont. 6bytes ≤ 31 bytes ADV Address Advertising Data AD0 AD1 AD2 1 byte 1 byte 1 byte AD Length AD Type Flags 0x02 0x01 0x06 1 byte 1 byte 2 bytes ≤ 20 bytes AD Length AD Type Eddystone UUID Eddystone Frame 1 byte 1 byte 2 bytes AD Length AD Type Eddystone UUID 0x03 0x03 0xFEAA 0x16 0xFEAA 1 byte 1 byte 2 bytes 2 bytes 4 bytes 4 bytes Frame Type Version Battery Voltage Beacon Temp Adv PDU Count since boot Time since boot 1 byte 1 byte 1 byte 0 – 17 bytes Frame Type Tx Power URL Schem Encoded URL 1 byte 1 byte 10 bytes 6 bytes 2 bytes Frame Type Tx Power Namespace ID Instance ID RFU 0x00 0x10 0x20 0x00 UID frame URL frame TLM frame Tx Power • at 1 m for iBeacon • at 0 m for Eddystone Not covered: • EID frame • Type = 0x30 • Encrypted TLM • Version = 0x01
  • 11.
  • 12.
    Link Layer ControlPacket 1 byte 4 bytes 2 – 29 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC Data Channel PDU 2 bytes 0 – 27 bytes Header Data payload 2 bits 1 bit 1 bit 1 bit 3 bits 8 bits LLID NESN SN MD RFU Length 0xAA 0~ or 0x55 1~ 01: LL Data PDU – Continuation or Empty 10: LL Data PDU – Start of message 11: LL Control PDU 3 1 byte 0 – 26 bytes Opcode Control Data 0x00: LL_CONNECTION_UPDATE_IND 0x01: LL_CHANNEL_MAP_IND 0x02: LL_TERMINATE_IND ……: Refer to Spec 6,B,2.4.2
  • 13.
    Data Packet 1 byte4 bytes 2 – 257 (33*) bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bytes ≤ 251 (27*) bytes Header Data payload * 39,33,27,23: without DPLE * MIC: Message Integrity Check 4 bytes ≤ 247 (23*) bytes ≤ 251 (27*) w/o MIC L2CAP Header 1 byte ≤ 246 (22*) bytes ≤ 250 (26*) w/o MIC Opcode Data L2CAP protocol PDU Data Channel PDU ATT protocol PDU 0xAA 0~ or 0x55 1~ 4 bytes MIC*
  • 14.
    LE Data PacketLength Extension (DPLE) 1 byte 4 bytes 2 – 257 (33*) bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 2 bits 1 bit 1 bit 1 bit 3 bits 5 bits 3 bits LLID NESN SN MD RFU Length RFU Data Channel PDU 2 bytes ≤ 255 (31*) bytes Header Data payload, including optional MIC 2 bits 1 bit 1 bit 1 bit 3 bits 8 bits LLID NESN SN MD RFU Length Core Spec 4.1 • Max length = 11111b = 31 Core Spec 4.2 • Max length = 11111111b = 255 0xAA 0~ or 0x55 1~ 01: LL Data PDU – Continuation or Empty 10: LL Data PDU – Start of message 11: LL Control PDU * 33, 31: without DPLE
  • 15.
    L2CAP Fragmentations (w/oDPLE) 1 byte 4 bytes ≤ 33 bytes 3 bytes Preamble Access Address Protocol Data Unit (PDU) CRC 0xAA 0~ or 0x55 1~ 2 bytes ≤ 27 bytes Header Data payloadData Channel PDU 4 bytes MIC* 4 bytes 23 bytes L2CAP Header ATT protocol PDU 27 bytes ATT protocol PDU L2CAP protocol PDU 27 bytes or less ATT protocol PDU …….. Fragment 1 Fragment 2 Fragment n 2 bytes 2 bytes Length Channel IDL2CAP Header ≤ ATT_MTU (up to 512)
  • 16.
    Attribute (ATT) ProtocolPDU 1 byte ≤ ATT_MTU - 1 Opcode Data ATT protocol PDU Attribute Parameters 12 bytes Authentication Signature 2 bytes 2 or 16 bytes variable length implementation specific Attribute Handle Attribute Type Attribute Value Attribute Permissions 1 0x2800 0x1801 Read 2 0x2803 20 03 00 05 2a Read … …
  • 17.