Introduction

Bluetooth Mesh Systems have evolved as a vital technology in an age of unparalleled connectivity, becoming the backbone of various applications ranging from smart homes to industrial automation. These mesh networks are designed to connect numerous devices wirelessly, allowing seamless communication and control. By using low-power Bluetooth connections, these systems have unlocked a world of possibilities, facilitating the realisation of the Internet of Things (IoT) on a large scale. However, Bluetooth Mesh Systems have their share of challenges. As the number of networked devices grows and data traffic increases, the requirement for optimisation becomes critical. Without appropriate performance, these systems risk becoming sluggish and unreliable, reducing their usability and dependability. Simultaneously, the massive amounts of data flowing via these networks present serious security concerns. In this article, we will explore strategies to enhance both performance and security in Bluetooth Mesh systems.

Where is bluetooth mesh networking being used:

Control systemsMonitoring systemsAutomation systems
Bluetooth mesh is increasingly becoming the preferred wireless communications technology in various control systems, including lighting control for smart buildings and smart industry applications.Bluetooth wireless sensor networks monitor lighting, temperature, humidity, and occupancy to increase workforce efficiency, minimise building operating expenses, and reduce unscheduled downtime of industrial equipment.The Bluetooth mesh automatically manages a building's critical systems, such as lighting and heating, ventilation, and air conditioning, to maximise energy savings and minimise running costs.

Overview of bluetooth mesh technology and optimise energy use

Bluetooth mesh technology uses bluetooth low evnergy (BLE) for message transfer, although there are substantial changes in data flow. Bluetooth mesh is not a point-to-point communication protocol. Instead, advertising packets are delivered and relayed over the mesh network. A node can determine if a network packet is addressed to it by using its destination mesh address (unicast, group, or virtual address), which differs from a typical public or private bluetooth LE address. The following figure depicts a bluetooth mesh network with multiple roles and carriers.

Bluetooth mesh network
Figure 1: Bluetooth mesh network

Bluetooth mesh nodes, unlike bluetooth LE, have a "many-to-many" interaction with mesh devices within their radio range. When two nodes are not within radio range of one other, data is relayed from the emitter to the receiver via nodes that support that functionality. Furthermore, nodes in a network have varying energy consumption requirements. This influences network architecture since a participating node must continually search for incoming advertising packets and transmit them, if necessary, which demands a significant amount of power. To alleviate this, nodes can be placed to sleep and rely on other nodes within radio range and with less power limitations to store messages sent to them.

Bluetooth mesh depends on the bluetooth LE link Layer's advertising/scanning status. As a result, there is no low-level collision control. The GATT bearer (depending on connection) can be utilised if a device does not support the advertising bearer. This enables a device to connect with mesh network nodes that support both carriers and act as a proxy between the advertising and GATT (Generic Attribute Profile) bearers. Considering these factors while constructing a bluetooth mesh network is critical to achieving maximum effectiveness.

The use case challenge: Mesh networking is a critical technology-independent facilitator of IoT in the short-range domain. Well-known technologies such as Wi-Fi and ZigBee have already standardised mesh compatibility and mesh networking solutions are on the market. Adding mesh capabilities to bluetooth is an essential step. Still, bluetooth mesh's success depends upon its ability to deliver unique features and address a wider variety of applications than competing technologies.

The objective to establish a simple, efficient, and adaptable wireless mesh networking solution drove the development of bluetooth mesh. With the bluetooth Mesh Profile, thousands of nodes might communicate in a connectionless way inside the same network. Because bluetooth was initially developed for point-to-point communication, looking into the scalability requirements for bluetooth mesh networks is essential.

A managed flooding communication model supports relaying in a bluetooth mesh network. Several relay nodes can possibly transmit a message injected into the mesh network via controlled flooding. This technique provides flexibility in deployment and operation, but it has the disadvantage of causing packet loss for contention-based access in the unlicensed band. As a result, it is essential to define bluetooth mesh's supported traffic and quality of service.

The solution: Bluetooth is a strong contender to become the primary short-range technology for connecting capillary network edge nodes. By incorporating mesh into bluetooth, low-power sensors may connect with distant capillary gateways, which can be implemented in any bluetooth-compatible device.

The bluetooth mesh allows you to design the network in various ways based on the deployment's characteristics and the application's requirements, and the impact of these network settings scales with network size and throughput. Config choices include the relay function, the usage of acknowledged or unacknowledged transmissions, message repetition techniques, and transmission randomisation.

It carried out a complete stack implementation of the bluetooth Mesh Profile in a system-level simulator to assist standardisation, validate implementation recommendations, and evaluate the performance of a bluetooth mesh network of hundreds of devices.

Capillary gateway

A capillary network is a LAN that offers large-area connectivity to collections of devices using short-range radio-access technology. Wide-area mobile networks may now reach limit devices thanks to capillary networks. The Bluetooth capillary gateway idea is shown in Figure 1. Since Bluetooth is a capillary radio, it standardises the messages and actions of many user situations that demand sensing and actuation orders for constraint nodes. Communication between nodes not near one another through radio is also made possible by relaying these orders via several mesh hops. Extremely low-power, storage- and memory-constrained devices may now access the core network up and to the cloud because of the availability of capillary gateways such as smartphones and/or proxy nodes that offer bluetooth and cellular connectivity in the mesh area network.

Bluetooth capillary gateway concept
Figure 2: Bluetooth capillary gateway concept

Design principles

BLE Mesh has several node/feature types that make Bluetooth mesh unique, including:

  • The publish/subscribe model: The mesh network is said to exchange data utilising a publish/subscribe model. The message-generating nodes broadcast the messages to an address, and the message-interested nodes subscribe to that address. This makes address assignment and group casting flexible.
  • Two-layer security: Two kinds of security keys are used to authenticate and encrypt messages. An application key guarantees the secrecy and authentication of application data transferred between the intended devices, whereas a network layer key secures all communication inside a mesh network. Data transmission over intermediate devices is made feasible by the application key. Messages can be authenticated for the relay without allowing intermediary devices to access or modify the application data. For instance, even though the unlock instruction must pass via the light bulb to reach the lock, a light bulb shouldn't be able to open doors.
  • Flooding with restricted relaying: The simplest and most direct method of broadcast message propagation on a network is flooding. When a device sends a message, it can be picked up by many relays and then passed on to another device. Bluetooth mesh has restrictions that prohibit devices from repeatedly transmitting messages they have already seen and sending messages across many hops.
  • Power saving with "Friend Node": A friend node allows devices requiring low-power assistance to connect with an always-on device that stores and delivers communications on their behalf. Friendship is a unique bond between one nearby "friend" node and a low-power node. The low-power node initiates friendship; after friendship has been formed, the friend node takes activities to assist in lowering the low-power node's power usage. All incoming messages targeted to the low-power node are kept in the friend node's cache and sent to the low-power node upon request. The low-power node also receives security updates from the friend node.
  • Bluetooth Low Energy Proxy: The Bluetooth mesh advertising carrier may not be natively supported by some Bluetooth devices, such as smartphones. The Bluetooth Mesh Profile defines a proxy protocol using traditional Bluetooth connectivity via which mesh messages may be sent to allow those devices in the mesh network.

Security and privacy in BLE mesh

The security and privacy of wirelessly linked devices is a constant worry. BLE Mesh uses several strategies to allay this worry. The security and privacy measures used in a BLE Mesh system are described in the table below.

Security / privacy featureHow does it work?
Encryption and authenticationAll Bluetooth mesh message is verified and encrypted.
Separation of concerns

Using unique keys for each, network, application, and device security are addressed separately.

  • To avoid potential conflicts of interest and distinguish one type of application from another, employ an AppKey. A sensor node, for instance, cannot decode a message encrypted with the lighting AppKey.
    Depending on the network and subnets they belong to, each node has one or more NetKeys. Each network and subnet are isolated from one another by the NetKey.
  • Each node is distinguished from other devices by having a special DevKey for provisioning and setup.
Area isolationA bluetooth Mesh network may be separated into cryptographically different and safe subnets. For example, each room in a hotel may be considered a subnet, whereas the hotel represents the entire network. Subnets prevent guests from one room from interfering with guests from other rooms.
Trashcan attack protection, key refresh, and node removalA Key Refresh technique may be used to replace security keys while the Bluetooth mesh network is still active. When a node is removed, the Mesh network does a key refresh to update the keys on all other nodes. Once the keys have been renewed, the (old) keys stored on the deleted node are no longer valid. This functionality solves security problems if someone acquires access to a previously present device in a BLE network - a trashcan attack.
Replay attack protectionBluetooth mesh security guards against replay attacks on the network. One of the most popular assaults is the replay attack, in which an eavesdropper listens to a communication and replays it for malicious purposes. Consider listening to a door unlock message and replaying it in the middle of the night to break into a residence. BLE Mesh prevents replay attacks by including a sequence number in each transmission. Messages with the same or a lower sequence number than the previous message are ignored.
Message obfuscationMessage obfuscation makes tracking messages exchanged within the network harder and offers a privacy strategy for making monitoring nodes difficult.
Secure device provisioningBLE mesh is a safe way to add a device to a network.

element14 has partnered with many suppliers catering to a wide range of Antenna portfolios for wireless connectivity, such as wireless connectivity bluetooth, bluetooth, RF / wireless development kits, bluetooth modules and adaptors, Bluetooth Adapters, and more.

SharePostPost

Stay informed


Keep up to date on the latest information and exclusive offers!

Subscribe now

Data Protection & Privacy Policy

Thanks for subscribing

Well done! You are now part of an elite group who receive the latest info on products, technologies and applications straight to your inbox.

Technical Resources

Articles, eBooks, Webinars, and more.
Keeping you on top of innovations.