Bluetooth Concept

Bluetooth Wireless Personal Area Networks Traditionally people have been limited to using cables, connectors and adapters to set up a Personal Area Network (PAN). A PAN is used to connect devices such as a printer, mouse, speaker cables, and scanner cables to a notebook computer. With a Wireless Personal Area Network (WPAN) all of the connections can be done without the use of a single cable. WPANs are an innovative and new technology in our world with only two WPAN special interest groups founded thus far: IEEE 802.15 and Bluetooth Special Interest Group. Research into PANs began in March 1998 when the Institute of Electrical and Electronic Engineers (IEEE) formed the WPAN Study Group. The WPAN Study Group was formed with the goal of investigating the need for a wireless network standard for devices within a personal operating area. Ten months later, the WPAN study group became IEEE 802.15. The Bluetooth SIG, composed of a consortium of wireless technology companies, was formed in May 1998. Nine promoter companies currently lead the Bluetooth SIG: Ericsson, Nokia, Toshiba, IBM, Lucent, 3Com, Microsoft, Motorola, and Intel. These companies continue to define the Bluetooth standard and promote the technology3. WPAN standards generally focus on three key issues in regards to product development • Low power consumption in order to lengthen the battery life of portable products. • • Portability requirements to make them easy to carry about or even wear. Decreased cost so that they can become as universal as possible. If these issues can be overcome, WPANs will not only apply around the office or home, but conceivably in any location in the future. Bluetooth is a wireless technology that enables any electrical device to wirelessly communicate in the 2.5 GHz ISM (license free) frequency band. It allows devices such as mobile phones, headsets, PDA's and portable computers to communicate and send data to each other without the need for wires or cables to link to devices together. It has been specifically designed as a low cost, low power, radio technology, which is particularly suited to the short range Personal Area Network (PAN), also known as IEEE 802.15.1 application. From the beginning, Bluetooth technology was intended to hasten the convergence of voice and data to handheld devices, such as cellular telephones and portable computers. Through the efforts of its developers and the members of the Bluetooth Special Interest Group (SIG), it is now emerging with features and applications that not only remain true to its original intent, but also provide for broader uses of its technology. Bluetooth is essentially a networking standard that works at two levels: • It provides agreement at the physical level -- Bluetooth is a radio-frequency standard. • It provides agreement at the protocol level, where products have to agree on when bits are sent, how many will be sent at a time, and how the parties in a conversation can be sure that the message received is the same as the message sent. The Main Features of Bluetooth: • Operates in the 2.4GHz frequency band without a license for wireless communication. • • Real-time data transfer usually possible between 10-100m. Close proximity not required as with infrared data (IrDA) communication devices as Bluetooth doesn't suffer from interference from obstacles such as walls. • Supports both point-to-point wireless connections without cables between mobile phones and personal computers, as well as point-to-multipoint connections to enable ad hoc local wireless networks. Bluetooth is a radio standard and communications protocol primarily designed for low power consumption, with a short range (power class dependent: 1 meter, 10 meters, 100 metres) based around low-cost transceiver microchips in each device. Bluetooth lets these devices communicate with each other when they are in range. The devices use a radio communications system, so they do not have to be in line of sight of each other, and can even be in other rooms, so long as the received transmission is powerful enough. Maximum Permitted Power Maximum Permitted Power Range (mW) (dBm) (approximate) Class Class 1 100 mW 20 dBm ~100 meters Class 2 2.5 mW 4 dBm ~10 meters Class 3 1 mW 0 dBm ~1 meter USAGE MODEL While the Bluetooth usage model is based on connecting devices together, it is focused on three broad categories: voice/data access points, peripheral interconnects, and Personal Area Networking (PAN). Voice/Data Access Points Voice/data access points are one of the key initial usage models and involve connecting a computing device to a communicating device via a secure wireless link. For example, a mobile computer equipped with Bluetooth technology could link to a mobile phone that uses Bluetooth technology to connect to the Internet to access e-mail. The mobile phone acts as a personal access point. The Bluetooth usage model also envisions public data access points in the future. These access points could, of course, support much higher data rates than today’s modems, as public spaces could connect a variety of private Bluetooth access points via a LAN that is routed to the Internet over a DSL line, allowing each access point a private 1Mbps connection to the Internet. Figure. Voice/Data access points Peripheral Interconnects The second category of uses, peripheral interconnects, involves connecting other devices together as shown in Figure. Imagine standard keyboards, mice, and joysticks that work over a wireless link. The Bluetooth link is built into the mobile computer; therefore, the cost of the peripheral device is less because an access point is not needed. Additionally, many of these devices can be used in multiple markets. Another aspect of a short-range link like Bluetooth is in the area of proximity security devices. In this case, if one device is not within range of another device, the first device will go into a high security mode. Figure. Peripheral interconnect Personal Area Networking The last usage model, Personal Area Networking (PAN), focuses on the ad-hoc formation and breakdown of personal networks. Imagine meeting someone in an airport and quickly and securely exchanging documents by establishing a private piconet. In the future, Bluetooth kiosks could provide access to electronic media that could be quickly downloaded for later access on the mobile device. Figure. Personal area N/W How Bluetooth Operates Bluetooth wireless technology is a short-range communications system intended to replace the cables connecting portable and/or fixed electronic devices. The key features of Bluetooth wireless technology are robustness, low power, and low cost. Many features of the core specification are optional, allowing product differentiation. The Bluetooth core system consists of an RF transceiver, baseband, and protocol stack. The system offers services that enable the connection of devices and the exchange of a variety of data classes between these devices. Overview of Operation The Bluetooth RF (physical layer) operates in the unlicensed ISM band at 2.4GHz (actually between 2.402 GHz and 2.480 GHz, to be exact). The system employs a frequency hop transceiver to combat interference and fading, and provides many FHSS carriers. RF operation uses a shaped, binary frequency modulation to minimize transceiver complexity. The symbol rate is 1 Megasymbol per second (Msps) supporting the bit rate of 1 Megabit per second (Mbps) or, with Enhanced Data Rate, a gross air bit rate of 2 or 3Mb/s. These modes are known as Basic Rate and Enhanced Data Rate respectively. During typical operation, a physical radio channel is shared by a group of devices that are synchronized to a common clock and frequency hopping pattern. One device provides the synchronization reference and is known as the master. All other devices are known as slaves. A group of devices synchronized in this fashion form a piconet. This is the fundamental form of communication for Bluetooth wireless technology. Devices in a piconet use a specific frequency hopping pattern which is algorithmically determined by certain fields in the Bluetooth specification address and clock of the master. The basic hopping pattern is a pseudo-random ordering of the 79 frequencies in the ISM band. The hopping pattern may be adapted to exclude a portion of the frequencies that are used by interfering devices. The adaptive hopping technique improves Bluetooth technology co-existence with static (non-hopping) ISM systems when these are co-located. The physical channel is sub-divided into time units known as slots. Data is transmitted between Bluetooth enabled devices in packets that are positioned in these slots. When circumstances permit, a number of consecutive slots may be allocated to a single packet. Frequency hopping takes place between the transmission or reception of packets. Bluetooth technology provides the effect of full duplex transmission through the use of a time-division duplex (TDD) scheme. Above the physical channel there is a layering of links and channels and associated control protocols. The hierarchy of channels and links from the physical channel upwards is physical channel, physical link, logical transport, logical link and L2CAP channel. Within a physical channel, a physical link is formed between any two devices that transmit packets in either direction between them. In a piconet physical channel there are restrictions on which devices may form a physical link. There is a physical link between each slave and the master. Physical links are not formed directly between the slaves in a piconet. The physical link is used as a transport for one or more logical links that support unicast synchronous, asynchronous and isochronous traffic, and broadcast traffic. Traffic on logical links is multiplexed onto the physical link by occupying slots assigned by a scheduling function in the resource manager. A control protocol for the baseband and physical layers is carried over logical links in addition to user data. This is the link manager protocol (LMP). Devices that are active in a piconet have a default asynchronous connection-oriented logical transport that is used to transport the LMP protocol signaling. For historical reasons this is known as the ACL logical transport. The default ACL logical transport is the one that is created whenever a device joins a piconet. Additional logical transports may be created to transport synchronous data streams when this is required. The link manager function uses LMP to control the operation of devices in the piconet and provide services to manage the lower architectural layers (radio layer and baseband layer). The LMP protocol is only carried on the default ACL logical transport and the default broadcast logical transport. Above the baseband layer the L2CAP layer provides a channel-based abstraction to applications and services. It carries out segmentation and reassembly of application data and multiplexing and de-multiplexing of multiple channels over a shared logical link. L2CAP has a protocol control channel that is carried over the default ACL logical transport. Application data submitted to the L2CAP protocol may be carried on any logical link that supports the L2CAP protocol. Bluetooth Specification The Bluetooth wireless specification includes radio frequency, link layer and application layer definitions for product developers for data, voice and content-centric applications. The specification documentation contains the information necessary to ensure that diverse devices supporting the Bluetooth wireless technology can communicate with each other worldwide. The specs are divided into two sections: • • Core Specification - which defines the base technology - and Profile Definitions - This defines specific usage of the base technology to support specific applications whilst ensuring interoperability between products developed by different manufacturers. Physical Layer of Bluetooth Overview This is the lowest layer of the OSI model defines the electrical and mechanical rules governing how data is transmitted and received from one point to another. The topics include digital modulation techniques, frequency band of operation, range/power requirements, and maximum data rates Modulation Techniques The digital modulation technique used is called spread spectrum. Spread spectrum reduces the vulnerability of a radio system to interference from jammers and multipath fading by distributing the transmitted signal over a larger region of the frequency band than would otherwise be necessary to send the information. This allows the signal to be reconstructed even though part of it may be lost or corrupted in transit. The Bluetooth standard is based on the frequency hopping spread spectrum standard The Bluetooth radio module uses GFSK (Gaussian Frequency Shift Keying) where a binary one is represented by a positive frequency deviation and a binary zero by a negative frequency deviation. The spectral mask of the Bluetooth signal is shown in Figure. Bluetooth devices hop over 79 frequencies that are 1MHz wide. Thus, over time, Bluetooth devices occupy 79MHz, but at any specific instance only 1MHz is occupied. The 1MHz center frequency changes (or hops) deterministically at a rate of 1600 times per second. Figure. Typical Bluetooth Signal Power Spectrum Bluetooth operates in the unlicensed 2.4GHz ISM band and therefore must follow the many regulations that apply to this band. Section 15.247 of the FCC regulations contains the key requirements for high-power direct sequence and frequency hopping spread spectrum transmissions allowed in the band. The 2.4GHz ISM band is 83.5MHz wide with a lower limit of 2.400GHz and an upper limit of 2.4835GHz. The FCC regulations limits operation of high-power transmitters (up to 1 Watt) in the band for direct sequence spread spectrum (DSSS) and frequency hop spread spectrum (FHSS) technologies. Figure shows how Bluetooth hops in the 2.4GHz ISM band. Each rectangle represents a Bluetooth transmission. Bluetooth is a slotted protocol. Each slot is 625µs long. Figure. Bluetooth Frequency Occupancy Example Data Link Layer The data link layer, placed directly above the physical layer of the OSI model, is responsible for managing the direct delivery between two devices on a specific physical layer. Features that the data link layer implements include the packetisation of data, channel access and set-up, error control and security. In a radio device, the section that implements the data link layer functions is commonly referred to as the Medium Access Control (MAC). Packet Format The packet format in Bluetooth uses variable frame length format. The packet formats include fields that address issues essential in media access control: • • • • • Data synchronization Packet type field to determine service required Device addressing fields Flow control Header error checks or CRCs to check packet integrity The Access Code The 72-bit access code is mainly used to identify packets transmitted over a Bluetooth channel: all data packets sent on the channel share the same access code. In addition, the access code is used for device paging (finding out if a specific device is in range) and inquiries (used to discover new devices). A Bluetooth device monitors the access code of each packet; if the device is not directly or indirectly addressed, the rest of the packet is ignored. The access code is very fault-tolerant (the minimum Hamming distance between code words is 14, so up to 6 bit errors can be corrected. The access code is also used to determine receiver timing. The Packet Header The 18-bit packet header contains the following information: • A 3-bit target device address, which addresses an active device on the Bluetooth channel. A broadcast address is also provided. • • • A 4-bit type code. Identifies the type of data or control packet. Fields for flow control, sequencing and packet acknowledgement. An 8-bit header CRC To protect the header from transmission errors each bit is repeated three times in row (the Bluetooth spec refers to this as 1/3 FEC encoding) yielding a total length of 54 bits. The Packet Payload The payload part (0 to 2745 bits) of the packet carries the actual data. For ACL links, the payload begins with an 8 or 16-bit header, which indicates the length of the data packet and provides fields for logical channels and flow control. The header also supports fragmentation of data packets. The careful reader notices that during the Bluetooth time slot of 625µS you can send a maximum of 625 bits; how are then 2745 bit packets possible? The answer is that a packet may span up to five time slots, during which the channel frequency is kept constant. Bluetooth Channel Access Bluetooth uses polling as its channel access mechanism. In polling, like TDMA, a master device retains control of the channel. However, the frame content is no longer fixed, as variable size packets may be sent. Transmission by a slave may occur only if the slave has received a poll packet by the master. The poll packet is essentially the master checking to see if the slave needs to transmit data. The master may either poll permanently all slaves (if the number of slaves on the network is small) or reservation slots may be allocated whereby each node may request either a connection or a packet transmission. Bluetooth Error Correction Schemes There are three error-correction schemes defined for Bluetooth: 1/3 FEC (i) , 2/3 FEC and ARQ (ii) scheme for data. The purpose of the FEC scheme on data payload is to reduce the number of retransmissions when an error is encountered, while the ARQ scheme may be used for error-free environments. The user has the option of choosing which error correction scheme with which they wish to implement. However, because packet headers contain valuable link information, it is always protected by a 1/3 rate FEC. (i) Forward Error Correction (FEC) – When the receiver detects an error, it will try to correct the error before passing on the data any further (ii) ARQ scheme – Request a retransmission of the data sent. Security At the highest security level (3), Bluetooth uses a 128-bit encryption key and a 128-bit link key that are shared between the participants. Though the keys are 128-bits, they are calculated purely on the user’s 4 digit PIN and publicly transmitted information such as node address and unit key. The following example15 outlines how a device could gain access to information that it did not have permission for. • • • • Some time in the past device B and C create and terminate a link Devices A and B create a link using A’s unit key as the link key (1) Devices A and C create a link and also use A’s unit key as the link key(2) Device B can decrypt communications between A & C since it has knowledge of A’s key and B’s address (3) Figure. Bluetooth Security Example As shown in Figure, the above example, device B knows all the information that is required in order for it to ease drop on the communications between devices A and C: it knows the link key and both A and B’s addresses. (All device addresses are unique and therefore if device B and C had ever communicated before, B would have a record of C’s address). Though not easy, but shown possible by Lucent Technologies, device B could emulate device A and communicate with C or visa versa. Bluetooth encourages nodes to connect with each other, therefore at level 1 and 2 securities, the question of whether the device is welcomed is not asked. At level 3 security, each device must supply a 4 digit PIN, which must be agreed upon by all devices before the connection is allowed. One advantage that Bluetooth has is that it has a short transmission length; usually 10 m. This means that an unauthorized user would have to be very close to the network in question in order for them to gain access. Bluetooth Protocol stack Here is an outline of the different levels in the Bluetooth protocol stack: • Radio Layer When looking at the different layers of the Bluetooth protocol stack, you will always find the radio layer first. Everything in Bluetooth runs over the Radio Layer, which defines the requirements for a Bluetooth radio transceiver, which operates in the 2.4GHz band. The radio layer defines the sensitivity levels of the transceiver, establishes the requirements for using Spread-spectrum Frequency Hopping and classifies Bluetooth devices into three different power classes: * Power Class 1 – long rang devices (100m), * Power Class 2 – normal or standard range devices (10m), and * Power Class 3 – short (10cm)-range operation • Baseband Layer The next “floor” in the Bluetooth protocol stack is the Baseband Layer, which is the physical layer of the Bluetooth. It is used as a link controller, which works with the link manager to carry out routines like creating link connections with other devices. It controls device addressing, channel control (how devices find each other) through paging and inquiry methods, power-saving operations, and also flow control and synchronization among Bluetooth devices. • Link Manager Protocol (LMP) A Bluetooth device’s Link Manager Protocol (LMP) carries out link setup, authentication, link configuration and other protocols. It discovers other LMs within the area and communicates with them via the Link Manager Protocol (LMP). • Host Controller Interface (HCI) Next in the protocol stack, above the LMP is the Host Controller Interface (HCI), which is there to allow command line access to the Baseband Layer and LMP for control and to receive status information. It’s made up of three parts: 1) The HCI firmware, which is part of the actual Bluetooth hardware, 2) The HCI driver, which is found in the software of the Bluetooth device, and 3) The Host Controller Transport Layer, which connects the firmware to the driver. • Logical Link Control and Adaptation Protocol (L2CAP) Above the HCI level is the Logical Link Control and Adaptation Protocol (L2CAP), which provides data services to the upper level host protocols. The L2CAP plugs into the Baseband Layer and is located in the data link layer, rather than riding directly over LMP. It provides connection-oriented and connectionless data services to upper layer protocols. Protocol types are first identified in the L2CAP. Data services are provided here using protocol multiplexing, segmentation and reassembly operation, and group abstractions occur. L2CAP allows higher-level protocols and applications to send and receive data packets up to 64 kilobytes. The L2CAP spends a lot of its time handling segmentation and reassembly tasks. • RFCOMM Above L2CAP, the RFCOMM protocol is what actually makes upper layer protocols think they’re communicating over a RS232 wired serial interface, so there’s no need for applications to know anything about Bluetooth. • Service Discovery Protocol (SDP) Also relying on L2CAP is the Service Discovery Protocol (SDP). The SDP provides a way for applications to detect which services are available and to determine the characteristics of those services. Instead of relaying on the platforms using the networking technology, Bluetooth outline the use of a SDP server and SDP client. The purpose of the SDP server is to answer question posed by SDP clients on other nodes. The queries may consist of specific question such as: “do you have a colour laser printer?” or may simply be, “what services can you offer me?” By asking the question before a formal connection is made, fewer devices may need to operate on the same network. This also allows all devices to query each other independent of what platform each node is running. Profile Definitions The second volume of the specification essentially comprises a collection of socalled 'profiles', which detail how the base (core) specification should be used to construct specific applications. The purpose of this is to avoid different manufacturers interpreting and using the core specifications in different ways to implement the same task. If this were to happen devices from different manufacturers would fail to interwork, giving Bluetooth a bad name with the end user. (The concept of profiles is familiar within the DECT community, where the advent of the Generic Access Profile, for example, allows different manufacturers' phones to work with others' basestations). The Bluetooth specification was first developed in 1994 by Jaap Haartsen, who was working for Ericsson Radio Systems located in Emmen in The Netherlands. The specifications were formalized by the Bluetooth Special Interest Group (SIG). Versions of Bluetooth and Interoperability Bluetooth 1.1 Many errors found in the 1.0B specifications were fixed. • • Added support for non-encrypted channels. Received Signal Strength Indicator (RSSI) Bluetooth 1.2 This version is backwards compatible with 1.1 and the major enhancements include: • Adaptive Frequency-hopping spread spectrum (AFH), which improves resistance to radio frequency interference by avoiding the use of crowded frequencies in the hopping sequence • • Higher transmission speeds in practice Extended Synchronous Connections (eSCO), which improves voice quality of audio links by allowing retransmissions of corrupted packets. • • Host Controller Interface (HCI) support for 3-wire UART HCI access to timing information for Bluetooth applications: Bluetooth 2.0 This version is backwards compatible with 1.x. The main enhancement is the introduction of Enhanced Data Rate (EDR) of 3.0 Mbps. This has the following effects (Bluetooth SIG, 2004): • • • • • 3 times faster transmission speed (up to 10 times in certain cases). 100 meter range Lower power consumption through a reduced duty cycle. Simplification of multi-link scenarios due to more available bandwidth. Further improved BER (bit error rate) performance. Connection Establishment: Forming Piconet The Piconet Piconet is Bluetooth terminology for the devices participating on a Bluetooth channel. To establish a connection between two (or more) devices, the devices need to select a channel and subsequently join it. This is referred to as “forming a piconet”. Piconets employ a Master/Slave topology: each piconet has a master and one or more slaves. A Bluetooth device may simultaneously participate in multiple piconets, either as master or slave. A device can not, however, be master in more than one piconet. This is due to the fact that the hardware address of the master defines the Bluetooth channel, and hence the piconet. A group of piconets, between which connections exist, is called a scatternet. Piconet Timing In order to determine when a new time slot starts the Bluetooth devices on the piconet need to be synchronized to a common clock. For this purpose, each Bluetooth device has a free-running clock (i.e. a clock that is not related to any external timing source), which ticks every 312.5µS and has a period of 228-1 ticks. The clock of the master device is used to clock the piconet. Each slave determines the offset between its internal clock and the master clock when joining the piconet, and henceforth corrects its internal clock with the offset thus obtained. As the clocks are free-running, the offset needs to be adjusted regularly. Piconet Formation Figure below shows an overview of the states of a Bluetooth link. The arrows indicate possible state transitions. Forming a piconet “from scratch”, such as the example case, consists of three phases: • Inquiry. During this phase the device initiating the connection scans its neighborhood for Bluetooth devices. As a result of the scan, the hardware address of the device(s) to connect to is (are) discovered. • Paging. During this phase the connection is negotiated. This mainly involves informing the slave of the Bluetooth channel to use and synchronizing the clock of the slave to the channel • Connection. The connection has been set up, and data can be transmitted between the devices. In the following sections, the device initiating the connection, and which becomes the master is referred to as “A”. The second device, which becomes the slave, is quite surprisingly called “B”. The Inquiry Procedure The procedure of A discovering B is not entirely trivial, considering that both of devices are changing RF channels in a randomized fashion, and furthermore, are unsynchronized. A simple scheme with a paging channel could have been used, but it would be very sensitive to interference. Instead the following scheme is used: Let r(n,m)∈[0,79] be a pseudo-random frequency hopping sequence indexed by n∈[0,248-1] and m∈[0,31]. Furthermore, ∀n: r(n,m1)=r(n,m2) ⇒ m1=m2, i.e. each frequency appears only once for a given n. In order to be discovered B regularly enters the inquiry scan state to watch for inquiries. During the inquiry scan the device listens for packets with special inquiry access codes. The RF channel is determined by the sequence r(n,mB) by setting n to a special inquiry address (common to all devices) and mB to bits 12-16 of the device clock. The RF channel hopping sequence is thus determined by the inquiry address and the sequence phase by the device clock. The RF channel changes every 1.28s. When inquiring for devices A sends an inquiry packet on two alternating sets of frequencies, each containing 16 frequencies. Sending the inquiry packet on all frequencies in one of the sets takes 16 time slots, i.e. 10mS. The frequency sets consists of the 32 frequencies in the hopping sequence r(n,mA). Both devices use the same n (the special inquiry address), but as the clocks cannot be assumed to be synchronized, the values mA and mB will most likely differ. But, as B changes frequency only every 1.28s (enough time to send 128 inquiry sets), mA and mB will meet at some instant, and the inquiry packet will be received by B. Once the slave receives the inquiry packet it waits a random amount of slots (01023) and then sends a response packet containing its hardware address, native clock and other slave information. The response is sent on a transmission frequency derived from the receive frequency. The random delay is to avoid collisions from other devices responding. Figure. State Diagram of Bluetooth link Unless the response packet is lost, A now has knowledge of B’s hardware address and an estimate of it’s clock. Should the response packet be lost, the inquiry procedure continues. Figure. Device B (2) is in the inquiry scan state. Device A (1) is in the inquiry state, and switly scans 16 frequencies. The 8th frequency matches that of B (3), amd B sends an inquiry response (4). Paging Using the information from an inquiry (hardware address and clock of B) A can page B, in order to establish a connection. In order to answer paging requests B regularly enters the page scan state. As the device clocks are still not synchronized, a frequency hopping scheme similar to the inquiry procedure is used to get trough the first packet. When paging, A enters the page state and transmits packets (in a similar way to inquiry packets) containing B’s Device Access Code (DAC). The DAC is generated from B’s hardware address. When B detects a packet with its DAC, it sends a response packet, which contains only the DAC of B. Upon reception of B’s response to the paging, A enters the master response state and transmits its own hardware address and clock information. Upon acknowledgement from B, the connection is established; A being the master and B the slave. Henceforth, both units use a frequency hopping sequence and access code determined by A’s hardware address. Synchronization is also achieved, as B can offset it’s clock according to the clock information received from A Data Transmission In the previous section a connection between two Bluetooth devices A and B was established. In this section, asynchronous packet trafficking on this connection will be considered. Media Access With the term “media access” one understands the means and procedures used by a device to gain access to the transmission medium. On a Bluetooth channel media access is handled by dividing the time slots into two groups: master-to-slave and slave-to-master slots. The master can only initiate transfer in even-numbered slots (the slots being numbered by the Bluetooth channel clock) and replies from the slave can only be transmitted in odd numbered slots. A slave may only transmit in the slave-to-master slot if it was addressed in the previous master-to-slave slot. It is up to the master to reserve enough slave-to-master channel capacity. Figure. Master/Slave transmit and receive timings Packet Acknowledgement and Flow Control When transmitting data or data/voice packets an unnumbered ARQ (Automatic Repeat Request) scheme is used. Such packets are retransmitted until an acknowledgement of successful reception is received, or a timeout occurs. The acknowledgement (either positive or negative) is piggy-backed onto the header of the return packet. A missing acknowledgement (e.g. the return packet was lost) is treated as a negative acknowledgement In case of master-to-slave transmission, the return packet is sent in the subsequent time slot. When the slave transmits the return packet is received the next time the master addresses the slave. In order to distinguish the cases when a packet was successfully received, but the acknowledgement was lost and successful acknowledgement, a 1-bit sequencing number is used. If a packet it resent, the sequence number is held; this way the recipient will detect duplicate packets. If the receive buffer fills up, a Bluetooth device may stop the transmission by resetting the FLOW field in the return packet. This “stop” signal does not affect control packets. If the return packet is not received, a “go” signal is assumed. Modes of Operation in the Connected State Bluetooth devices can enter several modes of operation while connected. The modes reflect different levels of activity and availability on the channel; typically a device can save channel bandwidth and power by entering a suitable mode. The modes are described below. Active The Bluetooth device actively participates on the channel and listens for all packets addressed to it. The device holds one of the 7 Active Member (AM) addresses on the piconet. Sniff The listening duty of the device is reduced. The master is only allowed to start transmission to the device in certain slots. The device ignores transmissions on other slots. Hold The device can temporarily be put in hold mode, meaning that it does not support any ACL traffic on the channel for some time interval. The time interval is negotiated when the hold mode is set up. The device still keeps its AM address, though. Park The device gives up its AM address in exchange for a Parked Member (PM) address (the number of available PM addresses is huge), and no longer participates in traffic on the channel. During this low-power state the device regularly wakes up to resynchronize to the channel and to check for unpark messages. By on-demand parking and unparking of members, a piconet of more than 7 members can be accommodated.