Technology - Expert Notes
Ellisys Expert Notes are quick technical notes illuminating some difficult
specifications aspects. Each Expert Note include a main document and optional
attachments such as traces, scripts, etc.
Bluetooth BR/EDR and Low Energy
|
EEN_BT01 - Capturing Bluetooth Traffic, the Right
Way
Bluetooth is a difficult technology to sniff. Advanced communication
techniques such as frequency hopping, whitening, and encryption are
all characteristics that make this ever-evolving technology “sniffer
unfriendly”. This paper covers how these challenges affect engineers
and what we can do to improve the situation. We will specifically cover
wireless capture, focusing on the two sniffing techniques available
today: single-channel sniffing and whole-band concurrent channel sniffing. |
|
EEN_BT03 - Your First Wide-band Capture
A wide-band sniffer is very easy to use. Start the capture, connect your
devices and all traffic will immediately be captured. There are a few things
that need to be known however, in order to get a perfect capture. This
document guides the reader through some simple steps required to ensure
an optimal capture. |
|
EEN_BT04 - Optimal Placement of Your Analyzer
Capturing Bluetooth traffic with a whole-band sniffer is a piece
of cake: just turn on your analyzer, start capturing and your traffic is
displayed right away. However, as with any wireless technology, some care
must be taken to ensure that the analyzer is placed in an ideal position
in order to robustly capture the traffic. This paper provides some good
practices and explains a few pitfalls to be avoided. |
|
EEN_BT05 - Understanding Antenna's Radiation
Pattern
A basic understanding of antenna radiation patterns is very useful
for correctly positioning your wireless devices, in order to ensure
the most ideal transmission quality. This is even more important when
doing protocol analyzer captures. This document provides some basic
information about radiation patterns of various antenna types. |
|
EEN_BT06 - Bluetooth Security - Truths and
Fiction
Bluetooth security is a complex and often-misunderstood topic.
A good understanding of security principles is important, but it is
equally important to understand how protocol analyzers handle security
in order to correctly define security requirements in a Bluetooth device.
This paper covers a few often-misunderstood topics and will provide
clarifications. |
|
EEN_BT07 - Secure Simple Pairing Explained
Stronger security introduced by SSP means new challenges for Bluetooth engineers.
Debugging off-the-shelf devices in the field becomes difficult to impossible.
Things are not as bad as they may seem however. This document introduces
the basics of SSP and clears up some misconceptions commonly found in the Bluetooth community. |
|
EEN_BT08 - Separating the Wheat from the Chaff
Bluetooth topologies are becoming increasingly complex as the technology
evolves and new, more sophisticated applications begin to appear. Busy
lab environments or public testing events (like UPFs) can involve dozens
or even hundreds of devices, all active at the same time. This paper will
walk the user through the process of using the powerful Device Traffic
Filter and associated Device Database, and will touch on usage applications
for other filter mechanisms. |
|
EEN_BT09 - Methods for Accessing a Link Key
Since the advent of Simple Secure Pairing (SSP), Bluetooth engineers have faced a new challenge in debugging Bluetooth devices. SSP simplifies the end user’s pairing experience while providing greater security for the connection, but it inherently presents obstacles to Bluetooth engineers seeking to decrypt analyzer-captured Bluetooth traffic. At the center of the challenge is gaining access to the link key. This document will explore some of the methods available to locate and access this key. |
|
EEN_BT10 - Capture and Security Challenges Relating to LE ISOC
The release of Bluetooth 5.2 introduced several major features for Bluetooth, including LE Power Control, Enhanced Attributes (EATT), and the ability to transport audio over Bluetooth Low Energy, via the new LE Isochronous Physical Channel. This document will explore the concept of Bluetooth LE physical channels, the fundamental operations of the two LE Isochronous logical transports, security approaches used by these transports, and how access addresses are used.
We will also look at challenges encountered by test equipment concerning capture, encryption and decryption of isochronous traffic carried over Bluetooth LE, and how these challenges are solved by unique and proprietary innovations from the Ellisys engineering team. |
|
EEN_BT11 - Measuring Audio Latencies
Ellisys Bluetooth analyzers associated with the Audio Grabber accessory allows for precise, time-synchronized capture and measurement of audio latencies involving analog audio signals and I2S (Inter-IC Sound) digital audio inputs, all synchronized to any other traffic streams captured by the analyzer, such as Bluetooth wireless audio, Host Controller Interface (HCI) traffic, Wi-Fi, I2C, UART, and others. |
SuperSpeed USB 3.0
|
EEN_SS01 - Link Layer and Protocol Layer Retransmission
Mechanisms
USB 3.0 retransmission mechanisms are quite different from
USB 2.0
because of the new routing infrastructure. USB 3.0 has separate retransmission
mechanisms in the Link and the Protocol Layers for optimizing data
buffering in devices and especially hubs. We will examine in this
document the traffic exchanged between two link partners (such as
a host and a device) when a DPH is received as invalid by one end.
Attachments: trace | script |
|
