Mobile Internet

4.- Low Power technologies:

RFID/NFC, BLE

IM, Jorge García Vidal, 2020-21

 Comm: Wireless technologies
Power ≈ 1 W
Wi-Fi
200 802.11n
Cellular
54 802.11a,g
All IP
Data rate (Mbps)

5-11 802.11b LTE, 802.16 (WiMAX) 4G

4 802.11ah UMTS/WCDMA-HSPDA
3G cellular
1 enhanced
UMTS/WCDMA
Bluetooth,
.384 802.14.4 GSM, GPRS 3G

.056 RFID LoraWAN, 2G, 2.5G

NFC NBIoT
Indoor Outdoor Mid-range Long-range
10-30m 50-200m outdoor outdoor
Near zero-power Low power (<100mW) 200m – 4 Km 5Km – 20 Km

(passive tag)
Low Power:
RFID/NFC
 Identification: RFID Tags
RFID middleware server Antenna
Tag
Reader

ID: EPC binary schemes: SGTIN-96

Company Indicator Item Serial
prefix digit reference Number

Chip but NO battery,

The energy is harvested
from EM field/wave
Tags
Physical principles: Near/Far EM Field
ITX(t) IRX(t) EM wave IRX(t)
+

< l/2p > 2l

Near Field Far Field

(Reactive) Electromagnetic field
 Near Field: Inductive coupling
• Two close antennas/coils can be coupled => changing
parameters of one circuit (e.g. impedance), can be
sensed by the other circuit (e.g. electrical
transformer) (“Load modulation”)

Reader Tag

Rtag

Magnetic Field B
 Equivalent circuit
Equivalent circuit: Changes in Rtagcan be sensed by the
reader
L1 R1
Reader Tag
Info to reader
Reader
Rtag M
Tag
Rtag
Energy for tag chip

“100100100111001”
 Far field: Backscattering
• The RFID reader sends EM waves. The RFID tag
antenna changes its parameters (impedance). For
each impedance value, the RFID tag presents a
certain Radar Cross Section.
Incident EM wave

Reflected EM wave “100100100111001”

Source: P Nikitin, K Rao “Measurement of backscattering from RFID tags”
 PASSIVE SEMIPASSIVE ACTIVE

Inductive Coupling Inductive Coupling

(125/134 KHz, (125/134 KHz,
13,56 MHz) 13,56 MHz)
TRANSPONDERS

Backscatter Backscatter
(869 MHz, (869 MHz,
2.4 GHz, 5.7 GHz) 2.4 GHz, 5.7 GHz)

Surface Acoustic
Wave
(2.4 GHz)
TRANSCEIVER

Conventional Tx/Rx
(869 MHz, 2.4 GHz,
5.7 GHz)

Source: J. Griffin, “The Fundamentals of Backscatter Radio and RFID Systems”

Source: http://trace-id.com/en/rfid-tags-applications/
 NFC
• NFC is an evolution of Radio Frequency Identification
(RFID) technology, created mainly for use by mobile
devices.
• NFC communicates with a shorter range of around a
maximum distance of d= 14 cm (which in reality is
less than 4 cm),
• and a maximum transfer velocity of R = 424 Kbps of
communication in the unregulated radio frequency
ISM band of 13.56 MHz .
Identification: NFC tags
 NFC
• Two modes of communication:
– Active mode of communication: Both devices are
active and can transmit and receive data.
– Passive communication mode: Only one of the
devices generates the radio frequency field. The
second device, the passive one (named NFC Tag),
acts as passive tag.
 NFC

• There are three types of communication:

– Card emulation is used when the NFC device
works as a contactless card and can be used to
manage payment systems
– Reader/Writer is used to modify, store or read
data from a passive element or NFCTag.
– Peer to Peer is specifically for active NFC devices,
establishing a link between two devices, generally
mobile phones (smartphones), which allows an
exchange of information between the two.
NFC Data Exchange Format (NDEF)
• NDEF messages provide a standardized method for a
reader to communicate with an NFC device.
• A NDEF message consists in a number of NDEF
records.
• NDEF records contains:
– the type (e.g. MIME type or URI)
– length of the payload,
– optional identifier,
– and the payload.
 Activities & Intents in Android
• An activity represents a single
screen in an android app with
an interface the user can
interact with.
• All Android activities are started
or activated with an intent.
• Intents are message objects
that make a request to the
Android runtime to start an
activity or other app component
in your app or in some other
app.
 NFC in Android devices
(https://developer.android.com/guide/topics/connectivity/nfc/nfc)

• Android devices are usually looking for NFC

tags when the screen is unlocked
• When a device discovers an NFC tag, Android
provides a tag dispatch system that to locate
applications interested in the scanned data:
– Parses the NFC tag.
– Encapsulates the MIME type or URI and the
payload into an intent.
– Starts an activity based on the intent
NFC tag
dispatch system

e.g. URI in the form of

“http://developer.android.com/index.html”.

E.g. MifareClassic,
and NfcA
Low Power:
BLE
 Bluetooth Low Energy (BLE)
• Developed by the Bluetooth Special Interest Group
(SIG) for short-range communication (control and
monitoring applications).
• Bluetooth version 4.0 (2010) has three protocols:
Classic Bluetooth, Bluetooth high speed and
Bluetooth Low Energy (BLE).
• Single-mode devices support only BLE (Bluetooth
Smart), while dual-mode ones can operate in BLE or
Classic Bluetooth protocol (Bluetooth Smart Ready).
• Bluetooth 5 introduces a new transmission mode
 BLE PHY
• ISM Band (same as classic Bluetooth)
• 40 channels with Bw = 2 MHz (3 channels for
advertising packets, and 37 for data packets)
• Uses channel hopping to combat interference
• R= 125 Kbps, 1 Mbps (2 Mbps optional in Bluetooth5)
• Application throughput : 270 Kbps-1.4 Mbps
• Ptx <= 10 mW (100 mW in BlueTooth 5)
• Max d < 100 m (theoretical)
• Proximity beacons can function for many months
powered by a 1,000mAh coin cell battery
 GATT & GAP
Application

Generic Attribute Generic Access

Profile (GATT) Profile (GAP)
Security
Attribute Protocol
Manager
(AT)
(SMP)

L2CAP

Link Layer

PHY
 GAP
• Generic Access Profile (GAP) controls connections and
advertising in Bluetooth.
– GAP defines various roles for devices:
peripheral (small, low power, resource contrained
devices) and central devices.
– The interchanged packets have payload of 31 bytes
and can be Advertising Data and the Scan Response
(an optional secondary payload that central devices
can request, and allows device designers to fit a bit
more information in the advertising payload such a
strings for a device name, etc).
Advertising and scanner advertiser

discovery

• BLE devices broadcast advertising packets through 3

separate channels.
• The advertising device sends a packet on at least one
of these three channels, with a repetition period
called the advertising interval.
• The scanner listens to the channel for a duration
called the scan window, which is periodically repeated
every scan interval.
 Types of AD packet

Advertising Indications (ADV_IND), a ADV_DIRECT_IND, a peripheral requests

peripheral requests connection to any central connection to a specific central device
device

ADV_NONCONN_IND. Non connectable ADV_SCAN_IND, Similar to

devices, advertising information to any ADV_NONCONN_IND, with the option
listening device. additional information via scan responses.
 Advertise packets
• Header (type of AD packet) + payload.
• The payload can be up 31 Bytes long, and
consists of 1 or more “AD structures”. An AD
structure contains: length, type and data

02010603030918

Length: 02 bytes Length: 03 bytes

Type: 01 (flags) Type: 03 (list of 16 b services)
Value= 06 Value= 0918
(en binario 00000110) (“Health thermometer”)
 Advertising data types
• 0x06 Incomplete List of 128-bit Services:
UUIDs of the services provided by the
peripheral can be advertised in 128-bit
format.
• 0x02 Incomplete List of 16-bit Service Class
UUID
• 0x08 Shortened Local Name
• 0x09 Complete Local Name Explained when we will
see GATT
 GATT
• Generic Attribute Profile (GATT) defines
the way that two devices transfer data,
once a dedicated connection is
established through the advertising
process governed by GAP.
• It makes use of a generic data protocol Attributes
called the Attribute Protocol (ATT),
which is used to store related Att1
Att2
information (attributes) in a simple …
lookup table using 16-bit IDs for each
entry in the table.
 Client Server
ATT

Attributes
The Attribute Protocol (ATT) defines
how this data is structured as
attributes

Unique ID of Read/write
this attribute UUID permission
 Profiles, services & characteristics
• Profiles is a pre-defined collection of services that
has been compiled by either the Bluetooth SIG or by
the peripheral designers.
• GAP and GATT are Generic profiles, supported in all
BLE devices
• E.g. Heart Rate Profile, combines Heart Rate Service
and Device Information Service
• A device may contain implementations of multiple
profiles.
 Examples of BLE profiles
• BLP (Blood Pressure Profile) — for blood pressure
measurement.
• HTP (Health Thermometer Profile) — for medical
temperature measurement devices
• CSCP (Cycling Speed and Cadence Profile)
• HRP (Heart Rate Profile) — for devices which
measure heart rate
• LNP (Location and Navigation Profile)
• RSCP (Running Speed and Cadence Profile)
• ESP (Environmental Sensing Profile)
• Etc…
 Profiles, services & characteristics
• Services break data up into logic entities, and contain
specific data called characteristics.
• A service can have one or more characteristics
• Services are characterized by a unique Universally
Unique Identifier (UUID), of 16 bit for officially
adopted BLE Services or 128-bit for custom services
 Advertising data types
• 0x06 Incomplete List of 128-bit Services:
UUIDs of the services provided by the
peripheral can be advertised in 128-bit
format.
• 0x02 Incomplete List of 16-bit Service Class
UUID
• 0x08 Shortened Local Name
• 0x09 Complete Local Name Explained when we will
see GATT
 Profiles, services & characteristics
• Characteristics encapsulate a single data point.
• Similarly to Services, each characteristic is identified
by a pre-defined 16-bit or 128-bit UUID
• E.g.
– the Heart Rate Measurement characteristic is mandatory
for the Heart Rate Service, and uses a UUID of 0x2A37.
– It starts with a single 8-bit value describing the HRM data
format (whether the data is UINT8 or UINT16, etc.), and
the goes on to include the heart rate measurement data
that matches this config byte.
 Commands
GATT Client/ Requests
Server
• The client must discover info
about the server:
– UUIDs for primary services
– Find a service with a given Answers
UUID
– Characteristics for a given
service The server receives
GATT comands &
– Read all descriptors for a
requests and returns
particular characteristic
answers.
•