My house has locking doors and windows, an alarm system, and several security cameras. I own a baseball bat, but I’m not a fan of baseball.

My garden shed, on the other hand, has a door with no lock and is protected only by the easily climbed fence around my property. It’s counterintuitive, but I consider the security of my shed to be just as fit for purpose as that of my house.

The point is that my shed is sufficiently secure to protect the items it contains, and, as such, its security is fit for purpose. The shed contains little of any value; a broken plant pot, a (presumably) happy family of spiders, and an unidentifiable rusty thing in the corner which has been there since we moved into this house twenty years ago. My house, on the other hand, contains many things and people that I value very much, and so substantially more has gone into its security than that of the shed.

Security and descriptive terms like secure do not, therefore, relate to any form of absolute.

Bluetooth Technology and Security

Bluetooth® technology is more than twenty years old and 10 million Bluetooth devices currently ship every day. There are many factors which might explain its longevity, but I’m certain that one of them is the way in which Bluetooth technology, driven by the requirements and expertise of Bluetooth SIG member companies, has been continuously evolved to improve it, making it more versatile and more powerful. This includes its security capabilities.

The level of security which a Bluetooth® Low Energy (LE) product may attain…is considerably higher than that which used to be possible.

The Bluetooth Core Specification defines a series of security capabilities which include encryption, authentication, and privacy features and various security procedures such as pairing. Profile specifications may mandate or just recommend the use of certain Bluetooth security features in related products.

But much of the philosophy behind Bluetooth® technology and security has always been to offer the security features as a kind of security tool kit, which the profile designer, product designer, and software developer must select from and use in their product to render its security fit for purpose. This places responsibility on the product manufacturer’s team to do their own assessment of the security issues as they relate to their product, the expected users of their product, and the circumstances in which it will be used.

The level of security which a Bluetooth Low Energy (LE) product may attain, using a stack which is compliant with the latest Bluetooth Core Specification, is considerably higher than that which used to be possible. Bluetooth LE switched to a new and far more secure approach to pairing called LE Secure Connections, in release 4.2, for example. But the higher or highest security attainable requires designers and developers to use the right security features in the most appropriate way.

Ascending the Learning Curve

If you’re new to Bluetooth® technology and, perhaps, new to security in general, where and how do you start? How do you know what security features Bluetooth technology has and how they relate to commonly understood security concepts and issues? How do you gain an appreciation of how they work and how you might use them in a product?

Until now, the answer has been that you must take a deep breath, dive into the Bluetooth Core Specification, and start reading. But the Bluetooth Core Specification is about three thousand pages long and, whilst there are sections specifically about security, the topic does crop up in many other parts of the specification, which means you’ll need to be thorough in your review of the specification if you want to gain a full appreciation of Bluetooth security. And depending on your start-point, in terms of prior knowledge and experience, the learning curve may appear to be steep. We at the Bluetooth SIG acknowledge that some people may feel they’re climbing a large and difficult mountain.

The Bluetooth Low Energy Security Study Guide

The Bluetooth® LE Security Study Guide is for anyone in any kind of technical role who works with or expects to work with Bluetooth LE.

To help you get comfortable with basic security concepts – Bluetooth® LE security features, what they are, how they work, and when you might use them – we’ve created the Bluetooth LE Security Study Guide. This is not a substitute for the Bluetooth Core Specification, which should always be your reference for any technical questions about how a Bluetooth stack should function. Instead, think of it as providing a series of basecamps and giving you a guided tour up the mountain. Once you’ve worked through some or all of the guide, you’ll find tackling the Bluetooth Core Specification a much less challenging task.

Per the name, the Bluetooth LE Security Study Guide focuses on security as it relates to Bluetooth LE only.

The Bluetooth LE Security Study Guide is modular. If you’re already familiar with security concepts in general, you can skip that section. If you’re already familiar with how LE Legacy Pairing works but want to clarify what LE Secure Connections is about, you can just read that part. You should be able to use this new study guide in a time-saving and efficient way before heading for the appropriate part(s) of the Bluetooth Core Specification.

Who is the Bluetooth LE Security Study Guide for?

The Bluetooth® LE Security Study Guide is for anyone in any kind of technical role who works with or expects to work with Bluetooth LE. CTOs and product managers will benefit from appreciating the security features that Bluetooth LE defines and understanding the underlying, industry-standard cryptology they are based upon. Technical architects will benefit from a deeper exploration of how these features work, and software developers will have the opportunity to gain some hands-on experience implementing some of the key features through a series of exercises based upon the Zephyr OS and SDK.

The Bluetooth LE Security Study Guide is available for download from the Resources section of bluetooth.com.

FEATURED DOWNLOAD

The Bluetooth LE Security Study Guide

This self-study education resource explains the toolkit of security features which Bluetooth® Low Energy (LE) possesses and how they work. Developers can also gain hands-on experience writing code which exploits some of the most important Bluetooth LE security features.

INSTANT DOWNLOAD

How to Do Stuff with Bluetooth® Technology

Got a robot dog you want to remote control? You came to the right…

An Introduction to the Bluetooth LE Security Study Guide

My house has locking doors and windows, an alarm system, and several security cameras.…

Why Bluetooth Technology is the Developer’s Swiss Army Knife

Members of the Bluetooth® community are continuously innovating. Over the last two decades, members have…

Updates to the Bluetooth Internet Gateway Study Guide

According to the ABI report Installed Base of IoT Devices by Connectivity Technology, published…

In Case You Missed It: What’s New With Blue This Summer

The Bluetooth® developer community is always pushing the technology forward, and this summer has…

New Core Specification v5.3 Feature Enhancements

One of the key reasons why Bluetooth® technology has emerged as the global wireless…

Bluetooth® Core Specification Version 5.3 Feature Enhancements

Bluetooth® Core Specification version 5.3 includes several feature enhancements with the potential to improve…

Connect: Car Access Demo

In this demo, Texas Instruments will discuss and demonstrate Bluetooth 5.1 and its cutting…

Wireless Connectivity Options for IoT Applications - Commercial Lighting

Industry 4.0 is no longer a thing of the future. The term describes the…

Designing and Developing Bluetooth® Internet Gateways

Learn about Bluetooth internet gateways, how to make them secure and scalable, and design and implement your own working prototype gateway and web application for use with either Bluetooth LE Peripherals or with Bluetooth mesh networks.

An Introduction to Bluetooth Low Energy for Swift Developers

All smartphones support Bluetooth® Low Energy (LE) and it is used in all manner…

Building a Sensor-Driven Lighting Control System Based on Bluetooth® Mesh

A technical examination of which Bluetooth mesh models to use in different types of…

How Bluetooth Low Energy Works: 21 Interesting Facts

Whether you’re a beginner or an expert in Bluetooth Low Energy development, it’s always…

How to Deploy BlueZ on a Raspberry Pi Board as a Bluetooth Mesh Provisioner

This step-by-step study guide will teach you: How to rebuild the kernel on a…

The Bluetooth LE Security Study Guide

Learn about fundamental security concepts, the security features of Bluetooth Low Energy, and gain some hands-on experience using those features in device code.

How Bluetooth 5 Increases the Achievable Range of a Bluetooth Low Energy Connection

Texas Instruments offers their theory on how to achieve long range with a Bluetooth…

Testing Long Range (Coded PHY) with Nordic Solution (It Simply Works)

There has been a lot of discussion and confusion about testing the long range…

 Get Help