General market questions

What is Bluetooth® Mesh?

Bluetooth® Mesh networking enables many-to-many (m:m) device communications and is optimized for creating large-scale device networks. It is ideally suited for control monitoring and automation solutions that require tens, hundreds or thousands of devices to communicate with one another.

Where can I use Bluetooth® Mesh?

Bluetooth® Mesh is being used across a wide range of markets. We are seeing significant activity in the building automation market, especially with commercial lighting solutions, and in sensor network solutions across several markets. It is ideally suited for IoT solutions that require tens, hundreds or thousands of devices to communicate with one another.

Which Bluetooth core specification versions support mesh networking? Can I upgrade existing products that use Bluetooth® technology?

Mesh networking operates on Bluetooth Low Energy (LE) and is compatible with core specification version 4.0 and higher. Bluetooth specifications allow for upgradeability. Only products designed to be upgradable can be enhanced in the field to support mesh networking. Upgradeability is determined by several factors, such as the amount of memory available in the Bluetooth chip. However, you should check with your device and/or product manufacturers to ultimately make this determination.

Why should I choose Bluetooth® Mesh networking?  

Bluetooth® Mesh is ideally suited for control, monitoring, and automation systems where hundreds or thousands of devices need to communicate with one another. Bluetooth Mesh was designed to meet the strict requirements of commercial and industrial environments where ease of deployment, performance, and security are of the utmost importance. Networked lighting control is one use case that has rapidly embraced Bluetooth Mesh technology.

  • Ease of Deployment
    • With Bluetooth® technology native in 100 percent of smartphones and tablets, installers can use commissioning apps that communicate directly with nodes on a Bluetooth® Mesh network, eliminating the need for specialized engineering expertise or internet and cloud platforms to support installation and operation of the system. In addition, a remote provisioning feature makes adding new devices or changing existing devices even easier.
  • Reliable & Scalable Performance
    • Bluetooth® Mesh was specifically designed with large-scale wireless network deployments in mind. Three key features help separate Bluetooth® Mesh from other wireless networking technologies and provide the resiliency needed by installers, building managers, and end users in commercial and industrial installations.
      • Control systems based on Bluetooth® Mesh do not require centralized controllers, as intelligence is distributed to all end devices. A decentralized control architecture enables systems to achieve significantly greater scale, reliability, and performance, at lower costs.
      • A unique publish/subscribe message addressing approach significantly lowers messaging traffic on the network, leading to greater network scale and performance.
      • Bluetooth® Mesh offers multiple options for message relay. Managed Flood provides reliable, multi-path messaging over multiple hops. Directed Forwarding increases scalability and can improve messaging efficiency in the most complex, large-scale mesh networks.
    • Mandatory Multi-level Security
      • Bluetooth® Mesh is designed with security as a top priority and provides industrial-grade security for protection against all known attacks.
        • Comprehensive security that covers the entire network of devices and various groupings of devices is mandatory
        • Additional features are available to further enhance security and network device privacy
        • The Bluetooth® Mesh security architecture is open and available for public review

What do I need to build a Bluetooth® Mesh networking product?

To build Bluetooth® Mesh networking products, you need compatible hardware and software. Bluetooth® Mesh networking requires an underlying Bluetooth LE 4.x or 5.0 stack, which supports the GAP Broadcaster and Observer roles, to both advertise and scan for advertising packets.

To use Bluetooth Mesh networking over Bluetooth LE, it’s recommended that you use a qualified SDK from a Bluetooth Mesh solution provider, which includes Bluetooth Mesh networking protocol and models with corresponding APIs.

What do I need to build a Bluetooth® Mesh networking smartphone application?

To develop smartphone or tablet applications for use with Bluetooth Mesh networking products, if your mobile operating system provides suitable APIs that allow an application to meet the requirements relating to Bluetooth LE advertising packets defined in the Mesh Profile specification, you should use the advertising bearer. The advertising bearer is the preferred bearer in all cases. Where the advertising bearer cannot be used, you may use the Bluetooth Mesh proxy protocol to enable communication with the mesh network via a proxy node. The proxy protocol can be implemented on top of standard Bluetooth Low Energy GAP and GATT APIs.

Can I use Bluetooth® Mesh networking to stream music to all the speakers in my home?

No, Bluetooth Mesh networking is optimized for the exchange of small messages between many Bluetooth devices and not for media streaming.

Does mesh affect other Bluetooth wireless devices operating nearby, like listening to music?

No, you can continue to listen to music, sync your activity tracker and see notifications on your smart watch whilst in or near a mesh network.

What is happening with Bluetooth® Mesh now that Bluetooth® NLC is available?

Bluetooth® Mesh remains the most ideally suited mesh networking technology for control, monitoring, and automation systems where hundreds, or thousands of devices need to communicate with one another. Bluetooth® Mesh meets the strict requirements of commercial and industrial environments where performance, reliability, and security are of the utmost importance. Bluetooth® NLC simply builds on Bluetooth® Mesh to deliver a full-stack standard for wireless lighting control.

Message relay questions

Why does Bluetooth® Mesh use a flood-based message relay approach?

A managed flood approach to message relay best meets the requirements for enabling simple, reliable and scalable mesh networks.

With managed flood messaging, no complex routing table creation and management is required. Even in routed solutions, where a table can be automatically generated, significant network interruptions can occur.

Managed flood messaging is inherently multipath, ensuring messages reach their intended destination. It’s also inherently peer-to-peer, allowing all nodes to communicate directly with one another. With no central hub or routing nodes, there are no single points of failure.

In most mesh network implementations, a significant percentage of messaging traffic is multicast, such as a single light switch in a building that controls tens or hundreds of lights. The managed flood messaging approach of Bluetooth Mesh, combined with its publish/subscribe group messaging model, supports extremely efficient messaging for large-scale networks with high performance.

Are all flood-based mesh networks power inefficient?

No, in a simple flood-based mesh network that can be the case, but Bluetooth® technology implements a managed flood approach in which only main-powered nodes serve as message relays. Low-power nodes, such as battery-powered sensors, are not responsible for message relay. In a Bluetooth® Mesh network, low-power nodes with a coin-cell battery can operate for many years.

How does Bluetooth® Mesh networking handle multicast messaging?

Bluetooth® Mesh handles multicast communications using a publish/subscribe group messaging approach.

Half of the address space is allocated to group addresses, and a message can be sent to a group address. Each node can be configured to subscribe to a set of group addresses and publish messages to a set of group addresses.

For example, a light switch may publish the “turn on” message to the “hallway group”, and all lights along that hallway would be subscribed to that same “hallway group” address. But the lights may also be subscribed to other groups, such as the “ground floor group”, the “all lights group”, and the “emergency exit route” group.

Bluetooth® Mesh also supports virtual addresses, which extend group addresses by allowing a 128-bit UUID to act as the destination address. A hash of the Label UUID is used to reduce the overhead of checking UUIDs. Each hash value represents millions of different Label UUIDs, increasing the number of potential virtual addresses.

Provisioning Questions

What is provisioning?

Provisioning is the process of adding a device to a specified mesh network. It turns a device into a node on the network and includes security key distribution and the creation of a unique ID for the device being added.

What is Remote Provisioning?

Remote Provisioning makes it easier to provision new devices across Bluetooth® Mesh networks, saving installers valuable time and money. The new Remote Provisioning feature adds the ability for provisioning to be carried out over the mesh network, with provisioning messages taking one or more hops to reach the remote, un-provisioned device.

The Remote Provisioning feature also provides procedures to automate the handling of important events in the lifecycle of a Bluetooth® Mesh network, such as the secure transfer of ownership after the network has been initially created by allowing device keys of all devices to be regenerated.

Can I back up my provisioning data and restore it?

Yes, you can back up your provisioning data. This is not defined in the specification, so you can use any backup mechanism you like.

General Architectural Questions

What is a node?

A node is a provisioned device on a Bluetooth® Mesh network.

How many nodes can I have in a single network?

While the spec allows for up to 32,000 nodes to be provisioned, we don’t expect those numbers to be achieved quickly in the real world. However, we are already seeing representative networks exceeding well over 1,000 nodes, which is much greater than other low-power mesh technologies on the market today.

Do I need different types of nodes for a Bluetooth® Mesh network?

No, unique to Bluetooth® Mesh networking, all nodes in a network are decentralized and can talk to each other directly.

There are no centralized hub or routing nodes, so there is no single point of failure. However, to accommodate low-power nodes, such as battery-powered sensors, only some nodes perform the message relay function.

Some nodes take on additional functions to support messaging to low-power nodes. This allows a low-power node to remain part of a network, but it can sleep for hours or days at a time until it needs to report some bit of information. As a result, low-power nodes using a coin-cell battery can operate for many years.

What are models and properties?

Bluetooth adopted a simple, yet powerful approach for developers to describe what a node on a Bluetooth Mesh network is and does so that it can interact with other nodes. This approach is based on a set of building blocks called models. Models consist of a collection of features with defined functions and behaviors. There are four classes of models, including generics, sensors, timing and lighting. Generic models are the basic building blocks and define the standard functionality of a device, such as the ability to have a simple on/off state. You can combine generic models or enhance them using properties. Properties provide additional context and value to a model.

Security Questions

How is security handled in a Bluetooth® Mesh network?

Bluetooth® Mesh networking is a true commercial-grade solution, including its approach to security.

  • Devices added to a network are provisioned using proven security algorithms. This uses 256-bit elliptic curves and out-of-band authentication to securely add devices.
  • All communication is required to be secured using AES-CCM using 128-bit keys. All mesh messages are encrypted and authenticated.
  • Encryption and authentication are applied at two layers, the network layer and the application layer. All nodes in the network help relay messages at the network layer without being able to read their contents. Those contents are secured with a separate application key, providing true end-to-end security.
  • Each message has a minimum of 64 bits of authentication, but it’s possible to have up to 1088 bits of authentication for the longest messages.
  • Models are organized in the specification to account for different users with different security credentials. This gives maintenance personnel full control over network configuration while allowing employees to interact.
  • Replay attacks are prevented by mandating fresh sequence numbers on every message sent.
  • Devices can be blacklisted in the mesh network by using defined key update procedures. During provisioning, each device computes a unique device key that only the provisioner knows and can update.
  • Messages protect identity by obfuscating every packet sent and refreshing privacy. This means that even if you carry mesh devices on you while walking around, people sniffing mesh packets cannot track you.
  • Bluetooth® Mesh Certificate-based Provisioning increases security and enables bulk device onboarding by adding certificates to the device provisioning process.

What kinds of security attacks is Bluetooth® Mesh networking designed to prevent?

  • Brute-force attacks are prevented by using 128-bit keys, and a minimum of 64-bit authentication on every single packet.
  • Replay attacks are prevented by using fresh sequence numbers of every packet sent and checking those on every packet received.
  • Man-in-the-middle attacks are prevented using ECDH cryptography during provisioning with out-of-band authentication.
  • Trashcan attacks are prevented using a key-refresh procedure, allowing keys in all remaining devices and blacklisting the removed/broken devices. Should someone disassemble a thrown-out device, it can’t reveal any security information.
  • Physically insecure device attacks are prevented by allowing devices in an insecure location to have separate keys to those in a physically secure location. This prevents someone from attacking a doorbell and sending a message to unlock the door.
  • Visitor attacks are prevented by giving guests and visitors temporary and limited access to the network using a separate set of keys. These guest keys have a limited lifetime.

Do I lose privacy when using a Bluetooth® Mesh network?

No, every mesh packet is obfuscated to protect the user’s identity. An attacker listening to mesh packets cannot determine which device sent that message since there are no identifying values, such as the source or destination address. Each time a message is relayed, this obfuscated information is changed, removing the ability to track message flow.

What happens if my neighbors also have a Bluetooth® Mesh network?

Each mesh packet includes a small identifier that determines which network the mesh packet belongs to. A device in one mesh network can’t decrypt or authenticate mesh packets from another mesh network, and it will never relay those messages. Each mesh network is completely isolated.

Reliability Questions

How do I know if nodes on my Bluetooth® Mesh network stop working?

Nodes on a Bluetooth® Mesh network send out a heartbeat message. In addition, there is a mandatory Health model that allows devices to send out fault information. For example, if a device overheats, it sends an “overheating fault” message.

Is traffic affected if nodes break?

No, nodes relaying messages that stop working will not stop the network. Flood message relay creates an inherently self-healing network, as messages are sent through multiple routes at the same time.

NOTICE: The Bluetooth SIG updated its Privacy Policy on 6 June 2024Learn more
 Get Help