Category: BleuIO firmware updates

Security Modes/Levels of a BLE Connection

Posted on by BleuIO

Protection of private information is essential for every wireless low energy device, from fitness bands to payment systems. Privacy mechanisms prevent devices from being tracked by untrusted devices.

Secure communications keep data safe while also preventing unauthorized devices from injecting data to trigger the system’s unintended operation.

In Bluetooth Low Energy (BLE), devices connected to a link can pass sensitive data by setting up a secure encrypted connection, which means making the data unreadable to all but the Bluetooth master and slave devices. 

A BLE connection is said to operate at a specific Security mode. Within each mode are several security levels. The required security mode/level of a connection may change from time to time, leading to procedures to increase that level.

To keep it simple, when two devices that initially do not have security wish to do something that requires security, the devices must pair first. This process could be triggered, for example, by a central device that is attempting to access a data value (a “characteristic”) on a peripheral device that requires authenticated access. 

Pairing involves authenticating the identity of two devices, encrypting the link using a Short-Term Key (STKs), and then distributing Long-Term Keys (LTKs) (for faster reconnection in the future, i.e., bonding) used for encryption.

The new security level of the connection is based on the method of pairing performed and this is selected based on the I/O capabilities of each device. The security level of any subsequent reconnections is based on the level achieved during the initial pairing.

Each device’s role is defined in the Security Manager (SM) portion of the BLE stack. They are:

  • Initiator: Always corresponds to the Link Layer Master and the GAP central.
  • Responder: Always corresponds to the Link Layer Slave and the GAP peripheral.

Security by means of encryption contains four levels

  • Level 1: No Security (No authentication and no encryption)
  • Level 2: Unauthenticated pairing with encryption
  • Level 3: Authenticated pairing with encryption
  • Level 4: Authenticated LE Secure Connections pairing with encryption

BleuIO has introduced a security feature into its latest release (firmware v2.1.1 ) which handles all four security levels to establish a secure BLE connection. Users can now use Numeric Comparison, Just Works or Passkey Entry to make data transmission more secure when working with Bluetooth low energy applications using BleuIO. 

  • Numeric Comparison: In this scenario, both devices have a display unit capable of displaying a six-digit number. Both displays output the same number, and the user is asked to confirm that these numbers match. 
  • Passkey Entry: The Passkey Entry is primarily intended for the case that one device has a keyboard, but no display unit and the other device has at least a display unit, for example, a PC and a BLE keyboard scenario. The user is shown a six-digit number (from “000000” to “999999”) on the device with a display and then is asked to enter the number on the other device. If the value entered on the second device is correct, the pairing is successful.
  • Just Works: This model is primarily intended for the most constrained devices in I/O. The Just Works association model uses the Numeric Comparison protocol, but the user is never shown a number, and the application may ask the user to accept the connection. This method doesn’t offer protection against a Man in the Middle (MITM) attack, but it provides the same protection level against passive eavesdropping as the Numeric Comparison.

The table below is a reference for determining the pairing method based on the two devices I/O capabilities and each device’s role in the process.

Source : https://microchipdeveloper.com/wireless:ble-gap-security

Use the following AT commands to make your BLE connection more secure.

AT Commands :

  • AT+SETPASSKEY for setting or querying set passkey for passkey authentication.
  • AT+SECLVL for setting or querying minimum security level used when connected to other devices.
  • AT+NUMCOMPA accepts a numeric comparison authentication request or enables/disabling auto-accepting numeric comparisons.
  • AT+GAPADDRTYPE Sets or queries what address type the dongle will use. Changing address type cannot be done while advertising or while connected to other devices. Read more at https://www.bleuio.com/getting_started/docs/commands/#atgapaddrtype
Share this post on :

BleuIO Javascript library now supports firmware v2.1.0

Posted on by BleuIO

BleuIO Javascript library is updated and supports firmware version 2.1.0 

Now you can easily access all the BleuIO AT commands from web browser using this library.

Before starting to install our library, make sure you have Chrome 78 or later version installed on your system. You will also need to enable the #enable-experimental-web-platform-features flag in chrome://flags.
To do that, Open chrome://flags/#enable-experimental-web-platform-features in Google Chrome browser and enable this feature.

You can use chrome.serial to create web apps that can access the BleuIO AT commands easily using this library.

Now Install the library by running

npm i bleuio

npm automatically downloads and installs the most recent library on your system in the correct directory. To check that the installation went well, follow the simple readme file from

https://www.npmjs.com/package/bleuio

Follow this video if you find any difficulties.https://www.youtube.com/embed/MZfeV61gjeY?feature=oembed

Good luck on creating amazing Bluetooth Low Energy application using BleuIO

Share this post on :

Bleuio Firmware Update V2.0.9 – enables Device Information Service update

Posted on by BleuIO

BleuIO released a new firmware version 2.0.9 on November 05, 2021, introducing new features and enhancements to improve productivity. You can download the updated firmware from

https://www.bleuio.com/getting_started/docs/firmware/

Following features and AT commands has been added to this release 

Added features:

  • Added support to set the information in the Device Service Information (DIS). 

Added Commands

  • Added a new command AT+DIS, that is used to view current information used in the Device Information Service (DIS).
  • Added a new command AT+SETDIS that is used to set current information used in the Device Information Service (DIS).

What is Device information service?

Device information service exposes manufacturer and/or vendor information about a device. It is a very good way for the maker of equipment, software and hardware version control, production information disclosure. It is therefore recommended to include this Standard service defined by the Bluetooth SIG at the time of development.

Use the following AT command to set Device information service 

AT+SETDIS=<man_name>=<model_num>=<serial_num>=<hw_rev>=<fw_rev>=<sw_rev>

Manufacturer Name String

The Manufacturer Name String characteristic shall represent the name of the manufacturer of the device.

Model Number String

The Model Number String characteristic shall represent the model number that the device vendor assigns.

Serial Number String

The Serial Number String characteristic shall represent the serial number for a particular instance of the device.

Hardware Revision String

The Hardware Revision String characteristic shall represent the hardware revision for the hardware within the device.

Firmware Revision String

The Firmware Revision String characteristic shall represent the firmware revision for the firmware within the device.

Software Revision String

The software Revision String characteristic shall represent the software revision for the software within the device.

Note that information can only be set before starting advertising. If no custom information is set, the default BleuIO device information will be used. Once advertising is started, the information set to be used will be locked in and cannot be changed during runtime.

To change the device information again, the dongle will need to be restarted, either by unplugging it and plugging it back in or using the ATR command.

Max length is 100 characters per parameter.

Use the AT+DIS AT command to view current Device Information Service to be used. It Will show the default BleuIO information if no custom information has been set.

Share this post on :

Bleuio Firmware Update V2.0.8 with Indication and Notification

Posted on by BleuIO

BleuIO released a new firmware version 2.0.8 on October 22, 2021, introducing new features and enhancements to improve productivity. You can download the updated firmware from

https://www.bleuio.com/getting_started/docs/firmware/

Following features has been added to this release 

  • Added support for indication type notifications.
  • You now have more control over indications and notifications. Notifications and indications will only show if you have enabled them. An exception is when connecting to another BleuIO Dongle; it will still enable the required notifications used by the SPS service. You can manually disable them if you want with the AT+CLEARNOTI command.
  • Added a new command AT+SETINDI that will allow you to enable indications.
  • Added a new command AT+CLEARINDI that will allow you to disable indications.
  • Added a new command AT+NOTI that will show a list of enabled notifications and their connection.
  • Added a new command AT+INDI that will show a list of enabled indications and their connection.

Indications and Notifications

Indications and Notifications are a way for a GATT Client to subscribe to data provided by a GATT Server. A client has to configure Indications and Notifications for a characteristic’s value through its client characteristic configuration descriptor to get notified every time a characteristic’s value gets updated on the server.

  • Indications need to be acknowledged by the client. The server does not send the following indication until it gets the acknowledgement back from the client. The client sent a confirmation message back to the server; this way server knows that message reached the client. Hence communication via indications is slower.
  • Notifications don’t need to be acknowledged, so they are faster. Hence, the server does not know if the message reaches the client.

Indications and Notifications are essential mechanisms for receiving server-side data because they are the only and fastest mechanisms for receiving asynchronous server-side updates. Since Bluetooth Low Energy was designed to be energy efficient, this asynchronous method of receiving updates prevents continuous polling of the server by the client and, hence, is a huge energy saver too.

Share this post on :

Bleuio Firmware Update V2.0.7

Posted on by BleuIO

A new firmware update v 2.0.7 has been released for BleuIO and Smart USB Dongle 2.0. You can download the updated firmware from
 https://www.bleuio.com/getting_started/docs/firmware/

Bugfixes:

  • Problem sending over 99 bytes using AT-commands “AT+GATTCWRITEB” and “AT+GATTCWRITEWRB” resulted in an unexpected behaviour. 

To meet the demands of users, the BleuIO team will continue to update and add new features. To find out more about the updates of the dongles new firmware 2.0.7, please visit our Getting Started Guide

Share this post on :

Update BlueIO firmware using RaspberryPi

Posted on by BleuIO

The BleuIO comes with a bootloader to allow you to update the firmware or flash your own application to the dongle. To flash the dongle, you will need an image file containing the new firmware or your own application and a host USB loader application.

You can download the latest firmware, and host USB loader from our getting started guide.

This article will explain how to update a BleuIO dongle using a RaspberryPi.

Connect the BleuIO dongle to your Linux / RaspberryPi.

Dongle

To identify which device name the dongle is connected to, you will need to run ls /dev on the terminal.
You might need to do it twice, once before you connect the dongle and once after, to be able to identify which one is the device name.

The following screenshot shows devices list before and after connecting the dongle.

The BleuIO includes a bootloader that allows you to update the firmware easily. When starting up, the dongle will open up a COM port for the bootloader for 10 seconds to allow you to update the firmware (or flash your own application). Afterwards, it will close that port and open a new port for the BleuIO application. 

Now that you know the device name, you can run the following command to update the dongle. 

sudo ./host_usb_updater /dev/ttyACM0 ./example_firmware.img -verbose 

The /dev/ttyACM0 means USB-CDC driver of Linux.

NOTE: The device name may vary and may not be the same as in the picture above.

After running this command successfully, you will see Result: Pass on your terminal.  

Share this post on :

Bleuio Firmware Update V2.0.6

Posted on by BleuIO

A new firmware update v 2.0.6 has been released for BleuIO and Smart USB Dongle 2.0. You can download the updated firmware from
 https://www.bleuio.com/getting_started/docs/firmware/

Added features:

  • Added a new command AT+CLEARNOTI that will clear notification for the selected handle. For example AT+CLEARNOTI=0012
  • Updated command for AT+GAPCONNECT. Now you can set Connection interval,Slave latency,Connection supervision timeout while connecting to a peripheral. 

Understand BLE connection parameters

For a BLE connection, The connection parameters determine when and how the Central and a Peripheral in a link transmits data. The Central always sets the connection parameters; however, the Peripheral can send a Connection Parameter Update Request that the Central can accept or reject.

There are basically three different parameters:

Connection interval: Defines how often the Central will ask for data from the Peripheral. It contains minimum and maximum connection interval values. 

The parameter value has to be chosen with a balance of throughput and power consumption in mind. A high connection interval value (e.g. 4 seconds) will decrease power consumption and reduce data throughput, and vice versa.

Therefore, if you want to increase the data throughput, you can decrease the connection interval value, but keep in mind that this will also increase power consumption.

Slave latency: slave latency can be applied to help the peripheral (slave) device reduce power consumption further. This parameter is useful to avoid changing connection parameters frequently to achieve both high-speed data transfer and low power consumption when idle.

For example, suppose there is a 30 ms connection interval with a slave latency of 4. In that case, the connection can handle data transfers with 30 ms connection intervals, and when idle, it sends empty packets to keep the connection only once every 150 ms (on the slave side).

Connection supervision timeout: This timeout is determined from the last data exchange until a link is considered lost. A Central will not start trying to reconnect before the timeout has passed, so if you have a device that goes in and out of range often, and you need to notice when that happens, it might make sense to have a short timeout.

To meet the demands of users, the BleuIO team will continue to update and add new features. To find out more about the updates of the dongles new firmware 2.0.6, please visit our Getting Started Guide

Share this post on :

Bleuio Firmware Update V2.0.5

Posted on by BleuIO

Smart Sensor Devices is announcing a firmware update v2.0.5 for BleuIO and Smart USB dongle 2.0. We invite all the users to apply the updated firmware. The new firmware will be available to download on 2nd July 2021, at https://www.bleuio.com/getting_started/docs/firmware/

Added features:

  • Added a new command ATASPS that will allow you to choose if the SPS responses will be shown as ASCII or Hex. ASCII is shown by default at startup.

Bug fixes

  • Fixed a bug where if you sent more than 244 characters at once before sending a carriage return (or pressed Enter) the dongle would restart.

To meet the demands of users, the BleuIO team will continue to update and add new features. To find out more about the updates of the dongles new firmware 2.0.5, please visit our Getting Started Guide

Share this post on :

Bleuio Firmware Update V2.0.4

Posted on by BleuIO

Smart Sensor Devices is announcing a firmware update v2.0.4 for BleuIO and Smart USB dongle 2.0. We invite all the users to apply the updated firmware. The new firmware will be available to download on 21st May 2021, at https://www.bleuio.com/getting_started/docs/firmware/

Added features:

  • Added two new AT command for writing without response. AT+GATTCWRITEWR for ASCII and AT+GATTCWRITEWRB for hex.
  • Added a new command AT+GETSERVICESONLY that will discover only all the services of the connected peripherals.
  • Added a new command AT+GETSERVICEDETAILS that will discover all the characteristics and descriptors of a selected service. Must run AT+GETSERVICESONLY command first to get the service handle.

To meet the demands of users, the BleuIO team will continue to update and add new features. To find out more about the updates of the dongles new firmware 2.0.4, please visit our Getting Started Guide

Share this post on :

BleuIO Firmware v2.0.3 is now available

Posted on by BleuIO

Smart Sensor Devices is announcing a firmware update v2.0.3 for BleuIO and Smart USB dongle 2.0. We invite all the users to apply the updated firmware. The new firmware will be available to download at https://www.bleuio.com/getting_started/docs/firmware/

Added features:

  • Added new AT command ATDS that turns on (ATDS0) or turns off (ATDS1) auto-discovery of services from the device you are connecting to or when you’re in DUAL mode, and a device connects to you. Auto discovers services are on by default.
  • Added a new command AT+GAPDISCONNECTALL that disconnects all current connections.

Bug fixes

  • Fixed a bug where the services that were being auto-discovered upon a connection event was from the connection set in target connection instead of the current connection.
  • Fixed a bug where you had to put a small timeout between the actual command and the carriage return (‘\r’) to run a command when using scripts to communicate with the dongle. You should now be able to send the command and the return character at the same time.
  • Updated the response from a successful AT+GAPDISCONNECT command. It should now reply with a ‘handle_evt_gap_disconnected: conn_idx=conn_idx address=mac_address_of_disconnected_device.’ and then the ‘DISCONNECTED.’ line for easily discerning which device has been disconnected.

To meet the demands of users, the BleuIO team will continue to update and add new features. To find out more about the updates of the dongles new firmware 2.0.3, please visit our Getting Started Guide

Share this post on :