Various types of wireless communications systems are characterized by the distances that they can travel. Short distances are conveniently spanned using Bluetooth technology, occupying the radio frequency spectrum from 2.4 to 2.485 GHz. Bluetooth was originally developed to replace RS-232 cabling and it is used to link fixed and mobile devices. It has become ubiquitous in home and office for wireless communication between PC input and output devices, such as mouse, keyboard and printer. It has numerous applications, primarily indoors because walls and solid objects can cause fading. The Bluetooth Core Specification defines a minimum range of 33 ft., but longer distances are possible in clear indoor spans.
Bluetooth is administered (in accordance with a network of patents) by the Bluetooth Special Interests Group, of which there are over 30,000 member companies. Manufacturers are required to meet Bluetooth Special Interest Group standards to market products as Bluetooth equipment displaying the distinctive logo.
Bluetooth, like many other protocols, divides data to be transmitted into packets and conveys them using frequency-hopping spread spectrum. Each packet is transmitted on one of 79 Bluetooth channels, each having one-megahertz bandwidth. About 800 of these frequency hops take place per second.
Bluetooth, like many protocols and bus types, conforms to a master-slave architecture. Each master communicates with as many as seven slaves. The master, included in its transmission, provides the clock for whatever slaves are currently at the receiving end. Master and slave routinely reverse roles, and this behavior is common in headset/phone communication.
The basic test gear needed for Bluetooth testing consists of a spectrum analyzer. For basic tests of a Bluetooth module’s output, the usual practice is to put the Bluetooth module in a test mode that disables frequency hopping as a way to get a stable easier-to-measure RF signal. Then tests can be run on a few of the module’s advertising channels to measure frequency and power output.
One difficulty with the basic test setup outlined above is that there’s no way to measure modulation qualities of the Bluetooth signal. And, of course, it generally can’t generate a Bluetooth signal to gauge qualities of a Bluetooth receiver.
There are specialized Bluetooth testers that can execute more thorough examinations of Bluetooth gear. They run tests as spelled out in the Bluetooth RF Test Specification. They typically put Bluetooth equipment through test cases for parameters such as basic data rates and effective data rates (EDR) as well as for low-energy scenarios. There are also audio tests involved for synchronous connection-oriented (SCO) radio links and continuously variable slope delta modulation (CVSD or CVSDM) voice coding schemes, and checks involving µ-Law and A-Law companding algorithms. Read-outs take the form of graphical traces of modulation, power ramp, individual channel measurements, receiver sensitivity search, and so forth.
Thorough tests of Bluetooth and other wireless protocols can also make use of specialized wireless test sets. These typically take the form of a rack-mounted chassis containing multiple transmit/receive channels. Each channel consists of a complete vector signal analyzer/vector signal generator (VSA/VSG) instrument. Because there is a lot of commonality among modern wireless protocols, wireless test sets generally handle all the widely used standards such as WiMAXT, LTE, NFC, WLAN, Bluetooth, UWB, zigbee, and others. The different test regimes necessary to handle specific wireless protocols are dialed up by running software packages written for the protocol of interest.
For example, Keysight puts out an N9081A Bluetooth measurement application that runs inside Keysight PXA, MXA, and EXA signal analyzers and VXT PXIe vector transceivers. It makes transmitter measurements of combined output power (basic rate or low energy) or EDR relative power. It will also check modulation qualities that include deviation, initial carrier frequency tolerance (ICFT), carrier frequency drift, EDR frequency stability and EDR modulation accuracy. Other measurements include output spectrum bandwidth, adjacent-channel power and EDR in-band spurious emissions.
Bluetooth is one of the communication schemes lumped under the term Personal Area Networks (PANs). They interconnect devices that are in close proximity, typically at the user’s desk. A recent trend has been greater integration of PAN WiFi devices in individual consumer equipment. The latest PC operating systems are PAN-configurable with minimal effort.
Wireless Local Area Networks (WLANs) are confined to one building or two or more buildings campus style, generally under single ownership. Most modern WLANs are based on IEEE 802.11 standards and are marketed under the Wi-Fi brand name. The Wi-Fi trademark is the intellectual property of the WiFi Alliance. The WiFi certified label may be affixed to only those products that have passed interoperability examination.
Newer Wi-Fi WLANs follow 802.11n which operates in both the 2.4 GHz and 5 GHz bands at a maximum data transfer rate of 600 Mbit/sec. Known as dualband, this feature allows data communications to avoid the crowded 2.4 GHz band shared with Bluetooth and microwave ovens. The 5-GHz band is also wider than the 2.4 GHz band, with more channels, which permits a greater number of devices to share the space.
A wireless network organized as radio outlets in mesh topology is known as a wireless ad hoc network (WANET). The network is ad hoc because it does not rely on a pre-wired infrastructure, such as routers in wired networks or access points in managed wireless networks. Instead, each node participates in routing by forwarding data for other nodes, so the decision about which nodes forward data takes place dynamically based on network connectivity and the routing algorithm. If a node happens to lose ac power, the rest of the system can work around the lost member.
The ubiquitous nature of Wi-Fi has led to the development of many tools for analyzing Wi-Fi networks. A lot of these are aimed at diagnosing operational problems or checking for network hacking. Many Wi-Fi test tools take the form of software that runs on a laptop and uses the internal laptop Wi-Fi. But there are also numerous hand-held Wi-Fi analyzers. Netscout, for example, makes one called the AirCheck Wi-Fi Tester ($2,000). It can be used alone or connected to a PC to view captured data. Its screen can display a list of nearby networks, showing just one entry for each SSID, the 32-character unique identifier attached to the header of packets sent over a WLAN which acts as a password when a mobile device tries to connect.
The Netscout meter also functions like a spectrum analyzer, reading out noise levels and signal-to-noise ratio for access points. The meter includes an RF generator so it can connect to networks to perform connection tests and pings.
One of the less-expensive hand-held tools for Wi-Fi testing is the WiFi Pineapple Mark V ($99) from Hak5 LLC in San Francisco. It’s basically a wireless router with features added for Wi-Fi monitoring, packet injection, and similar endeavors.
The unit includes a MicroSD slot with a 4GB card for storing and transferring saved data. There are expansion headers for interfacing with an Arduino-based hardware development kit over GPIO and leads for a TTL serial connection, useful for accessing the terminal shell on a PC, debugging, or other connections.
Inside the unit are dual integrated radios custom built for advanced wireless attacks. This lets the Pineapple do tasks such as recons of Wi-Fi access points and clients. Also possible are penetration testing attacks and demonstrations such as setting up a honey-pot, intercepting and injecting wireless traffic, performing DNS spoofing or IP redirection, and substitution of executables in transit.