Leveraging Near Field Communication (NFC) to Connect with BLE Smart Sensors

Support for low energy (LE) data exchanges is included in the Bluetooth® specifications from version 4.0 forward. Designed to support communication at data rates up to 1 Mbit/s over distances of up to about 50 meters, which is longer than the typical Bluetooth range of about 10 - 30 meters, Bluetooth Low Energy (BLE) has strong credentials for connecting devices in the Internet of Things (IoT).

Devices may implement only the BLE part of the Bluetooth specification, and as such are known as Bluetooth Smart. This is an ideal economical and power-conscious implementation for smart objects such as IoT endpoints. On the other hand, devices such as smartphones and tablets that support the full Bluetooth specifications – not only LE but also basic rate and enhanced data rate (BR/EDR) up to 3 Mbit/s (now known as Bluetooth Classic) - can interact with Bluetooth Smart devices and are referred to as Bluetooth Smart ready.

All smartphones marketed since late 2011 are Smart ready. This enables developers to rely on the fact that a large population of potential users already owns a device for interacting with their products. These can be consumer products, such as smart lighting or environmental sensors in the home, or equipment like smart sensors or machinery in an industrial context. Industrial users may interact using their own devices where authorized by a company BYOD (bring your own device) policy, or using a designated handset or tablet.

Ideal connectivity for smart objects?

In addition to its easy interoperability, BLE has several other important strengths as a connectivity technology for Smart objects. The circuitry and protocol can be implemented at low cost, and suitable software APIs are readily available for Windows, Apple and Android devices. Small data packets, short receive and transmit windows, and a power scheme designed to maximize the time the radio spends in idle mode, all contribute to extremely low energy demand and allow BLE devices to operate for periods of several months or more from a small coin cell.

On the other hand, pairing Bluetooth devices is widely regarded by consumers as a difficult process that can be time-consuming and somewhat “hit or miss”. Users trying to connect an accessory to their phone often need to refer to the manual to understand how to make the new device discoverable. Pairing can often take several attempts, and security can be compromised because few users change the factory default passkey to a number that potential hackers cannot guess easily.

This process is difficult enough when the equipment has its own user input devices like buttons or switches, however basic these may be. In a device like an IoT smart sensor, which may be completely headless, it can be even more difficult.

Pairing with headless objects

To help overcome pairing difficulties, the Bluetooth SIG introduced secure simple pairing (SSP) from Bluetooth 2.0 onwards. SSP specifies four association models, which include just works, numeric comparison, passkey entry, and out-of-band (OOB). Passkey entry and numeric comparison require the user to enter a code or confirm that two codes are identical. OOB is the most suitable model for connecting headless devices that have no user interface. Just Works pairing uses the same protocol as numeric comparison but requires no user confirmation. Although this could be used to pair a device with no user interface keys or display, it provides no protection against man in the middle security attacks. OOB pairing uses information that has been securely shared previously in place of a key for passkey entry.

Near field communication (NFC) can be used to share the data needed for OOB pairing, and thus provides a convenient and secure means of establishing Bluetooth connections. NFC pairing is already supported natively in popular mobile operating systems, and has greatly simplified use for consumers by allowing “tap to pair” convenience when introducing new accessories like a headset or speakers to a smartphone.

Taking advantage of built-in security provisions, NFC can be used to aid Bluetooth pairing of smart sensors without trading away any of the advantages of ubiquity that come with the widespread native BLE support on smartphones and tablets.

In addition to helping introduce new devices to the network securely, NFC can help facilitate other interactions with headless IoT devices. Some examples include removing a device from the network, replacing an old device with a new one, and sending configuration data or retrieving information when the Bluetooth connection is not active. NFC also provides a means of waking a device that has been fully powered down to maximize battery life, and helping it connect to a Bluetooth network.

Kickstarting the pairing process with NFC

Because a passive NFC tag can communicate with a reader when the host system is powered down, data such as the network parameters and passkey needed to connect the device securely can be transferred to the device before it is powered up for the first time. This can be done by tapping the new device against an NFC-enabled smartphone or a gateway device such as a home automation hub. When the object is subsequently powered up, it can use the key to connect with the network and establish secure communication. The key is then deleted from the tag for security purposes to prevent interception by a third party. Similarly, an NFC-enabled smartphone registered with the device can be used to connect headless devices to the network by tapping. Other commands such as resetting or decommissioning a device from the network can be accomplished the same way, and it is also possible to copy configuration settings from one device to another by tapping, aiding replacement or renewal of old equipment.

The short communication range of NFC aids both security and selectivity. Eavesdropping is very difficult when the unauthorized party needs to be physically present within a few centimeters of the equipment, and tapping allows the user to be quite sure that only the device to be connected has received the network key.

The Bluetooth SIG and NFC Consortium have made provision for the two technologies to interoperate for purposes such as pairing devices and initiating communications to establish a Bluetooth connection. Not only do the current Bluetooth standards support OOB pairing to leverage the strengths of a standard like NFC, but also the NFC specification includes features for connecting devices to a network such as Bluetooth or Wi-Fi. There is also a protocol for connection handover, which allows a graceful transfer to Bluetooth immediately after pairing.

These features included in the two specifications allow NFC to be used for several purposes, including selecting a Bluetooth device, initiating a secure connection to a Bluetooth device, or starting an application on a Bluetooth device.

NFC simplifies device selection by eliminating the Bluetooth discovery procedure, which can require the user to select the desired device manually from a list containing any other devices within range. In this case, NFC allows the Bluetooth address to be captured directly from the tapped device.

When using SSP OOB pairing to connect a Bluetooth device, NFC can be used to communicate the temporary key needed by BLE devices during the process. The key is included in the payload of a standard NDEF (NFC data exchange format) message. After the OOB data has been exchanged, developers can take advantage of other features included in the Bluetooth specification to minimize the time to finish setting up the connection. One example is the support for fast connection establishment, which is included in the generic access profile (GAP). The GAP defines the procedures for Bluetooth devices to advertise, find each other, connect, and handle security.

The application document Bluetooth® Secure Simple Pairing Using NFC, published jointly by the NFC Forum and Bluetooth SIG, provides in-depth information about the interactions between devices and the handover mechanisms between NFC and Bluetooth.

All-in-one module simplifies design

To implement NFC pairing and NFC triggered host wake-up, the device must have both NFC tag and BLE functionality. While these could be implemented as separate ICs, an integrated solution combining BLE and NFC suitable for IoT devices offers a smaller and potentially more power-conscious solution. An example is the Panasonic PAN1761 BLE/NFC combination module, which combines a single mode BLE chip and NFC Forum type 3 compliant tag in a small outline surface-mount package. Having its own ARM® Cortex®-M3 microcontroller on-board and 512 KBit EEPROM, the module can execute code such as a smart sensor application, as well as performing the Bluetooth and NFC functionality. The device has a zero-power standby mode, allowing the application to benefit from long battery life. It can be reactivated when necessary using an NFC scanner, and automatically initiate a Bluetooth connection.

The module is built using a combined BLE/NFC IC by Toshiba, and contains the Toshiba Bluetooth stack with support for GAP and the BLE generic attributes (GATT) profile on the chip. The GAP supports both central and peripheral roles, allowing the PAN1761 to be used either in gateway devices or in smart objects to be connected to a gateway. Standard BLE profiles are available for integration into the application code.

Registering for the Toshiba Bluetooth developer zone provides access to the supporting software development kit (SDK), which includes the Toshiba pairing over NFC package. This simplifies OOB pairing using NFC by providing application source code and a "pairing via NFC" library for the on-board Cortex-M3 processor. There is also an Android demo app with source code, and an application note about the concept of out-of-band pairing. A high-level BLE API that provides all the module function drivers (Figure 1), helps implement setup, connection and data transfer.

Figure 1: A high-level API helps developers exercise the PAN1761.

The PAN1761 module combines the BLE/NFC IC and EEPROM with a 26 MHz crystal and a Bluetooth antenna and filter, as shown in Figure 2. An external NFC antenna is required. An online design tool, “Panasonic NFC design navigator”, is available to help engineers develop the antenna design and ensure correct pathways and PCB layout.

Figure 2: The PAN1761 simplifies circuit design and saves board space and BOM cost. Layout and antenna design guidelines are provided.

Conclusion

NFC can help solve the challenges surrounding connecting tiny, low-power industrial smart sensors, with little or no user interface, to a Bluetooth network. The Bluetooth SIG and NFC Forum have cooperated to make provision for NFC assisted pairing, including support for connection handover in the NFC specification and OOB pairing in the BLE specification. A combined BLE/NFC tag module streamlines this solution by combining these two technologies in one device. The supporting SDK provides the software developers what they need to start pairing headless devices quickly.