BLE Mesh Overview(2)

BLE Mesh Overview (2)

Flooding:
     Each packet will broadcast to every node in the network until it reaches the target node(s).
Complemented by three types of addressing. “Unicast” (used during initial node set-up), “group”, and
“virtual” (primarily used by  device manufacturers to ‘label’their products).

     Of these, group addressing is the most applicableto everyday operation. A groupaddress is a multicast address which represents one or more elements in the network. The SIG has defined four “Fixed Group Addresses” named “All-proxies”, “All-friends”, “All-relays”, and “All-nodes”
to specifically address the types of nodes defined above.

      In addition to these group addresses, the installer will likely allocate dynamic group addresses
during configuration to reflect the physical mesh layout. For example, dynamic group addresses could be allocated to the lights in each room of a building.

     The specification includes several mechanisms to mitigate advertising and scanning channel congestion. The first is a “Time-To- Live” (TTL) counter that defines how many times a specific packet can be relayed – after a defined number of steps, the packet will not be relayed further.
The second congestion prevention mechanism is a message cache of transmitted packets. A packet can only arrive in the cache once it has circulated completely around the mesh – at which point it can safely be assumed that further transmission is unnecessary. An “optional relaying” feature also limits mesh congestion. By switching off relaying, nodes can receive packets but not
pass them on. Optional relaying adds complexity—because the designer must trade-off mesh flexibility against bandwidth consumption—but in doing so improves overall mesh performance.

Security :
    Provisioning is the process by which otherwise isolated devices become nodes on the mesh network and can be implemented via an app supported on a smartphone or tablet. The process follows five steps: Beaconing (indicating availability to join the mesh); Invitation (from the provisioning device); Public Key Exchange;Authentication; and Session Key Exchange (securing the
subsequent distribution of data to complete provisioning). The provisioning process implements a high degree of security. Thereafter, packets are end-to-end encrypted with AES-128, with privacy enhanced by additional AES-128 encryption between each relay (in part to hide the node addresses). In addition, procedures are included to periodically refresh the encryption keys, and to detect and repel “replay attacks”.


Ref:
      1. ULP Wireless Quarter 10-11
      2. nRF5 SDK for Mesh
      3. Introducing Bluetooth Mesh Networking
      4.How to build a wireless sensor-driven lighting control system based on Bluetooth mesh
         networking - Silvair
      5.2017 Introducing Bluetooth Mesh
      6.Le IoT 想想物聯網 - mesh network topology of BLE 介紹 (1) - Star & Mesh Topology 簡介