在没有已发布的GATT配置文件的情况下解释来自BLE设备的数据
[英]Interpretting data from a BLE device without a published GATT profile
问题描述
As a 3rd party is there a viable way to correctly interpret data from a Bluetooth Low Energy device for which there is not a published GATT profile specification? 
作为第三方,是否有一种可行的方法可以正确解释蓝牙低功耗设备中没有已发布的GATT配置文件规范的数据?
The BLE device is a body scale that supports weight, BMI, body fat, and hydration level. BLE装置是一种体重秤,可支持体重,体重指数,体脂和水合程度。 My understanding is that there is no adopted GATT profile for body scales like there are for, say, blood pressure devices or heart rate monitors ( https://developer.bluetooth.org/gatt/profiles/Pages/ProfilesHome.aspx ). 我的理解是,没有采用GATT身体尺度的配置文件,例如血压设备或心率监测器( https://developer.bluetooth.org/gatt/profiles/Pages/ProfilesHome.aspx )。
Using the following tools: 使用以下工具:
- iPod (iOS 6.1.3) with various BLE utility apps (Ti BLE Multitool, LightBlue, and BLE Utility) 带有各种BLE实用程序应用程序的iPod(iOS 6.1.3)(Ti BLE Multitool,LightBlue和BLE Utility)
- Android (4.3) tablet (Dell Venue 8 3830) with nRF Master Control Panel, plus a custom Xamarin developed solution 带有nRF主控制面板的Android(4.3)平板电脑(戴尔Venue 8 3830),以及定制的Xamarin开发解决方案
I can scan for, locate, connect to, and read the GATT services available on the scale. 我可以扫描,定位,连接和阅读规模上可用的GATT服务。 All of the above tools give me the same service information. 以上所有工具都为我提供了相同的服务信息。 There are 5 services discovered on the scale: 在规模上发现了5项服务:
- Generic Access (0x1800) 通用访问(0x1800)
- Generic Attribute (0x1801) 通用属性(0x1801)
- Device Information (0x180A) 设备信息(0x180A)
- Battery Service (0x180F) 电池服务(0x180F)
- An unknown service with a custom 128-bit UUID 具有自定义128位UUID的未知服务
All of the above tools are able to read from the known services, like retrieving the battery information or the device name. 所有上述工具都能够从已知服务中读取,例如检索电池信息或设备名称。 My assumption is that the unknown service with the custom UUID is the service that provides the scale data. 我的假设是具有自定义UUID的未知服务是提供比例数据的服务。
This service has 5 unknown characteristics with custom UUIDs: 此服务具有5个未知特征,具有自定义UUID:
- Characteristic 1 is Read/Write 特征1是读/写
- Characteristic 2 is Read 特征2是Read
- Characteristic 3 is Read/Write 特征3是读/写
- Characteristic 4 is Notify 特征4是通知
- Characteristic 5 is Read 特征5是Read
Using the tools that were specified above to read from characteristics 1, 2, and 3, each returns it's own value, but that value never changes. 使用上面指定的工具从特征1,2和3中读取,每个工具都返回它自己的值,但该值永远不会改变。 For example, a read of characteristic 1 always returns a value of 20 octets 0x01-0x05-0x06-0x07-0x08-and 15 0x00 octets. 例如,读取特征1总是返回20个八位字节0x01-0x05-0x06-0x07-0x08和15个0x00个八位字节的值。 Subsequent reads of characteristic 1 always return that value. 特征1的后续读取始终返回该值。 Characteristic 2 reads always return a value of 20 octets 0x02-and 19 0x00 octets. 特征2读取总是返回20个八位字节0x02和19 0x00个八位字节的值。 And so on. 等等。
Reading characteristic 5 appears to either not return a value, or more commonly on Android, issue a pairing request. 阅读特征5似乎不返回值,或者更常见于Android,发出配对请求。 No common pairing code (like 0000 or 1234, etc.) is valid. 没有共同的配对代码(如0000或1234等)有效。
Characteristic 4 appears to be what actually transmits the scale data. 特征4似乎是实际传输比例数据的内容。 Using the tools above I can enable notifications and the applications retrieve 13 octets. 使用上面的工具,我可以启用通知,应用程序检索13个八位字节。 For example: 例如:
- FF-16-09-00-03-04-01-00-83-6F-F4-18-0F FF-16-09-00-03-04-01-00-83-6F-F4-18-0F
- FF-16-09-00-03-04-01-00-3E-88-F4-18-E3 FF-16-09-00-03-04-01-00-3E-88-F4-18-E3
- FF-16-09-00-03-04-01-00-C8-89-F4-18-6E FF-16-09-00-03-04-01-00-C8-89-F4-18-6E
Obviously all of those values begin with the same set of octets. 显然,所有这些值都以相同的八位组开头。 The main problem though is what do those octets represent and how do they translate to weight/bmi/hydration/body fat values, if in fact they do at all. 然而,主要的问题是这些八位字节代表什么,它们如何转化为体重/体重/水合/体脂值,如果事实上它们根本就是这样。
The scale is built with the Ti CC2541 chip ( http://www.ti.com/product/cc2541 ). 该秤采用Ti CC2541芯片( http://www.ti.com/product/cc2541 )构建。
Using Ti's SmartRF Protocol Packet Sniffer along with the CC2540 USB Evaluation Module Kit I can capture packets going between an iPhone 5S (iOS 7.1) and the scale. 使用Ti的SmartRF协议数据包嗅探器和CC2540 USB评估模块套件,我可以捕获iPhone 5S(iOS 7.1)和规模之间的数据包。 This has provided some additional insight, but mostly just shows what I've already observed using the other tools, though albeit it at a lower level. 这提供了一些额外的见解,但大多只是显示我已经使用其他工具观察到的内容,尽管它处于较低级别。 Any additional information provided by the packet sniffer still leads back to the same question: what do these sets of octets the scale is sending represent and how do they translate to weight/bmi/etc? 数据包嗅探器提供的任何其他信息仍然会回到同一个问题:规模发送的这些八位字节集代表什么,它们如何转换为weight / bmi / etc? I've utilized the Bluetooth Core Specification documentation and that has helped to understand what octets for standard functionality mean/do, but that isn't helping understand the actual scale data. 我已经使用了蓝牙核心规范文档,这有助于理解标准功能的八位字节意味着/做什么,但这无助于理解实际的规模数据。
I'm very new to Bluetooth development and this exercise has basically resulted in a crash course in the technology. 我对蓝牙开发很新,这项练习基本上导致了技术的速成课程。 Any help is appreciated. 任何帮助表示赞赏。
Thanks. 谢谢。
1 个解决方案
解决方案1
1 2015-04-07 07:46:59
You must contact the manufacturer and ask for clarification about the custom service and characteristics. 您必须联系制造商并要求澄清定制服务和特性。
Characteristic 5 seems to have higher security settings, hence why it triggers pairing when you try to read it. 特征5似乎具有更高的安全设置,因此当您尝试读取它时它会触发配对。 Most likely contains some sensitive data. 最有可能包含一些敏感数据。
Characteristics 1,2,3 are likely for configuration, while 4 notifies the useful data. 特征1,2,3可能用于配置,而4则通知有用数据。
Since these are all custom, there's simply no way to find out what they mean without information from the manufacturer. 由于这些都是定制的,如果没有制造商提供的信息,根本无法找出它们的含义。
It's like you create your own "We're out of yogurt" notification profile... one can only guess by looking at the data. 这就像你创建自己的“我们没有酸奶”通知配置文件......人们只能通过查看数据来猜测。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.