How to check CS procudure used by controller in BLE Channel sounding security

Hi, I am using an external host with NRF54l!5 dk to test the channel sounding feature.

Can you tell me how the NRF controller supports this Cs procedure and whether the controller sends any event to the host so that security levels can be checked? Also, i want to set this security level. I tried searching in the NRF code, but can you help me locate how sample examples have set the security level. And how can we check that the particular security level is using the required cs procedure

Parents

0 Thomas Johansen 20 days ago

Hi,

Channel Sounding Security level is not set anywhere, but instead implicitly selected via the parameters used to run the requested procedure. As seen in the support status of the Channel Sounding documentation: https://docs.nordicsemi.com/bundle/ncs-latest/page/nrfxlib/softdevice_controller/doc/channel_sounding.html#support_status, 10ns RTT accuracy is not supported.

This means that the security level is implicitly 2 if you use RTT (Mode-1 or Mode-3) in the procedure parameters and otherwise 1 (since you need to use RTT to have the 150ns RTT requirement met).

In order to check security level you have to compare the selected configuration and supported features of both devices.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Abhinav152 4 days ago in reply to Thomas Johansen

Hi, thanks for the clarification. Could you please highlight which parameters will be used to decide the Security level. ?It would be really helpful.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Thomas Johansen 3 hours ago in reply to Abhinav152
Hi again,

In Vol 3, Part C, Section 10.11.1 of the 6.0 core specification, the following is stated for each security level:

Either CS tone or CS RTT

150 ns CS RTT accuracy and CS tones

10 ns CS RTT accuracy and CS tones

Level 3 with the addition of CS RTT sounding sequence or random sequence payloads, and support of the Normalized Attack Detector Metric requirements as described in [Vol 6] Part H, Section 3.5.1.

Security level is decided by RTT accuracy, NADM support and if the RTT measurements include a payload or not. Since all of these parameters require you to use RTT, the security level also requires that main-mode or sub-mode for the procedure contains RTT measurements (Mode-1 or Mode-3)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Thomas Johansen 3 hours ago in reply to Abhinav152
Hi again,

In Vol 3, Part C, Section 10.11.1 of the 6.0 core specification, the following is stated for each security level:

Either CS tone or CS RTT

150 ns CS RTT accuracy and CS tones

10 ns CS RTT accuracy and CS tones

Level 3 with the addition of CS RTT sounding sequence or random sequence payloads, and support of the Normalized Attack Detector Metric requirements as described in [Vol 6] Part H, Section 3.5.1.

Security level is decided by RTT accuracy, NADM support and if the RTT measurements include a payload or not. Since all of these parameters require you to use RTT, the security level also requires that main-mode or sub-mode for the procedure contains RTT measurements (Mode-1 or Mode-3)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data