• State Not Answered
  • Replies 7 replies
  • Subscribers 75 subscribers
  • Views 2019 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 240848
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How vulnerable is Bluetooth for Industry 4.0? Any use cases to help get confidence?

Riyaz

We are building a solution for a large OEM where we have BLE tags on inventory trolleys and employees. When the trolley is empty, the BLE tag on the trolley would send a notification to the central via Bluetooth. This would then use WiFi to send the data to the MQTT server. This data would be then sent to the application server, where the decision matrix would send messages to the concerned persons/departments for further actions.

Simple??

Yes, but the OEM is concerned about spoofers, hijacking on the BLE packets and sending undesired packets. Has anyone answered this question and if yes, how?

  • 0 in reply to Riyaz

    I am afraid that we do not have any certificate covering the RFC6238 or similar solutions. We cant really comment on any encryption algorithm or solution that we have not implemented our selves. 

    It is possible to set up a whitelist when a Bluetooth Low Energy central is scanning, i.e. that it will only process advertisment packets from devices who's address match an entry in the whitelist. However, if the content of the advertisment packet is encrypted and the encryption algorithm is considered safe by for instance NIST, then spoofing and hijacking should not be a concern.

    The only way I see that one can avoid spoofing is to use random resolvable addresses and let the tags connect and bond with the central. The tags will then change their address regularly, making spoofing more difficult and the central would then use the Identity Resolving Key(IRK) to identify the tag from its list of bonded peers.   

    Best regards

    Bjørn

  • 0 in reply to bjorn-spockeli

    Dear Bob,

    Thank you! that helped.

    regards,

    Riyaz

Related
Terms of service