I recently found this document: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-121r2.pdf , Guide to Bluetooth Security from NIST.
Unfortunately, there is nothing described w.r.t.actual protection of the communication other than AES-CCM is used. I am asking myself wether the BLE (v.4.2) communication is actually secured against replay-attacks.
BLE v4.2 Should be secure against replay attacks, but not secure against MitM attacks.
According to this post, it uses a counter along with signatures to stop replay attacks.
However, BLE v4.2 still (to my understanding) is vulnerable to MitM attacks, this post mentions that the attacks from WOOT 2013 still apply to Bluetooth 4.2.
This article talks about the security enhancements of BLE v4.2 over 4.1 and two possible attacks on Bluetooth 4.2.
There are also new attacks against Bluetooth user devices which have been discovered in the past month which I recommend taking a look at (both are :
