BG Networks’ vision is to enable IoT security everywhere.
By using our Security Tools and following our SNAPTM Philosophy, embedded engineers can help make that a reality.
BG Networks’ mission is to ensure every connected embedded device has the cybersecurity needed to keep IoT networks safe from cyber-attacks. We believe it is feasible to simplify the task of adding cybersecurity to IoT devices on a large scale. Our goal is to remove obstacles that prevent embedded engineers from including cybersecurity by making it quick, easy, and seamless.
By following the tenets of BG Networks’ SNAPTM philosophy, and using our Security Automation Tool (BGN-SAT) and Embedded Security Software Architecture (BGN-ESSA), we address the challenge of implementing cybersecurity by providing easy-to-use and time-saving tools for embedded engineers to implement complex security protocols without extensive training or expensive consultation.
Tenets of SNAP Philosophy
- Follow National Institute of Standards and Technology (NIST) IoT Device Cybersecurity Core Baseline.
- Leverage In-Silicon Cryptographic Security Features for greater efficiency.
- Implement Over-the-Air (OTA) Software Update capability for greater security.
- Utilize Linux Security Features for greater capability and extend root of trust.
In-Silicon Cryptographic Security Features
Processor semiconductor companies are continually improving cybersecurity features in embedded microprocessors and microcontrollers. These “in-silicon” features are extremely secure because they build on a hardware root of trust, store keys in secure memory, can monitor the state of security, and establish trusted execution environments based on ARM’s TrustZone.
Compared to software-only approaches, BG Networks SAT takes advantage of these inherent security features by direct processor configuration and adding the necessary code/keys/signatures to the engineer’s software. This approach of using in-silicon hardware results in highly secure software with high levels of cryptographic data throughput, without sacrificing power consumption, or core processor MIPS.
Over-The-Air (OTA) Software Update
No system is 100% secure. After deployment, security vulnerabilities are sure to be found, so software updates are critical. Vulnerabilities discovered after the IoT devices are in the field can be remedied using OTA software updates. Security risks can be closed quickly and cost-effectively for large fleets of devices, even if they are remote.
BG Networks leverages open-source OTA update software and works with industry-leading companies to provide complete solutions. BG Networks’ Embedded Security Software Architecture integrates Mender.io, an open-source end-to-end robust and secure OTA software update manager that is easy to use and uses best-of-breed security technologies.
Linux Security Features
The Linux kernel has built-in security features that can be used to extend the hardware root of trust. The Device Mapper (DM) framework, provided by the kernel, supports security functions used to authenticate, confirm integrity, and encrypt application code stored in block-memories. BG Networks’ ESSA leverages these Linux security features to encrypt the rootfs, which contains Mender’s client software, and is authenticated during boot.
- 8 Cybersecurity Steps When Designing an IoT Device: A ChecklistWhat is on your IoT Cybersecurity checklist? This question was posed by the folks at The Device Chronicle which led to a very interesting dialog. Below is a summary of that conversation discussing eight cybersecurity steps to consider when designing an IoT device. For additional information, check out our definitive IoT cybersecurity checklist on The… Read More »8 Cybersecurity Steps When Designing an IoT Device: A Checklist
We’d Love For You to Try Our Tools
Request a Free Download and Demo of Our Security Automation Tools