SNAP Philosophy

BG Networks’ mission is to ensure every connected embedded device has the cybersecurity needed to keep IoT networks safe from cyber-attacks. We believe it is feasible to simplify the task of adding cybersecurity to IoT devices on a large scale. Our goal is to remove obstacles that prevent embedded engineers from including cybersecurity by making it quick, easy, and seamless.

By following the tenets of BG Networks’ SNAPTM philosophy, and using our Security Automation Tool (BGN-SAT) and Embedded Security Software Architecture (BGN-ESSA), we address the challenge of implementing cybersecurity by providing easy-to-use and time-saving tools for embedded engineers to implement complex security protocols without extensive training or expensive consultation.

Tenets of SNAP Philosophy

  1. Follow National Institute of Standards and Technology (NIST) IoT Device Cybersecurity Core Baseline.
  2. Leverage In-Silicon Cryptographic Security Features for greater efficiency.
  3. Implement Over-the-Air (OTA) Software Update capability for greater security.
  4. Utilize Linux Security Features for greater capability and extend root of trust.

NIST IoT Device Cybersecurity
Capability Core Baseline

In-Silicon Cryptographic Security Features

Processor semiconductor companies are continually improving cybersecurity features in embedded microprocessors and microcontrollers. These “in-silicon” features are extremely secure because they build on a hardware root of trust, store keys in secure memory, can monitor the state of security, and establish trusted execution environments based on ARM’s TrustZone. 

Compared to software-only approaches, BG Networks SAT takes advantage of these inherent security features by direct processor configuration and adding the necessary code/keys/signatures to the engineer’s software. This approach of using in-silicon hardware results in highly secure software with high levels of cryptographic data throughput, without sacrificing power consumption, or core processor MIPS.

Over-The-Air (OTA) Software Update

No system is 100% secure.  After deployment, security vulnerabilities are sure to be found, so software updates are critical.  Vulnerabilities discovered after the IoT devices are in the field can be remedied using OTA software updates. Security risks can be closed quickly and cost-effectively for large fleets of devices, even if they are remote.

BG Networks leverages open-source OTA update software and works with industry-leading companies to provide complete solutions. BG Networks’ Embedded Security Software Architecture integrates Mender.io, an open-source end-to-end robust and secure OTA software update manager that is easy to use and uses best-of-breed security technologies.

Linux Security Features

The Linux kernel has built-in security features that can be used to extend the hardware root of trust. The Device Mapper (DM) framework, provided by the kernel, supports security functions used to authenticate, confirm integrity, and encrypt application code stored in block-memories. BG Networks’ ESSA leverages these Linux security features to encrypt the rootfs, which contains Mender’s client software, and is authenticated during boot.

Latest Insight

We’d Love For You to Try Our Tools

Request a Free Download and Demo of Our Security Automation Tools