Embedded Security Software Architecture

BGN-ESSA compliments the BGN Secure Automation Tool (BGN-SAT) to provide best-in-class, open-source security functionality to your applications. The BGN-ESSA is based on Yocto and integrates Mender.io to deliver highly secure and robust applications with OTA update capability. Engineers can quickly improve their application’s security functions, enhance productivity with simple integration, and take advantage of cybersecurity industry best-practices.

Built on the tenets of BG Networks’ SNAPTM philosophy, the BGN-ESSA ensures your design is highly secure, processor resource efficient, easy to implement, and accessible to update for the lifecycle of your products.

Key Features

  • Extend the hardware root of trust so only trusted code will boot and run
  • Encrypt application code and data to protect sensitive information
  • Integrate a software update manager so vulnerabilities can be fixed in the field
  • Reduce development time by integrating security related files into Yocto builds
  • Provide a secure foundation to build additional security controls
  • Combine with BGN-SAT to generate compatible signed and encrypted files
BGN-ESSA Architecture Stack

Technical Specifications

The BGN-ESSA is Linux based and when used in conjunction with the BGN-SAT will support:

  • Hardware root of trust extended to the Linux rootfs and software application layer.
  • Configuration of Linux Device Mapper (DM) cryptographic functions. 
  • Use of AES-XTS and HMAC-SHA256 cryptographic algorithms.
  • Over-the-Air (OTA) software update support based on Mender which include:
    • Client-server authentication using RSA signatures & JSON Web Tokens (JWT)
    • Software updates sent over an encrypted channel (HTTPS)
    • Software updates authenticated using RSA signatures

Latest Insight

We’d Love For You to Try Our Tools

Request a Free Download and Demo of Our Security Automation Tools