BG Networks’ Embedded Security Software Architecture (ESSA)
BG Networks’ ESSA, open-source software, helps to protect your IoT Linux applications from cyber-attacks by making it much easier to check authenticity, integrity and to protect sensitive information such as Personally Identifiable Information (PII).
ESSA is a collection of Yocto Linux scripts, recipes, and configurations that enhance cybersecurity for IoT devices, extends a hardware root of trust and integrates an OTA software update manager.
ESSA makes it easy for you to implement cybersecurity for your IoT devices. When used in conjunction with BG Networks’ Security Automation Tool (BGN-SAT) it will allow you to add critical IoT security features in days, not months.
Our goal is to remove the barriers of limited resources and time to adding cybersecurity to IoT.
Code Signing, Encryption and OTA
Engineers can quickly improve their application’s security functions, enhance productivity with simple integration, and take advantage of cybersecurity industry best practices.
ESSA can be used stand-alone or compliments the BGN-SAT to encrypt and sign your Linux root filesystem. It also integrates open-source secure Over-The-Air (OTA) update application software from Mender.io. Mender.io provides highly secure, robust, and easy-to-use OTA update capabilities.
ESSA Open Source Code
ESSA is available under a GNU Public License version 2 at our GitHub repository. The BGN-ESSA is Linux based and will support:
- Hardware root of trust extended to the Linux rootfs and software application layer.
- Configuration of Linux Device Mapper (DM) cryptographic functions.
- Use of AES-XTS and HMAC-SHA256 cryptographic algorithms.
- Over-the-Air (OTA) software update support based on Mender.io which includes:
- Client-server authentication using RSA signatures & JSON Web Tokens (JWT)
- Software updates sent over an encrypted channel (HTTPS)
- Software updates authenticated using RSA signatures