Security Automation Tool

BGN-SAT, complemented by our Embedded Software Security Architecture (ESSA), provides embedded engineers a platform to easily develop security controls that are the foundation of keeping an IoT design secure – secure boot, encryption, authentication, and secure software updates. Engineers can quickly improve security, enhance productivity, and reduce the development time required to take advantage of in-silicon security features.

Built on the tenets of BG Networks’ SNAPTM philosophy, the BGN-SAT ensures your design is highly secure, processor resource-efficient, easy to implement, and accessible to update for the lifecycle of your products.

Key Features

  • Deliver secure, encrypted code without complex cybersecurity coding
  • Reduce development time with easy to use interface 
  • Prevent cryptographic misconfiguration errors
  • Leverage inherent processor cybersecurity functions to increase efficiency
  • Secure I/O interfaces and lock processor for final deployment
  • Create supply chain security to prevent gray market and counterfeit devices
  • Integrate with BGN-ESSA to automatically add processor cybersecurity functions

Technical Specifications

The BGN-SAT supports the cryptographic functions inherent in NXP Semiconductors’ i.MX 6 and i.MX 8M family of processors. We are actively working on plans to support additional processor families. If you would like to see BGN-SAT support a particular processor family, contact us and let us know.

  • Authenticated and encrypted boot for a RTOS or U-boot and Linux kernel
    • Generation of public and private keys for RSA digital signatures
    • Support for up to 4096-bit keys providing resilience against quantum computing attacks
    • RSA signed application binaries
    • SHA-256 hashing for authentication of public keys
    • Generate AES keys up to 256 bits 
    • AES-CCM encryption for boot files stored in flash
    • AES keys wrapped using a Key Encryption Key 
  • Processor security
    • Hardware-Assisted Boot (HAB) code stored in ROM
    • Non-volatile memory to store hashes of the RSA public keys
    • AES and SHA-256 accelerators
    • AES Key Encryption Key (KEK) stored in secure memory in a cryptographic accelerator
  • Secure I/O ports
    • Program processors to secure UART, USB, JTAG interfaces
  • Secure binaries downloaded to flash via USB or UART interfaces
  • Locking the processor
    • Only authenticated code images are booted
    • Puts the processor in a secure state with the only method of modification through OTA software updates

Latest Insight

We’d Love For You to Try Our Tools

Request a Free Download and Demo of Our Security Automation Tools