From Goal Setting to Software Development
We offer a complete set of engineering services for IoT device cybersecurity. These include risk/threat/vulnerability analysis, definition of cybersecurity requirements, development of software, and testing.
Define Your Goals
We will help you define your cybersecurity goals and then based on that knowledge develop cyber-secure software. Our expertise is in developments for embedded microcontrollers, microprocessors, and system-on-chip devices from semiconductor vendors such as Analog Devices, Microchip, NXP, ST Micro, and Texas Instruments.
Our goal is to provide world class engineering services for embedded cyber security software, with exceptional quality, at an exceptionally good price.
Our services are unique because of the unique skill set we offer and our ability to provide expert services at exceptionally low costs. We have a combination of embedded software skills and cybersecurity know-how that is hard to fine. We have available team members, both on-shore and off to provide local expert services and low costs.
QUESTIONS CONCERNING IOT CYBERSECURITY?
Commonly asked questions include:
- Do new laws and regulations apply to our products?
- Are our products cybersecurity relevant (i.e., should they include cybersecurity protections)?
- Does it make sense to perform a risk or threat assessment?
- Which standards or best practice recommendations make sense to consider?
- Some level of cybersecurity is required but which should be implemented?
- There’s not enough time to implement all the cybersecurity needed, what should we do?
BG Networks security assessment services can be applied to both existing and new IoT products. Assessment services offered include:
- Determination of cybersecurity relevancy
- Application of risk assessment methods
- Threat assessments
- Vulnerability assessments
- Development of cybersecurity goals, concepts, and requirements
- Assessment and recommendations for post-development key management and software signing
The diagram at the right shows the steps of a risk assessment approach that we can apply. We believe that IoT systems should only have the cybersecurity needed and not more. We will apply a risk assessment process to determine what cybersecurity controls are truly needed. We will even help determine how to treat the risks identified based on the risk tolerance of your business. Risk treatment options include mitigation, avoidance , transfer, or acceptance. For risks to be mitigated, we will help with the refinement of cybersecurity requirements and if needed, write the software to implement the identified cybersecurity features.
Markets that BG Networks is targeting for these security assessments services include automotive, consumer, and industrial.
For automotive markets, BG Networks has a particular focus on is ISO/SAE 21434.
ISO/SAE 21434 Consulting Services
Cyber-Secure Software Development and Testing
BG Networks offers both security assessment and software development services because they are complementary and will result in the most efficient implementation of your security needs. After we have assisted in developing the cybersecurity requirements for your IoT product, we will have the knowledge to take the next step and implement the required security features.
We have a focus on the building blocks of IoT security which include a root of trust, secure boot, Over-The-Air (OTA) updates, secure data, secure passwords, and secure communications. These features are candidates for the set of minimum requirements called for in the new federal IoT cybersecurity law. To understand how this law impacts IoT manufacturers, see our blog The IoT Cybersecurity Act of 2020: The 9 Key Points Explained.
We’ll implement the building blocks of cybersecurity while taking advantage of the security features built into the microprocessor hardware. This results in the most secure and efficient designs.
BG Networks provides IoT security from the lowers layers of the software stack including the driver, RTOS, Linux, and middleware levels. These are the levels where cyber security for IoT devices begin and where the building blocks of cyber security are implemented. As needed, we can make these lower layer security resources accessible to your software programmers working on higher levels, such as an edge to cloud software stack. Many edge to cloud platforms leaves it to the user to implement these layers of security.
We have experience with many processor architectures and the ability to quickly develop software for new processors while leveraging all the security features they have.
Focus on What You Do Best
Our services allow you and your team to focus on what they do best. They will not be distracted by cybersecurity from adding differentiating features to your new products. Cybersecurity is not a differentiator but is a requirement.
We can also help if your team has limited bandwidth or if they don’t have an embedded cybersecurity background. The cybersecurity learning curve is steep because it is based on a unique set of mathematics and techniques that most won’t have a background in unless they have specifically studied this topic.
Consideration of Standards, Laws, and Regulations
When performing assessments and determining which cybersecurity features to implement, BG Networks will consider relevant best practices, standards, laws and regulations. This can help you prepare for audits and comply to regulations. There are surprising number to consider which you can see from our blog IoT Cybersecurity: 29 Security Laws, Regulations, Standards, and Best Practices. We are already familiar with many and with our background, we can quickly come up the learning curve of emerging requirements.
A Combination of Strong Embedded Software Skills & Cybersecurity Know-How
Given the requirement for IoT security is relatively new and the fact there is generally a cybersecurity skill gap, BG Network’s combination of skills are unique and not easy to find.
These skills result in designs that are highly secure and very efficient. Because of our expertise with embedded processors, we will take advantage of the trend where more and more cyber security features are being included in microprocessor silicon. These cryptographic features are even being added to very low-cost microcontrollers. We have the ability and cost structure to write software that optimally uses these in-silicon, hardware features. Leverage of the crypto-hardware results in efficient designs that save BOM costs and consume the lowest power possible while being the most secure. This approach also has the benefit of leaving the maximum amount of processor resources, such as computational cycles and memory, for the features that differentiate your products.
Strong, Long-Term Relationships With Companies Offshore
Benefits of the collaboration between BG Networks and our offshore partners includes a high level of service that a local company brings along with outstanding value and flexibility an offshore partner brings.
With BG Networks located in the U.S, communications are efficient through regular interactions during your normal business hours. This saves time for your teams and leads to successful outcomes. Our offshore colleagues bring the benefits of being able to scale from small to large teams with the skill sets you need and extremely competitive prices.
To see a live demo of the work we have done, to learn more, or for a free consultation please contact us. We love to talk about IoT cybersecurity.