BG Networks is Attending Embedded World 2022: June 21-23 in Nuremberg

Edit
SPECIFIC VULNERABILITIES
Unauthenticated code executed after boot
Debug ports not closed ( JTAG, USB, UART )
Processor misconfiguration opening a debug port
Unencrypted code in flash dumped reverse engineered
Unencrypted software update leads to plain text code listing
Hard-coded keys in source code used to decrypt user certificates
Unused and unprotected RAM
Kicking the watch dog
Abuse of diagnostic management features
Fixing vulnerabilities throughout the chain of distribution
Abuse of diagnostic management features
Safety critical messages that are not authenticated
Direct interfaces between wireless and safety critical ECUs
Manipulation sensors signals for autonomous vehicle control

Edit
NHTSA Best Practice NumberShort Description of NHTSA General Best Practice Recommendation
G.17Auto industry members should implement rapid incident detection to mitigate safety risks and transition the vehicle to a minimum risk condition.
G.23Manufacturers should participate in best practices development and join Auto-ISAC.
G.24 Extended automotive industry companies are recommended to join Auto-ISAC.
G.25Auto-ISAC members should collaborate expeditiously to contain vulnerabilities.
G.28Manufacturers to assess metrics for a response process.
G.30Manufacturers should plan for addressing new vulnerabilities for vehicles in the field, at dealers, in inventory, and in future vehicles.
G.31 Manufacturers should report incidents to CISA and US-CERT.
G.32Auto industry members should participate in cyber incident response exercises such as CyberStorm.
G.38 Auto industry members should collaborate on workforce educational efforts.
G.40Connections to 3rd party devices should be authenticated and only given limited access.
G.43Cybersecurity protections should not unduly restrict access of 3rd party repair services.
Icon for Hardware Root of Trust
Hardware Root of Trust
Icon for Secure Boot
Secure Boot
Icon for Authentication
Authentication
Icon for Encryption
Encryption
Icon for Secure File System
Secure File System
Icon for Secure Interfaces
Secure Interfaces
Icon for Secure OTA Firmware Updates
Secure OTA Firmware Updates
Icon for Key Generation and Management
Key Generation and Management
Icon for Seamless Handoff to Manufacturing
Seamless Handoff to Manufacturing

BGN-SAT Secures Your Embedded Device

Authenticate

Ensure only your code is run and prevent code injection or modification

Icon
Hardware Root of Trust
  • Use hardware-based code that can’t be modified to establish a trusted starting point after reset.
Icon
Secure Boot
  • Automatically generate keys, sign binaries, and program device using the hardware root of trust to authenticate firmware on device boot
  • Lock the processor to ensure only authenticated code is executed

Secure Each Device Uniquely

Rapidly generate keys and provision devices during manufacturing

Icon
1-Click Secure Deployment in Manufacturing
  • Security profile defined during development enables a seamless handoff from engineering to manufacturing
  • 1-click deployment automatically generates and securely stores per-device keys, signs and encrypts firmware, programs device, and secures interfaces
Icon
Key Generation and Management
  • Unique key generation and management for each device

Encrypt

Protect your IP and data from being stolen

Icon
Encryption
  • Protect data and code at rest and in motion using the latest standards-based encryption algorithms.
Icon
Secure File System
  • Generate keys and encrypt binaries for bootloader, OS kernel, and filesystem to prevent reverse engineering of your IP and protect confidential data
  • Utilize hardware-based cryptographic accelerators for secure and efficient implementation

Securely Update

Deploy new features and fix security vulnerabilities

Icon
Secure OTA firmware updates
  • Enable remotely deploying new firmware to devices in the field
Icon
Authentication
  • Used to prevent untrusted updates