White Paper

Play Inside the Box:

Legato Sandboxing Lets You
Introduce New Services Without
the Risk
A SIERRA WIRELESS WHITE PAPER

Adding new features or third-party apps to an IoT

device can be risky, since new functions can make
it harder to predict in-field performance, maintain
security, and retain data privacy.
Sandboxing is a technique, supported by the open source Legato development
platform, that makes it easier and safer to design, test, and deploy new IoT functions
without risking the core application.
Upgrades, modifications, and new features are a fact of life in the IoT. Many IoT
devices begin as relatively simple electronic systems that perform a fairly limited
set of functions, but quickly evolve to take on new capabilities that support multiple
applications. A first-generation device for vehicle tracking, for example, might be
upgraded to support usage-based insurance, or the latest version of a gas meter might
be configured with a payment app, to support new pay-as-you go and top-up services.
Adding extra functionality and supporting new apps can create a significant
competitive advantage, but it also adds complexity to the system, and that can
increase risk. Its not always easy to know how a new feature, developed by a
subcontractor, or a new app, supplied by a third-party partner, will interact with
existing functionality. New services can slow performance, produce unanticipated
results, or, worse yet, introduce vulnerabilities, compromise security, or make it harder
to protect information.

White Paper

Sandboxing for Privacy & Protection

One way developers minimize the risks of complex functionality is through
sandboxing, a technique that makes it easier to create, evaluate, and expand system
operation while maintaining security. Sandboxing lets you isolate an application and
control its behavior, so as to ensure performance and increase security. In the IoT
context, the key points of sandboxing are data privacy and access privileges.
DATA PRIVACY
Sandboxing prevents one app from accessing the data of another app, so sensitive
information remains private. A sandboxed app is restricted to the confines of its
sandbox, and can only work with authorized data. The relevant data can be stored
anywhere in the system in a non-volatile file system or in volatile RAM and can be
linked to one or more sandboxed apps. Each sandboxed app can do what it needs to
do, and access the data it needs, without seeing or disturbing the rest of the system.
ACCESS PRIVILEGES
Sandboxing also makes it possible to grant access privileges, so as to increase security
and manage system resources more efficiently. A sandboxed app can be allowed
only limited use of a function or API, so that, for example, the app only opens an
authenticated channel to access a single server, or to request device positioning. Any
other actions are strictly forbidden. Similarly, access to the CPU, memory, or network
bandwidth can be restricted, so the app cant monopolize resources and thereby slow
performance or waste energy. A sandboxed app only works with the resources it
needs, without overtaxing the system.

Legato

The Legato Sandbox

Sandboxing has its origins in large-scale virtualized systems, such as servers and PCs,
but its a technique that, when scaled to a smaller size, brings significant benefits to the
compact embedded systems used throughout the IoT.

Application
Framework

Open Source

Linux
Distribution

Development
Environment

The Legato sandbox can be used throughout a devices life cycle to reduce risk while
creating greater differentiation, expanded functionality, and new revenue streams.
During development, the Legato sandbox creates a safer programming environment,
so designers can do what they need to do test ideas, create new features, integrate
third-party apps without jeopardizing security. Once devices are deployed in the field,
the Legato sandbox makes it easier and safer to update devices and introduce new
services, for a more secure approach to staying competitive.

2 of 3

White Paper

NEW REVENUE STREAMS

The Legato sandbox creates a protected and restricted environment for adding new
services to devices that are already in the field. New features and apps can be added
natively or remotely, using over-the-air (OTA) updates. The update can be loaded
directly into the sandbox, for quick, secure validation, and the sandbox in each module
can be managed from a central point, in the AirVantage cloud. New rollouts can be
issued and validated all at once, or in stages. By enabling the quick, secure integration
of new functions, the Legato sandbox increases flexibility and responsiveness, for
faster differentiation.
When combined with applications that track data or network usage, the Legato
sandbox can also be used to lower operating costs and increase efficiency.

Monitor Network Traffic example: The Legato sandbox isolates apps and makes it
possible to monitor each one individually, so the network usage for any given app
can be tracked and billed. Invoices are more precise, and theres room for special
options, such as tiered billing and member discounts.
Manage Network Bandwidth example: In similar fashion, the Legato sandbox can
be used to track and manage data traffic on devices that are operated as Wi-Fi
hotspot, for a better overall customer experience. Heavy users can be billed extra,
as a way to discourage accounts from going beyond a set limit, and to prevent users
from taking more than their fair share of the available bandwidth.
SAFER ENGINEERING

TAKE THE NEXT STEP

To learn more about sandboxing and
the other ways Legato improves IoT
development, visit www.legato.io
or contact your local Sierra Wireless
representative to learn more about
the integration of the open source
Legato platform with the WP Series of
embedded modules at
www.sierrawireless.com.

The Legato sandbox reduces the unknowns, surprises, and intentional mistakes that
are an ever-present part of the creative process. Developers can try out new ideas and
test different scenarios, in a secure environment. They can experiment using a carefully
regulated, step-by-step approach that makes it easier to catch errors and fix bugs,
without disrupting what already works.
The Legato sandbox also provides a secure environment for test-driving third-party
apps, so its less risky to work with subcontractors, partners, and other outside
developers. A third-party app can be run in isolation, with tight restrictions on access to
data and the rest of the system, to identify any potential impact on the system and its
resources before being accepted for use.

About Sierra Wireless

Sierra Wireless is building the Internet of Things with intelligent wireless solutions that empower organizations to innovate in the
connected world. We offer the industrys most comprehensive portfolio of 2G, 3G, and 4G embedded modules and gateways,
seamlessly integrated with our secure cloud and connectivity services. OEMs and enterprises worldwide trust our innovative
solutions to get their connected products and services to market faster. Sierra Wireless has more than 950 employees globally and
operates R&D centers in North America, Europe, and Asia.
For more information, visit www.sierrawireless.com.
Sierra Wireless, the Sierra Wireless logo, AirPrime, AirLink, AirVantage and the red wave design are trademarks of Sierra Wireless. Other registered trademarks
that appear on this brochure are the property of the respective owners. 2015 Sierra Wireless, Inc. 2016.01.11