BusByte enforces data security at the hardware level — a physical constraint no software vulnerability can override.
BusByte's Expansion Module plugs into your existing industrial equipment using standard connectors. It reads data only — it cannot send commands or modify anything.
Data passes from the Expansion Module to the Olympus Unit through a one-way serial connection. There is no wire going back the other way. Physically, it is impossible for the Olympus Unit or the internet to communicate with your assets.
The Olympus Unit packages, timestamps, and encrypts the data, then uploads it to cloud servers via HTTPS. You access it through a secure browser-based dashboard from any device or consume it via API.
The Expansion Module interfaces directly with industrial buses and protocols. It operates in strict read-only mode — it retrieves data values but cannot issue commands, modify registers, or interact with the control logic. For serial protocol connections, the interface is configured as transmit-only (TX), with no receive (RX) line connected to the Expansion Module's output. This is a physical constraint — there is no software configuration that can create a return path.
Connection type: serial — TX only RX line: not connected Write access: hardware-disabled
Once data crosses the air gap, the Olympus Unit takes over. It runs a hardened Linux OS on fully encrypted storage. Each unit carries a unique device credential stored in an encrypted partition — this is used for JWT authentication with cloud servers. All uploads use HTTPS over TLS 1.2. The unit connects to the internet through an industrial router using a mobile network back-haul, which performs active IP address switching to eliminate fixed targets for external attackers. All service ports on both the router and the Olympus Unit are closed by default.
Interfaces with industrial assets via RS485/422/232, Modbus, BACnet, CANBus, I2C/SPI, Digital/Analog and PLC. Outputs data via a one-way serial connection (TX only). Cannot receive data from the Olympus Unit.
Hardened ARM Compute Module. Linux with full storage encryption. All ports closed by default. SSH key-only access for maintenance. JWT authentication using per-unit credentials. Built-in DDoS, flood, port scan, and TCP exploit mitigation. Continuous hardware health monitoring with suspicious activity flagging.
Hardened port configuration. Mobile network back-haul with active IP address switching. No inbound access from mobile network. Packet forwarding disabled. DDoS, flood, port scan, and TCP exploit mitigation.
The BusByte cloud platform is built on Google Cloud's managed container infrastructure, with regular security compliance audits. The client dashboard is accessible exclusively via HTTPS — there is no unencrypted access path. The platform is device-agnostic, meaning engineers and managers can check live data from desktops, tablets, or mobile phones without installing any software.