For super control, we want our snap to be only able to access a usb device with specific Vendor ID and Product ID. We also want to know when that specific device connects.
What are our options today, and how can we achieve that ?
EDIT
To add more details we want our snap to flash a a firmware to a usb dongle when its connected over USB, this will make automation much easier for us.
Is raw USB constrained to a specific device vendor:product pair sufficient?
you probably also want hardware-observe to watch plug events (via udevadm monitor, dbus or some code hooking into libudev) …
Yes, that would in principle help our situation largely and allow our snap to have the least authority.
We may have to work with something lower level than dbus, not sure. Our environment will be a yocto based image running snapd on top for apps etc.
well, as long as you have udev … but indeed you could also screen-scrape dmesg with a script or something similar insane 
Should that be tracked as a bug on launchpad or is it fine here ?
Probably best to file a bug on launchpad about it
