fix(nrf52): add BLE security timeout and advertising watchdog

[ipduffy]

Commit 25ea953 introduced a condition where a BLE connection that is established but not yet encrypted could result in a hung BLE stack under certain conditions.

If onConnect is called with a valid connection_handle, the _isDeviceConnected flag remains set to false. This prevents the watchdog loop on lines 336-346 from running until after the onSecured function is called and the _isDeviceConnected flag is set to true.

For various reasons that are apparently more common in iPhones versus Android devices, the establishment of encryption is more likely to not complete, which would leave the nRF device BLE stack in a hung state.

To address this potential for a hung state I've implemented a timeout (BLE_SECURITY_TIMEOUT_MS) on the call to onSecured of 15 seconds, so that if a BLE connection is established via onConnect without the subsequent call to onSecured within that time, then disconnect is called, allowing the device to return to an advertising state and allow further connection attempts.

I have tested this patched firmware on a RAK 4631 board and it's been stable without any BLE issues for the past 24 hours.