First off, don't do it like that: Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Secondly, fixing the first one will solve the second: you need some more double quotes.
string query = "insert into Table_1(SensorValue,Time) values(" +hexValue+, +DateTime.Now.ToString("HH:MM:ss")+")";
Becomes
string query = "insert into Table_1(SensorValue,Time) values(" +hexValue+ ", " +DateTime.Now.ToString("HH:MM:ss")+")";
But do use parametrised queries:
string query = "insert into Table_1(SensorValue,Time) values(@SV, @TM)";
sa.InsertCommand = new SqlCommand(query, sqlconn);
sa.InsertCommand.Parameters.AddWithValue("@SV", hexValue);
sa.InsertCommand.Parameters.AddWithValue("@TM", DateTime.Now.ToString("HH:MM:ss"));
BTW: It is a bad idea to use the same name for a field as a datatype - it can cause problems with some queries. Change "Time" to "SpotTime" or something else which describes it better.
[edit] :doh: Copy and Paste is great - when you remember to update the variable names... "@SV" duplicate changed to "@TM" to match the SELECT statement - OriginalGriff[/edit]