Secure Firmware Update and Software Signing in Embedded Devices
This presentation provides a practical overview of how to secure firmware updates for embedded devices at scale. It covers the challenges of establishing a hardware root of trust, designing secure signing architectures, protecting signing keys, enforcing update verification, and maintaining security throughout a device’s lifecycle. The deck also shares lessons learned from real-world deployments, highlighting common signing and update system failures and best practices for building resilient, fleet-scale firmware update infrastructures.