Case Studies

Security for connected device manufacturers

Connected devices create a security surface that spans embedded firmware, cloud infrastructure, and the factory that builds them. A compromise can affect millions of devices already in use. The brand and liability consequences are severe.

What makes security in connected device manufacturing different

The issues that come up again and again in our work in this sector.

IP theft through hardware reverse engineering

A competitor who buys a device and extracts what is inside can replicate years of engineering work. Cryptographic controls embedded in the device are the only reliable protection.

Firmware integrity at production volumes

Ensuring every device off the line runs only verified, signed software requires a PKI and provisioning process fast enough for a factory floor. Testing in a lab is not enough.

Software supply chain risk at scale

A compromised firmware update pushed to devices in millions of homes is a serious user security event. The update delivery mechanism needs to be as secure as the device itself.

Security across embedded, cloud, app, and manufacturing simultaneously

Device security does not live in one place. It requires oversight across firmware, cloud platform code, mobile applications, and manufacturing operations at the same time.

The organisations and systems we work with

Types of organisations

UK household-name device manufacturers

IoT hardware companies

Connected product businesses

Consumer electronics manufacturers

IoT device firmware

PKI infrastructure

Secure boot chains

Factory provisioning systems

Cloud device management APIs

Mobile companion applications

CI/CD pipelines for embedded software

From our work in manufacturing

A featured engagement

We have worked with a number of organisations in this sector. This is one engagement we have selected to show how we approach this kind of work.

Locking Down Every Device Before It Leaves the Factory

A UK household-name IoT manufacturer needed every device leaving the factory to run only verified, signed software. We built the PKI and secure boot chain to make that hold at production volumes.

The technical depth Threatplane brought to the PKI and secure boot implementation was exceptional. They understood both the security requirements and the manufacturing realities, and delivered something we could actually deploy at scale.

Head of Product Security, UK IoT Manufacturer
Read this case study

Building connected devices?

We understand the security challenges that run from the factory floor to the consumer's home. Most conversations start with a short call.