Advanced IoT Development · Advanced
Device Security Studio: Keys Without Drama
Rotate keys, sandbox firmware signing, and rehearse compromise drills.
Overview
Practice secure boot assumptions, HSM-free signing workflows for labs, and compartmentalized secrets with audit trails appropriate for classroom environments.
Included focus areas
- Key ceremony checklist with two-person rule
- Sandbox signing with disposable certs
- Secrets scanning hooks for repos
- Compromise tabletop with blameless retro
- SBOM exercises limited to classroom components
- Least-privilege network maps
- Incident comms templates
Outcomes you can evidence
- Produce rotation calendar with owner matrix
- Run tabletop with documented decision log
- Export SBOM snippet tied to hardware revision
FAQ
HSM hardware?
Conceptual only—no hardware HSMs provided.
Pen testing?
Out of scope; tabletop focuses on process, not offensive testing.
Compliance mapping?
We reference frameworks descriptively; formal audits require external counsel.
Participant notes
“Two-person key ceremony felt theatrical until our auditor asked for the exact checklist—now it lives in Confluence.”