Building Superior Embedded Systems
“Staged rollouts”, often used in the context of firmware updates, refers to the process of gradually releasing firmware updates to increasingly large subsets of devices or users. The goal is to first test the update on a smaller scale, allowing you to identify potential issues before rolling it out to a larger audience.
Key rotation refers to the process of changing encryption keys used to protect or sign data.
A number of security-related practices involve the use of secrets. Most commonly found are public/private encryption keys, such as Code Signing, encrypted communications, and SSH authentication. You need a way to securely store these secrets to prevent your systems from being compromised.
Code signing is a process of using a cryptographic algorithm to add a “digital signature” to a binary (or other code artifact). This signature is used to ensure the provenance and integrity of the binary.