Our smart HVAC system relies on local microcontrollers (ESP32) and a central Hub. As we build early firmware and explore over-the-air (OTA) update mechanisms, it’s critical that we understand the cybersecurity risks that may affect our local network architecture. In this project, students will help us model potential threats (e.g., rogue device injection, firmware spoofing, or denial of service), propose OTA safety strategies (e.g., dual-bank memory, rollback logic), and outline best practices for embedded security (e.g., TLS, secure boot, MQTT hardening).

We will provide:

• Hardware class (ESP32-based controllers)
• Goals for OTA (local-only, dual-bank, rollback support)
• Network assumptions (no persistent cloud; Wi-Fi MQTT, possible mDNS)

Deliverables:

• Threat model document (e.g., local Wi-Fi breach, spoofing, DoS, OTA hijack)
• OTA system design flowchart with dual-bank update strategy + rollback logic
• Summary of relevant best practices (secure boot, firmware signing, TLS/MQTT basics)
• Annotated diagrams of a secure local-first control architecture

Student Learning Outcomes:

• Threat modeling and secure systems research for embedded devices
• Understanding OTA firmware update mechanisms
• Applying cybersecurity thinking to real-world IoT projects