Encryption: It prevents reverse engineering of the firmware. The firmware might be stored in encrypted form and only decrypted when it is to be executed, or it might be decrypted during the firmware update process. • Signing: is concerned with ensuring that a message has not been corrupted or modified while in transit. This is important since a malicious user cannot be allowed to alter the firmware originally delivered by the firmware producer. • No hardcoded credentials: The presence of hard-coded accounts that can serve as backdoors to devices. • Code obfuscation: it makes runtime analysis difficult. • Authentication: Make it difficult for unauthorized users to obtain the firmware updates. Make it restrictive, less exposed. • If the device is capable of being networked, no unnecessary services are running and ensure that it can also alert and log when firmware has been updated.