Explore a comprehensive conference talk on integrity protection and system updates for IoT devices in challenging environments. Learn about over-the-air (OTA) update mechanisms and techniques to detect tampering attempts on powered-off devices. Compare various approaches including Linux Integrity Measurement Architecture (IMA), Clear Linux OS swupd, dm-verity, and OSTree. Gain insights into using meta-integrity and meta-swupd layers in Yocto/OpenEmbedded-based Linux distributions. Discover key criteria for evaluating update mechanisms, integration with boot processes and update servers, and compatibility between updates and integrity protection. Delve into architecture considerations, target machine setup, installer images, initramfs, and whole-disk encryption. Benefit from the expertise of Patrick Ohly, maintainer of meta-integrity and meta-swupd, as he shares his experience in IoT OS development based on OpenEmbedded and the Yocto Project.