Issue link: https://resources.mouser.com/i/1516458
31 Many IoT devices become part of larger networks of connected devices. They must be maintained, updated, and retired when they are replaced or reach the end of life. Securely managing a large ecosystem of IoT devices is a challenge. To design IoT devices for life-cycle management, it's important to understand the normal stages for bringing an IoT device into service and decommissioning it, starting at the factory in which it is manufactured. Typically, there are stages of making an IoT device serviceable: Fresh state. This freshly manufactured device has no image, no software, and no operating system. It is a blank device except for a boot loader. Firmware stage. When the firmware or operating system is flashed on the device, the device is now in the firmware stage. This stage takes place in the factory. Provisioning stage. During this stage, all applications, certificates, keys, and a unique ID are installed at the factory. The device is then ready to work because everything is now complete on the device. Registered device. At this point, every device has a unique ID. Registration is the process of recording the unique ID and configuration of the device on the manufacturer's IoT server. This stage is completed at the factory. When it is complete, the unique device is registered, which means that it is ready for a user to install. Activation. Activation happens in the field only after the device is delivered to the user. When the installed device boots up and finds its IoT server, it performs a handshake with that server. When that handshake is complete, the device is moved into an active state. It is now ready to perform all the operations it was designed to perform. Deactivation. Deactivation is a temporary state of the device, which happens in the field only after successful activation of the device. All the device's services are suspended in state except for the device activate command. There are several reasons why a device can switch to its deactivation state. For example, a server 31 " Sensitive data should be deleted immediately after use. No key should be available in memory. After use, keys should be removed immediately."