Raspberry Pi Makes Tinkering Easy, but IoT Productization Remains Difficult

From Idea to Production Raspberry Pi Makes Tinkering Easy, But IoT Productization Remains Difficult

2025-10-24 A guest contribution by Mike Scott and Louis Moreau* | Translated by AI 6 min Reading Time

Related Vendors

Thanks to devices like Raspberry Pi, an IoT prototype is quickly built, but the path to production readiness is challenging: money, certifications, security, and automation make productization complex. New platforms like FoundriesFactory aim to simplify this process.

Easy tinkering: A Raspberry Pi greatly simplifies the prototyping of IoT devices.

(Image: Benjamin Nelan, Pixabay)

We live in a Raspberry Pi world. For developers of connected embedded and IoT devices, it has never been easier or cheaper to configure a hardware platform based on a powerful microcontroller or microprocessor, connect some shield boards for input and output devices like sensors and touchscreens, and then start writing code. Thanks to developer-friendly hardware manufacturers like Raspberry Pi, Arduino, and MIKROE, tools and languages such as VS Code and Python, and libraries with open-source software, including the Linux operating system, anyone with some technical know-how and a groundbreaking product idea can develop a functional prototype faster and more cost-effectively than ever before.

This means there will certainly be no shortage of IoT prototypes. But does that also mean we’ll soon see a wave of market-ready IoT products? Probably not. The process of productization—the step from prototype to mass production—is complex, expensive, and risky. A functioning prototype is far from a marketable product. For this reason, it can be advantageous for developers to become as familiar with tools and frameworks for productization as they are with Raspberry Pi and other tools and frameworks for product development.

The Challenges in Productizing IoT Devices

Developers face financial, technical, organizational, and legal hurdles on the path to mass production. Perhaps the biggest obstacle to the productization of IoT devices is money. Since the aforementioned tools and resources are readily available, a prototype can be created with minimal effort in addition to the salaries of development engineers. Productization, on the other hand, requires capital to finance investments such as tools and machinery needed for product assembly, as well as to pay for upfront costs like certification services.

When the capital is available, the technical challenge follows: a lab setup must become a reproducible, scalable product. Many steps that are performed manually and once in the lab must now be automated and standardized for mass production.

In the development lab, for example, the engineer can take as much time as needed to load the device firmware onto the prototype hardware. In production, however, flashing a "golden image" of the device firmware onto each production unit involves complex requirements, including:

• Reliability and error handling: The system must reliably transfer and verify the firmware to prevent devices from becoming inoperative. Robust mechanisms for error detection, logging, and correction are crucial to ensure production efficiency and minimize waste caused by manufacturing defective production units.
• Speed and throughput: In high-volume production, flashing must be done quickly. This requires efficient data transfer protocols and the ability to flash multiple devices simultaneously.
• Security and Integrity: The production process itself presents a vulnerability to malware and cyberattacks. The system must protect the golden image from unauthorized access or modification and verify the integrity of the flashed firmware on the device. This includes secure boot mechanisms, cryptographic checks, and strict control over access to the programming system itself.

"Security By Design"

Security is indeed one of the greatest challenges in productization: the biggest mistake IoT product developers can make is neglecting the need for IoT device security until the prototype design is finalized. Implementing security features such as secure boot, secure key and data storage, over-the-air (OTA) update capability, and secure connectivity retrospectively can severely disrupt a working product design. We have often seen that the late development of essential security features has led to catastrophic delays and costs because developers were forced to undo and redesign aspects of a functional system that no longer worked after implementing secure boot or other security measures.

But let’s assume the device is secure: before a prototype can be deemed market-ready, it must be certified for compliance with relevant standards and regulations, such as the EU’s Radio Equipment Directive, the CE marking, and RoHS regulations (Regulation on Hazardous Substances). Comparable regulations and requirements apply in most other markets worldwide. The effort required for regulatory compliance and testing of new products can surprise new IoT device developers who have not yet experienced how expensive and time-consuming this process can be.

And it should not be forgotten that productization is not just about bringing a product to mass production. The manufacturer’s responsibility for the product extends well beyond delivery. Some manufacturers have always taken responsibility for the customer’s user experience after delivery, often because they understand the impact on the manufacturer’s brand. With the European Union’s Cyber Resilience Act, post-shipment maintenance has become a necessity for all companies manufacturing or marketing products within the EU. This makes IoT device manufacturers responsible for promptly providing patches for devices in the field that are exposed to known cyber threats.

This requires not only OTA updates but also additional features such as fleet management and the automatic generation of a Software Bill of Materials (SBOM).

Tools And Frameworks for Productization

While there are countless tools, frameworks, and communities for development, productization remains a blind spot. Only a few manufacturers provide support for partial processes like firmware flashing or security provisioning—usually limited to their own chips.

To be fair, some manufacturers and suppliers do offer support for specific parts of the productization process. In particular, MCU and MPU manufacturers support their products with documentation and guidance to assist processes such as firmware flashing and securing. However, these guidelines are specific to their products and cannot be generalized to the entire category of IoT devices.

Recently, chip manufacturers have also started offering turnkey security services that allow IoT device manufacturers to outsource tasks such as equipping their products with private keys—the Optiga Trust Service from Infineon is one example. Similarly, the secure provisioning of Qualcomm Wireless Edge Services (WES) enables the generation and use of cryptographic keys applied or activated through unique device keys. These keys are used to securely deploy data to the device after sale and over-the-air and to sign data on the device.

The range of challenges in productization described above requires a broader environment that provides a framework for managing the transition of a product idea from development to production, device management, updates, and even secure decommissioning.

This overarching framework requires more than what a single tool or service can provide: this was the goal behind the creation of the FoundriesFactory platform by Foundries.io for Linux OS-based embedded devices. The platform orchestrates a range of open-source tools, such as Docker for container development and The Update Framework (TUF) for OTA updates, around a comprehensive and granular database for code and device identities. This enables a CI/CD process (Continuous Integration/Continuous Development process) supported by rollback functions and the automatic generation of SBOMs for each production unit.

At every step along the way from prototype development to decommissioning, the codebase, security, and update status of the product are automatically recorded. This information is readily available to support the automation of processes such as firmware flashing, exposure assessment, and OTA updates.

And a practical interface between the FoundriesFactory software and the Edge Impulse platform for the development, compilation, and installation of edge AI models ensures that the growing number of AI-enabled IoT products can equally benefit from productization support.

Such a platform to support productization does not completely eliminate the challenges described above. Productization is and will always remain a challenge. However, a device data framework integrated with a coherent set of tools for essential security, device management, and production functions allows security to be built into the development process right from the beginning, ensuring that the prototype—the expression of the developer's brilliant idea—can be brought to market as smoothly and quickly as possible. (mc)

* Mike Scott is a senior engineer at the Qualcomm Innovation Center and a member of the Foundries.io team. Louis Moreau is an engineer and manager at Qualcomm France S.A.R.L.