Explore our IoT case studies and embedded systems projects — real-world secure firmware deployments, RFID access control systems, and industrial IoT telemetry at scale.
In this RFID access control case study, a family-run boutique hotel in Malta relied on physical keys and a manual logbook for all 15 rooms. Every lost key meant a costly rekey of the entire lock. Guest check-in took 10+ minutes, and there was zero audit trail for staff access to guest rooms or storage areas. As they prepared to expand to 50 rooms, they needed a modern RFID access control system that could scale without adding administrative overhead.
We deployed JanusAccess across all existing and planned rooms: JanusKey at the front desk for under-10-second card programming, JanusGate controllers at every door for real-time AES-256-GCM encrypted validation, and JanusCore for centralized management with role-based access. Staff received shift-based credentials that auto-expired. Guest cards were programmed at check-in with automatic expiry at checkout.
A 5-floor smart building in Valletta housed 30+ tenants with overlapping common areas, shared meeting rooms, and a basement parking garage. This smart city IoT infrastructure project required each tenant to have different operating hours, employee schedules, and visitor policies. The previous system used standalone keypads with no centralized management, making tenant move-ins and move-outs a logistical nightmare requiring physical key changes across multiple doors.
JanusAccess was deployed with time-based access rules per tenant: floor-specific credentials, common area access during business hours, and 24/7 access for tenants with after-hours operations. JanusCore provided the building manager with a single dashboard for all 30+ tenants. JanusGate controllers managed each floor entrance, common areas, and parking. Visitor passes with time-limited access were issued through JanusKey at the concierge desk.
A European agritech startup needed a complete agricultural IoT telemetry system for their precision agriculture platform. Their legacy solution used unencrypted HTTP communication, had no device authentication, and could not scale beyond a few hundred sensors. They needed a system capable of handling tens of millions of daily readings across thousands of geographically distributed sensors, with AES-256-GCM encryption and 99.99% uptime.
We designed and deployed an end-to-end encrypted telemetry pipeline built on ESP32-based sensor nodes communicating over LoRaWAN to Bifrost gateway devices, which aggregated and forwarded encrypted data over MQTT TLS to a Python/FastAPI backend. AES-256-GCM encryption protected every packet from soil sensor to cloud database. A multi-tenant backend architecture provided real-time dashboards, automated alerting, and command-and-control capabilities.
A supply chain logistics company deployed 500+ wireless environmental sensors across multiple factory floors and distribution centers. The firmware had no remote update capability — each device required physical access for updates, costing thousands in technician time and causing significant operational downtime. They needed a secure OTA update system for IoT supply chain tracking that could update devices remotely without compromising security or risking bricked hardware.
We implemented a complete OTA update pipeline on ESP32-based sensor nodes. The architecture featured A/B partitioning for rollback safety, signed firmware binaries verified before installation, and a staggered rollout system that prevented network overload. The backend managed firmware versions, device targeting, and update status tracking. A fallback mechanism ensured devices could recover from interrupted updates automatically.
A medical device manufacturer needed to transmit sensitive patient monitoring data from bedside devices with firmware-level security to a cloud-based analytics platform. The system had to comply with HIPAA data protection requirements, maintain sub-second latency for real-time alerts, and ensure zero data loss during network interruptions. The existing prototype used basic TLS with no application-layer encryption and had no key management infrastructure.
We designed a defense-in-depth security architecture featuring AES-256-GCM encryption at the application layer with automatic key rotation. A secure key provisioning system injected device identities during manufacturing. The backend implemented encrypted storage with column-level encryption for PHI fields, comprehensive audit logging, and automated compliance reporting. The system achieved sub-200ms end-to-end latency through optimized binary serialization and connection pooling.