Hello there,
I am working on a project that involves deploying firmware over the air updates for a fleet of IoT devices. While I have some experience with embedded systems; this is my first time implementing FOTA; and I want to ensure that I follow best practices to make the process as smooth and reliable as possible.
What are the recommended strategies for securing the update process? 
I have read about signing firmware images; but I am curious if there are additional measures to prevent unauthorized access or tampering.
How do you handle scenarios where a firmware update fails or is interrupted? Are there specific techniques for ensuring that devices can recover gracefully without becoming bricked?
Since some of our devices operate in areas with limited connectivity; I am concerned about optimizing data usage. Are there any methods or protocols you recommend for minimizing the size of firmware updates; perhaps through differential updates or other techniques?
For end users; especially those not tech-savvy, what are some ways to make the update process more user friendly? Should we aim for silent updates; or is it better to provide notifications and options for manual updates?
Also; I have gone through this post; https://memfault.com/webinars/device-firmware-update-best-practices-blue-prism/ which definitely helped me out a lot.
Are there any tools; libraries; or frameworks that you have found particularly helpful for managing and deploying FOTA updates? We are currently exploring various options; and it would be great to get recommendations based on practical experience.
Thank you in advance for your help and assistance. 