BARCELONA 41.3851° N

v0.1.0

LOCI-LAB · EMBEDDED SYSTEMS & SECURE IoT

We build embedded software and secure IoT systemsfor teams shipping devices that have to work.

On-device software and secure device-to-cloud connectivity — engineered by a senior architect with 16 years in the field.

Start a conversation See how we work

Not sure where to start?

Talk to our AI architect →

A01 · ON-DEVICE: Linux · Zephyr · FreeRTOS
A02 · CONNECTIVITY: LoRaWAN · BLE · NFC · Cellular
A03 · SECURITY: TLS 1.3 · X.509 · Mutual auth
A04 · DELIVERED BY: Senior architect · 16 yrs

SECTION B

What we do, end to end.

DEVICE → CONNECTIVITY → CLOUD

We work across the path a device takes to deliver value: the software running on the hardware, the link that carries its data, and the infrastructure that receives it. Our pivotal expertise is on the device and its connectivity — where most IoT projects succeed or fail — and we extend into the cloud for clients who need the full path to an API.

01 / ON-DEVICE SOFTWARE

Firmware your product team can trust for the lifetime of the device.

We design and build the software that runs on your hardware, whether that's Embedded Linux for a gateway-class product or Zephyr / FreeRTOS for a resource-constrained MCU. From board bring-up and driver development to secure boot, OTA, and power optimization, we own the firmware with the rigor of engineers who have shipped devices that have to work in the field for years. When your product succeeds or fails on what the device actually does, this is the work.

Embedded Linux for gateway and compute-class devices. Zephyr and FreeRTOS for constrained MCUs. Bare-metal C and C++ when the constraints demand it.

EMBEDDED LINUX
ZEPHYR
FreeRTOS
C / C++
ARM CORTEX-M
DRIVERS
SECURE BOOT
OTA
LOW-POWER

Typical engagement: 3–6 month fixed-scope firmware project, or ongoing architecture retainer.

02 / DEVICE-TO-CLOUD CONNECTIVITY

We get your device talking to your cloud — as securely as your product requires.

Connecting a device to a backend is easy. Doing it in a way that survives hostile networks, untrusted intermediaries, and a decade of certificate rotations is not. We design and implement the full connectivity path — radio layer, transport, identity, and authentication — so that every device knows who it's talking to and every byte arrives intact. Security isn't a feature here; it's the default posture of everything we ship.

LoRaWAN, NFC, BLE, and cellular on the device side. TLS 1.3, mutual authentication, and X.509 device identity on the wire. Factory provisioning and key management designed so your private keys never leave the device.

LoRaWAN
NFC (ISO 15693 / 14443)
BLE
CELLULAR
MQTT
CoAP
TLS 1.3
X.509 / PKI
MUTUAL AUTH
ATTESTATION

Typical engagement: integrated with an on-device engagement, or as a standalone security / connectivity audit for an existing product.

03 / CLOUD INFRASTRUCTURE FOR CONNECTED DEVICES

When you need the full path from device to API, we continue into the cloud.

For clients who want end-to-end delivery, we extend into the cloud side of the stack — ingestion from LoRaWAN network servers or direct device uplinks, device management, OTA delivery, and a clean REST API your product team can actually build against. Because we understand the device, the cloud does the right things: it models devices correctly, it handles identity properly, and it doesn't assume the network is reliable. We build on Cloudflare Workers + D1 and comparable edge-first platforms.

Offered as the natural continuation of on-device and connectivity work — not as a standalone cloud practice. If you already have a cloud team, we integrate with them.

CLOUDFLARE WORKERS
D1
THE THINGS NETWORK
CHIRPSTACK
REST APIs
DEVICE MANAGEMENT
OTA INFRASTRUCTURE

Typical engagement: extension of a device or connectivity project, scoped as a defined backend delivery.

SECTION C

Who's behind loci-lab.

SENIOR-LED · SECURITY-FIRST · ACCOUNTABLE

[FOUNDER
PHOTO]

PHOTO · 4:5

I've spent 16 years writing embedded software — starting as a senior developer and moving into architecture roles, mostly in C++. I've shipped firmware for [industrial sensors, consumer IoT, medical-adjacent devices], led teams through full product lifecycles, and worked across the stack from silicon to cloud.

I started loci-lab to do this work the way I believe it should be done: senior-led, security-first, and accountable for what ships.

NOTE · PLACEHOLDERS MARKED IN ACCENT COLOR

loci-lab also develops loci-tag, a cryptographically authenticated proof-of-physical-presence device — an internal product that informs how we think about identity, provisioning, and the realities of shipping secure hardware.

CAPABILITIES · v0.1

REV A

LANGUAGES: C, C++, Python, TypeScript, Rust (basic)
RTOS / OS: Zephyr, FreeRTOS, Linux (embedded)
PROTOCOLS: LoRaWAN, BLE, NFC (ISO 15693 / 14443), MQTT, CoAP, HTTPS
SECURITY: X.509 / PKI, secure boot, TLS, hardware root of trust
CLOUD: Cloudflare Workers, D1, edge-first architectures
HARDWARE: ARM Cortex-M, various MCUs, PCB design collaboration

— END OF LIST —

p.1/1

SECTION D

Field notes.

RSS →

Short pieces on the work: what we've learned in the field about firmware, connectivity, and the sharp edges between them.

SECTION E

Start a conversation.

Tell me about your project in a few sentences. I reply to everything within two working days, and the first conversation is always free. If we're not a fit, I'll tell you directly and — where I can — point you to someone who is.

hello@loci-lab.com

PHONE

+34 672 119 702

NOT SURE WHERE TO START?

Talk to our AI architect →

Describe your project · get a tailored memo in minutes

SEND A MESSAGE

→ hello@loci-lab.com