"It needs to match on the other side with a public key or certificate which is somehow hard-coded into hardware"

"A determined attacker might still be able to extract the original firmware via JTAG, for example, reverse engineer and modify it, but it won’t match the public key burned into the hardware, so the first stage of the boot up will fail, and the system will refuse to come to life."

Burned into hardware...or a ROM chip type entity. Who ever does the generating of key and burning it will have the key. I do not worry too much about the outside hacker, its the insider that I have a problem with.

That's the problem, someone on the developer side initially has the key.

Where keys generated form unknown semiconductor structure are not generated by anyone. It happens through an unseen process of curing,...and that's what Signet is based on. Detecting the physical state of semiconductor.

No two devices will have the same faults.

The writer needs to keep "somehow" in mind....and forget the burning issue.

doni