You are responsible for an embedded device that boots from read-only firmware, loads a signed application image, and then brings up sensors, storage, and a network stack. After a recent field update, a subset of devices now hang during boot or reset repeatedly before the application starts. You have serial console access, JTAG, and the ability to reflash recovery firmware, but the devices are deployed remotely and physical access is limited.
How would you approach debugging this issue end to end? Walk through how you would isolate whether the failure is in boot ROM, firmware signing, hardware initialization, or a runtime fault, and explain what evidence you would collect at each step.