Pick a real problem in your own life — a houseplant that dies on vacation, a garage door whose state you can never remember, a fridge that gets left open — and produce a one-page architecture sketch of the IoT product that would solve it. No code. The output is a system diagram, a component list, a data flow, and a deliberate justification for every connectivity decision. The point is to force every decision (which MCU? which radio? where does the data live? what happens offline?) out of intuition and onto paper.
If you're stuck on the architecture diagram: start with three boxes — device, network, cloud — and label every arrow with the protocol that's on it. If you can't put a label on an arrow, the architecture isn't decided yet.
If you're stuck on component choice: for the MCU, default to ESP32 unless you have a specific reason (battery life → NRF52 / STM32L; cost-sensitive at 100k+ units → RP2040 or vendor-specific). For sensors, hunt for breakouts on Adafruit / SparkFun — they publish wiring diagrams and example code that save weeks.
If you're stuck on the data path: ask yourself, "if this device went offline for 24 hours, what does the user see in the app?" The answer dictates everything about buffering, retry logic, and conflict resolution.
PRODUCT: "Vacation plant babysitter"
─────────────────────────────────────────
[DEVICE] [HOME GATEWAY] [CLOUD] [USER]
ESP32-S3 + soil moisture + User's home Wi-Fi router Mosquitto MQTT broker Web app
BME280 (T/H/P) + 2× AA (no custom hardware) + InfluxDB (Vercel)
battery + 2.4GHz Wi-Fi
│
│ Reads soil moisture every 30 min;
│ publishes via MQTT/TLS over Wi-Fi
▼ │ │
MQTT publish ──── Wi-Fi 2.4GHz ─┤── HTTPS / WSS ─────────► │── REST / WSS ───────►
│
Topics: /plants/<deviceId>/soil Stores raw → Influx
/plants/<deviceId>/env Rules: moisture < 20%
for 4 h → push notify
OFFLINE behaviour:
Device buffers up to 1,440 readings (30 days) in flash;
syncs on reconnect; user sees "last update 3 days ago" badge.
THREAT MODEL:
Realistic attacker: opportunistic Wi-Fi scanner in the apartment building.
Cheapest defense: per-device TLS cert + WPA3 on home AP. No open ports.
Out of scope: nation-state, supply-chain.Extend the sketch to handle a multi-tenant scenario (one user owns 4 devices in 2 homes). Identify which parts of the architecture need to change.
Replace the home Wi-Fi gateway with a LoRaWAN gateway and a TTN account. Redraw the data flow. Which constraints does that solve, and which new constraints does it create?
Add an OTA-update path to your sketch: where does the new firmware live, how does the device authenticate it, and what does the rollback path look like if the new firmware bricks the device?