Worked on security hardening for certificate installation within the EVerest/libocpp repository, focusing on improving maintainability and reducing risk in embedded systems. Developed policy-driven checks that enforce a minimum security profile and restrict installation of certain certificate types when security is low. Refactored configuration management by introducing clearer naming conventions and component variables, which helps prevent misconfigurations and supports future enhancements. Implemented helper logic to determine install eligibility, ensuring unsupported certificate types are rejected and security controls remain stable. Utilized C++ and configuration management skills to deliver these changes, resulting in a more robust and maintainable security posture without altering external APIs.