diff --git a/.github/scripts/cargo_deny.sh b/.github/scripts/cargo_deny.sh
deleted file mode 100644
index 6cba171..0000000
--- a/.github/scripts/cargo_deny.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/bash
-
-set -e
-
-
-# Install cargo deny if not already installed
-# cargo install --version 0.18.2 cargo-deny --locked
-
-# Run cargo deny in each directory containing a Cargo.toml
-find . -name "Cargo.toml" -exec dirname {} \; | while read -r dir; do
-  echo "Running cargo deny check in $dir"
-  (cd "$dir" && cargo deny check advisories)
-done
diff --git a/.github/scripts/loop.sh b/.github/scripts/loop.sh
deleted file mode 100644
index 24db480..0000000
--- a/.github/scripts/loop.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-set -ex
-
-cargo build --workspace --all-targets
-
-# export RUST_LOG="cosmian_cli=trace,cosmian_findex_server=trace"
-
-echo "Running tests in an infinite loop"
-while true; do
-  reset
-  echo "Iteration: $((++count))"
-  cargo test --workspace -- --nocapture remote --include-ignored
-  sleep 1
-done
diff --git a/.github/scripts/test_utimaco.sh b/.github/scripts/test_utimaco.sh
deleted file mode 100644
index 02feacb..0000000
--- a/.github/scripts/test_utimaco.sh
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/bash
-set -ex
-
-# sudo dpkg --add-architecture i386
-# sudo apt-get update && sudo apt-get install libc6:i386 libstdc++6:i386
-
-wget "https://package.cosmian.com/ci/hsm-simulator.tar.xz"
-killall -9 bl_sim5 || true
-echo -n Extracting compressed archive...
-tar -xf hsm-simulator.tar.xz
-rm hsm-simulator.tar.xz
-./hsm-simulator/sim5_linux/bin/bl_sim5 -h -o -d ./hsm-simulator/sim5_linux/devices &
-
-sleep 5
-
-sudo cp ./hsm-simulator/libcs_pkcs11_R3.so /lib
-sudo mkdir -p /etc/utimaco
-sudo chmod 755 /etc/utimaco/
-sudo cp ./hsm-simulator/cs_pkcs11_R3.cfg /etc/utimaco/
-sudo chmod 766 /etc/utimaco/cs_pkcs11_R3.cfg
-echo -e "[Global]\nLogpath = /tmp\nLogging = 3\n[CryptoServer]\nDevice = 3001@localhost\n" | sudo tee /etc/utimaco/cs_pkcs11_R3.cfg
-export CS_PKCS11_R3_CFG=/etc/utimaco/cs_pkcs11_R3.cfg
-
-cd ./hsm-simulator/Administration
-# set the SO PIN to 11223344
-./p11tool2 Slot=0 login=ADMIN,./key/ADMIN_SIM.key InitToken=11223344
-# Change the SO PIN to 12345678
-./p11tool2 Slot=0 LoginSO=11223344 SetPin=11223344,12345678
-# Set the User PIN to 11223344
-./p11tool2 Slot=0 LoginSO=12345678 InitPin=11223344
-# Change the User PIN to 12345678
-./p11tool2 Slot=0 LoginUser=11223344 SetPin=11223344,12345678
-./p11tool2 Slot=0 GetSlotInfo
-cd ../..
diff --git a/check_build.sh b/check_build.sh
new file mode 100644
index 0000000..28ec498
--- /dev/null
+++ b/check_build.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -e
+
+# Install cargo deny if not already installed
+# cargo install --version 0.18.2 cargo-deny --locked
+
+find . -name "Cargo.toml" -not -path "./Cargo.toml" -exec dirname {} \; | while read -r dir; do
+  echo "Running cargo build in $dir"
+  pushd "$dir"
+  cargo build
+  cargo test -- --nocapture
+  cargo clippy --all-targets -- -D warnings
+  cargo deny check advisories
+  popd
+done
+
+cargo hack build --all --feature-powerset
diff --git a/find_empty_files.sh b/find_empty_files.sh
new file mode 100644
index 0000000..f45d098
--- /dev/null
+++ b/find_empty_files.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -ex
+
+# Find all regular files that are empty (size 0)
+find . -not -path "./*.cargo_check/**" -not -path "./**target/**" -not -path "./*env/lib/*" -not -path "./*node_modules/**" -not -path "./.git/**" -type f -empty -print
diff --git a/.github/scripts/get_openssl_binaries.sh b/get_openssl_binaries.sh
similarity index 85%
rename from .github/scripts/get_openssl_binaries.sh
rename to get_openssl_binaries.sh
index e6d6962..14ec59e 100644
--- a/.github/scripts/get_openssl_binaries.sh
+++ b/get_openssl_binaries.sh
@@ -1,10 +1,6 @@
 #!/bin/bash
 set -ex
 
-if [ "$1" = "Cosmian/kms" || "$1" = "Cosmian/cli"]; then
-    export OPENSSL_DIR=/usr/local/openssl
-fi
-
 env
 
 if [ -z "$OPENSSL_DIR" ]; then
@@ -12,7 +8,7 @@ if [ -z "$OPENSSL_DIR" ]; then
     exit 1
 fi
 
-if [ -z "$OS_NAME" ]; then
+if [[ -z "$OS_NAME" || "$OS_NAME" == "ui" ]]; then
     OS_NAME=ubuntu_22_04
 else
     OS_NAME=${OS_NAME#fips_}
@@ -37,5 +33,5 @@ mv "${OPENSSL_VERSION}.tar.gz" "${OPENSSL_DIR}"
 echo -n Extracting compressed archive...
 cd "${OPENSSL_DIR}"
 tar -xf "$OPENSSL_VERSION.tar.gz"
-find .
+chmod u+x lib*/ossl-modules/*
 rm "$OPENSSL_VERSION.tar.gz"
diff --git a/hsm-proteccio.tar.gz b/hsm-proteccio.tar.gz
new file mode 100644
index 0000000..9aa969f
Binary files /dev/null and b/hsm-proteccio.tar.gz differ
diff --git a/hsm-utimaco-simulator.tar.xz b/hsm-utimaco-simulator.tar.xz
new file mode 100644
index 0000000..c95aa03
Binary files /dev/null and b/hsm-utimaco-simulator.tar.xz differ
diff --git a/prepare_proteccio.sh b/prepare_proteccio.sh
new file mode 100644
index 0000000..65afab9
--- /dev/null
+++ b/prepare_proteccio.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -ex
+
+wget -q https://package.cosmian.com/ci/hsm-proteccio.tar.gz
+tar -xzf hsm-proteccio.tar.gz
+rm hsm-proteccio.tar.gz
+
+mkdir -p /etc/proteccio/
+sudo cp proteccio/etc/proteccio/* /etc/proteccio/
+sudo cp proteccio/lib/* /lib/
+sudo cp proteccio/usr/local/bin/* /usr/local/bin/
+
+rm -rf proteccio
+
+/usr/local/bin/nethsmstatus
diff --git a/prepare_utimaco.sh b/prepare_utimaco.sh
new file mode 100644
index 0000000..691f1ce
--- /dev/null
+++ b/prepare_utimaco.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+set -ex
+
+# Fallback to wget if nix is not available (CI environments)
+wget -q https://package.cosmian.com/ci/hsm-utimaco-simulator.tar.xz
+
+killall -9 bl_sim5 || true
+echo -n Extracting compressed archive...
+tar -xf hsm-utimaco-simulator.tar.xz
+rm hsm-utimaco-simulator.tar.xz
+./hsm-simulator/sim5_linux/bin/bl_sim5 -h -o -d ./hsm-simulator/sim5_linux/devices &
+
+sleep 5
+
+# Place PKCS#11 library and config in a user-writable, persistent location
+UTIMACO_ETC="$PWD/.utimaco"
+mkdir -p "$UTIMACO_ETC"
+cp ./hsm-simulator/libcs_pkcs11_R3.so "$UTIMACO_ETC/libcs_pkcs11_R3.so"
+export UTIMACO_PKCS11_LIB="$UTIMACO_ETC/libcs_pkcs11_R3.so"
+cp ./hsm-simulator/cs_pkcs11_R3.cfg "$UTIMACO_ETC/"
+chmod 644 "$UTIMACO_ETC/cs_pkcs11_R3.cfg"
+printf "[Global]\nLogpath = /tmp\nLogging = 3\n[CryptoServer]\nDevice = 3001@localhost\n" >"$UTIMACO_ETC/cs_pkcs11_R3.cfg"
+export CS_PKCS11_R3_CFG="$UTIMACO_ETC/cs_pkcs11_R3.cfg"
+
+cd ./hsm-simulator/Administration
+# set the SO PIN to 11223344
+./p11tool2 Slot=0 login=ADMIN,./key/ADMIN_SIM.key InitToken=11223344
+# Change the SO PIN to 12345678
+./p11tool2 Slot=0 LoginSO=11223344 SetPin=11223344,12345678
+# Set the User PIN to 11223344
+./p11tool2 Slot=0 LoginSO=12345678 InitPin=11223344
+# Change the User PIN to 12345678
+./p11tool2 Slot=0 LoginUser=11223344 SetPin=11223344,12345678
+./p11tool2 Slot=0 GetSlotInfo
+cd ../..
+
+rm -rf hsm-simulator