@@ -250,7 +250,9 @@ Updates for the product are cryptographically signed. The product shall verify t
* Applicability: Product expected use is long enough to require updates
* Reference: TR-SCUD
* Objective: Prevent the installation of modified updates.
* Activities: Prepare an update for each part of the product that can be updated with a different version number from the currently installed product version
* Activities: For each part of the product that can be updated, attempt installation of:
* an update with missing signature
* an update with an invalid signature
* Verdict: The installation fails and warns the user about an invalid signature and possible tampering => PASS, otherwise FAIL
* Evidence: New update version numbers, and installation log containing mention of a signature mismatch.
