@@ -331,7 +331,7 @@ This clause addresses the requirements in the CRA [\[i.1\]](#_ref_i.1) Annex 1 P
#### 5.2.4.7 MI-SUCS: Updates are signed and verified before installation (### 5.4.N SU)
***\[REQ-SU-bpenf-0]** Updates for the product shall be cryptographically signed.
***\[REQ-SU-bpenf-0]** Updates for the product shall be cryptographically signed as defined in Annex K.
***\[REQ-SU-bpenf-1]** The product shall verify the signature before installation in order to mitigate the installation of tampered and/or modified updates.
* [//]: # (### 6.4.N SU)
@@ -347,7 +347,7 @@ This clause addresses the requirements in the CRA [\[i.1\]](#_ref_i.1) Annex 1 P
#### 5.2.4.8 MI-SUAU: Only authorized software updates (### 5.4.N SU)
***\[REQ-SU-7onio]** The product shall reject an update that does not match the expected cryptographic hash.
***\[REQ-SU-7onio]** The product shall reject an update that does not match the expected cryptographic hash as defined in Annex K.