@@ -529,6 +529,15 @@ The metrics can be for example the last time when the managed element has been s
-**[RQ-9]**
-**[RQ-10]**
- Authenticate the source of updates (digital signatures).
- Verify integrity before installation (hash checks).
- Use secure channels for delivery (e.g., TLS).
- Prevent rollback to vulnerable versions.
- Ensure fail-safe install with rollback if needed.
- Require admin authorization for updates.
- Log update events and protect logs.
## 5.3 Risk Mitigations
> **TODO**: Connect the technical security requirements in Section 5.2 to specific Risk Factors, and define these as sets of Risk Mitigations that will be referenced in section 6.
