@@ -120,7 +120,7 @@ Recognising that there may be vulnerabilities discovered between the time that a
-**[REQ-EXPLOIT-1a]** The product shall be securely updated.
-**[REQ-EXPLOIT-1b]** The product shall be securely updated as part of first use.
-**[REQ-EXPLOIT-2]** The product shall have divorserd OS and Application upgrade procedures which makes it possible to obtain the set High Availability targets when the operational environment makes this possible.
-**[REQ-EXPLOIT-2]** The product shall have divorserd OS and Application update procedures which makes it possible to obtain the set High Availability targets when the operational environment makes this possible.
-**[REQ-EXPLOIT-3]** The product shall ensure that the product can be updated at the time of first use to address all known exploitable vulnerabilities which were discovered after the product's placement on the market and before that first use.
More about [High Availability](#53x-high-availability) in its dedicated chapter.
@@ -384,7 +384,7 @@ Threats to secure update during installation & execution:
Therefore, application of updates needst to be performed in a manner that maintains the integrity of the software state and, where relevant, supports the availability objectives defined for the product keeping the system within the set [5.3.8 High Availability](#538-high-availability) targets.
Requirements:
-**[REQ-UPDATES-0]:** Authenticity and integrity of upgrade package shall be verifiable using a cryptographic digital signature verification prior to installation.
-**[REQ-UPDATES-0]:** Authenticity and integrity of update package shall be verifiable using a cryptographic digital signature verification prior to installation.
-**[REQ-UPDATES-1]:** The product shall maintain a monotonic version counter or equivalent mechanism to prevent installation of updates with an older version.
-**[REQ-UPDATES-2]:** If the product supports intentional rollback, invoking action shall require explicit authorisation and shall be based on separately versioned and signed rollback metadata.
-**[REQ-UPDATES-3]:** The product shall provide a mechanism to restore the system operational state after a failed update.
@@ -392,7 +392,7 @@ Requirements:
-**[REQ-UPDATES-5]:** The product shall inform the system user about update availability if applicable.
-**[REQ-UPDATES-6]:** The product shall track the relevant component versions of the product and the managed devices if applicable.
-**[REQ-UPDATES-7]:** The product shall log start and finish of the update download if applicable.
-**[REQ-UPDATES-8]:** The product shall perform an automatic upgrade of the product and the managed devices if the operative context and the application design allows this to happen within the defined availability targets.
-**[REQ-UPDATES-8]:** The product shall perform an automatic update of the product and the managed devices if the operative context and the application design allows this to happen within the defined availability targets.
-**[REQ-UPDATES-9]:** The product shall provide a way for the system user to postpone or re-schedule the application update.
-**[REQ-UPDATES-10]:** Automatic updates shall be on by default if applicable.
@@ -618,7 +618,7 @@ For medium risk:
**Verdict:**
1. Pass if cross referencing OS and Application upgrade instructions makes it possible to maintain High Availability requirements defined in the technical documentation.
1. Pass if cross referencing OS and Application update instructions makes it possible to maintain High Availability requirements defined in the technical documentation.
2. Fail otherwise.
**Supporting Evidence:**
@@ -798,7 +798,7 @@ For medium risk:
#### 6.2.5.0 REQ-SBOM-0
**Objective:** To make clear what part of the system to upgrade, the source of the dependency should be understandable.<br/>
**Objective:** To make clear what part of the system to update, the source of the dependency should be understandable.<br/>
**Preparation:** None<br/>
**Activities:**
@@ -835,13 +835,13 @@ For medium risk:
#### 6.2.5.2 REQ-SBOM-2
**Objective:** The deliverable erodes over time. The SBOM is one of the sources for the motivation to upgrade.<br/>
**Objective:** The deliverable erodes over time. The SBOM is one of the sources for the motivation to update.<br/>