-**[REQ-UPDATES-1]:** The product shall maintain a monotonic version counter or equivalent mechanism to prevent installation of updates with an older vulnerable version.
-**[REQ-UPDATES-2]:** If the product supports intentional rollback, this action shall require explicit authorisation and shall be based on separately versioned and signed rollback metadata.
-**[REQ-UPDATES-3]:** The product shall apply updates in an atomic manner such that incomplete or failed updates do not result in a partially updated state. In the event that an update cannot be completed successfully, the product shall automatically restore a previously operational software state, ensuring the product remains functional.
-**[REQ-UPDATES-5]:** The product shall log update availability if applicable.
-**[REQ-UPDATES-6]:** The product shall log start and finish of the update download if applicable.
-**[REQ-UPDATES-5]:** The product shall inform the user about update availability if applicable.
-**[REQ-UPDATES-6]:** The product shall track the relevant component versions of the product and the managed devices if applicable.
-**[REQ-UPDATES-7]:** The product shall log start and finish of the update download if applicable.
-**[REQ-UPDATES-8]:** The product shall perform an automatic upgrade of the product and the managed devices if the operative context and the application design allows this to happen within the defined availability targets.
These requirements are generally binding, and there is no low-medium-high tiering available.
The requirements REQ-UPDATES-5 and REQ-UPDATES-6 are conditional due to different operative management models.
The requirements REQ-UPDATES-5, REQ-UPDATES-6, REQ-UPDATES-7 and REQ-UPDATES-8 are conditional due to different operative management models.
A cellphone that is connected to a corporate inventory management often has it's own update manager, and the device does not rely on the centralised control.
Similary in a modern cluster deployment, the application can not update itself, as the control is in the cluster, which makes the provisioning, scheduling and network shaping decisions for all applications ran in the same context.
