TEST 1

TEST 1

Test Case: BIS-2.10.1 Test Name: TC_TEST_ANTI_ROLLBACK_FIRMWARE_PROTECTION

---

Objective: To verify, in the presence of the OEM team, that the device enforces anti-rollback protection and does not allow downgrading to older firmware versions, even if those versions are validly signed.

---

Tools Used:

• Valid current firmware image (latest version)

• Older valid signed firmware image

• Firmware upgrade interface or tool (CLI/Web/OTA)

• Log monitoring utilities

---

Test Execution Steps:

1. Confirm the current running firmware version on the DUT.

2. In the presence of the OEM team, attempt to downgrade the DUT to a previously released and validly signed firmware version.

3. Observe the behavior of the device during the downgrade attempt.

4. Capture logs/messages that indicate whether the downgrade was rejected or allowed.

5. Verify the firmware version post-attempt to confirm that no rollback has occurred.

---

Expected Results for Pass:

• The DUT detects the attempt to downgrade to an older firmware version.

• The device rejects the older image, despite its valid signature, due to anti-rollback enforcement.

• Logs should indicate a rollback protection mechanism triggered (e.g., "Firmware version not permitted", "Rollback protection active").

• The firmware version on the DUT remains unchanged after the attempt.

---

Test Observations: (To be filled during execution)

• Attempted downgrade from version v3.5.1 to v2.9.0

• Device rejected image with message: “Firmware version older than current - rollback denied”

• Post-test version: still v3.5.1

---

Evidence Provided:

• Logs showing rejection of older firmware version

• Screenshot or CLI output of firmware version before and after test

• Hashes and metadata of both firmware files used

---

Test Case Result: ☐ PASS ☐ FAIL

---

Overall Test Result: ☐ PASS ☐ FAIL

---