TEST 1

TEST 1

Test Case: BIS-2.11.1 Test Name: TC_VERIFY_SCHEDULED_FIRMWARE_UPDATE_CAPABILITY

Objective: Verification shall be done as per the applicable scenario:

  • CASE 1: Automatic OTA Updates Available A Standard Operating Procedure (SOP) for issuing automatic updates/upgrades to in-field devices must be submitted by the vendor. This SOP will be evaluated against the OWASP security requirements C20, C21, and C22.

  • CASE 2: Automatic OTA Updates Not Available, Manual Updates Provided A vendor-submitted SOP for issuing manual updates/upgrades will be evaluated for compliance with OWASP security requirements C20, C21, and C22.

OWASP Security Requirements:

  • C20: Verify that the firmware update process is not vulnerable to TOCTOU (Time-Of-Check vs Time-Of-Use) attacks.

  • C21: Verify the device uses code signing and validates firmware upgrade files before installing.

  • C22: Verify that the device cannot be downgraded to old versions (anti-rollback).

Tools Used:

  • Vendor SOPs

  • OTA/Manual Update Interface (Web GUI/CLI/API)

  • Log capture utilities

  • Wireshark or similar traffic analyzer (if applicable)

  • Valid and tampered firmware packages

Test Execution Steps:

CASE 1: Automatic OTA Updates Available

  1. Review the vendor's SOP for automatic updates to in-field devices.

  2. Validate the update modes from documentation (automatic/manual if both supported).

  3. Simulate an OTA update in a controlled lab setup as per the documented SOP.

  4. Confirm scheduled execution of firmware update.

  5. Review system logs and outputs to verify:

    • Update occurred at the scheduled time.

    • Firmware package was validated before installation.

    • Anti-rollback checks were enforced.

CASE 2: Only Manual Updates Provided

  1. Review the SOP submitted for manual updates.

  2. Validate the SOP’s compliance with OWASP C20, C21, and C22.

  3. Perform manual firmware update as per SOP:

    • Observe if any firmware update is accepted without signature verification.

    • Confirm that rollback attempts to older signed versions are blocked.

Expected Results for Pass:

  • CASE 1: Device completes the OTA update at the scheduled time. Logs confirm validation of the firmware signature and enforcement of anti-rollback and TOCTOU protections as per OWASP C20–C22.

  • CASE 2: Device only updates via the manual process when all signature validations are passed. Anti-rollback and TOCTOU protections are actively enforced.

Test Observations: (To be filled after testing based on CASE 1 or CASE 2)

  • Scheduled update attempt observed at: 03:00 AM

  • Firmware version updated from: v4.2.0v4.3.1

  • Rollback to v4.2.0 blocked during verification phase

  • Manual update with tampered signature: REJECTED

Evidence Provided:

  • SOP documents reviewed

  • Screenshots of configuration and log files

  • Output logs showing successful update and security checks

  • Wireshark capture showing OTA flow (if applicable)

Test Case Result: ☑ PASS ☐ FAIL

Overall Test Result: ☑ PASS ☐ FAIL

Previous2.11 – Verify Scheduled Firmware UpdateNext3.Secure Process Conformance

Last updated

Was this helpful?