search

2.9 Confirm Device Code Signing and Validation

hashtag
2.9 Confirm Device Code Signing and Validation

hashtag
Requirement Description:

Verify that the device uses code signing and validates firmware upgrade files before installation.

hashtag
DUT Confirmation Details:

(To be filled by vendor or evaluator after collecting confirmation of implemented signing mechanisms)

hashtag
DUT Software Details:

(Include OS version, firmware version, build number, etc.)

hashtag
Hash Checksum Verification for DUT’s Software Image:

(Add SHA-256 or similar cryptographic hash of the current running image)

hashtag
DUT Configuration:

(Include update method—OTA/local USB update, signing algorithm, root-of-trust key source, etc.)

hashtag
Pre-Conditions:

The vendor shall provide the following:

  • Documentation of the secure firmware upgrade process.

  • Details of cryptographic keys used and their management life cycle (e.g., generation, rotation, destruction).

  • Explanation of the signature validation process before firmware installation.

  • Information on any secure boot or hardware root-of-trust mechanisms used.

hashtag
Test Plan:

Total Number of Test Cases: 2

hashtag
Test-bed Diagram with Interfaces and IPs:

(To be provided as a labeled diagram, including management interface, update path, and connectivity to signing server/USB/network.)

PreviousTest 1NextTest 1-2

Last updated

Was this helpful?