UL 5500:2018 Remote Software Updates. UL 5500 covers REMOTE software updates taking into account the manufacturer’s recommended process. It is limited to software elements having an influence on safety and on compliance with the particular end product safety standard. This standard additionally covers hardware compatibility necessary for safety of the REMOTE software update. NOTE 1 This standard does not cover: — Functional SECURITY such as premises, physical, and other similar scurri purposes; — Safety related availability or connectivity of REMOTE communications; — Field updates done with physical access by qualihed personnel; — Software development lifecycle and maturity; — Cryptographic techniques for the purposes of user data confidentiality and consumer privacy; — Insider threat (corporate espionage); and — REMOTE control operation of the product. NOTE 2 This standard is intended to be used in conjunction with the appropriate end product safety standard. 2 Normative references For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies: Fl PS 140-2, (Annexes A, B and C) Security Requirements for Cryptographic Modules IEEE 802.3, Standard for Ethernet IEEE 802.11, Information Technology — Telecommunications and Information Exchange Between Systems — Local and Metropolitan Area Networks — Specific Requirements Part 11. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications IEEE 802.15.4, Standard for Low-Rate Wireless Networks ISO/IEC 9796, Information Technology — Security Technologies — Digital Signature Scheme Giving Message Recovery ISO/IEC 9797-1, In formation Technology — Security Technologies — Message Authentication Codes (MA Cs) ISO/IEC 9798 (all parts), Information Technology — Security Technologies — Entity Authentication lSO/IEC 10118-1, Information Tecn9ogy — SGurity Technologies — 1-jash-Functions — Part 1: General ISO/IEC 14888-1, In formation Technology — Security Technologies — Digital Signatures with Appendix — Part 1: General ISO/lEG 15946-1, Information Technology — Security Technologies — Cryptographic Techniques Based on Elliptic Curves — Part 1: General ISO/lEG 18033-1, Information Technology — Security Technologies — Encryption Algorithms — Part 1: General ISO/IEC 29192-1, Information Technology — Security Techniques — Lightweight Cryptography — Part 1: General ISO/IEC 19772, Information Technology — Security Techniques — Authenticated Encryption NIST SP 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography NIST SP 800-57, Recommendation for Key Management, Part 1: General 3 Terms and definitions For the purposes of this standard, the following definitions apply. AUTHENTICATION the process of verifying the identity of an ENTITY. 3.2 AUTHORIZATION the...
Download Address
Download