GP-TM-18: Ensure that the device software/firmware, its configuration and its applications have the ability to update Over-The-Air (OTA), that the update server is secure, that the update file is transmitted via a secure connection, that it does not contain sensitive data (e.g. hardcoded credentials), that it is signed by an authorised trust entity and encrypted using accepted encryption methods, and that the update package has its digital signature, signing certificate and signing certificate chain, verified by the device before the update process begins.
GP-TM-19: Offer an automatic firmware update mechanism.
GP-TM-20: Backward compatibility of firmware updates. Automatic firmware updates should not modify
user-configured preferences, security, and/or privacy settings without user notification.