The product shall be delivered to the customer with:
- No known exploitable vulnerabilities
- Proof of origin and authenticity (digital certification)
- “Secure by default” configuration, including the ability to reset the product to its original state
- Protection against unauthorized use
- Protection of confidentiality and integrity of stored, transmitted and processed data (including commands, programs and configurations)
- Protection of essential functions’ availability, including the resilience against and mitigation of denial-of-service attacks

