Appendix D. Lifecycle and Change Control

Table 15: Lifecycle and Change Control

Change	Expected impact	Required control
Firmware, host kernel, virtual firmware, hypervisor, VFIO, or driver update	Changes evidence, support status, or GPU CC behavior	Validate against support matrix and update reference values before production key release
Guest image, bootloader, initrd, attestation client, or service update	Changes measured guest state	Capture new measurements, approve policy change, preserve rollback values
Model artifact or model key rotation	Changes artifact digest, key ID, or release policy	Register new artifact metadata; retire old keys per model-provider policy
Verifier, key broker, or KMS/HSM update	Changes verification or key-release behavior	Run positive and negative attestation tests; verify audit events
Emergency disablement	Stops key release for approved or suspect workloads	Documented authority, audit record, and recovery procedure