The rationale for needing this capability is that it supports vulnerability management, access management, data protection, and incident detection. Also, limiting access to interfaces reduces the attack surface of the device, giving attackers fewer opportunities to compromise it.
5. Software Update - the IoT device's software can be updated by authorized entities only using a secure and configurable mechanism. Common elements of this capability are the ability to remotely update the device's software, verify and authenticate updates before installing it, restrict updating actions to authorized personnel only, etc.