Security/secure boot use cases

Hi all,

I have mentioned below some use case for secure boot /security.

  1. The system must be possible to update files in the file-system, such as a list of supported keyword commands, without having to re-upload or re-sign the entire file-system. The updated code or data needs to be protected such that only authorised keywords are supported.
    May i know how to achieve this.?
  2. Integrity of the operating system must be protected, even after a partial upgrade. How to do this.?