Ratchet Constraints

Let SW_Ratchet_Version denote the version of the software run on the chip.
Let HW_Ratchet_Version denote the version corresponding to the ratchet value from fuses.

Ratcheting has the following constraints:

If SW_Ratchet_Version < HW_Ratchet_Version : Abort boot and trigger recovery flow. This case is considered as ratchet check failure.

Ratchet check failure results in either resetting to RCM or an alternate boot chain trigger based on softfuses in BR_BCT. See Recovery Mechanism.

If SW_Ratchet_Version = HW_Ratchet_Version : Allow boot. The software is built exactly for that specific chip and, therefore, can run on the chip.
If SW_Ratchet_Version > HW_Ratchet_Version : Allow boot. Software is built for a higher version, so it has a required set of security patches applied already. In this case, it is running on an older chip, so allow it to run. In this case, updating the fuse is recommended.

Thus, older chips will continue to run new software if it is backward compatible. However, old software will not work on new chips/updated devices if the ratchet version on those devices is updated.