Once a trusted application has been signed by Intel, every change in the trusted application requires re-signing.

The 3rd party trusted lab must clarify the extent of the changes to the trusted application with regard to how they affect the design, any new risks, and any increase in attack surface.  All of this must be included in the revised report issued by the lab.