You answered your own question at the beginning of your post: "I am 35".
The patient does not have the skills, knowledge of the device's internal hardware/firmware/software design, testing tools, or the time to make sure an update is safe and won't break the device. Only the manufacturer can do that.
Besides, "signed" doesn't necessarily mean the same certificate-based chain-of-trust process that most people are familiar with. It could be much simpler (and usually is for firmware or software on embedded devices).
Hey! Our regular, for-human-use world wide web is cloud based, too!
You forgot the "Customer is Coming Tomorrow to Pick It Up" option. Quite common at my job lately.