What if the alert system key(s) is compromised? Any mechanism to revoke the old key and migrate to a new one?
A maximum sequence alert can be sent which will override all other alerts and will display a static prefabricated message:
"URGENT: Alert key compromised, upgrade required"
Maybe I'm missing something, but wouldn't the attacker in this case simply set the sequence number and priority to the maximum?