I have a file that I am generating a signature for using OpenSSL, and each time I generate the signature, it is different to the last time.
openssl dgst -sha1 -sign update_key.pem TERM010134.bin > Update.sig
Anyone able to tell me why that might be?
It depends on what algorithm (determined by key type) and padding you use.
If the key is a DSA key, or an ECC key used for ECDSA, those algorithms normally use randomized signatures to remain secure, and OpenSSL does so. (There is a variant scheme that makes k unique and unpredictable without making it truly random, but it is not widely used and not implemented in OpenSSL.)
If the key is an RSA key, OpenSSL supports 3 RSA paddings other than none: pkcs1 (more exactly the type-1 scheme of PKCS#1 through v1.5, now retronymed RSASSA-PKCS1-v1_5), pss, and x931. dgst -sign for RSA defaults to pkcs, which is deterministic and should not produce varying results; if it does please edit your question with details (preferably using a test key). Only if you specify -sigopt rsa_padding_mode:pss should you get a randomized result.
Note RSA encryption is different, and OpenSSL supports two paddings other than none: pkcs1 (this time meaning RSAES-PKCS1-v1_5) and oaep, both of which are randomized; the newer OAEP is randomized in a way that is provably secure which the older v1_5 scheme does not.
In cryptography some random token are used as input in signature and encryption algorithms to avoid traffic analysis or dictionary attacks. You get a new different signature each time you run the command because a new, fresh random token is generated and used into the algorithm.
