What does the new Cyber Resilience Act mean for embedded developers?

Direct Insight, has published a ‘101’ to assist embedded developers to understand new EU legislation which will require companies to consider the cyber security of any products that carry the CE mark. The EU Cyber Resilience Act (CRA) will become EU law this year, and non-compliance penalties start at €15m.
Commented David Pashley, CEO of Direct Insight: “Even with many years of experience in developing secure systems, the CRA is a complex, 338-page document. But If you normally CE mark your products in order to sell them in the EU, then your products must comply, no matter where you are based.”
The most pressing items to consider are secure boot, and a secure update process (ideally OTA), as these may be difficult features to add retrospectively.

Full details and a clear explanation of the CRA are provided in a new blog – the first of a series – https://blogs.directinsight.co.uk/eu-cyber-resilience-act-101-for-embedded-developers/.

Latest News from Softei

This news story is brought to you by softei.com, the specialist site dedicated to delivering information about what’s new in the electronics industry, with daily news updates, new products and industry news. To stay up-to-date, register to receive our weekly newsletters and keep yourself informed on the latest technology news and new products from around the globe. Simply click this link to register here: Softei Registration