Insights

By Yassine El Hadi, Red Alert Labs,  Ilias Kalouptsoglou and Pavlina Nikolakoudi, ITI-CERTH  Cybersecurity certification has long been one of the most difficult challenges in the IoT ecosystem. As connected systems become more complex, manufacturers and integrators are expected to comply with an expanding landscape of cybersecurity standards, regulatory frameworks,…

By Ramon Barakat, Fraunhofer FOKUS As the Internet of Things continues to expand into nearly every sector—from smart homes and energy systems to automotive and industrial environments — security cannot be disregarded any longer. These systems are no longer isolated, they are complex ecosystems built from countless interconnected components, often…

By Red Alert Labs The IoT compliance landscape isn't what it used to be. As we navigate through 2025, what once was a set of "nice-to-have" guidelines has transformed into a mandatory gateway for getting your connected products to market. Standards like ETSI EN 303 645, the EU Cyber Resilience…

By Ramon Barakat, Roman Kraus and Martin Schneider, Fraunhofer FOKUS Recent incidents have shown how a seemingly small memory access bug can cascade into global disruption . With the EU’s Cyber Resilience Act (CRA) and the new Product Liability Directive, manufacturers of “products with digital elements” must deliver security by design,…

By Gábor Pék, CrySyS Lab, Budapest University of Technology and Economics On November 27, 2025, seven vendors from various industries (e.g., car, networking, software) came together to see how the Digital Cybersecurity Twin (DCT) module of the DOSS project works. The meeting was held at the Budapest University of Technology…

By Miltiadis Siavvas,  Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) The increasing reliance of our everyday lives on software-intensive systems, renders their security an aspect of utmost importance. Hence, there is a strong need for advanced mechanisms for enabling the early identification and elimination of…

By Miltiadis Siavvas,  Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) CrowdStrike disruption is an infamous incident that led to a global IT outage in July 2024, which is known to be one of the worst IT disruptions in history, described by analysts as “the largest…

Dinesh Sharma, asvin GmbH The Importance of  the CRA The EU’s Cyber Resilience Act (CRA) sets strict cybersecurity requirements for all connected products, including IoT devices. For manufacturers, CRA compliance is essential to ensure secure, trustworthy, and market-ready products. From 2027 onward, only devices meeting these standards will be allowed…

By Sara Nieves Matheu Garcia, University of Murcia, Department of Communications and Information Engineering Cybersecurity documentation is often scattered across reports, spreadsheets, and ad hoc formats, making it difficult to exchange, validate, or automate. The Open Security Controls Assessment Language (OSCAL), developed by NIST, addresses this challenge by providing a…

By Karsten Isakovic, Ramon Barakat, Sascha Hackel, and Martin Schneider, Fraunhofer FOKUS The Component Tester developed in DOSS is capable of testing not only software that runs on traditional operating systems, but also software designed for IoT and embedded devices. Such software typically operates as self-contained firmware, commonly referred to…