Insights

Dinesh Sharma, asvin GmbH The Importance of  the CRA The EU’s Cyber Resilience Act (CRA) sets strict cybersecurity requirements for all connected products, including IoT devices. For manufacturers, CRA compliance is essential to ensure secure, trustworthy, and market-ready products. From 2027 onward, only devices meeting these standards will be allowed…

By Sara Nieves Matheu Garcia, University of Murcia, Department of Communications and Information Engineering Cybersecurity documentation is often scattered across reports, spreadsheets, and ad hoc formats, making it difficult to exchange, validate, or automate. The Open Security Controls Assessment Language (OSCAL), developed by NIST, addresses this challenge by providing a…

By Karsten Isakovic, Ramon Barakat, Sascha Hackel, and Martin Schneider, Fraunhofer FOKUS The Component Tester developed in DOSS is capable of testing not only software that runs on traditional operating systems, but also software designed for IoT and embedded devices. Such software typically operates as self-contained firmware, commonly referred to…

By Anna Marton, Safepay Systems As the EU tightens cybersecurity rules for digital products, an important deadline is approaching for manufacturers of connected devices. The RED Delegated Act (RED-DA) targets wireless equipment with specific cybersecurity requirements starting in August 2025, and from 2027 onward, the Cyber Resilience Act (CRA) will…

By Roland Atoui, Red Alert Labs Earlier this month, I had the opportunity to participate in the second meeting of the European Commission’s CRA Expert Group - an experience that not only reaffirmed the magnitude of what lies ahead but also offered a clearer glimpse into the evolving regulatory fabric…