Insights

By Anna Marton, Safepay Systems As the EU tightens cybersecurity rules for digital products, an important deadline is approaching for manufacturers of connected devices. The RED Delegated Act (RED-DA) targets wireless equipment with specific cybersecurity requirements starting in August 2025, and from 2027 onward, the Cyber Resilience Act (CRA) will…

By Roland Atoui, Red Alert Labs Earlier this month, I had the opportunity to participate in the second meeting of the European Commission’s CRA Expert Group - an experience that not only reaffirmed the magnitude of what lies ahead but also offered a clearer glimpse into the evolving regulatory fabric…

Within the DOSS IoT Supply Trust Chain (STC) Concept, we apply a digital twin framework, called the Digital Cybersecurity Twin (DCT). The DCT enables us to perform the automated vulnerability scanning and penetration testing of an IoT system in a virtualized environment, on a digital twin. This way, we can…

By Miltiadis Siavvas,  Information Technologies Institute (ITI) of the Centre for Research and Technology-Hellas (CERTH) In this insight post, we present the approach CERTH proposes for enabling the automation of the identification and extraction of security requirements from security standards with Large Language Models (LLMs). Compliance with international security standards…

By Anna Marton, Safepay Systems With the rapid proliferation of IoT technologies, security concerns have increased due to the opaque nature of supply chains. Operators often lack comprehensive knowledge about the security status of their devices. The DOSS framework addresses this gap by providing a system that facilitates transparency, reliability,…