The Council of the EU officially adopted the EU Cyber Resilience Act (CRA) on 10. October 2024 and it will be published in the Official Journal of the EU in the next few weeks.
The aim of the CRA is to improve the cybersecurity of products with digital elements. The legislation defines target-oriented and technology-neutral requirements for hardware and software, which are based on widely used standards and aim to enable manufacturers to manage vulnerabilities throughout the entire product life cycle. The legislation covers a wide range of devices, from consumer products such as smart home devices to industrial systems.
The Horizon Europe DOSS project aims to improve the security and reliability of IoT supply chains, from device design to operation. The project created the concept of the Supply Trust Chain that improves the protection of IoT supply chains based on the triad of necessary information, communication and unified architecture. By putting the CRA requirements into practice, the DOSS architecture creates a reference model for the realization of the goals set by the law.
To read the official press release of the EU Council, please go to https://www.consilium.europa.eu/en/press/press-releases/2024/10/10/cyber-resilience-act-council-adopts-new-law-on-security-requirements-for-digital-products/