EN 40000 norm series for the Cyber Resilience Act
Harmonized standards for the Cyber Resilience Act explaining EN 40000-1-1 (terminology) and EN 40000-1-2 (Principles for Cyber Resilience). Background and regulatory context The Cyber Resilience
Cyber Resilience Act EU regulation for secure products
The Cyber Resilience Act (CRA) regulates the security of products with digital elements in the EU. Learn about scope, manufacturer obligations and CE marking. Scope
Horizontal CRA standards EN 40000-1-1 & EN 40000-1-2
First horizontal CRA standards are available. prEN 40000-1-1 and prEN 40000-1-2 define the cross-product framework for risk management and cybersecurity activities. Horizontal before vertical —
CRA standards ETSI publishes first drafts
ETSI publishes CRA standards covering routers to virtualization. The drafts set out concrete requirements and testable security measures, with all details summarized. Overview of published
Profile for industrial firewalls – IEC 62443-4-2 clarified
An end to divergent standard interpretations: the TeleTrusT Industrial Firewall Profile clarifies IEC 62443-4-2 to enable consistent assessments. A methodological template for other product categories.
AI Act 2024 overview for mechanical engineers and product manufacturers
The new EU AI Act explained in plain language. Learn what the AI regulation means for your products and how to implement the requirements successfully.
Most important questions and answers about the Cyber Resilience Act
All key questions about the Cyber Resilience Act (CRA) clearly answered. Learn what the EU regulation means for your company and how you can prepare.
EN 50742 protection against manipulation of machines
Learn about EN 50742, the standard for protecting machines against tampering and cyberattacks in line with the requirements of the Machinery Regulation (EU) 2023/1230. Goals
What manufacturers need to know about the Data Act
The EU Data Act fundamentally changes how product data is handled. Learn the key requirements and how to prepare your company. Scope of the Data
IEC 62443-4-1 explained secure product development in industry
Defense in depth, threat modeling, penetration tests and more — learn what IEC 62443-4-1 requires from the development process. This article summarizes the main concepts,
NIS-2 directive explained
Overview of the EU NIS-2 directive: scope, concrete requirements, reporting obligations and relationship to the Cyber Resilience Act. Scope of NIS 2 The NIS-2 directive
New EU machinery regulation on cybersecurity in machine engineering
Cybersecurity becomes mandatory in machine engineering. Learn the concrete requirements of the new EU regulation and how to implement them. Importance of cybersecurity for machines
ISASecure certification for industrial cybersecurity
Overview of ISASecure certifications including SDLA, CSA, ICSA, SSA and ACSSA. Learn about their requirements and typical application areas. ISASecure and IEC 62443 ISASecure is
Cyber Resilience Act & open source requirements and obligations
Learn how the Cyber Resilience Act affects open source software. Obligations for FOSS stewards, risk categorization, and the CRA’s impact explained. Special treatment of FOSS
UK PSTI explained requirements and compliance for IoT manufacturers
UK PSTI at a glance. New cybersecurity rules for connected products — discover the scope, main requirements, and conformity evidence. Legal basis of the PSTI
UKCA replaces CE – what you need to know
Product marking for Great Britain: UKCA replaces CE. Learn about its scope, how it works and the current transition arrangements. Background to the introduction The