Virtual planning
Put together your individual van racking system.
EU Cyber Resilience Act
Security right from the start
The Cyber Resilience Act (CRA) is a new EU regulation that sets out binding security requirements for all products with digital components on the European market. The aim is to better protect consumers and companies from cyber attacks and security vulnerabilities. The CRA stipulates binding requirements for the security of hardware and software products. The aim is to ensure that products are designed securely during development and can be operated securely throughout their entire life cycle.
With our software solution elution two we are already prepared for the requirements of the CRA.
The Cyber Resilience Act (CRA) is a new EU regulation that sets out binding security requirements for all products with digital components on the European market. The aim is to better protect consumers and companies from cyber attacks and security vulnerabilities. The CRA stipulates binding requirements for the security of hardware and software products. The aim is to ensure that products are designed securely during development and can be operated securely throughout their entire life cycle.
With our software solution elution two we are already prepared for the requirements of the CRA.
CRA-compliant
with elution two
- Safe product design: Products must meet safety requirements right from the development phase. Our solution is based on international standards and focuses on security right from the start.
- Vulnerability management and updates: Security gaps must be actively closed and updates provided. The solution provides regular updates and documents them in a traceable manner.
- Monitoring and incident management: Security-relevant processes must be continuously monitored and incidents reported. This allows risks to be identified at an early stage and reporting obligations to be complied with.
- Life cycle management: Manufacturers are responsible for the entire product life cycle. Support, secure data deletion and data transfer at end-of-life are integrated.
- Safe product design: Products must meet safety requirements right from the development phase. Our solution is based on international standards and focuses on security right from the start.
- Vulnerability management and updates: Security gaps must be actively closed and updates provided. The solution provides regular updates and documents them in a traceable manner.
- Monitoring and incident management: Security-relevant processes must be continuously monitored and incidents reported. This allows risks to be identified at an early stage and reporting obligations to be complied with.
- Life cycle management: Manufacturers are responsible for the entire product life cycle. Support, secure data deletion and data transfer at end-of-life are integrated.
Affected products
The CRA applies to all products with digital elements that are offered on the EU market:
- Hardware: laptops, smartphones, IoT devices, microprocessors
- Software products: Desktop applications, business software, security software
- Cloud-based applications (SaaS): business software, collaboration tools, cloud apps
In future, products will not only have to meet general safety requirements, but also the new IT security requirements of the CRA, which requires a new conformity assessment procedure in order to obtain the CE marking. Exceptions only apply to some specific areas such as medical devices, vehicles, civil aviation, in-vitro diagnostics and products in the area of national security as well as pure open source software without the intention of making a profit.
With elution two you have software that has implemented the requirements.
Timetable for implementation
- December 2024: Entry into force of the CRA
- June 2026: Start of testing by conformity bodies
- September 2026: Obligation to report safety gaps and incidents
- December 2027: Only CRA-compliant products may be placed on the market
With our software elution two software, companies are prepared in good time and can safely meet the deadlines.
- December 2024: Entry into force of the CRA
- June 2026: Start of testing by conformity bodies
- September 2026: Obligation to report safety gaps and incidents
- December 2027: Only CRA-compliant products may be placed on the market
With our software elution two software, companies are prepared in good time and can safely meet the deadlines.
Advantages for users
The CRA not only brings obligations for manufacturers, but also clear benefits for users:
- Greater security: products are designed to be more secure from the outset and offer better protection against cyber attacks.
- Reliable updates: Security vulnerabilities are detected more quickly and fixed with regular updates.
- Greater transparency: Customers can rely on binding minimum standards and have more confidence in digital products.
- Long-term support: Even after purchase, users benefit from security and maintenance updates.
The CRA not only brings obligations for manufacturers, but also clear benefits for users:
- Greater security: products are designed to be more secure from the outset and offer better protection against cyber attacks.
- Reliable updates: Security vulnerabilities are detected more quickly and fixed with regular updates.
- Greater transparency: Customers can rely on binding minimum standards and have more confidence in digital products.
- Long-term support: Even after purchase, users benefit from security and maintenance updates.