The EU is raising the requirements for cybersecurity and software integrity for connected products with the Cyber Resilience Act (CRA) and the Radio Equipment Directive (RED). While the RED requirements have been mandatory since August 1, 2025, the CRA requirements will be introduced gradually over the coming years. The aim is to ensure the security of digital devices – covering everything from deployment and commissioning to updates and maintenance.

Due to the wide range of applications and industries in which our embedded modules are integrated, KA-RO electronics supplies them without pre-installed software in order to ensure maximum flexibility and adaptability. Our Board Support Package (BSP) serves as a technical reference and development basis for customer-specific systems. It is not intended as a market-ready software product. As each application has individual requirements in terms of security and compliance, responsibility for meeting CRA and RED requirements lies with the respective entity placing the finalized device on the market.

WE PROVIDE YOU WITH THE BEST POSSIBLE SUPPORT

Maintaining references for LTS versions of the Linux kernel and Yocto

Continuous expansion of our development environment to facilitate secure implementations - e.g., with Secure Boot, RAUC for updates, and the creation of a Software Bill of Materials (SBOM)

Recommendations for specialized conformity assessment bodies, certification bodies, and security tools

CONFORMITY ASSESSMENT AND CERTIFICATION

For conformity assessment and certification of your finalized products, we recommend consulting specialized conformity assessment and certification bodies, e.g.:

TOOLS AND SERVICES

In addition, the following providers among others provide helpful tools and services for security analysis, update strategy, and compliance assessment:

  • kernel concepts
    Software full-service provider for embedded systems
  • TrustnGo
    Advanced cybersecurity certification support
  • Exein
    Exein Analyzer: Auto-check compliance and catch vulnerabilities
    Exein Runtime: On-device threat detection and incident response 

 

 

 

 

 

If you have any questions about regulatory requirements or the role of our embedded modules, Uwe Steinkohl will be pleased to assist you as your personal contact. He will provide you with technical guidance and, as needed, refer you to further sources
of information or other helpful contacts. You can contact him directly via email or phone.

Kontakt

Here is our privacy statement.