Digi Cyber Resiliance Act (CRA) Solutions
Digi Cyber Resilience Act (CRA) Solutions provide the customer with what is needed to meet the EU CRA. The Cyber Resilience Act (CRA) is a regulatory framework designed to strengthen cybersecurity across digital products. Unlike earlier regulations focused on data protection, the CRA addresses the security of products themselves. It requires protections to be built-in from the design phase and maintained through post-market support. It applies to nearly any product with digital elements. To be sold or distributed in the EU, covered products must comply with the CRA and carry a CE marking to demonstrate conformity. At its core, the CRA benefits consumers and businesses by establishing a baseline for cybersecurity practices that protects them from rising Internet of Things (IoT) security risks. In addition, it supports a more transparent digital ecosystem within the European market.
Under the CRA guidelines, manufacturers and vendors are expected to adopt a stance of continuous accountability. They must begin by following "secure-by-design" best practices and then maintain vigilance against emerging vulnerabilities. These requirements extend far beyond traditional point-of-sale certification, for example, creating ongoing obligations to keep end users and regulators well informed throughout the product lifecycle. The CRA pushes manufacturers to consider cybersecurity from the earliest stages of development. Devices must undergo a formal cybersecurity risk assessment and incorporate appropriate protections. This protection entails, among others:
ConnectCore Embedded Solutions
Digi ConnectCore Embedded Solutions are ready to assist with integrated solutions that support secure product development, remote lifecycle management, vulnerability reporting, and documentation. More than just a solution provider, Digi aims to be a long-term partner for secure product innovation in the EU market. Digi has been tracking the CRA since the earliest drafts and is committed to helping customers meet the evolving compliance needs.
TrustFence
Digi TrustFence® is a foundational security framework integrated into Digi's hardware platforms. It enables manufacturers to apply secure-by-design principles, helping meet the CRA requirements from day one. TrustFence includes features such as secure boot, identity management, encrypted storage, and secure firmware updates, creating a strong foundation for lifelong resilience. These built-in protections reduce the risk of costly redesigns that might otherwise result from discovering vulnerabilities late in the development process. Plus, these protections support compliance with the CRA requirements, including secure default configurations, data confidentiality, and attack surface reduction.
ConnectCore Security Services
Digi ConnectCore Security Services help meet the CRA post-market requirements by monitoring devices for vulnerabilities throughout the device's lifecycle. Thanks to Digi ConnectCore Cloud Services, OEMs can securely deliver firmware updates and maintain visibility across a product fleet. The Digi ConnectCore Security Services offers features like automated reporting of Common Vulnerabilities and Exposures (CVEs) within Digi security services and automated patch deployment, in Digi cloud services, support continuous compliance and rapid vulnerability response.
ConnectCore Cloud Services
Digi ConnectCore Cloud Services are designed to create custom interfaces that provide valuable features, such as the ability to remotely configure, monitor, and maintain connected devices. Combine proven, reliable, and off-the-shelf hardware and software with Digi ConnectCore Cloud Services to enable over-the-air software updates. With these capabilities, users can automate more processes, remotely manage deployment, and reduce costs. Digi ConnectCore Cloud Services empower customers to create innovative and effective service plans built on the Digi ConnectCore solution.
Videos
Related Product
Digi ConnectCore Family of Products
Complete solution for industrial/medical OEMs with deep HW/SW integration.