We use cookies to give you the best experience and to help improve our website
Find out what cookies we use and how to disable them
Standards Development
This standard will specify the technical requirements allowing to demonstrate compliance with the Essential Requirements of the Cyber-Resilience Act for microprocessors and microcontrollers with security-related functionalities. The microprocessors and microcontrollers in scope provide security features offering resistance against logical attacks (network, software) consistent with the level of risk for CRA Important / Class I products, but they do not claim physical tamper-resistance. To cover such topics, the current standard will refer as much as possible to existing standards and specifications when relevant and will only define additional content where gaps are identified.
In September 2024 the European Commission published a draft Standardisation Request to European Standards Organisations in support of Union policy on cybersecurity requirements for products with digital elements. The Standardisation Request requests a series of 15 horizontal standards (1-15) to provide a coherent generic framework, methodology and taxonomy that can be used to develop further product-specific standards according to market needs and a set of 26 vertical standards (16-41) for important or critical categories of products in the Cyber Resilience Act, covering a specific set of risks appropriate to a given intended purpose and foreseeable use. The purpose of this standard is to answer the items #28 (European standard(s) on essential cybersecurity requirements for microprocessors with security-related functionalities) and #29 (European standard(s) on essential cybersecurity requirements for microcontrollers with security-related functionalities) of the Standardisation Request described above. This standard shall be consistent with the Cyber Resilience Act and where applicable with other European and harmonised standards developed or under development. This standard will consider the specificities, intended purpose and foreseeable use of microprocessors and microcontrollers with security-related functionalities that primarily focus on resistance against logical attacks at a level consistent with the level of risk for CRA Important / Class I products, but that do not target physical tamper-resistance. As described in the Standardisation Request, this standard will be developed in such a way that it may be published in the Official Journal of the EU for potential harmonisation. The TC47X WG1 has been created to cover the
You are now following this standard. Weekly digest emails will be sent to update you on the following activities:
You can manage your follow preferences from your Account. Please check your mailbox junk folder if you don't receive the weekly email.
You have successfully unsubscribed from weekly updates for this standard.
Comment on proposal
Required form fields are indicated by an asterisk (*) character.