EU Cyber Resilience Act – IAR Systems ready to provide Embedded Developers with “Security Made Simple”.
Uppsala, Sweden – October 24, 2022 – In September 2022, the European Commission proposed a new Cyber Resilience Act, which obliges manufacturers to protect their internet-connected electronic products from unauthorized access stages of their life cycle. IAR Systems®, the world leader in software and services for embedded development, stands ready to provide customers with a complete set of embedded security tools to implement cybersecurity measures quickly and address the regulatory challenges at hand and in the future. Through their “Security Made Simple” methodology, IAR Embedded Security solutions like Embedded Trust and Secure Deploy help organizations to increase their developers’ productivity and implement security best practices with little impact on existing development processes, production, and support updates for lifecycle management.
The new Cyber Resilience Act applies to all Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices that are exposed to risks through their web connectivity: malevolent attackers may impact systems, enter IT or OT (Operational Technology) systems, implement ransomware, or steal critical intellectual property. The proposed act requires harmonized rules for new products or software, a framework of cybersecurity requirements governing product planning, design, development, and maintenance along the whole value chain, and an obligation to provide a duty of care for the entire product lifecycle.
IAR Systems is a founder member of the IoT Security Foundation and was substantially involved in developing the “best practices” for securing electronics devices and connected applications, which have been adopted into regulations by the UK government (DCMS), the EU (ETSI), the US (NIST) and other nations globally. The know-how accumulated during almost a decade has been incorporated in the IAR Embedded Security product portfolio, the most robust end-to-end security development platform to simply, quickly, and robustly implementing cybersecurity and addressing regulatory challenges.
Embedded Trust and Secure Deploy, core products from the IAR Embedded Security solutions, leverage the secure hardware in microcontrollers to provide the low-level trust anchors and secure services for (I)IoT devices. The automated tools included in the platform cover multiple core security domains, including integrated identity and certificate management, scalable Secure Boot Manager, secure deployment with integrated manufacturing mastering, and release management with versioning and update infrastructure. IAR Systems complements its embedded security products with extensive training and hands-on guidance for all design and development stages.
“The IAR Embedded Security solutions incorporate our entire experience and expertise in cybersecurity – and we make this ‘Security Made Simple’ available for customers worldwide,” says Anders Holmberg, CTO at IAR Systems. “For our customers, the investment in security tools pays off quickly: While they can offer their end customers trustworthy products and applications with a fast time-to-market, they also better protect their R&D investments and cryptographically secure their valuable intellectual property.”
IAR Systems has summarized what embedded developers must know about the proposed new legislation in the European Union in a compact POV, which is available at https://www.iar.com/cyber-resilience-act/. For more details on the IAR Embedded Security product portfolio, please visit https://www.iar.com/security.
Editor's Note: IAR Systems, IAR Embedded Workbench, Embedded Trust, C-Trust, C-SPY, C-RUN, C-STAT, IAR Visual State, I-jet, I-jet Trace, IAR Academy, IAR, and the logotype of IAR Systems are trademarks or registered trademarks owned by IAR Systems AB. All other product names are trademarks of their respective owners.