CNR Institutional Research Information System

The European Union’s (CRA) establishes a comprehensive regulatory framework designed to enhance the cybersecurity of digital products throughout their entire lifecycle. This paper presents a systematic analysis of the technical and organizational requirements imposed by the CRA, offering a structured overview of its provisions and requirements. From this analysis, we derive an architecture that supports a compliance-by-design approach, enabling the CRA obligations to be met from the early stages of product development. This work fills a gap in the literature by providing a generalizable technical perspective on CRA compliance, supporting developers and manufacturers with a clear list of security requirements and a set of architectural guidelines.

Towards an Architecture for Managing Security Under the EU Cyber Resilience Act

Canavese, Daniele
Primo
;
2026

Abstract

The European Union’s (CRA) establishes a comprehensive regulatory framework designed to enhance the cybersecurity of digital products throughout their entire lifecycle. This paper presents a systematic analysis of the technical and organizational requirements imposed by the CRA, offering a structured overview of its provisions and requirements. From this analysis, we derive an architecture that supports a compliance-by-design approach, enabling the CRA obligations to be met from the early stages of product development. This work fills a gap in the literature by providing a generalizable technical perspective on CRA compliance, supporting developers and manufacturers with a clear list of security requirements and a set of architectural guidelines.
2026
Istituto di Matematica Applicata e Tecnologie Informatiche - IMATI - Sede Secondaria Genova
9783032061546
9783032061553
Compliance
Compliance-by-Design
Cyber Resilience Act
European Union Regulation
Software Engineering
04.01 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
stm - preprint.pdf

accesso aperto

Descrizione: versione pre-print
Tipologia: Documento in Pre-print
Licenza: Creative commons
Dimensione 239.51 kB
Formato Adobe PDF
Visualizza/Apri
239.51 kB Adobe PDF Visualizza/Apri
stm - final.pdf

solo utenti autorizzati

Descrizione: versione editoriale
Tipologia: Versione Editoriale (PDF)
Licenza: NON PUBBLICO - Accesso privato/ristretto
Dimensione 416.55 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
416.55 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.14243/570262
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact