본문 시작

감동과 교육이 이루어지는 기업
HOME CE CRA CE CRA
CE CRA

본문

CE CRA Certification [CE Marking]

The CRA regulation enforces CE marking for digital products to indicate compliance with the new standards.
To comply with the mandatory cybersecurity certification requirements for all IoT, ICT products, and software distributed within the EU, and in accordance with Regulation 2022/0272/COD and Directive (EU) 2019/1020, CE certification is required.
Effective Date: March 12, 2024

EU CRA (Cyber Resilience Act)

Regulations/Directives
EU CRA (Cyber Resilience Act) 2022/0272/COD, (EU) 2019/1020
Applicable Products (Mandatory)
All IoT and ICT Digital Devices, including:Machinery (MR), Wired/Wireless Communication Devices (RED), Medical Devices (MDR), Autonomous Vehicles, Rail Systems, Aircraft, and more.
General IoT Devices, etc. Critical Products Class I Critical Products Class II
All IoT/ICT Devices excluding Critical Products Class I and II.
  • · ID Management Systems and Privileged Access Management Software and Hardware, Including Authentication and Access Control Readers (Such as Biometric Readers).
  • · Standalone and Embedded Web Browsers.
  • · Password Management Software.
  • · Software for Detecting, Removing, or Isolating Malware.
  • · Products with Digital Components Featuring Virtual Private Network (VPN) Functionality.
  • · Network Management Systems.
  • · Security Information and Event Management (SIEM) Systems.
  • · Bootloaders and Boot Managers.
  • · Public Key Infrastructure (PKI) and Digital Certificate Issuance Software.
  • · Physical and Virtual Network Interfaces.
  • · Operating Systems.
  • · Routers, Modems, and Switches for Internet Connectivity.
  • · Microprocessors with Built-In Security Features.
  • · Microcontrollers with Integrated Security Functions.
  • · Application-Specific Integrated Circuits (ASICs) and Field Programmable Gate Arrays (FPGAs) with Security Features.
  • · Smart Home Universal Virtual Assistants.
  • · Smart Home Security Products, Such as Smart Door Locks, Security Cameras, Baby Monitors, and Alarm Systems.
  • · Toys with Social Interaction Capabilities (e.g., Voice or Recording) or Location Tracking Features, as Defined by the European Parliament and Council Directive 2009/48/EC.
  • · Personal Wearable Devices for Health Monitoring or Tracking, Not Regulated Under (EU) 2017/745 or (EU) 2017/746, as Well as Wearable Devices Specifically Designed for Children.
  • · Hypervisors and Container Runtime Systems supporting Virtualization in Operating Systems and Similar Environments.
  • · Firewalls, Intrusion Detection, and Prevention Systems.
  • · Tamper-Resistant Microprocessors.
  • · Tamper-Resistant Microcontrollers.
Certification Process
  • Product & Software Review
  • Risk Assessment / sBoM / Cybersecurity Testing & Evaluation
  • TCF Documentation
  • CE Certification & CE Marking
Certification Period
4 ~ 8 Weeks
Requirement
Test Sample (1 Set), sBOM, Risk Assessment PQ, User Manual, Drawings (Electronics, Layout, Block Diagram), Name Plate, Application Form, Copy of Business Registration Certificate