The Cyber Resilience Act (CRA) developed by the EU Commission defines standards for the cyber security of connected devices and thus improves the cyber security of products. It does not matter whether the products are connected to the Internet, communicate with each other or via internal interfaces. The CRA applies not only to finished end products, but also to all preliminary products and components. – In other words, all components of the hardware supply chain.
The CRA regulations apply not only to manufacturers of products with digital elements, but also to distributors and importers.