Arduino Portenta X8: Leading the Charge in EU Cyber Resilience Compliance
The collaboration between Foundries.io and Arduino to integrate security software into the Portenta X8 represents a significant milestone in achieving compliance with the European Union’s Cyber Resilience Act (CRA). The Portenta X8 is the first system-on-module (SoM) to meet CRA standards, positioning it as a leader in cybersecurity for IoT devices.
The EU’s CRA sets forth stringent security requirements for all IoT devices in Europe starting in 2025. These requirements include establishing standards for secure products, mandating manufacturers to prioritize security at every stage of a product’s life cycle, increasing user awareness of cybersecurity features, and necessitating prompt resolution of vulnerabilities in existing devices.
Under these regulations, all digital products must adhere to new security standards, with exceptions for certain categories such as medical devices, aviation equipment, and motor vehicles. Depending on their risk levels, some products will require independent security assessments, with OEMs responsible for ensuring compliance. EU member states will oversee enforcement with support from the Commission, and there’s a special cybersecurity certificate for highly critical products requiring extra security measures.
The collaboration between Foundries.io and Arduino ensures that the Portenta X8 SoM complies with these regulations. Foundries.io provides cloud-native development and deployment solutions for secure IoT and edge devices, while Arduino contributes the hardware. Together, they enable users to manage device security, data protection, and software efficiently in a single, cloud-based environment, offering enhanced security against cyberattacks and malware.
Key security features of the Portenta X8, enabled by the Linux micro Platform and FoundriesFactory platform, include secure boot, trusted execution environment, remote attestation, key installation, cloud authentication, TUF-compliant secure OTA updating, and automatically generated SBOMs after every software update.
The complexity of implementing these capabilities is mitigated by Foundries.io’s software interface and the user-friendly X8 Board Manager tool, which integrates seamlessly with the Arduino IDE.
Fabio Violante, CEO of Arduino, emphasized the importance of prioritizing security in Linux-based edge devices, stating that the Portenta X8 was designed with security as a top priority, from hardware and firmware to Linux distribution and device management with FoundriesFactory technology.
For further information, visit the Foundries.io website to learn about the features of the FoundriesFactory platform and the Linux micro platform, as well as online resources regarding the Cyber Resilience Act and the EU Cybersecurity Regulation Proposal for Digital Products.