The EU Cyber Resilience Act (CRA) marks a significant step forward in strengthening cybersecurity across connected products placed on the European market. For manufacturers and system integrators, CRA introduces new expectations around secure development, vulnerability handling, and long-term product support.

At Silex, we see CRA not as a disruption, but as a natural extension of how secure products should be built and maintained.

Security by Design, Not by Reaction

Long before CRA, Silex has followed structured development practices focused on reliability, safety, and security. As CRA standards are finalized, we are aligning our internal processes with internationally recognized frameworks such as IEC 62443 to ensure consistency and clarity for our customers.

This allows us to support both:

• New products designed with CRA in mind
• Existing products already deployed in the EU market

Vulnerability Handling You Can Rely On

A core element of CRA is how manufacturers respond when vulnerabilities are discovered. To support this, Silex has established a dedicated Product Security Incident Response Team (PSIRT).

Our PSIRT is responsible for:

• Monitoring emerging threats
• Coordinating responsible vulnerability disclosure
• Communicating clearly and promptly with affected customers
• Delivering security updates in line with declared maintenance periods

A formal Coordinated Vulnerability Disclosure policy and reporting channel is published here.

Long-Term Support You Can Plan Around

CRA requires manufacturers to define and honor a product support period. At Silex:

• Security updates are provided for five years from the final shipment of a product
• Maintenance periods are clearly communicated and documented
• Customers can confidently plan long-term deployments

This transparency helps customers meet their own CRA obligations without uncertainty.

Supporting Customer Compliance

CRA compliance is a shared responsibility across the supply chain. Silex supports customers by providing:

• Security update policies
• Vulnerability handling documentation
• Software Bills of Materials (SBOMs) under controlled disclosure
• Clear lifecycle and maintenance commitments

Our goal is simple: make compliance predictable, practical, and achievable.

Looking Ahead

CRA implementation will continue to evolve, and so will our processes. We will provide ongoing updates to our Security Center as we finalize new policies, reporting channels, and technical compliance details.

Silex remains committed to cybersecurity, transparency, and long-term customer trust.