Cybersecurity regulations such as the Cyber Resilience Act are changing the IoT landscape. It is becoming all the more important for device manufacturers to implement functioning cryptographic measures from the outset and maintain them throughout the entire product lifecycle. An authentication chip such as the TrustMANAGER ECC608 can help here.
Figure 1: Preparation for the Cyber Resilience Act. By December 2027, device manufacturers must have implemented a series of mandatory measures.
(Image: Microchip)
The rise of the IoT and its industrial counterpart, the Industrial IoT (IIoT), shows no signs of slowing down. IoT-connected sensors, actuators and other smart nodes are ubiquitous in our homes, offices and factories. The variety of these applications is impressive, ranging from simple environmental sensors to large-scale use of door locks in hotel rooms. In our homes, the use of IoT is increasing every day. The average household has smart heating and ventilation controls, remote control doorbells, smart speakers and immersive audio systems.
There is no doubt that any IoT/IIoT deployment, large or small, brings significant benefits, from greater convenience for the user to more efficient manufacturing. However, the operational architecture of IoT tends to be complex and involves many layers, service providers and hardware environments. In addition to increasing security concerns and the growing regulatory environment, device manufacturers and service providers face numerous challenges.
There are many aspects to consider when it comes to cyber security, especially because IoT devices can be vulnerable to malicious attacks. These attempt to access sensitive personal data such as passwords or take control of an industrial process and lock users out of systems. Every aspect of an IoT/IIoT implementation requires careful security precautions - from hardware to software to communication.
Current legislation such as the EU Cyber Resilience Act (CRA) places the responsibility on IoT device manufacturers to certify the security features of their devices and provide a mechanism for users to update and manage a device throughout its lifecycle, from production to end of life. The CRA is harmonized with other internationally recognized safety standards, such as the European Telecommunications Standards Institute (ETSI) standard EN 303 645 and the International Society of Automation (ISA)/International Electrotechnical Commission (IEC) standard 62443 on the safety of industrial automation and control systems.
Challenges in the Provision
New cybersecurity laws are ushering in a new era for the IoT/IIoT and require a comprehensive approach to lifecycle management to protect users, data and computing infrastructure. Until now, connected devices, whether at home or for industrial purposes, were mostly installed and then forgotten. They rarely received firmware updates, and even when these were available, they could be time-consuming to perform or, worse still, the microcontroller architecture (MCU) no longer supported the security functions to patch the identified vulnerability. As a result, companies stopped production, leading to frustration among customers. Implementing security patches to protect the device and the associated network environment from new cyberattacks and malware was extremely difficult. Shipping products with the same password was also widespread, leading to several serious security breaches. Such attacks exposed sensitive user data and damaged the brand's reputation.
Figure 2: Examples of applications that require security and dynamic management over the entire life cycle.
(Image: Microchip)
The ability to manage an IoT device throughout its lifecycle offers significant operational benefits to manufacturers and service providers. New software features can be added at any stage - from important bug fixes to paid add-ons. For users, this ability to perform software security updates on demand means operational flexibility and cost efficiency. For large-scale deployments, the ability to deploy security patches to a wide range of devices without the need for lengthy, time-consuming and costly on-site visits provides an unprecedented level of customer service.
Another challenge with large-scale deployments is the change of ownership within the life cycle of IoT devices. An example is a hotel with 500 rooms where the door locks need to be updated with security certificates and digital signatures for each new guest. A similar challenge occurs in office buildings when all door locks for multiple tenants need to be updated with security codes that meet the requirements of the respective owner/tenant cybersecurity teams. Updating each lock individually - or worse, replacing each one - would be a daunting task. However, if each lock is equipped with a remote management function, security authorizations and user-specific options can be provided on site. This makes it easy to control the management of locks and access rights for each lock.
This also applies to serviced offices, where customers have access to specific floors, rooms and facilities depending on the rental package selected. Here too, the ability to change the security access data required for each facility quickly and remotely ensures high customer satisfaction and operational efficiency.
Date: 08.12.2025
Naturally, we always handle your personal data responsibly. Any personal data we receive from you is processed in accordance with applicable data protection legislation. For detailed information please see our privacy policy.
Consent to the use of data for promotional purposes
I hereby consent to Vogel Communications Group GmbH & Co. KG, Max-Planck-Str. 7-9, 97082 Würzburg including any affiliated companies according to §§ 15 et seq. AktG (hereafter: Vogel Communications Group) using my e-mail address to send editorial newsletters. A list of all affiliated companies can be found here
Newsletter content may include all products and services of any companies mentioned above, including for example specialist journals and books, events and fairs as well as event-related products and services, print and digital media offers and services such as additional (editorial) newsletters, raffles, lead campaigns, market research both online and offline, specialist webportals and e-learning offers. In case my personal telephone number has also been collected, it may be used for offers of aforementioned products, for services of the companies mentioned above, and market research purposes.
Additionally, my consent also includes the processing of my email address and telephone number for data matching for marketing purposes with select advertising partners such as LinkedIn, Google, and Meta. For this, Vogel Communications Group may transmit said data in hashed form to the advertising partners who then use said data to determine whether I am also a member of the mentioned advertising partner portals. Vogel Communications Group uses this feature for the purposes of re-targeting (up-selling, cross-selling, and customer loyalty), generating so-called look-alike audiences for acquisition of new customers, and as basis for exclusion for on-going advertising campaigns. Further information can be found in section “data matching for marketing purposes”.
In case I access protected data on Internet portals of Vogel Communications Group including any affiliated companies according to §§ 15 et seq. AktG, I need to provide further data in order to register for the access to such content. In return for this free access to editorial content, my data may be used in accordance with this consent for the purposes stated here. This does not apply to data matching for marketing purposes.
Right of revocation
I understand that I can revoke my consent at will. My revocation does not change the lawfulness of data processing that was conducted based on my consent leading up to my revocation. One option to declare my revocation is to use the contact form found at https://contact.vogel.de. In case I no longer wish to receive certain newsletters, I have subscribed to, I can also click on the unsubscribe link included at the end of a newsletter. Further information regarding my right of revocation and the implementation of it as well as the consequences of my revocation can be found in the data protection declaration, section editorial newsletter.
Provide Support Throughout the Entire Service Life
With the ability to provide on-site security credentials, over-the-air firmware updates (FOTA) and dynamic lifecycle management, the Software-as-a-Service/SaaS platform "Microchip TrustMANAGER with Kudelski keySTREAM" offers a comprehensive and efficient approach to meeting cybersecurity requirements such as those of the CRA.
Figure 3: TrustMANAGER with Kudelski keySTREAM SaaS.
(Image: Microchip)
Microchip's TrustMANAGER ECC608 crypto-authentication IC with keySTREAM SaaS enables a digital chain of trust for IoT/IIoT deployments across the entire product lifecycle - from initial design concept through production and deployment to end-of-life. A root certification authority (CA) is an important top-level entity in any public key infrastructure (PKI). Issuing a self-signed certificate creates the first anchor of trust.
An ECC608-TMNGTLS is a variant of the ECC608 crypto-authentication IC equipped with pre-configured cryptographic keys for connection to the keySTREAM SaaS platform. Once deployed, the IoT device connects to the ECC608-TMNGTLS plus keySTREAM SaaS and transfers ownership of the IoT device on-site to the intended owner. This is done through its custom PKI and enables an elegant zero-touch approach without the need to manually configure the key exchange. The cryptographic keys can be remotely managed within the physical boundaries of the secure authentication IC throughout its lifecycle.
Figure 4: Guaranteeing safety over the entire product life cycle.
(Image: Microchip)
The TrustMANAGER platform includes functions for radio-based firmware updates, secure code signing and remote management of cryptographic keys. The integration of remote management into the device design is becoming increasingly important for device manufacturers, alongside the requirements for security updates, as it offers service agility and flexibility.
Regulations Require Greater Focus on Safety
The IoT landscape is changing. An increased focus on cybersecurity regulations and more responsibility for device manufacturers is driving change. The European CRA, an example of a regional cybersecurity initiative, requires manufacturers to maintain a device's security features for the first five years of a product's life. Although the CRA is initially aimed at consumer IoT devices, the European regulation is likely to be just the tip of the iceberg as more and more states follow the EU's lead and begin to publish and mandate their own cybersecurity strategy. It is very likely that the CRA will also form the basis for cybersecurity standards in other markets and industries.
Cybersecurity regulations have far-reaching effects. They strengthen consumer confidence in a manufacturer's product range and its market credibility. This factor is crucial for building business relationships, partnerships and demonstrating market leadership. (sg)
*Xavier Bignalet is Product Marketing Manager in the Security Computing Group at Microchip.
:quality(80)/p7i.vogel.de/wcms/68/44/6844f9ae752767034c525d8dcdffe13e/0129139999v1.jpeg "Won-jong Kim, CEO of DN Solutions, and Dr. Thorsten Schmidt, CEO of the Heller Group, agree: \"This strategic partnership strengthens the position of both companies in precision technology.\" (Image:Heller)")
:quality(80)/p7i.vogel.de/wcms/c1/5b/c15b198344a31c237d35f919235fa73e/blechnext-20maas-1161x653v1v1.png "Blechnext offers sheet metal processors the Machine-as-a-Service partner model with a Tru Laser Center 7030 from Trumpf. (Image:Blechnext)")
:quality(80)/p7i.vogel.de/wcms/f0/31/f0319d3a30838159664c49b3a9f493d2/0129117929v1.jpeg "After almost twenty years, the EU and India have agreed on a free trade area, as is now being reported. This will bring economic opportunities for both sides ... (Image:Rhandi Guacal)")
:quality(80)/p7i.vogel.de/wcms/35/05/35053abb41de0982218558e90d6e7e39/0129102702v1.jpeg "Having already embarked on the path to space armaments at the end of last year, Rheinmetall is now taking the next step in this direction. They want to cooperate with OHB. Read more here ... (Image:OHB)")
:quality(80)/p7i.vogel.de/wcms/de/75/de750a367b39ed3167210c6941b067b6/0129059153v1.jpeg "Figure 1: Preparation for the Cyber Resilience Act. By December 2027, device manufacturers must have implemented a series of mandatory measures. (Image:Microchip)")
:quality(80)/p7i.vogel.de/wcms/e6/e0/e6e0dae794b9068953f24ace08b6b0ca/0113143253v1.jpeg "In our China Market Insider, we regularly provide you with relevant information directly from China. (Image:© Eisenhans - stock.adobe.com)")
:quality(80)/p7i.vogel.de/wcms/9c/ab/9cab21491606aa2307666fe98ecd6e71/0129075731v1.jpeg "The AI-generated demonstration cabinet, which was shown for the first time at SPS 2025, was created as a joint project between WSCAD, ABB, Phoenix Contact and häwa. (Image:Phoenix Contact)")
:quality(80)/p7i.vogel.de/wcms/cc/ea/ccea7e4dd65520f78ff6495c9d86bda4/0129081026v1.jpeg "In the EU project RoboSAPIENS, the Fraunhofer IFF is testing human-robot collaboration without a safety fence, in which the robot adapts its speed and behavior to the detected risk depending on the situation. (Image:Lucid Origin / AI-generated)")
:quality(80)/p7i.vogel.de/wcms/3d/63/3d637efb6dfefc529f08738bab2dc968/adobestock-1271004590--c2-a9-20the-20pixel-20store-20-e2-80-93-20stock-adobe-com-ki-generiert-2787x1568v1v1.jpeg "We present three innovations from the PLM and ALM world. (Image:The Pixel Store stock.adobe.com AI-generated)"){kind=tracking}
:quality(80)/p7i.vogel.de/wcms/ac/24/ac24a11949181f09353e0fb94c7a8259/0129097402v1.jpeg "Gearbox damage brings wind turbines to a standstill. The \"Winclusion\" research project therefore aims to improve the forecast for the service life of wind gearboxes. (Image:Claudia Hinz/Pixabay)")
:quality(80)/p7i.vogel.de/wcms/eb/92/eb9267f5522dd1664e0ee125a11c4c4b/adobestock-308282197--c2-a9-20malp-20-e2-80-93-20stock-adobe-com-4700x2643v1v1.jpeg "A new liquid air storage system is expected to generate 180 million kilowatt hours of electricity per year, enough to supply 30,000 households with electricity for a whole year. (Image:malp - stock.adobe.com.jpeg)")
:quality(80)/p7i.vogel.de/wcms/e5/41/e541db2da42fb47cb78929b114494c9f/0128553956v1.jpeg "3D modeling software Blender with the integrated component catalog from MHJ-Software (left), the setup of a virtual system in the design area (central) and the specially developed plugin for skill configuration (right). (Image:MHJ software)")
:quality(80)/p7i.vogel.de/wcms/f5/22/f52293d339d8c952563eb00876da7cab/0129137154v1.jpeg "Joby Aviation is preparing for the first wave of pilot training for eVTOLs with CAE flight simulators. (Image:Joby Aviation)")
:quality(80)/p7i.vogel.de/wcms/36/c6/36c67f2e5e8fcb78c5a5b8d07673eec6/0129154312v1.jpeg "Yuchai intends to use its flywheel system - on the right-hand side of the engine - primarily in commercial vehicles. (Image:Yuchai)")
:quality(80)/p7i.vogel.de/wcms/73/19/7319bef92f362b5e3d23c7411b6a713e/iaa-20mobility-202025-jf-1-14619-7802x4389v1v1.jpeg "The major battery suppliers were very present at the IAA 2025. They continue to hold high market shares. (Image:IAA Mobility/Messe München)")
:quality(80)/p7i.vogel.de/wcms/aa/41/aa41549f54a7aab3d47d2422b3a36cb8/0129156133v1.jpeg "In 2025, significantly more e-cars were sold worldwide. (Image:Volkswagen)")
:quality(80)/p7i.vogel.de/wcms/d8/f8/d8f8fc64e23a1ed726fc8ac7ab697747/0129101600v1.jpeg "A new imaging technology makes it possible to detect early signs of heart disease through the skin. This opens up new markets for portable imaging systems. (Image:freely licensed)")
:quality(80)/p7i.vogel.de/wcms/95/e7/95e77e1c2ad5ee51222a6e287609643e/0129119186v1.jpeg "Photo of Micron's \"Site 3\" in Singapore, where NAND flash memory is manufactured. The memory manufacturer plans to invest a further 24 billion US dollars in the construction of an additional fab in Southeast Asia. The new plant is scheduled to go into operation by 2028. (Image:Micron)")
:quality(80)/p7i.vogel.de/wcms/02/e9/02e96ae8cdd8befd5dba1ad2e07a0bf0/0128985529v1.jpeg "Researchers at TU Wien have developed electromechanical sensors that can be fully integrated into a chip. The image shows the nano-device with a planar coil. (Image:TU Vienna)")
:quality(80)/p7i.vogel.de/wcms/31/0f/310ff0cffd03d830e8651110863ff8fa/0129062766v1.jpeg "Solutions for storage bottlenecks: Connect SSDs via NVMe-oF (left) or use inexpensive HDDs (right). (Image:Nano Banana / AI-generated)")
:fill(fff,0)/images.vogel.de/vogelonline/companyimg/76800/76895/65.jpg "FAULHABER_120mm.jpg ()")
:fill(fff,0)/p7i.vogel.de/companies/67/eb/67eba621ef6ea/logo2.png "logo2 (Wuxi InfiMotion)"){kind=logo}
:quality(80)/p7i.vogel.de/wcms/49/29/4929e9145217933764207c891eab9024/0126622587v1.jpeg "In the future, companies must establish effective risk management focused on network security, access control, and incident response. (Image:Softing Industrial)")
:quality(80)/p7i.vogel.de/wcms/3b/e3/3be3336c5a97ac687c7fb812bbd0a043/0127455882v1.jpeg "Easy tinkering: A Raspberry Pi greatly simplifies the prototyping of IoT devices. (Image:Benjamin Nelan, Pixabay)")