[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [open-regulatory-compliance] FYI: The minutes for CRA Expert Group Meeting #1 are now public
|
Lars,
It appears that some people proposing IEC 62443 are unaware that it does not
support certain EU CRA requirements, like SBOM and Secure by Default
contained in Annex I. I've been told this is being worked on but the
decision to "not support Secure by Default in IEC 62443" was a conscious
decision:
https://dale-peterson.com/2007/08/22/secure-by-default-no-sale/
Some OT vendors are moving aggressively to support SBOM and Secure by Design
practices:
https://energycentral.com/c/iu/sboms-building-customer-trust-through-softwar
e-transparency
"most manufacturers may not know how to conduct risk-assessments and this
could be particularly beneficial for SMEs. Still others flagged that the ISO
27000 and IEC 62443 series could serve as the basis for this work."
Thanks,
Dick Brooks
Active Member of the CISA Critical Manufacturing Sector,
Sector Coordinating Council - A Public-Private Partnership
Never trust software, always verify and report! T
Risk always exists, but trust must be earned and awarded.T
https://businesscyberguardian.com/
Email: dick@xxxxxxxxxxxxxxxxxxxxxxxxx
Tel: +1 978-696-1788
-----Original Message-----
From: open-regulatory-compliance
<open-regulatory-compliance-bounces@xxxxxxxxxxx> On Behalf Of Lars Francke
via open-regulatory-compliance
Sent: Thursday, March 6, 2025 9:55 AM
To: Open Regulatory Compliance Working Group
<open-regulatory-compliance@xxxxxxxxxxx>
Cc: Lars Francke <lars.francke@xxxxxxxxx>
Subject: [open-regulatory-compliance] FYI: The minutes for CRA Expert Group
Meeting #1 are now public
https://ec.europa.eu/transparency/expert-groups-register/core/api/front/docu
ment/115256/download
_______________________________________________
open-regulatory-compliance mailing list
open-regulatory-compliance@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org
