Level 2 minimal - vdma.eu

Impact on mechanical and plant engineering in conjunction with electrical automation

Recommended action for supplier self-disclosure Cyber Resilience Act (CRA)

The Cyber Resilience Act (CRA) will bring significant changes for most machine and plant manufacturers as early as 2026. What do you need to consider when preparing for the upcoming deadlines for your own products and components?

The Cyber Resilience Act (CRA) affects many products and components in mechanical engineering. The regulation will take effect as early as 2026 and many companies are not yet prepared for it.

The CRA fundamentally changes the security requirements in mechanical engineering. What obligations will manufacturers now face and how should companies prepare for them? However, the CRA is not just a regulation, but above all an opportunity.

Update! The Cyber Resilience Act (CRA) entered into force on december 11th 2024. The VDMA has compiled a new version of the FAQ document to provide support and non-binding guidance to its members.

New requirements apply to products with digital components. Manufacturers must now ensure cyber security throughout the entire product life cycle - even for integrated software! An update on responsibilities and deadlines.

The European Union's Cyber Resilience Act affects many products and components in the mechanical engineering sector. Companies should quickly identify the extent to which they are affected and take measures to ensure compliance and product security.