15.30 – 15.55
CRA demands secure‑by‑design grounded in risk, not checklists. In this keynote, we present a proven path from risk to conceptual assessment to product testing for embedded/IoT teams. Starting with CRA’s core principles: risk-based approach, intended use, reasonably foreseeable use and operational environment we will demonstrate how to approach CRA compliance in practice. We then show how to verify requirements with testable controls and traceable evidence, reusing our proven approach from RED 3(3)(d–f) testing experience. Through an IoT example, we will discuss where teams often stumble (vulnerability handling, authentication) and concrete ways to avoid rework. We finish with Bureau Veritas’s end‑to‑end CRA approach that accelerates delivery while standing up to scrutiny.
Spreker: Bram Blaauwendraad & Gaurav Raina – Bureau Veritas