HMS Networks Advises Replacing Legacy Connectivity for CRA Compliance
HMS Networks recommends device and machine makers replace legacy connectivity solutions with modern, CRA-compliant alternatives. This shift aims to simplify compliance with the Cyber Resilience Act's security and maintenance requirements.
Manufacturers of industrial devices and machines are facing significant challenges in meeting the requirements of the new Cyber Resilience Act (CRA). HMS Networks, through its Anybus brand, suggests transitioning away from outdated, in-house, or custom connectivity solutions.
The CRA imposes long-term responsibilities on manufacturers regarding the security and maintenance of their products. Legacy connectivity solutions, often designed primarily for functionality, frequently fall short of CRA mandates concerning documentation, cybersecurity, and lifecycle management. HMS Networks highlights common issues such as missing or incomplete documentation, unclear ownership for maintenance, insufficient resources or expertise, and the management of unknown or unmaintained dependencies.
Updating these older solutions to meet current standards is typically a complex and resource-intensive undertaking. For companies with extensive product portfolios and long product lifecycles, this can place an undue burden on internal resources. HMS Networks emphasizes that achieving compliance for connectivity features often represents the most intricate and demanding aspect of the overall CRA effort.
Instead, HMS Networks proposes that modern, CRA-ready connectivity interfaces and gateways can substantially simplify this process. Adopting a ready-made solution transfers a significant portion of the operational and security-related workload away from the device manufacturer. This allows manufacturers to concentrate on their core functions while reducing the overall labor involved in meeting CRA compliance.