Skip to main content

Implementation Guides

This section provides step-by-step technical guidance for implementing the secure-by-design principles required by modern regulations like the Cyber-Resilience Act (CRA).

The guides are organized by the two key phases of the product lifecycle, providing a clear path from initial design to long-term operational security.

  • Build Phase: A collection of guides focused on engineering a secure product from the ground up. Topics cover everything from Threat Modeling and establishing a Hardware Root of Trust to implementing Secure Boot, hardening the attack surface, and creating a Software Bill of Materials (SBOM).

  • Operate Phase: A collection of guides focused on maintaining security after a product is in the field. Topics cover setting up a compliant Vulnerability Disclosure program, defining a Patch Cadence, monitoring the device fleet, and hardening the CI/CD pipeline that delivers updates.