Security Regulations, Norms and Tooling

As embedded systems become increasingly connected, developers face growing pressure to meet new security and compliance requirements. In this event, we’ll explore how the Cyber Resilience Act (CRA) and NIS2 directive are shaping the future of embedded software. We’ll also discuss relevant norms, standards, and the tooling ecosystem that can help teams stay compliant and efficient. Join us to learn, share, and connect with others navigating these changes.

Agenda

• 18:00–18:20 Event Opening
• 18:20–19:00 “Compliance by Design”: how EU Legislation enforces Embedded Device Security — Gerald Sendera
• 19:05–19:45 Standards for implementing new compliance requirements from CRA/NIS2/etc. — Thomas Bleier
• 19:50–20:30 Tools and Methods for Threat Modelling with CRA/IEC 62443-4-1/2 in mind — Martin Aman
• 20:30–22:00 Open Networking

“Compliance by Design”: how EU Legislation enforces Embedded Device Security

by Gerald Sendera

Gerald Sendera graduated in law from the University of Vienna in 2001 and has been working in IT since 2004 in various roles. He is with SBA Research since 2017, and his expertise focuses on legal security requirements, data protection compliance, and the impact of Cybersecurity Legislation on Organisations.

Standards for implementing new compliance requirements from CRA/NIS2/etc.

by Thomas Bleier

Thomas Bleier is the “Chief Security Improvement Officer” and Managing Director of B-SEC better secure GmbH & Co KG, and supports organizations in increasing the resilience of their automation and IT systems against cyberattacks through independent assessments, training, and consulting. He is also a sworn and court-certified expert for IT security, a university lecturer for applied IT security and security engineering, and an ISO 27001 and NIS auditor. Within OVE (Austrian Electrotechnical Association), he is chair of the TSK MR65, the mirror committee of IEC TC65 and CENELEC TC65X, where harmonized standards based on IEC 62443 are being developed.

Tools and Methods for Threat Modelling with CRA/IEC 62443-4-1/2 in mind

by Martin Aman

Martin Aman is co-founder and CTO of TG alpha GmbH. He can look back at 10 years of experience and help customers in the field of OT-Cyber-Security with technical and regulatory aspects. Additionally, he is a lecturer at the Deggendorf Institute of Technology in the master’s course Cyber Security.