Presentation and recording is available now!
- Download the PDF here https://opcfoundation.org/developer-tools/marketing-communication-presentations/opc-and-opc-ua-presentations/
- The link to the recording is on the title page of the PDF
During this webinar “Cyber Resilience Act (CRA) – Solving some Fundamental Legal Aspects” Dr. Gerrit Hötzel spoke about 2 topics and was available for a long Q&A session:
Commercial Use of Open-Source Software under the Cyber Resilience Act
Any company using open-source software in the course of commercial activities will have to demonstrate conformity of the open-source software with the CRA. This is not a simple task, given that open-source software is third-party software. Also, this represents a significant shift from the current straightforward use of open-source software and will fundamentally alter how open-source software can be employed while minimizing legal risks. More on this and further aspects regarding open-source software under the CRA are given in the talk, e.g. security attestations of open-source software and so-called open-source software stewards.
10 Examples Cases for CRA Contract Design and Supply Chain Management
One key element of the Cyber Resilience Act (CRA) is its emphasis on the supply chain. Many obligations imposed on commercial enterprises can only be fulfilled if suppliers are contractually required to participate in the conformity assessment, particularly concerning software included in their products. However, the contractual arrangements with suppliers are not the only critical factor; the agreements with customers are equally important. In addition to requirements for providing security updates and information to customers, the CRA introduces a major change: a support period of up to five years. Does this mean that all warranty and liability clauses in terms and conditions and sales contracts need to be revised to accommodate this new requirement?