EEPROM

FAQ

• Q1：What is the purpose of the CRA (Cyber Resilience Act)?

  The CRA aims to ensure that connected products placed on the EU market meet consistent cybersecurity requirements throughout their entire lifecycle. It defines mandatory rules for secure design, secure development, vulnerability handling, and timely security updates. The purpose is to ensure a high level of cybersecurity of products with digital elements and their integrated remote digital processing solutions. Therefore, it improves transparency on security of hardware and software products. 

• Q2：How will the CRA impact device manufacturers using GigaDevice products?

  Manufacturers must ensure their end products comply with CRA requirements, including secure integration of components, risk assessments, and continuous vulnerability management. GigaDevice supports customers by offering secure MCU features, reference implementations, and lifecycle security guidance to help simplify compliance efforts. We also work with partners to provide third party software solutions with increased security provisioning and less design cycle time for our customers.

• Q3：How do I report a vulnerability case ?

  Please visit the page Report Product Security Vulnerabilities on our website and provide the information related to the vulnerability case. Our PSIRT team will get in contact with you as soon as possible after receiving the inquiry.