보안을 고려한 제품 설계
One of the CRA requirements is designing products with digital elements in such a way that they ensure an appropriate level of cybersecurity based on defined risks.
On top of this requirement, security efforts tend to be more efficient and effective when defined as early as possible during product development. While CRA may impose from the regulatory perspective, it's really for also the manufacturers' benefit to shift cybersecurity thinking to the center of product design from the get-go.
EU CRA Reference
Annex I, Part I § 1
Products with digital elements shall be designed, developed and produced in such a way that they ensure an appropriate level of cybersecurity based on the risks.
Go to the legislationOWASP SAMM Reference
Software Assurance Maturity Model
Design business function determines security practices, such as threat assessment, security requirements and secure architecture, that are relevant to identified tasks.
Learn more about SAMMGive Us Feedback
Do you need additional documentation
(to what is already available at doc.qt.io)
for product hardening?
Next Steps at Qt Group
From Boot to Qt development image towards production image
Best practices documentation for customer maintaining Qt updateability
Qt Framework implemented process for marking security critical modules (QUIP-23)
Document which Qt modules and classes are meant to process untrusted data
More Related to Security by Design
The information contained on this page and this website does not constitute legal advice. It is provided for informational purposes and discussion of the subject matter only. Content is subject to change and The Qt Group does not guarantee the accuracy or currentness of the contents of this page nor is The Qt Group responsible for the content or operation of any external website that these pages link to—or that may link to—these pages. The information contained here is not, and should not be used as, a substitute for legal advice.