Security standards and Zephyr

Historically, organizations managed cybersecurity independently, defining their own assessment and response protocols. Today, governments are increasingly regulating this area through new mandates and security standards. These standards define specific guidelines and compliance requirements for connected products.

This section evaluates the implications of these security standards for the Zephyr project itself, as well as downstream product developers. The goal is to provide developers with the information needed to build certifiable, compliant products using Zephyr.

• EU Cyber Resilience Act (CRA)
• ETSI 303-645