German 
English 
PHYTEC France 
PHYTEC USA 
PHYTEC India 
PHYTEC China Total amount:
plus VAT.
Cybersecurity
Powerful hardware.
Strong protection.
The Cyber Resilience Act (CRA) requires manufacturers of Productsn with digital elements, to consider cybersecurity from the outset – with security by design, continuous CVE management and lifelong SLCM measures.
PHYTEC helps you achieve CRA compliance efficiently: Our CRA-compliant embedded-Products We combine IT security in hardware and software. Based on the Linux-based phyBSP, we offer the securiPHY distro, an enhanced platform with comprehensive security features. Additionally, our security solutions relieve the burden on your systems. Services They are on their way to a CRA-ready end product.
Security Management Services
Expert advice
Holistic cybersecurity consulting for embedded systems – from the
Concept support from Secure by Design to risk-based
Analysis and retrofitting of existing designs.
Secure BSP – securiPHY-Distro
The securiPHY distribution extends the phyBSP stack with comprehensive CRA-
compliant security features – based on Linux and the Yocto Project
for maximum security and flexibility in embedded systems.
Update & device management
The Cyber Resilience Act (CRA) requires timely updates and patches for
embedded systems – with phyHUB as a cloud-based management system
We provide precise information on the system and flexible integration of RAUC or hawkBit.
That's for sure.
Product Provisioning
Product provisioning forms the basis for the secure initialization of devices.
During the production phase: From software installation and burning fuses to the
Our service enables the creation of client certificates to be seamless and
Trusted startup of any embedded system.
CVE Management
Effective CVE management for embedded systems – with regular
Reports on relevant vulnerabilities, clear recommendations for action
and suitable patches for lasting security.
Software Lifecycle Management (SLCM)
Software Lifecycle Management for Embedded Systems – by
automated nightly builds up to stable LTS releases for long-term use
maintainability and safety of your Products.
Security options compared
 SECURITY PACKAGES | BasicIncluded for Free | DevelopmentConfiguration Support | MaintainedEverything you need for full product maintenance | Full ServiceOne-click Maintenance |
|---|---|---|---|---|
 CVE Management | CVE Reports including your custom SBOM part | Full CVE Service analysis and resolution | ||
 SLCM (Software Livecycle Management) | Nighty Builds Fully tested with your device | Device Image ready to deploy | ||
 Product Provisioning | Device Initialization Encryption, Keys & Certificates | Device Initialization Encryption, Keys & Certificates | Pre-initialized phyHUB PHYTEC's Device Management | |
 Update and Device Management |   |  |  | phyHUB powered by |
 securiPHY-Distro (with automatic SBOM creation) | securiPHY Core BSP Pre-Hardened | securiPHY-Advanced With professional configuration support | securiPHY Maintained Maintained and audited security for the future | Customized securiPHY distribution Customer-specific BSP - fully hardened |
 Consulting / Support | 1 hour FOR FREE | Cost per hour | Cost per hour | Cost per hour |
 CRA-Compliant Core Product | securiPHY Core BSP CVE Maintained LTS Maintenance | securiPHY Core BSP CVE Maintained LTS Maintenance | securiPHY Core BSP CVE Maintained LTS Maintenance | securiPHY Core BSP CVE Maintained LTS Maintenance |
Frequently Asked Questions
On the one hand, Phytec already implements required security features such as SBOM, Secure Boot, encryption, Secure Update Process and the provision of new releases.
Included in the free standard Board Support Package phyBSP. Risk analyses and CVE reports for the PHYTEC are also included.Productsn, which can be used for integration into your end products. As an extended service, customized BSP, Secure Provisioning, CVE Management and Software Lifecycle Management can then be provided for your Products It can be booked as an add-on. You decide what level of support you need – from basic to full service.
Retrofitting security features to devices in the field is complex, as several aspects must be considered, such as the current state, the desired state, and the area of operation. ProductsThe update path and the system must be taken into account. When implementing such a project, the migration is performed on the device with as few user interactions as possible. Usually, a change to the flash partitioning is necessary, which, in conjunction with the bootloader update, is a critical step because there is no fallback at this point. PHYTEC has already successfully supported several projects on this topic for clients.
For SoC manufacturers like NXP Semiconductors, Texas Instruments, and STMicroelectronics, NDAs are also required for the SoC security manuals. Much important information has already been published in the PHYTEC Security Manual In summary. For NXP, please refer to the... NXP secure files user guide follow and at TI: https://www.ti.com/secureresources/ Register and request.
Yes, Phytec also offers workshops on this topic upon request. These workshops focus specifically on the product based on Phytec hardware, the use case, and the company's circumstances, allowing us to address your individual situation and ensure efficient project implementation.
