EU cyber law to impact tire and rubber-product makers
4 Apr 2023
Companies advised to work with suppliers and partners to ensure compliance with Cyber Resilience Act
Dusseldorf, Germany – Cyber-security regulation was a recurring issue raised by both exhibitors and visitors on the stands of automation companies at Tire Technology Expo 2023
Discussions centred, in particular, on the EU’s Cyber Resilience Act (CRA), which will apply to all manufacturers and suppliers of products with smart, connected devices regardless of the specific industry or product-type.
With the CRA, Brussels aims to introduce common cybersecurity rules for manufacturers, developers and distributors of products with digital elements – including both hardware and software.
According to Dusseldorf-based cyber security firm OneKey, there are direct implications for the rubber industry from the regulations, which the European Commission aims to enact in early 2024.
Many manufacturers and suppliers of tires and rubber goods will need to ensure that their products comply with the digital elements within the regulatory requirements, the firm said in written comments to ERJ.
“So yes, for tires and rubber goods that are [made] ‘smart’, for example by including sensors to measure tire pressure or tread wear, the CRA will absolutely apply.”
The CRA, continued Onekey, will be an extension of the CE mark required by all electronic products on the European market.
The EU will, therefore, hold importers of devices accountable for the products to comply with the requirements of the CRA – the importer must pass on the requirements to the foreign manufacturer.
In other words, all tires and rubber products with digital elements manufactured outside the EU must also be compliant, if they are intended to be sold in the region.
“This means that companies must ensure that their global-supply chains meet the same standards for cybersecurity as their domestic supply chains,” OneKey emphasised.
Companies are, therefore, advised “to work closely with their suppliers and partners to implement the necessary cybersecurity measures and obtain the required information about the origin and security of their components and software.”
