The leader in Digital Trust for the AI & Quantum Era.   Discover how Keyfactor makes it possible.

Webinar

Implementing CRA Compliance with ST & Keyfactor

Virtual

Ray Lillback - Keyfactor Ellen Bohem - Keyfactor Mena Roumbakis - STMicroelectronics
April 16, 2026
45 minutes
Read More
  • Home
  • Events
  • Implementing CRA Compliance with ST & Keyfactor

As the EU Cyber Resilience Act (CRA) moves from concept to enforcement, manufacturers face increasingly stringent requirements: Can you prove your device’s origin? Can you audit enabled or disabled features? Can you ensure only trusted code runs on your hardware?

Meeting these demands requires more than theoretical secure boot. It calls for an integrated toolchain that combines silicon capabilities, cryptographic signing, and lifecycle governance in a verifiable manner.

In this joint webinar, STMicroelectronics and Keyfactor demonstrate how ST’s “Trusted Package Creator” and Keyfactor’s signing and PKI solutions, including SignServer (Signum), work together to operationalize CRA compliance throughout development, manufacturing, and deployment.

Using the STM32U385 as a reference platform, this session will show how manufacturers can:

  • Verify device authenticity originating from trusted ST silicon
  • Control and audit security-critical features and their lifecycle states
  • Secure the firmware supply chain with centralized, policy-driven code signing
  • Establish a provable root of trust supporting secure boot, secure identities, and long-term CRA compliance

Technical Highlights:

  • Integration of ST Trusted Package Creator with Keyfactor SignServer using industry-standard PKI protocols
  • Auditable secure boot implementation leveraging hardware root of trust on STM32U385
  • Lifecycle governance through cryptographic code signing policies and automated firmware validation
  • Real-time device attestation and secure configuration management via combined silicon and software toolchains

Participants will learn:

  • How CRA requirements translate into auditable technical controls
  • How ST silicon and tools enable device identity, attestation, and secure configuration
  • How Keyfactor SignServer and PKI integrate into ST workflows for controlled code signing
  • How to secure the device supply chain from development through production and updates
Register

Keyfactor is an approved (ISC)2 CPE Submitter partner. Earn 1 CPE credit by viewing this webinar.