March 19, 2026 -
Nordic Semiconductor, a global contributor in low-power wireless connectivity solutions, has announced a step in preparing customers for the EU Cyber Resilience Act (CRA), with nRF Cloud now offering a one-time, upfront, lifetime FOTA (Firmware Over-the-Air) and device management license.
According to the CRA, manufacturers deploying connected devices on the European market must provide security updates for identified vulnerabilities throughout each device’s lifetime, starting in 2027. Available across Nordic’s low-power wireless portfolio, nRF Cloud enables developers to meet CRA secure update requirements in minutes instead of months, avoiding the complexity of building their own update infrastructure, and with a simple one-time cost.
“Preparing for compliance with the EU Cyber Resilience Act is going to add significant operational overhead and project complexity for device manufacturers,” explains François Baldassari, the founder of Memfault and VP software services at Nordic Semiconductor. “With the enforcement of the CRA approaching quickly, Nordic is providing solutions that simplify and accelerate the compliance process for its customers.”