STDA030 April   2026 AM620-Q1 , AM623 , AM625 , AM625-Q1 , AM62A1-Q1 , AM62A3 , AM62A3-Q1 , AM62A7 , AM62A7-Q1 , AM62P , AM62P-Q1 , AM6411 , AM6412 , AM6421 , AM6422 , AM6441 , AM6442 , TDA4AEN-Q1 , TDA4AH-Q1 , TDA4AL-Q1 , TDA4AP-Q1 , TDA4VE-Q1 , TDA4VEN-Q1 , TDA4VH-Q1

 

  1.   1
  2.   Abstract
  3. 1Introduction
  4. 2Scope of CRA
  5. 3Product Requirements
  6. 4Vulnerability Handling Process
  7. 5Information and Labeling
  8. 6TI Processors Meeting the Requirements of the CRA
  9. 7Conclusions
  10. 8References

5 Information and Labeling

Compliance to the CRA demands a CE (Conformité Européenne) marking on the product and an EU Declaration of Conformity, the appointment of an authorized representative, designation of a security point‑of‑contact, and clear identification of the product. The CRA requires technical documentation that must contain:

  • A cybersecurity risk assessment
  • Information on the availability of security updates
  • An SBOM covering top‑level dependencies
  • Definitions of support and the duration of that support
  • Access to revisions through a public software archive
  • A user instruction set