Hello,
We're developing a firmware for our board based on nRF9160, using ncs 2.7.0. We want to allow the user to set the certificates over i2c.
How can we in a secure mode, save and deploy (AWS) certificates on the nRF9160 complying with the new Cybersecurity requirements under the EU Radio Equipment Directive (RED) which will become mandatory in August 2025?
The update mandates cybersecurity, personal data and privacy protection for devices that can:
3.3d: communicate over the internet, either directly or via any other equipment
3.3e: process personal data, traffic data or location data
Article 3.3(d) – Cybersecurity
It covers radio equipment that can communicate through the Internet and radio equipment which can communicate over the Internet by way of another connected device. In simplistic terms, the radio product must not, nor be able to be compromised therefore causing harm to the network.
Article 3.3(e) – Privacy
This requires radio equipment to incorporate safeguards to ensure that the personal data and privacy is secured. This includes but is not limited to radio equipment that can process personal, traffic and location data.