World’s First SoM to Comply with EU Security Laws

By Chad Cox

Production Editor

Embedded Computing Design

September 27, 2023


World’s First SoM to Comply with EU Security Laws
Image Credit:

London, England. Foundries.​io has utilized its security technology and teamed up with Arduino to release the Arduino Portenta X8, the first system-on-module (SoM) to adhere to the constraints of the European Union’s Cyber Resilience Act (CRA). Leveraging the Portenta X8 SOM, designers have the ability to manage device authentication, secure storage, provisioning, a SBOM, and OTA updating, in one cloud platform.

John Weil, Chief Marketing Officer of Foundries.​io, said, ‘Normally, SoM manufacturers supply their boards with a sample Linux distribution that is not maintained after shipment to the customer, and with none of the security infrastructure such as an SBOM tool and OTA update utility required to maintain device security for life."

The SoM is secured against outside threats including attacks and malware, and comes with the capability to enable rapid device-specific reactions to Common Vulnerabilities and Exposures (CVE). The CRA was met by Arduino integrating the Linux microPlatform (LmP) and FoundriesFactory DevOps  from Foundries.​io into the Portenta X8 SoM.

Security Functions:

  • Secure boot
  • A trusted execution environment
  • Remote attestation
  • Key installation
  • Cloud authentication
  • TUF-compliant secure OTA updating
  • A SBOM that is generated after software update

“When deploying Linux based edge devices, security cannot be an afterthought. That’s why we designed the Arduino Portenta X8 giving the highest priority to security features, end to end. This spans from Hardware and Firmware to the Linux distribution and device management with FoundriesFactory technology. This allowed us to be naturally CRA compliant from the very beginning,” said Fabio Violante, CEO of Arduino.

For more information, visit

Chad Cox. Production Editor, Embedded Computing Design, has responsibilities that include handling the news cycle, newsletters, social media, and advertising. Chad graduated from the University of Cincinnati with a B.A. in Cultural and Analytical Literature.

More from Chad