New Firmware Monitoring Tool Targets Cyber Resilience Act -- Security Today

New Firmware Monitoring Tool Targets Cyber Resilience Act

Automated digital twin technology provides continuous security analysis for connected devices throughout the entire product lifecycle.

By Jesse Jacobs
Apr 30, 2026

Software vulnerabilities within connected devices are facing increased scrutiny as manufacturers prepare for new regulatory requirements. ONEKEY has launched a continuous firmware monitoring system designed to help manufacturers comply with the European Union’s Cyber Resilience Act (CRA).

The technology utilizes digital twins—virtual representations of device firmware—to conduct automated security scans without requiring access to physical hardware or source code. While traditional security reviews are often conducted once during development, this platform reanalyzes firmware daily to identify emerging risks.

The system functions by creating a structured Software Bill of Materials (SBOM), which maps every component and third-party library within a device. This inventory is then cross-referenced against global vulnerability databases. If a new flaw is discovered in an open-source component, the system automatically alerts the manufacturer if their products are affected.

Firmware, the permanent software programmed into a device's hardware, represents a significant attack surface for industrial control systems, medical devices and automotive components. Because these systems often rely on a complex web of external software libraries, a single vulnerability in a sub-component can compromise the entire machine.

The platform also includes automated risk assessment to help Product Security Incident Response Teams (PSIRTs) prioritize threats. By analyzing the exploitability of a vulnerability and its potential impact on system functions, the tool provides a targeted list of issues for remediation.

The shift toward continuous monitoring marks a change in strategy for the industry. Under the CRA, manufacturers must maintain security standards from the initial design phase through the end of a product’s operational life.

About the Author

Jesse Jacobs is assistant editor of SecurityToday.com.

Featured

Enterprise Identity Management Flaws Expose Cyber Vulnerabilities

A joint study by the FIDO Alliance and HID reveals a sharp disconnect between perceived security readiness and actual access revocation failures. Read Now
Holistic Operational Orchestration Replaces Fragmented Physical Security Contracts

Static guarding models are giving way to agile, hybrid security ecosystems that blend edge AI analytics, mobile patrols and real-time dashboard tracking. Read Now
- Physical Security
- Artificial Intelligence
- Risk Management
Drone Detection Tech Integrates With Public Safety Software

A new technological alliance unifies airspace monitoring and ground-level security data to accelerate law enforcement responses to airborne threats. Read Now
Direct to Home Smart Security Platforms Shift Toward Elite Talent

Brinks Home builds an advanced, long-term talent infrastructure with proprietary tech to revolutionize seasonal sales and door-to-door retention. Read Now
- Integrated Home
- Dealers and Integrators
- Security Staffing
AI Deepfakes Force Fintech Identity Models Toward Cryptographic Proof

Traditional risk-scoring and behavioral authentication fail against generative AI, driving banks to adopt hardware-rooted cryptographic keys. Read Now

Artificial Intelligence

New Products

ResponderLink

Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.
Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.
Mobile Safe Shield

SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.