Björn Lundell
Professor of Computer Science
The project strengthens Swedish organisations’ ability to comply with the requirements of the Cyber Resilience Act (CRA) and contributes to continued opportunities to develop and use software within the EU.
New cybersecurity requirements from the EU pose new challenges for Swedish organisations that develop and use software. The CRA poses particular challenges for organisations that develop and use Free and Open Source Software (FOSS).
How CRA affects the conditions for continued use of FOSS
The project investigates CRA with a focus on how CRA affects the conditions for continued use of FOSS within Swedish organisations, and develops concrete strategies and guidelines for how stakeholders who influence and are influenced by CRA should act.
The project strengthens Swedish organisations’ ability to comply with the requirements of new EU legislation (CRA) and contributes to continued opportunities to develop and use software within the EU.
Project objectives
With a focus on small companies, the project contributes to learning about the consequences of CRA for organisations that depend on software that includes FOSS in cutting-edge technology areas. The project presents strategies for how stakeholders who affect, and are affected by, CRA should act.
The project is conducted in three sub-projects, which develop:
- a review of how Swedish organisations that develop and use FOSS perceive CRA and the consequences of CRA for their own operations;
- an in-depth analysis of this review through workshops and interviews with experts from the reference group and other invited experts; and
- a legal analysis of CRA and develop guidance and recommendations for compliance with CRA when using FOSS.