I mentioned the EU CRA Digital Experts Group during today's call.
Here is a link to the EU CRA Digital Experts Group advising the European Commission on EU CRA standards and guidelines: https://ec.europa.eu/transparency/expert-groups-register/screen/expert-group s/consult?lang=en <https://ec.europa.eu/transparency/expert-groups-register/screen/expert-grou ps/consult?lang=en&groupID=3967&fromCallsApplication=true> &groupID=3967&fromCallsApplication=true Click the "Members" tab; there you will see that OpenSSF and Eclipse are listed as member. The OpenSSF members are deeply involved in the EU CRA activities with regular updates to the work underway for the EU CRA standards. Here is an #SBOM SIG posting containing a recent update (Nov 12): https://www.linkedin.com/feed/update/urn:li:activity:7394448568796737536?utm _source=share <https://www.linkedin.com/feed/update/urn:li:activity:7394448568796737536?ut m_source=share&utm_medium=member_desktop&rcm=ACoAAABMsYcB3I6zhtjaqBqVcePEOQq xsZNzj5E> &utm_medium=member_desktop&rcm=ACoAAABMsYcB3I6zhtjaqBqVcePEOQqxsZNzj5E SBOM Readiness for CRA One discussion that drew wide interest was the state of Software Bill of Materials (SBOM) readiness. The Commission acknowledged that there is still significant work to be done before best practices for SBOM implementation can be recommended under the CRA. An industry-wide survey <https://ec.europa.eu/eusurvey/runner/enisa-sbom-study2025> was launched yesterday 12th November 2025 (click here to participate <https://ec.europa.eu/eusurvey/runner/enisa-sbom-study2025> ), with results expected in Q1 2026. Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership Lifetime IEEE Member <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T Risk always exists, but trust must be earned and awarded.T <https://businesscyberguardian.com/> https://businesscyberguardian.com/ Email: [email protected] Tel: +1 978-696-1788 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#6042): https://lists.spdx.org/g/Spdx-tech/message/6042 Mute This Topic: https://lists.spdx.org/mt/116581978/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
