The project at a glance
The OCCTET project aims to equip European SMEs with a comprehensive open-source toolkit that simplifies and automates compliance with the EU Cyber Resilience Act (CRA). Its objectives are to clarify CRA obligations through self-assessment models, provide conformity assessment specifications, and deliver automated tools for SBOM generation, vulnerability evaluation, remediation, and reporting. By leveraging open standards, federated reference data, and collaborative open-source practices, OCCTET reduces the cost, time, and complexity of CRA compliance while strengthening the security and resilience of products with digital elements.
Compliance tool description
The OCCTET toolkit is intended to provide a comprehensive suite of tools and resources tailored to the needs of SMEs and support FOSS projects:
- Compliance Checklist
- Conformity Assessment Specifications
- Automated Evaluation Method and Tool
- Federated Database platform for publishing the results of OSS component assessments allowing contributions from various stakeholders
- Inventory of Automatic Dependency Analysis Tools
- Reporting tool
