CRA in practice

Room: UA2.114 (Baudoux)
Calendar: iCal, xCal
Chat: Join the conversation!

	09												10												11												12												13												14												15												16												17												18
Saturday																																																																									Welcome to the Devroom	Software Supply Chain Strategy at Deutsche Bahn					CRA-by-Design: Protocol-Embedded Compliance for EV Charging Infrastructure					Erlang/OTP’s journey toward CRA compliance					CRA Compliance in Embedded Systems: A Practical Look from the Yocto Project World					Building CRA-Ready Open Source Communities: The Critical Role of Community Managers			Panel: From Minimum Compliance to Meaningful Stewardship						VEX - Cutting through the Noise in Software Supply Chain Security			First steps towards CRA conformity. A practical introduction to cybersecurity risk management.			Can security attestations deliver on their promise to simplify due diligence and strengthen open source sustainability?			CRA-ppy data: We need better open data for CRA compliance			Panel: Why is the CRA worth a FOSS maintainer’s attention?

Event		Speakers	Start	End
Saturday
	Welcome to the Devroom	Roman Zhukov	15:00	15:05
	Software Supply Chain Strategy at Deutsche Bahn	Max Mehl, Henry Sachs	15:05	15:30
	CRA-by-Design: Protocol-Embedded Compliance for EV Charging Infrastructure	Achim Friedland	15:30	15:55
	Erlang/OTP’s journey toward CRA compliance	Kiko Fernandez-Reyes	15:55	16:20
	CRA Compliance in Embedded Systems: A Practical Look from the Yocto Project World	Marta Rybczynska	16:20	16:45
	Building CRA-Ready Open Source Communities: The Critical Role of Community Managers	Cynthia Lo, Cassie Jiun seo	16:45	17:00
	Panel: From Minimum Compliance to Meaningful Stewardship	Madalin Neag	17:00	17:30
	VEX - Cutting through the Noise in Software Supply Chain Security	Rao Lakkakula, Georg Kunz	17:30	17:45
	First steps towards CRA conformity. A practical introduction to cybersecurity risk management.	Harald Fischer	17:45	18:00
	Can security attestations deliver on their promise to simplify due diligence and strengthen open source sustainability?	Tobie Langel	18:00	18:15
	CRA-ppy data: We need better open data for CRA compliance	Georg Link, Thomas Steenbergen	18:15	18:30
	Panel: Why is the CRA worth a FOSS maintainer’s attention?	Roman Zhukov, Philippe Ombredanne	18:30	19:00

fosdem-2026