News from the Wire

OPEX successfully completes CRA fast start readiness assessment with ONEKEY

Thursday, March 19, 2026 — 18:25:40 (UTC)

OPEX Corporation Successfully Completes CRA Fast Start Readiness Assessment with ONEKEY

OPEX Corporation, a leading global provider of automation and manufacturing solutions, is working closely with ONEKEY to prepare for compliance with the Cyber Resilience Act (CRA).

Düsseldorf, March 19, 2026 — The European Union is introducing the Cyber Resilience Act (CRA), establishing comprehensive, binding cybersecurity requirements for connected products. For many organizations, this marks the beginning of a new phase of regulatory readiness. To support this transition, ONEKEY offers a structured CRA Readiness Assessment as part of its CRA Fast Start program. The assessment enables companies to evaluate their current level of preparedness against upcoming CRA requirements and identify areas for action. ONEKEY was recently recognized with the prestigious “Best in Show Award” in the Security category at the international Embedded World trade fair.

The Cyber Resilience Act requires manufacturers of hardware and software products to meet strict cybersecurity standards throughout the entire product lifecycle. These include transparency around software components through a software bill of materials (SBOM), systematic vulnerability management, and secure update mechanisms.

First Phase of CRA Implementation: Assessment of the Current Situation

ONEKEY's CRA Readiness Assessment enables companies to make an informed assessment of their current status. As part of a structured analysis, existing development processes, security controls, and documentation are reviewed. The goal is to determine the organization's maturity level, identify regulatory gaps, and provide concrete recommendations for next steps.

Based on established international standards, such as IEC 62443-4-1, and the audit principles of ISO 19011, the assessment ensures objective, traceable, and reproducible results.

Practical Example: OPEX Corporation

The collaboration with OPEX Corporation shows how a CRA Readiness Assessment works in practice. OPEX Corporation, a leading international automation company headquartered in the USA with a European location in Germany, wanted to review its existing secure development processes to ensure compliance with the requirements of the Cyber Resilience Act.

OPEX had already established security processes in accordance with IEC 62443-4-1. However, it was unclear whether these processes covered all CRA obligations, such as SBOM transparency, vulnerability management, and secure software updates.

Working closely with ONEKEY, OPEX conducted a structured CRA Readiness Assessment. Development guidelines, security mechanisms, update processes, and vulnerability management procedures were systematically analyzed and mapped against CRA requirements.

Clear Results and Documented Evidence

The assessment provided OPEX with a clear mapping of its existing engineering processes to CRA obligations. It also identified specific areas for improvement, including lifecycle documentation, vulnerability reporting, and audit preparation.

In addition, OPEX received formal validation of its current maturity level. These documented results enable the company to transparently demonstrate to management, customers, and partners its progress toward CRA compliance.

“With ONEKEY's support, we confirmed that our design engineering team meets the Cyber Resilience Act's expectations. The structured assessment provided the clarity we needed to validate our existing practices and define the next steps,” explained Nenad Vujovic, OPEX Corporation's Director of DMA Design Engineering. He added, “The collaboration has been very positive, especially in aligning our activities with the CRA and IEC 62443. We really appreciate the cooperation."

A Growing Challenge for Many Organizations

According to industry analyses, around 68 percent of organizations are not yet familiar with the requirements of the Cyber Resilience Act, while only around four percent have implemented comprehensive measures, indicating a great need for structured preparations.

With its CRA Readiness Assessment, ONEKEY aims to provide organizations with a clear starting point for regulatory compliance. By combining an automated analysis platform with expert guidance, the company helps integrate cybersecurity and compliance early into product development, manufacturing, and operations.

About OPEX

OPEX® Corporation is a global leader in Next Generation Automation, providing innovative, unique solutions for warehouse, document and mail automation. With headquarters in Moorestown, NJ—and facilities in Pennsauken, NJ; Plano, TX; France; Germany; Switzerland; the United Kingdom; and Australia—OPEX has nearly 1,600 employees who are continuously reimagining and delivering customized, scalable technology solutions that solve the business challenges of today and in the future. For more information, visit opex.com.

About ONEKEY

ONEKEY is the leading European specialist in Product Cybersecurity & Compliance Management and part of the investment portfolio of PricewaterhouseCoopers Germany (PwC). The unique combination of the automated ONEKEY Product Cybersecurity & Compliance Platform (OCP) with expert knowledge and consulting services provides fast and comprehensive analysis, support, and management to improve product cybersecurity and compliance from product purchasing, design, development, production to end-of-life.

Critical vulnerabilities and compliance violations in device firmware are automatically identified in binary code by AI-based technology in minutes – without source code, device, or network access. Proactively audit software supply chains with integrated Software Bills of Materials (SBOMs) generation. "Digital Cyber Twins" enable automated 24/7 post-release cybersecurity monitoring throughout the product lifecycle.

The patent-pending, integrated ONEKEY Compliance Wizard already covers the EU Cyber Resilience Act (CRA) and requirements according to IEC 62443-4-2, ETSI EN 303 645, UNECE R 155 and many others.

The Product Security Incident Response Team (PSIRT) is effectively supported by the integrated automatic prioritisation of vulnerabilities, significantly reducing the time to remediation.

Leading international companies in Asia, Europe and the Americas already benefit from the ONEKEY Product Cybersecurity & Compliance Platform (OCP) and ONEKEY Cybersecurity Experts.

Further information: ONEKEY GmbH, Sara Fortmann, email: sara.fortmann@onekey.com, Toulouser Allee 19A, 40211 Düsseldorf, Germany, web: onekey.com

Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.

Source: Company press release.

Categories: Partnership