BEGIN:VCALENDAR VERSION:2.0 PRODID:icalendar-ruby CALSCALE:GREGORIAN X-WR-CALNAME:I-SENSE Distinguished Speaker: It's The Law: Some Technical Th ings All Hardware Security Architects Ought to Know About CRA\, EUCC X-WR-TIMEZONE:Eastern Time (US & Canada) BEGIN:VEVENT DTSTAMP:20260513T060429Z UID:tag:localist.com\,2008:EventInstance_50791048557228 DTSTART:20251017T150000Z DTEND:20251017T160000Z DESCRIPTION:I-SENSE is proud to welcome its first Distinguished Speaker of the Fall 2025 Semester\, Markku-Juhani Olavi Saarinen\, PhD.\n\n \n\nIn th is seminar\, Dr. Saarinen will offer some technical and practical lessons he has learned about recent European Union information security regulation s related to PQC security chips. This may sound boring from a scientific v iewpoint\, but it is essential for a security architect as compliance requ irements are the main driver for the sales of such chips. Saarinen is curr ently Finland's representative to CENELEC TC 4​7X "Semiconductor device and trusted chips"\, which is tasked with turning the security requirement s of the EU's Cyber Resilience Act (CRA) into electrotechnical standards. The CRA and its technical requirements are of great interest to chip maker s and designers globally\, as compliance will be required to sell electric al goods in the EU market (the comparable U.S. "Cyber Trust Mark" program\ , being introduced by the FCC\, will be only voluntary). Among other thing s\, CRA implies supply chain security measures\, fairly strict vulnerabili ty reporting timelines and responsibilities\, as well as some concrete sec urity features such as secure firmware updates. "Default category" product s can get a pass via self-evaluation\, but for "Critical category" product s (e.g.\, secure elements)\, compliance often requires a third-party asses sment. Such laboratory evaluation can be done with the EU Common Criteria (EUCC) Certification Scheme\; passing requires relatively advanced technic al protections.\n\n \n\nDr. Saarinen has worked in cryptography and techni cal information security since the late 1990s\, dividing time between acad emia and the industry/startups. Before his PhD studies (which focused on s ymmetric cryptanalysis)\, he had worked at SSH Communications Security (he lping to design the now-ubiquitous SSH2 secure login protocol) and at Noki a Research\, both in Finland. Post-Quantum Cryptography (PQC) has been a r esearch focus since 2015\, resulting in numerous publications and a half-d ozen patents. In 2018\, he was the first employee at PQShield Ltd. (UK)\, a University of Oxford spin-out focusing on PQC. At PQShield\, he architec ted some of the first commercially successful high-assurance PQC hardware modules before joining Tampere University in 2023. He is currently a membe r of CENELEC TC 47X (Cyber Resilience Act / Semiconductors) and Chairs the Cryptography SIG at RISC-V International. GEO:26.372832;-80.098389 LOCATION:Engineering East\, Conference Room 405 SUMMARY:I-SENSE Distinguished Speaker: It's The Law: Some Technical Things All Hardware Security Architects Ought to Know About CRA\, EUCC URL;VALUE=URI:https://calendar.fau.edu/event/i-sense-distinguished-speaker- its-the-law-some-technical-things-all-hardware-security-architects-ought-t o-know-about-cra-eucc CATEGORIES:Lectures\, colloquia\, seminars\, etc. END:VEVENT END:VCALENDAR