Quantum Dice, a University of Oxford spin-out pioneering Quantum Random Number Generator technology, has published an independent evaluation by trusted European IoT cybersecurity firm Cyberwhiz, which found that its QRNG products help manufacturers deliver secure-by-design systems compliant with the EU Cyber Resilience Act (CRA).
Quantum Dice commissioned CyberWhiz to independently assess how its QRNG products, with its patented source-device independent self-certification (DISC) protocol, support CRA compliance for its customers.
The report finds that Quantum Dice’s product portfolio, including SparQ, its System-on-module QRNG for embedded devices, directly supports essential requirements of the CRA – protection from unauthorised access, data confidentiality, and data integrity.
Its unique DISC protocol, which continuously measures and certifies randomness quality in real-time, was highlighted as central to maintaining compliance over the product lifetime, supporting the CRA’s technical expectations for incident detection, continuous monitoring, and lifecycle vulnerability management.
Dr Ramy Shelbaya, CEO and Co-Founder of Quantum Dice, said:
“Constant connectivity has not only become a daily factor of life for most people, it has become the backbone of our economy and our productivity. With that convenience, comes the risk of many vulnerabilities that the CRA is looking to protect against. Quantum Dice’s QRNG and its unique DISC™-enabled features offers a clear path to further protect our digital infrastructure and protect hardware developers from any future liabilities.”
Çağatay Büyüktopçu, Founder and CEO of CyberWhiz, said:
“With the EU Cyber Resilience Act coming into full effect in December 2027, manufacturers need to prepare now to meet its cybersecurity requirements. Our independent evaluation shows that Quantum Dice’s DISC QRNGs provide critical support for manufacturers in achieving secure-by-design systems compliant with the CRA.”
The CRA applies to all manufacturers, importers, and distributors of hardware and software with “digital elements” sold in the EU. It requires implementing essential cybersecurity measures throughout the product lifecycle. The law came into effect on 10 December 2024, with full compliance required by 11 December 2027.
The CyberWhiz report provides key background information on the CRA, and a thorough evaluation of how Quantum Dice’s DISC™-enabled QRNG products map against CRA requirements. Download the full report.
