Data I/O and IAR Unite to Secure Electronics from Design to Factory

REDMOND, Wash. – February 25, 2026 – In a move set to reshape how security is embedded into electronic devices, Data I/O Corporation and IAR have announced a strategic collaboration to create a unified security provisioning solution. The partnership aims to build a seamless bridge between the initial design phase of a product and its high-volume manufacturing, tackling one of the most persistent challenges in the electronics industry.

This collaboration between IAR, a global leader in embedded development software, and Data I/O, a veteran provider of data provisioning systems, promises to deliver an end-to-end platform for securing the entire electronics supply chain. By integrating security from the moment of conception through to the final programming of microcontrollers on the factory floor, the initiative directly confronts the growing threats of intellectual property theft, counterfeiting, and cyberattacks targeting connected devices.

The Regulatory Gauntlet: A New Era of Mandated Security

The timing of this announcement is no coincidence. Electronics manufacturers are facing a tidal wave of stringent international regulations that mandate robust, lifecycle-spanning security. Foremost among them is the European Union’s Cyber Resilience Act (CRA), which began entering into force in late 2024. The CRA imposes strict “secure-by-design” requirements on virtually all products with digital elements sold in the EU, with core obligations becoming mandatory in 2027.

Under the CRA, companies must implement security measures throughout a product's lifecycle, from development to end-of-life support. This includes ensuring firmware integrity, managing vulnerabilities, and providing transparent documentation like Software Bills of Materials (SBOMs). Failure to comply could result in products being barred from the massive EU market and fines reaching up to €15 million or 2.5% of global revenue.

This regulatory pressure is not confined to Europe. In the United Kingdom, the Product Security and Telecommunications Infrastructure (PSTI) Act, effective since April 2024, enforces similar security standards for consumer connected products. In the United States, guidelines from the National Institute of Standards and Technology (NIST), spurred by the IoT Cybersecurity Improvement Act, are setting the standard for secure device development, particularly for government procurement, with wide-ranging influence on the private sector. These regulations collectively signal a fundamental shift: cybersecurity is no longer an optional feature but a mandatory, auditable component of product development.

Bridging the Gap Between Design and Production

The Data I/O and IAR partnership is engineered to directly address this new reality by closing a critical and historically vulnerable gap between the R&D lab and the manufacturing line. The collaboration leverages the distinct expertise of each company to create a single, cohesive workflow.

IAR, with its widely used Embedded Workbench and security tools, will empower developers to define a product’s security architecture at the earliest stages of design. This involves creating a unique security profile that can include cryptographic keys, secure boot configurations, device-specific identities, and intellectual property protection measures. Essentially, designers can create a secure digital blueprint for their device within the familiar IAR development environment.

This blueprint is then securely transferred to Data I/O’s domain: the high-volume manufacturing floor. Data I/O's industry-proven PSV family of automated programming systems, which already program billions of devices annually, will ingest these security profiles. The systems then reliably and rapidly provision each individual microcontroller or security IC with its unique identity and security credentials before it is soldered onto a circuit board. This process of “secure provisioning” establishes a hardware-based Root of Trust (RoT) at the earliest possible point in production, dramatically reducing the attack surface.

“Collaborating with IAR allows us to extend our security provisioning capabilities upstream into the design phase, creating an unprecedented end-to-end solution for our customers,” said William Wentworth, President and CEO of Data I/O Corporation. “Together, we're not just offering tools—we're delivering a complete security ecosystem that empowers OEMs to meet evolving regulatory requirements while maintaining the agility to compete globally.”

Redefining the Competitive Landscape

This integrated approach stands in stark contrast to the fragmented solutions that Original Equipment Manufacturers (OEMs) have traditionally cobbled together. Previously, an OEM might use one set of tools for software development, rely on a semiconductor vendor’s specific security platform, and then work with a separate manufacturing partner to implement provisioning, creating multiple handoffs and potential points of failure.

The joint solution from Data I/O and IAR aims to replace this patchwork with a unified pipeline. A key enabler is the combination of the companies' extensive algorithm libraries, which promises to accelerate support for a broad range of microcontrollers from dozens of semiconductor partners. This gives OEMs greater flexibility in their component choices without being locked into a single vendor’s ecosystem.

For manufacturers, the benefits are compelling. The unified workflow promises to reduce development time, minimize the risk of human error during security implementation, and ensure consistent security deployment across global manufacturing sites. Furthermore, the solution integrates with Data I/O's ConneX software, enabling complete traceability by tracking and reporting on every single device provisioned—a critical requirement for compliance and quality control.

Early Momentum and Market Impact

While the integrated solution is slated for a formal launch in 2026, the press release notes that it is already gaining traction, with “several active customer engagements underway.” This early interest signals strong market demand from industries where security is paramount, including industrial automation, automotive, medical technology, and consumer IoT.

These sectors are not only prime targets for cyberattacks but are also squarely in the crosshairs of the new regulatory frameworks. For an automotive supplier, ensuring the integrity of every electronic control unit (ECU) is a matter of safety and compliance. For a medical device maker, it is essential for patient security and data privacy. The partnership provides a scalable pathway for these companies to build more resilient and trustworthy products.

As OEMs worldwide prepare for the full enforcement of regulations like the CRA, the demand for comprehensive, auditable security solutions is set to intensify. The collaboration between Data I/O and IAR is poised to become a critical enabler for this transition, potentially setting a new industry benchmark for how secure electronic products are brought to life. For global manufacturers, the launch will mark a critical opportunity to fortify their products and supply chains against the ever-evolving landscape of digital threats.