Nordic Semiconductor Bundles FOTA, Aims to Ease EU Cyber Resilience Act Burden
Event summary
- Nordic Semiconductor is offering a lifetime FOTA (Firmware Over-the-Air) and device management license via its new nRF Cloud service.
- The service is designed to help customers comply with the EU Cyber Resilience Act (CRA), which takes effect in 2027.
- Pricing starts at $1 per device, varying based on fleet size.
- nRF Cloud leverages technology acquired from Memfault in 2025.
- The offering is available for Nordic’s nRF54, nRF53, nRF52 Series Bluetooth® Low Energy SoCs, and nRF91 Series cellular IoT modules.
The big picture
The EU Cyber Resilience Act represents a significant regulatory shift, forcing IoT device manufacturers to prioritize long-term security and update capabilities. Nordic’s nRF Cloud offering is a strategic move to capitalize on this trend, positioning itself as a key enabler for compliance and potentially gaining market share. By bundling FOTA and device management, Nordic aims to reduce the total cost of ownership for its customers and accelerate their time to market, creating a competitive advantage in a rapidly evolving regulatory landscape.
What we're watching
- Adoption Rate
- The success of nRF Cloud hinges on device manufacturers rapidly adopting the lifetime FOTA model, which represents a shift from traditional, recurring cloud fees.
- Competitive Response
- Other semiconductor firms will likely respond to Nordic’s offering, potentially triggering a price war or a race to bundle similar services, impacting margins.
- CRA Enforcement
- The stringency with which the EU enforces the Cyber Resilience Act will directly influence the demand for solutions like nRF Cloud and the overall market for IoT security services.
Related topics