Cyber Resilience Act (CRA) Compliance Information for SoftwareKey Products
Cyber Resilience Act (CRA) Compliance Documentation
Concept Software, Inc. (d/b/a SoftwareKey.com) provides compliance documentation to support customers who are subject to the EU Cyber Resilience Act (CRA – Regulation (EU) 2024/2847).
Customers who integrate SoftwareKey components into their own applications may request CRA‑related documentation for applicable products and versions.
Available documentation
For supported SoftwareKey products, the following documentation may be provided upon request:
- Declaration of Conformity (CRA / CE)
A manufacturer‑issued declaration attesting conformity with the applicable requirements of the EU Cyber Resilience Act, including Annex I (product security and vulnerability handling requirements). - Software Bill of Materials (SBOM)
Machine‑readable SBOMs provided in CycloneDX (JSON) format, identifying the software composition of specific product versions.
SBOMs clearly indicate scope, versioning, and whether third‑party dependencies are present.
Scope and use
CRA documentation is provided for specific product versions and components identified in the request. Some SoftwareKey components are stable or legacy software libraries that are not under active feature development. Customers and integrators remain responsible for assessing how SoftwareKey components are used within their own CRA‑regulated products.
How to request CRA documentation
To request a Declaration of Conformity or SBOMs, please contact: support@softwarekey.com
Include the following information in your request:
- Product name
- Component or DLL name (if applicable)
- Version number
- Brief description of use
Additional information
Providing CRA documentation supports transparency, supply‑chain risk management, and regulatory compliance. Documentation is made available to customers and, where required, to competent authorities in accordance with applicable regulations.