EV-CRA Charge with Compliance | Achim Friedland, GraphDefined GmbH скачать в хорошем качестве

EV-CRA Charge with Compliance | Achim Friedland, GraphDefined GmbH

The EV-charging domain has grown into one of Europe’s most strategically relevant digital infrastructures. Yet over the last 15 years it developed through a patchwork of vendors, standards, and interfaces that rarely aligned on security, interoperability, or lifecycle governance. Deployment pressures consistently outpaced foundational requirements such as resilience, auditability, and long-term maintainability. The result: an ecosystem where innovation accelerated rapidly, while security, trust, and verifiable quality remained far behind. With the EU CRA & NIS2 taking effect, 2026 marks the beginning of a structural shift. Regulatory expectations are no longer abstract legal obligations but concrete design parameters that define how products must be engineered, documented, monitored, and maintained. Development teams, operators, and compliance officers now face the same strategic questions: How do we turn regulatory complexity into operational clarity? How can the industry avoid every manufacturer reinventing the wheel? And how do we prevent repeating the mistakes seen under the German Calibration Law or ISO 15118, where technical intent and practical implementation diverged, ultimately failing to strengthen trust in digital measurement systems? This session explores how the EV-charging sector is beginning to answer these questions—starting with the ongoing revision of foundational protocols such as OCPP. We look at how open-source governance models, transparent development practices and initiatives like CyberStand.eu, can accelerate interoperability, strengthen default security baselines, and provide shared compliance assets across an entire supply chain. Instead of treating regulation as another political burden, the goal is to treat it as a catalyst for cleaner architectures, responsible engineering, and long-term resilience embedded directly into the specifications. Beyond the conceptual level, the talk provides a practical blueprint for turning regulations and related standards into measurable controls, structured processes, and continuously improving software artifacts. The focus is on actionable guidance: what engineering teams should implement by default, what operators must monitor in production, and how documentation and audit trails can evolve into living, machine-readable assets. The perspective goes beyond individual manufacturers towards coordinated industry-wide models that raise the baseline across the entire EV-charging ecosystem. ___ This session was recorded during Code & Compliance - FOSDEM Edition, held on 29 January 2026 in Brussels. For more information about the Open Regulatory Compliance (ORC) Working Group and details on upcoming events, visit orcwg.org