In order to facilitate the due diligence obligation set out in Article 13(5), in particular as regards manufacturers that integrate free and open-source software components in their products with digital elements, the Commission is empowered to adopt delegated acts in accordance with Article 61 to supplement this Regulation by establishing voluntary security attestation programmes allowing the developers or users of products with digital elements qualifying as free and open-source software as well as other third parties to assess the conformity of such products with all or certain essential cybersecurity requirements or other obligations laid down in this Regulation.
Chapter II - OBLIGATIONS OF ECONOMIC OPERATORS AND PROVISIONS IN RELATION TO FREE AND OPEN-SOURCE SOFTWARE
25
Article 25
Security attestation of free and open-source software
Related Recitals
(1)This text is reproduced from Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024. It is provided for informational purposes only and does not constitute legal advice. Only the text published in the Official Journal of the European Union is legally binding. Original text on EUR-Lex