02. Apr 2026

Security in Smart Homes & Buildings: KNX and the Cyber Resilience Act

Security in Smart Homes & Buildings: KNX and the Cyber Resilience Act
Security in Smart Homes & Buildings: KNX and the Cyber Resilience Act

The European Cyber Resilience Act (CRA) is reshaping expectations around cybersecurity for connected products. For manufacturers of both hardware and software, it introduces clear requirements related to secure design, vulnerability handling, and long-term responsibility throughout a product’s lifecycle. In the context of connected buildings, where systems are increasingly IP-based and expected to operate securely for decades, these challenges are particularly relevant.

For the KNX ecosystem as a whole, however, the direction set by the CRA is not a sudden change. It reflects a security journey that began many years ago, driven by technical requirements and shared responsibility rather than regulatory pressure.

A proactive approach to security

Long before cybersecurity became a regulatory topic, the KNX community, including both KNX Association and its manufacturers, recognised that openness, interoperability, and long-term stability must be accompanied by robust security mechanisms. This common understanding led to the introduction of KNX Secure, initiated by KNX Association in close alignment with market needs and systematically extended across the KNX ecosystem.

Today, all KNX communication technologies offer security: KNX TP, KNX RF, KNXnet/IP, and KNX IoT, providing authentication, integrity, and confidentiality at protocol level. These mechanisms directly address key CRA principles, such as protection against unauthorised access and resilience against common cyber threats, while preserving full interoperability within the KNX system.

KNX Data Secure and KNX IP Secure

Building on this foundation, KNX Data Secure and KNX IP Secure play a central role in securing KNX installations, particularly in IP-based and hybrid environments. By enabling encrypted and authenticated communication between devices and systems, they support manufacturers in addressing the increasing cybersecurity expectations placed on connected products.

These security features are not optional extensions but an integral part of the KNX standard. They reflect a consistent approach to security that aligns well with the objectives of the Cyber Resilience Act.

KNX IoT: security considered from the outset

With KNX IoT, security has been considered from the very beginning. As an IPv6-based, IP-native extension of KNX, it incorporates modern security concepts directly into its architecture. This makes KNX IoT well suited for contemporary IoT environments, where cybersecurity is a fundamental requirement rather than a later addition.

KNX IoT also makes use of open-source components, bringing benefits in terms of transparency, innovation, and interoperability. At the same time, the CRA introduces specific considerations related to responsibility and lifecycle management in open-source-based solutions. These aspects are well understood, and they are taken into account as KNX IoT and its ecosystem continue to evolve.

Supporting manufacturers in a changing landscape

The Cyber Resilience Act presents concrete challenges for manufacturers, and KNX Association is addressing them together with its members. By continuously equipping the KNX standard with appropriate security mechanisms and adapting it to an evolving technical and regulatory environment, the Association supports manufacturers in navigating these requirements.

In this context, the CRA can be seen as a confirmation of an approach KNX has followed for many years. Security has long been a fundamental aspect of the KNX standard, and it will remain a key focus as connected buildings continue to evolve.

Social Share:

    • Highlights