Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
BlackIoT Sagl is an electronic engineering company based in Vacallo, Switzerland. Its core positioning is not as a traditional SaaS developer tool, but as a hardware and firmware redesign service provider focused on the EU Cyber Resilience Act (Reg. 2024/2847). Its goal is to help products with digital elements meet requirements around secure-by-design engineering, SBOMs, vulnerability handling, and conformity assessment before the CRA becomes fully applicable in December 2027.
The methodology presented on its website is fairly complete: it starts with an Annex I Section 1/2 gap assessment, then provides a remediation roadmap. Redesign work covers root of trust, secure boot, signed firmware, cryptographic services, TRNG, interface hardening, and secure update paths. On the compliance documentation side, it supports machine-readable SBOMs in SPDX/CycloneDX formats, PSIRT, coordinated disclosure policies, and 24h/72h/14d reporting workflows to ENISA and national CSIRTs. For Annex III Important and Annex IV Critical products, it also provides support for technical documentation, Declaration of Conformity, CE marking, and communication with Notified Bodies.
Its engineering background is reflected in multiple production-validated reference designs, including the WildBay, Vallarta, and BlackMoon wireless SOMs, as well as sensor/AI boards such as Polverine, PortRoyal MKR, Havana MKR, Martinica MKR, and Mayreau. The ecosystem covers STM32Cube, Arduino, PlatformIO, Espressif IDF, Microchip Studio, Bosch COINES, and more. Supported protocols include BLE, Thread, Zigbee, LoRa-compatible LPWAN, Sigfox, 6LoWPAN, and WiFi. Polverine is explicitly open source in both hardware and software, while Mayreau is open-source hardware.
The website does not disclose pricing, payment methods, project timelines, or packages. It only states that each engagement starts with a 60-minute engineering call and a written technical scope, so procurement will require deeper discussion in advance. Its value lies in custom engineering and practical compliance implementation rather than an out-of-the-box tool. If a team only needs software SCA, SBOM generation, or a cloud-based vulnerability management platform, a dedicated DevSecOps product may be a better fit.
BlackIoT is suitable for aerospace, defense, industrial IoT, medical, smart infrastructure, and consumer electronics manufacturers—especially teams that already have hardware products and are preparing to enter or continue selling in the EU market. Access from mainland China, Chinese-language service, and cross-border payment options are not disclosed. It is advisable to confirm video meeting availability, contract currency, and delivery collaboration methods by email first. Alternatives to compare include TÜV SÜD, DEKRA, UL, SGS, NCC Group, and other compliance and security engineering service providers.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on blackiot.it official site.
blackiot.it is an Switzerland Hardware & IoT provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach blackiot.it directly.