The New Smart Product Security Laws Are Here

The New Smart Product Security Laws Are Here

If Your Product’s in Breach, You Can’t Sell It. Here’s What You Need to Know.

The UK’s new smart product security regulations are enforceable now. This free guide tells you exactly what’s required, without guesswork or legal jargon.

We've Seen What's at Stake. So Have Our Clients.

Penalties of up to £10 million or 4% of global turnover

Trusted by Octopus Energy, Oxford Instruments, Curtiss Wright, Naim Audio

15+ years building secure embedded systems

This Isn't Coming. It's Already Here.

If you design, build, or ship connected products, new UK security regulations now apply to you.

Since April 2024, compliance is no longer guidance or best practice. It’s a legal obligation.

The law doesn’t ask whether you tried to be secure. It asks whether you can prove that you are. Many well-built products are already out of step, not because they were built badly, but because the regulatory landscape changed around them.

Why Rufilla, Not a Competitor

We’ve been building secure embedded systems since long before the legislation arrived, so we understand what compliance actually looks like in practice, not just on paper.

Engineering-led, not policy-led. We implement compliance at the architecture level, not as an afterthought.

We don’t just tell you what’s wrong. We show you how to fix it, and we transfer that knowledge to your team so you’re not dependent on us long-term.

We’ve pioneered secure boot, over-the-air update systems, and full security hardening on real products at scale, for major energy providers, instrument manufacturers, and critical infrastructure.

We Already Work with Some of the UK’s Most Innovative Companies.