@@ -278,26 +278,26 @@ For the purposes of the present document, the following abbreviations apply:
## 4.2 Out of scope use/environments
## 4.2 Out of scope use/environments
Out of scope use cases and environments include those explicitly carved out by the Regulation (EU) 2024/2847 (Cyber Resilience Act) <ahref="#_ref_i.1">[i.1]</a>, and are not covered by this standard.
> For the convenience of the developers of these standards, the following list is temporarily included and will be removed before publication:
>
For the convenience of the developers of these standards, the following list is temporarily included and will be removed before publication:
> The types of product with digital elements listed in the section do not fall within the scope of the the Regulation (EU) 2024/2847 (Cyber Resilience Act) <a href="#_ref_i.1">[i.1]</a>, and are not covered by this standard:
>
The types of product with digital elements listed in the section do not fall within the scope of the the Regulation (EU) 2024/2847 (Cyber Resilience Act) <ahref="#_ref_i.1">[i.1]</a>, and are not covered by this standard:
> 1. Services, except for the remote data processing solutions for a covered product as defined in CRA recitals 11-12; article 3, 2 <a href="#_ref_i.1">[i.1]</a>
> 1. Products specifically designed or procured for national security and defence purpose as defined in CRA recitals 14 and 26; article 2, 7-8 <a href="#_ref_i.1">[i.1]</a>
1. Services, except for the remote data processing solutions for a covered product as defined in CRA recitals 11-12; article 3, 2 <ahref="#_ref_i.1">[i.1]</a>
> 1. Products developed for or used exclusively for internal use by public administration as defined in CRA recital 16; article 5, 2 <a href="#_ref_i.1">[i.1]</a>
1. Products specifically designed or procured for national security and defence purpose as defined in CRA recitals 14 and 26; article 2, 7-8 <ahref="#_ref_i.1">[i.1]</a>
> 1. Non-commercial free and open source software as defined in CRA recitals 17-21; article 13, 5 <a href="#_ref_i.1">[i.1]</a>
1. Products developed for or used exclusively for internal use by public administration as defined in CRA recital 16; article 5, 2 <ahref="#_ref_i.1">[i.1]</a>
> 1. Medical Devices and Software as defined in CRA recital 25; article 2, 2 [a-b] <a href="#_ref_i.1">[i.1]</a>
1. Non-commercial free and open source software as defined in CRA recitals 17-21; article 13, 5 <ahref="#_ref_i.1">[i.1]</a>
> 1. Vehicles, including aviation and marine equipment as defined in CRA recital 27; article 2, 2.c "vehicles"; recital 27; article 2, 3 "aviation"; article 2, 4 "marine equipment" <a href="#_ref_i.1">[i.1]</a>
1. Medical Devices and Software as defined in CRA recital 25; article 2, 2 [a-b] <ahref="#_ref_i.1">[i.1]</a>
> 1. Spare and used parts as defined in CRA recital 29; article 2, 6 <a href="#_ref_i.1">[i.1]</a>
1. Vehicles, including aviation and marine equipment as defined in CRA recital 27; article 2, 2.c "vehicles"; recital 27; article 2, 3 "aviation"; article 2, 4 "marine equipment" <ahref="#_ref_i.1">[i.1]</a>
> 1. Refurbished, repaired, and upgraded products that have not been substantially modifiedas defined in recitals 39 - 42 <a href="#_ref_i.1">[i.1]</a>
1. Spare and used parts as defined in CRA recital 29; article 2, 6 <ahref="#_ref_i.1">[i.1]</a>
>
1. Refurbished, repaired, and upgraded products that have not been substantially modifiedas defined in recitals 39 - 42 <ahref="#_ref_i.1">[i.1]</a>
> The following types of products have reduced or varied requirements under Regulation (EU) 2024/2847 (Cyber Resilience Act) <a href="#_ref_i.1">[i.1]</a> and can only be partially covered by this standard:
>
The following types of products have reduced or varied requirements under Regulation (EU) 2024/2847 (Cyber Resilience Act) <ahref="#_ref_i.1">[i.1]</a> and can only be partially covered by this standard:
> 1. High Risk AI as defined in CRA recital 51; article 12 <a href="#_ref_i.1">[i.1]</a>
> 1. Testing and unfinished versions as defined in recital 37; Article 4, 2-3 <a href="#_ref_i.1">[i.1]</a>
> 1. Products Placed on the Market Prior to December 11, 2027 as defined in CRA article 69 <a href="#_ref_i.1">[i.1]</a>
1. High Risk AI as defined in CRA recital 51; article 12 <ahref="#_ref_i.1">[i.1]</a>
Out of scope use cases and environments include those explicitly carved out by the Regulation (EU) 2024/2847 (Cyber Resilience Act) <ahref="#_ref_i.1">[i.1]</a>, and are not covered by this standard.
1. Testing and unfinished versions as defined in recital 37; Article 4, 2-3 <ahref="#_ref_i.1">[i.1]</a>
1. Products Placed on the Market Prior to December 11, 2027 as defined in CRA article 69 <ahref="#_ref_i.1">[i.1]</a>
