12/15/2025 Press Release¶

𝗔𝘃𝗮𝗶𝗹𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗼𝗳 𝗖𝗶𝗽𝗵𝗲𝗿𝗜𝗤: 𝗖𝗿𝘆𝗽𝘁𝗼𝗴𝗿𝗮𝗽𝗵𝗶𝗰 𝗩𝗶𝘀𝗶𝗯𝗶𝗹𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗤𝗖 𝗔𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 𝗦𝘂𝗶𝘁𝗲 𝗳𝗼𝗿 𝗜𝗼𝗧 𝗮𝗻𝗱 𝗢𝗧 𝗢𝗘𝗠𝘀

𝗣𝗮𝗹𝗼 𝗔𝗹𝘁𝗼, 𝗖𝗔 — 𝗗𝗲𝗰𝗲𝗺𝗯𝗲𝗿 𝟭𝟱, 𝟮𝟬𝟮𝟱 — 𝗚𝗿𝗮𝘇𝗶𝗮𝗻𝗼 𝗟𝗮𝗯𝘀 𝗖𝗼𝗿𝗽. today announced the availability of 𝗖𝗶𝗽𝗵𝗲𝗿𝗜𝗤, an open-source software suite providing cryptographic visibility and Post-Quantum Cryptography (PQC) readiness assessment for embedded, IoT, and OT systems.

CipherIQ addresses a growing gap faced by OEMs and operators of regulated infrastructure as cybersecurity and product-security requirements continue to tighten. Frameworks such as FDA cybersecurity expectations for medical devices, IEC 62443 for industrial automation and control systems, and, increasingly, EU regulations including NIS2 and the Cyber Resilience Act (CRA) require demonstrable knowledge, control, and documentation of cryptographic mechanisms deployed in products and operational environments.

In practice, however, cryptographic inventory and assessment tooling has not kept pace with these obligations.

At the core of the CipherIQ suite is cbom-generator, a production-grade tool that discovers cryptographic algorithms, keys, certificates, libraries, and protocol configurations on Linux-based systems and produces CycloneDX-compliant Cryptographic Bills of Materials (CBOMs). The toolchain is designed to operate in offline and air-gapped environments and is suitable for embedded devices, industrial systems, and long-lived deployed infrastructure.

CipherIQ enables IoT and OT OEMs, device manufacturers, and operators of regulated infrastructure to:

Identify cryptographic assets embedded in firmware, system images, and deployed systems
Assess cryptographic strength and PQC readiness using NIST-finalized algorithms
Generate standards-aligned CBOMs suitable for regulatory compliance and audit workflows
Establish and maintain a defensible cryptographic inventory across product lifecycles and installed infrastructure

CipherIQ is dual-licensed, available under GPLv3+ for open-source use, and under a commercial license for integration into closed-source products, OEM redistribution, professional support, and long-term maintenance.

CipherIQ is developed by Graziano Labs Corp., drawing on decades of experience in embedded systems and product development, and reflects operational constraints typical of real-world device environments rather than cloud-centric assumptions.

Graziano Labs Corp. is currently seeking early adopters and pilot partners among OEMs and product security teams evaluating cryptographic compliance and PQC readiness.

Source code and documentation are available at:

GitHub: https://github.com/cipheriq

Documentation: https://www.cipheriq.io

For pilot engagements or commercial licensing inquiries, interested parties are invited to make contact directly.

About Graziano Labs Corp. / CipherIQ

CipherIQ is an open-source software initiative by Graziano Labs Corp. focused on cryptographic visibility, compliance, and post-quantum readiness for embedded, IoT, and OT systems.