Is a GPU or AI accelerator hardware or a component under CADA?

Summary As proposed, CADA does not define "GPU" or "AI accelerator." It classifies them as "hardware" or a "component" by reference to the Cyber Resilience Act (CRA, Regulation (EU) 2024/2847): Article 2(14) imports "hardware" from CRA Article 3, point (5), and Article 2(15) imports "component" from CRA Article 3, point (6). Roughly, a discrete accelerator card sold on its own behaves like hardware, while one integrated into a larger system behaves like a component of it. Either way, for the higher Union assurance levels the provenance and control of that silicon would feed CADA's sovereignty and supply-chain criteria.

Detail

CADA, as proposed, anchors physical-computing terms in existing EU product legislation rather than inventing its own. The relevant definitions sit in Article 2.

The legal definitions: hardware and component

CADA borrows from the CRA, so your GPU's legal status follows the product-cybersecurity rules, not just its technical role.

• Article 2(14) of CADA: "'hardware' means hardware as defined in Article 3, point 5, of Regulation (EU) 2024/2847."
• Article 2(15) of CADA: "'component' means component as defined in Article 3, point (6), of Regulation (EU) 2024/2847."

Under the CRA, broadly, "hardware" refers to a physical product with digital elements, while a "component" is a part — hardware or software — intended for integration into such a product. In practice, a standalone GPU card is typically hardware; a GPU or accelerator integrated into a server or module supplied as part of a larger system is often a component of that system.

Standalone hardware vs integrated component

The distinction is not merely semantic; it shapes how the sovereignty and supply-chain criteria apply.

1. Standalone hardware: a GPU or accelerator card bought to install in your own servers is hardware. Under CADA's sovereignty framework (Title IV), its provenance matters. For the higher Union assurance levels, providers would need to show controls over third-country influence on the relevant elements of the service.
2. Integrated component: where the GPU arrives inside a pre-built server, it is a component of that system, and obligations focus on the system as a whole. Annex II (assurance-level criteria) and Annex III (audit evidence) require deep supply-chain visibility — including, for level 2 and above, an SBOM and documented controls to block remote features from third-country software components that could tamper with or disrupt the system.

Relevance to chip and compute supply chains

A central CADA aim is reducing EU dependence on non-European providers and critical technologies, so how accelerators are classified is significant.

• Supply-chain transparency: for the higher assurance levels, providers would have to show, among the cumulative Annex II criteria, that the infrastructure, assets, and personnel involved in the service are in the Union and not subject to third-country control that could compromise continuity or confidentiality (Annex II, Sections 2–4).
• Strategic projects: under Article 14, the Commission may designate data centre strategic projects meeting set criteria — including projects supporting the integration of chips, processors, and accelerators designed and/or manufactured in the Union — incentivising EU-made accelerator hardware and components.
• Risk assessments: Member States and Union entities would conduct risk assessments under Article 29 to set the appropriate assurance level. Where accelerators come from a third country with extraterritorial access laws, that can bear on whether a service can meet the higher-level criteria or what mitigations are needed.

What this means for you

For CTOs, architects, and SMEs assessing infrastructure or building data centres, three practical implications:

1. Procurement due diligence. Trace the origin of your accelerators. To meet the criteria for the higher assurance levels required for public-order-relevant public sector activities under Article 30, you would need to demonstrate the legal, technical, and organisational controls in Annex II — you cannot simply buy off-the-shelf third-country hardware without addressing third-country control.
2. Audit readiness. Under Annex III, auditors will examine your hardware: origin, embedded firmware, and measures to block remote tampering. Where the GPU is a component of a larger server, you need visibility into the whole bill of materials.
3. Strategic-project eligibility. Using EU-designed or manufactured accelerators can help a data centre project qualify under Article 14, with the associated support.

Common misconceptions

• Misconception 1: "CADA defines GPU specifically." It does not define "GPU" or "AI accelerator." It relies on the CRA's "hardware" and "component" definitions; your accelerator is whatever those definitions make it in your specific configuration.
• Misconception 2: "Only software matters for sovereignty." Annex II addresses hardware too. For the higher levels, providers must show the infrastructure and assets are not subject to third-country control that could disrupt service or expose data. Physical origin and control of the accelerator are in scope.
• Misconception 3: "All cloud services need Union assurance level 4." No. Under Article 30, public sector activities not identified as public-order-relevant would use services recognised at level 1; levels 2–4 apply only where a risk assessment under Article 29 identifies public-order relevance in the listed sectors. Most general business workloads would sit at the lower levels.

Related

• Why does CADA import software, hardware, component and manufacturer from the CRA?
• Hardware vs software vs component under CADA: what's the difference?
• What is hardware under CADA? Definition and scope explained
• What is a component under CADA? Article 2 definition
• Am I a manufacturer under CADA if I rebrand a third party's hardware?

This is general information about a draft EU regulation, not legal advice.