Thinking Machine

Thinking Machine — Notes https://thinkingmachine.uk/notes Cross-domain essays on engineering, integration, cost, and compliance. en-GB Thu, 14 May 2026 00:00:00 GMT CRA Article 14 reporting clocks: what 24h, 72h, 14d, and 30d actually require https://thinkingmachine.uk/notes/cra-article-14-reporting-clocks https://thinkingmachine.uk/notes/cra-article-14-reporting-clocks Thu, 14 May 2026 00:00:00 GMT From 11 September 2026, every manufacturer placing a product with digital elements on the EU market is on the clock the moment an actively-exploited vulnerability or severe incident is identified. Four reporting clocks, four different deliverables, one single notification platform. Here is the operational reality, not the press-release version. CRA Cyber Resilience Act NIS2 Compliance Runbook What energy-sector procurement NFR practice can teach SaaS vendors https://thinkingmachine.uk/notes/energy-procurement-nfr-saas https://thinkingmachine.uk/notes/energy-procurement-nfr-saas Sat, 09 May 2026 00:00:00 GMT The NFR catalogues that tier-1 energy operators send to vendors are intimidating, but they encode a discipline that SaaS vendors can copy: write the requirements you'd want a vendor to meet, then meet your own. The result is a competitive moat in any regulated-customer deal. NFR Energy SaaS Procurement Cross-domain What healthcare lab integration taught me about IoT device onboarding https://thinkingmachine.uk/notes/healthcare-lab-to-iot-onboarding https://thinkingmachine.uk/notes/healthcare-lab-to-iot-onboarding Sat, 09 May 2026 00:00:00 GMT The diagnostic-instrument integration playbook from hospital IT translates almost line-for-line to multi-vendor IoT device onboarding. Same heterogeneous vendor landscape, same identity problem, same per-device commissioning friction — and the lab world has a thirty-year head start. IoT Healthcare IT Integration Cross-domain Why your healthcare-IT NFR matrix should look like an energy-sector one https://thinkingmachine.uk/notes/healthcare-nfr-from-energy https://thinkingmachine.uk/notes/healthcare-nfr-from-energy Sat, 09 May 2026 00:00:00 GMT Healthcare-IT vendors handed a hospital procurement NFR catalogue tend to react with the same mild horror SaaS vendors react to energy-sector matrices with. The fix is the same: copy the discipline the more scarred sector has already paid for. Five patterns that move. NFR Healthcare IT Energy Procurement Cross-domain