STOCK TITAN

Data I/O Proposes to Acquire Embedded Software Security Assets from IAR

(Very High)
(Very Positive)

Data I/O (NASDAQ: DAIO) has signed a non-binding letter of intent to acquire embedded software security IP and related assets from IAR, including the Embedded Trust and Secure Deploy platforms, the eSecIP toolchain, and certificate authority and provisioning infrastructure.

According to Data I/O, the intended deal would bring this technology stack in-house, giving it direct control over the security provisioning roadmap, device support, and release cadence, and enabling an extended offering from embedded design through high-volume manufacturing. The assets span software and source code, hardware, IP, engineering infrastructure, manufacturing equipment, and certifications, with Data I/O assuming post-closing customer support. The companies plan to continue their commercial partnership and their February 2026 integration of IAR’s embedded software security with Data I/O’s PSV programming systems, positioned against tightening cybersecurity requirements such as the EU Cyber Resilience Act.

Loading...
Loading translation...

AI-generated analysis. How Rhea-AI works. Not financial advice.

Positive

  • LOI to acquire IAR security IP brings Embedded Trust, Secure Deploy, eSecIP and infrastructure in-house
  • Full ownership of embedded security stack enables end-to-end provisioning from design through manufacturing
  • Post-closing customer support for acquired products transitions fully to Data I/O
  • Asset package includes software, hardware, IP, engineering infrastructure, equipment and certifications
  • Strategic alignment with EU Cyber Resilience Act requirements for connected electronic products

Negative

  • None.

Market Reaction – DAIO

+7.10% $3.90
15m delay
+7.10% Since News
$3.90 Last Price
$3.51 $4.08 Day Range
+$2M Valuation Impact
$34.20M Market Cap
0.0x Rel. Volume

Following this news, DAIO has gained 7.10%, reflecting a notable positive market reaction. The stock is currently trading at $3.90. This price movement has added approximately $2M to the company's valuation.

Data tracked by StockTitan Argus (15 min delayed). Upgrade to Gold for real-time data.

What This Means

The stock is up +7.1% following this news. A sharp gain would echo the prior acquisition LOI, which ...
Analysis

The stock is up +7.1% following this news. A sharp gain would echo the prior acquisition LOI, which saw an average 9.97% move, signaling investor support for DAIO’s security-focused expansion. However, the active $20,000,000 shelf means future capital raises could temper enthusiasm.

Key Figures

EU Cyber Resilience Act: Regulation (EU) 2024/2847 EU compliance deadline: December 2027
2 metrics
EU Cyber Resilience Act Regulation (EU) 2024/2847 Identifier for EU-wide cybersecurity requirements cited as a demand driver
EU compliance deadline December 2027 Date by which all covered products sold in the EU must fully comply

Previous Acquisition Reports

1 past event · Latest: May 14 (Positive)
Same Type Pattern 1 events
Date Event Sentiment 24h Move Catalyst
May 14 Acquisition LOI Positive +10.0% Signed LOI for ~$23M semiconductor handling acquisition expected to nearly double revenue.

24h Move is the share-price change in the day after each event; other market factors may also have contributed.

Pattern Detected

The prior acquisition-related LOI headline prompted a clearly positive one-day share-price reaction.

Historical Comparison

+10.0% avg move · In the past six months, one acquisition LOI headline saw an average 9.97% gain. This new embedded so...
acquisition
+10.0%
Average Historical Move acquisition

In the past six months, one acquisition LOI headline saw an average 9.97% gain. This new embedded software security asset LOI continues the acquisition-driven transformation theme, expanding capabilities rather than manufacturing scale.

Regulatory & Risk Context

Active S-3 Shelf · $20,000,000 · Short Interest: 0.1%
Shelf Active
Short Interest
0.1% of float
0% 15% 30%+
low as of 2026-06-15 Days to cover: 1

Reported short interest is relatively low, suggesting limited short-squeeze potential and a lower likelihood of extreme volatility driven purely by short covering.

Active S-3 Shelf Registration 2026-01-09
$20,000,000 registered capacity

An effective S-3 shelf for up to $20,000,000 of mixed securities allows flexible future capital raises that could add share supply depending on how it is used.

Key Terms

secure deploy, certificate authority, software bill of materials (sbom), ce marking, +1 more
5 terms
secure deploy technical
"including the Embedded Trust and Secure Deploy platforms, the eSecIP toolchain"
Secure deploy is the process of releasing software, systems, or updates into live use while building in protections against hacks, data leaks, downtime, and configuration errors. It combines technical steps (like access controls, encryption, testing, and monitoring) with policies that reduce the risk that a deployment will cause security incidents, regulatory problems, or service outages. For investors, it signals how well a company manages technology risk, compliance costs, and potential reputational damage.
certificate authority technical
"the eSecIP toolchain, and the certificate authority and provisioning infrastructure"
A certificate authority is a trusted organization that issues digital certificates—like online ID cards—that confirm a website, server, or company is who it claims to be. For investors, these certificates matter because they enable secure communications, reduce the risk of fraud or data breaches, and are often required for regulatory compliance; a revoked or compromised certificate can damage customer trust and expose a company to financial and reputational loss.
software bill of materials (sbom) technical
"includes strict reporting for Software Bill of Materials (SBOM)."
A software bill of materials (SBOM) is a detailed inventory that lists all the pieces, libraries and third‑party code used to build a software product — like an ingredient label for an app. Investors pay attention because SBOMs expose security weaknesses, licensing obligations and maintenance needs that can create unexpected costs, outages or legal risk; having a clear SBOM helps assess operational resilience and the potential future cost of keeping the software safe and compliant.
ce marking regulatory
"introduces lifecycle security requirements, CE marking, security-by-design standards"
CE marking is a symbol placed on certain products showing they meet European Union safety, health and environmental rules required to sell them in the EU/EEA. For investors, it signals that a product has cleared a common regulatory hurdle—like a passport for market access—reducing legal and market-entry risk and often widening sales opportunities across European markets.
security-by-design technical
"introduces lifecycle security requirements, CE marking, security-by-design standards"
Security-by-design is an approach to building products, software and systems where protection against cyberattacks, data leaks and misuse is planned and built in from the start rather than patched on later. For investors, it reduces the chance of expensive breaches, regulatory penalties and reputational harm—like putting a strong foundation and locks into a house during construction—so firms that adopt it tend to carry lower operational and compliance risk.

AI-generated analysis. How Rhea-AI works. Not financial advice.

See more from StockTitan in Google Search and AI answers. Adds StockTitan as a preferred source · opens Google
Add on Google

Companies Continue Strategic Commercial Partnership as Data I/O Brings Embedded Trust and Secure Deployment Technology In-House to Deliver End-to-End Security Provisioning from Design to Manufacturing

REDMOND, Wash. and UPPSALA, Sweden, July 10, 2026 (GLOBE NEWSWIRE) -- Data I/O Corporation (NASDAQ: DAIO) and I.A.R. Systems AB (“IAR”) today jointly announced that Data I/O has entered into a non-binding LOI to acquire the embedded software security IP and related assets from IAR. Financial terms of the transaction and anticipated timing were not disclosed.

The proposed acquisition builds directly on the companies’ February 2026 announcement of a technology collaboration unifying security provisioning from embedded design through manufacturing. With this transaction, Data I/O will bring in-house the core technology underlying that collaboration — including the Embedded Trust and Secure Deploy platforms, the eSecIP toolchain, and the certificate authority and provisioning infrastructure originally developed by IAR — while IAR and Data I/O continue their commercial partnership.

Full ownership of the IAR embedded software security technology stack will give Data I/O direct control over the security provisioning roadmap, device support, and release cadence, and position the company to extend its security offering upstream into the design phase while continuing to serve customers through its industry-proven programming and provisioning platforms. The acquisition expands our provisioning platform by giving engineers the ability to design with security in mind as opposed to an afterthought. As Data I/O continues its transformation this strengthens the company's position as government regulations and industry standards — including the EU Cyber Resilience Act — increasingly mandate robust security measures for connected electronic products.

The EU Cyber Resilience Act (Regulation (EU) 2024/2847) is a comprehensive regulation that sets mandatory cybersecurity and vulnerability-handling standards for nearly all hardware and software products connected to a network. With full mandatory compliance for all products sold in the EU by December 2027, the act introduces lifecycle security requirements, CE marking, security-by-design standards, guaranteed security updates, and includes strict reporting for Software Bill of Materials (SBOM).

The intended transaction between Data I/O and IAR includes, among other assets, software and source code, hardware, intellectual property, engineering infrastructure, manufacturing equipment, and certifications. Following the closing, Data I/O will take full ownership of customer support for these products going forward.

“This acquisition is a natural next step in our evolution of becoming a highly valued supplier for the semiconductor supply chain,” said William Wentworth, President and CEO of Data I/O Corporation. “Our February collaboration showed how well IAR’s embedded software security technology fits with our programming and provisioning platforms. As we advance our future provisioning platform the acquisition of the IP, HSM design gives Data I/O the ability to design Security provisioning into our core platform as opposed having to integrate multiple third-party products. Secure provisioning uses the same infrastructure as Data provisioning, algorithm-based delivery system. Our Data provisioning platform is a natural extension for secure provisioning. The acquisition just makes sense for our roadmap and the ability to move faster for our customers, while our commercial partnership with IAR continues, giving customers the same integrated path from embedded design through high-volume, secure manufacturing. Together with our platform and Programming-as-a-Service strategy, this will give Data I/O a complete, differentiated security provisioning offering with a strong regulatory tailwind ahead of the EU Cyber Resilience Act.”

“We’re pleased to see our partner Data I/O acquire IAR’s embedded software security assets,” said Karin Schreil, Senior Vice President of BU IAR at Qt Group. “IAR acquired the portfolio in 2018 to bring embedded software security into our offering, and many of our customers depend on this technology today. This transaction secures the future of the technology and continuity for customers, with a partner well positioned to invest in it and grow its installed base, while we continue to focus and invest on what is core to IAR and Qt Group. Customers get continuity of the products they rely on today, backed by a partner fully dedicated to their long-term roadmap.”

The companies' February 2026 collaboration — through which IAR's embedded software security solution integrates with Data I/O's PSV programming systems to unify security provisioning from design through production — continues unchanged by this transaction and remains a cornerstone of the joint offering to OEMs worldwide.

About IAR
IAR delivers world-leading software and services for embedded development, empowering manufacturing companies worldwide to create high-quality products. Our solutions support developers in ensuring reliability and efficiency throughout the development process across the automotive, industrial automation, IoT, and medtech industries.

Since 2025, IAR is part of Qt Group (Nasdaq Helsinki: QTCOM), a global software company, trusted by industry leaders and over 1.5 million developers worldwide to create applications and smart devices that users love. IAR operates as a business unit, strengthening its ability to deliver comprehensive solutions for embedded systems. To learn more, visit www.iar.com and www.qt.io.

Learn more at http://www.iar.com or www.qt.io.

About Data I/O Corporation
Since 1972, Data I/O has developed innovative solutions to enable the design and manufacture of electronic products for automotive, Internet-of-Things, medical, wireless, consumer electronics, industrial controls, and other electronics devices. Today, our customers use Data I/O security deployment and programming solutions to reliably, securely, and cost-effectively, bring innovative new products to life. These solutions are backed by a global network of Data I/O support and service professionals, ensuring success for our customers. For more information, please visit www.dataio.com.

Safe Harbor/Forward Looking Statements and Disclosure Information for Data I/O
The Company cautions you that statements contained in this press release regarding matters that are not historical facts are forward-looking statements. Such forward-looking include, but are not limited to, the anticipated asset acquisition and its anticipated benefits, including with respect to the EU Cyber Resilience Act, the anticipated collaboration with IAR to transition the embedded software security assets to the Company, and the ability to close the transaction. These statements are based on the Company's current beliefs and expectations. The inclusion of forward-looking statements should not be regarded as a representation by the Company that any of its plans will be achieved. Actual results may differ from those set forth in this press release due to the risks and uncertainties inherent in the Company's business, including, without limitation, market, market risks and other market conditions; and financing contingencies.

Factors that may impact the Company’s operations and finances include uncertainties as to the ability to record revenues based upon the timing of product deliveries, market acceptance of Edge AI, shipping availability, installations and acceptance, accrual of expenses, coronavirus or other business interruptions, changes in economic conditions, part shortages, business disruptions and other risks including those described in the Company’s 10-K, 10-Q and other periodic filings with the Securities and Exchange Commission (SEC), press releases and other communications.

Data I/O may use its website (www.dataio.com) and investor relations page (www.dataio.com/Company/Investor-Relations), its X account (@DataIO_Company), and its LinkedIn page (linkedin.com/company/data-io) to disclose material non-public information and for complying with its disclosure obligations under Regulation FD. Accordingly, investors and other interested parties should monitor these sites, in addition to following Data I/O’s press releases, Securities and Exchange Commission (SEC) filings, public conference calls and public presentations/webcasts.

Media Contact for Data I/O
Data I/O Corporation
Jennifer Higgins
Director Corporate Marketing
higginj@dataio.com
+1-425-867-6922

Investor Contact for Data I/O
Darrow Associates, Inc.
Jordan Darrow
jdarrow@darrowir.com
+1-631-766-4528

Media contact IAR
Hanna Laurentz
Head of Corporate Communications
Hanna.laurentz@qt.io


FAQ

What did Data I/O (NASDAQ: DAIO) announce about acquiring IAR's embedded software security assets on July 10, 2026?

Data I/O announced a non-binding LOI to acquire IAR’s embedded software security IP and related assets. According to Data I/O, this includes Embedded Trust, Secure Deploy, the eSecIP toolchain, and associated certificate authority and provisioning infrastructure, while their existing commercial partnership with IAR continues.

Which specific embedded security technologies is Data I/O (DAIO) proposing to acquire from IAR?

Data I/O plans to acquire the Embedded Trust and Secure Deploy platforms, the eSecIP toolchain, and certificate authority and provisioning infrastructure. According to Data I/O, the transaction also covers software and source code, hardware, intellectual property, engineering infrastructure, manufacturing equipment, and relevant certifications.

How will the proposed IAR security asset acquisition affect Data I/O's security provisioning offering?

The proposed deal would bring IAR’s embedded security stack in-house, giving Data I/O direct control over roadmap, device support, and release cadence. According to Data I/O, this enables end-to-end security provisioning from embedded design through high-volume manufacturing within its programming and provisioning platforms.

What happens to customer support for IAR's embedded security products after the Data I/O (DAIO) transaction?

Following closing, Data I/O will assume full ownership of customer support for the acquired products. According to Data I/O, this aims to secure continuity for existing users while a dedicated partner invests in the technology and integrates it with Data I/O’s provisioning and Programming-as-a-Service strategies.

Does the Data I/O and IAR collaboration announced in February 2026 change under this proposed acquisition?

The February 2026 collaboration integrating IAR’s embedded software security with Data I/O’s PSV programming systems continues unchanged. According to both companies, this integration remains a cornerstone of their joint offering, unifying security provisioning from embedded design through production for OEM customers worldwide.

How does the EU Cyber Resilience Act relate to Data I/O's planned acquisition of IAR security assets?

Data I/O links the intended acquisition to stricter cybersecurity requirements under the EU Cyber Resilience Act. According to Data I/O, full ownership of the embedded security stack supports security-by-design, lifecycle security, and mandated updates for connected products sold in the EU by December 2027.