diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c5295d8c..a053b30b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -662,6 +662,47 @@ iot-vsocket-psa-crypto-mbedtls-test:
   variables:
     GIT_SUBMODULE_STRATEGY: recursive
 
+########################
+# Black Duck scan      #
+########################
+black-duck:
+  tags:
+    - iotmsw-amd64
+  variables:
+    GIT_SUBMODULE_STRATEGY: none
+  rules:
+    - if: ( $SCHEDULED_JOB_TO_RUN == "run-blackduck-scan" )
+  script:
+    - export PROJECTNAME="${BLACKDUCK_PROJECT_NAME}"
+    - apt update -y
+    - apt install default-jdk -y
+    - echo "-------Starting Black Duck Scan-------"
+    - bash <(curl -s -L ${BLACKDUCK_DETECT_SCRIPT})
+      --blackduck.url="${BLACKDUCK_URL}"
+      --blackduck.api.token="${BLACKDUCK_API_TOKEN}"
+      --detect.source.path="."
+      --detect.project.name="${PROJECTNAME}"
+      --detect.project.version.name="${CI_COMMIT_REF_NAME}"
+      --detect.project.tags=security_scan
+      --detect.project.version.phase=DEVELOPMENT
+      --detect.project.version.distribution=OPENSOURCE
+      --detect.project.version.update=true
+      --detect.cleanup=false
+      --detect.impact.analysis.enabled=true
+      --detect.binary.scan.search.depth=05
+      --detect.blackduck.scan.mode=INTELLIGENT
+      --detect.blackduck.signature.scanner.individual.file.matching=ALL
+      --detect.blackduck.signature.scanner.copyright.search=true
+      --detect.blackduck.signature.scanner.license.search=true
+      --detect.blackduck.signature.scanner.snippet.matching=SNIPPET_MATCHING
+      --detect.blackduck.signature.scanner.upload.source.mode=true
+    - tar -czf fri-bd-scan-results.tar.gz -C /root/blackduck/runs .
+  artifacts:
+    paths:
+      - fri-bd-scan-results.tar.gz
+    expire_in: 1 week
+    when: always
+
 # The clean up only happens once daily when the `Daily OTA cleanup`
 # scheduled pipeline sets the `SCHEDULED_JOB_TO_RUN` variable to `cleanup`.
 aws-cleanup:
diff --git a/release_changes/202410251136.change.md b/release_changes/202410251136.change.md
new file mode 100644
index 00000000..006c5324
--- /dev/null
+++ b/release_changes/202410251136.change.md
@@ -0,0 +1 @@
+ci: Enable scheduled blackduck scanning
diff --git a/tools/ci/pipeline-baseline-fri.yml b/tools/ci/pipeline-baseline-fri.yml
index 6fa45833..8d1ca3be 100644
--- a/tools/ci/pipeline-baseline-fri.yml
+++ b/tools/ci/pipeline-baseline-fri.yml
@@ -44,7 +44,7 @@ pre-commit:
     - .base-job-rules
   stage: quality-check
   script:
-    - pip install . -t $PWD
+    - pip install tools/ci -t $PWD
     - apt-get update -y
     - apt-get install fd-find -y
     - cp $PWD/bin/banned-api-hook $PWD/banned-api-hook
@@ -83,6 +83,7 @@ check-changelog-addition:
     - git fetch origin ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME}
     - >
       towncrier check
+      --config tools/ci/pyproject.toml
       --compare-with origin/${CI_MERGE_REQUEST_TARGET_BRANCH_NAME}
 
 ########################
diff --git a/pyproject.toml b/tools/ci/pyproject.toml
similarity index 81%
rename from pyproject.toml
rename to tools/ci/pyproject.toml
index 79167b4b..fa06b3f6 100644
--- a/pyproject.toml
+++ b/tools/ci/pyproject.toml
@@ -3,12 +3,13 @@ requires = ["setuptools>=42", "wheel", "setuptools_scm[toml]>=3.4"]
 build-backend = "setuptools.build_meta"
 [tool.setuptools_scm]
 local_scheme = "no-local-version"
+root = "../.."
 
 [tool.towncrier]
 ignore = [".gitkeep"]
-directory = "release_changes"
+directory = "../../release_changes"
 filename = "CHANGELOG.md"
-template = "tools/ci/towncrier/template.rst"
+template = "towncrier/template.rst"
 
 [[tool.towncrier.type]]
 directory = "change"
diff --git a/setup.cfg b/tools/ci/setup.cfg
similarity index 100%
rename from setup.cfg
rename to tools/ci/setup.cfg