Erkan Teskancan
Corporate
- Thread Author
- #1
New Steps in Cybersecurity from Beckhoff: Leading in CRA and Machinery Regulation Compliance π
The European Union's new Cyber Resilience Act (CRA) and Machinery Regulation are redefining cybersecurity standards in the industrial automation sector. In this context, Beckhoff is taking significant steps to comply with these challenging regulations through its PC-based control and EtherCAT technologies.
βββββββββββββββββββββββββ
π‘ Foundations of Security: Technology and Process Integration
Beckhoff believes that cybersecurity must be supported not only by technology but also by robust processes. To this end, the company has been operating its own Product Security Incident Response Team (PSIRT) for over 10 years. This team enhances the resilience of industrial systems by providing professional vulnerability management and detailed security guidelines.
βββββββββββββββββββββββββ
π‘οΈ Targeted Security Approach
Torsten FΓΆrder from Beckhoff states, "Cybersecurity is not static; it's an ongoing process that requires specialized technologies and clear guidance." The company focuses on solutions that are truly needed to provide effective security, rather than unnecessary protective measures. This approach allows users to protect their investments and maintain a competitive advantage.
βββββββββββββββββββββββββ
π Contribution to Standard Development
Since the existing international IEC 62443 series of standards does not provide a sufficient basis for the CRA, Beckhoff is leading the development of its European version, EN IEC 62443. The aim of these efforts, conducted within CEN-CENELEC, is to provide practical standardization that guarantees effective security.
βββββββββββββββββββββββββ
βοΈ PC-Based Control and EtherCAT: The Cornerstone of Security
Beckhoff states that PC-based control and EtherCAT offer a robust foundation equipped with many key cybersecurity features. Centralizing system communication via industrial PCs allows the full application of operating systems' native security capabilities, including integrated firewalls, to the PLC runtime.
Furthermore, communication over EtherCAT can be used in a cyber-secure and standards-compliant manner without protocol changes. This enables system certifications according to IEC 62443-3-3 for EtherCAT systems, even if individual devices are not explicitly certified. Beckhoff has already obtained UL certifications for three different scenarios adapted to typical industrial application families.
βββββββββββββββββββββββββ
β Future Compliance and Certifications
Beckhoff continuously evaluates its products for CRA and IEC 62443 compliance. Full compliance with the new Machinery Regulation will be achieved when it comes into force in January 2027. Additionally, the IEC 62443-4-1 certification is expected to be completed this year to secure the product development lifecycle. The security of the company's own IT and production infrastructure will also soon be confirmed with ISO 27001 certification.
βββββββββββββββββββββββββ
π― Conclusion: The Future of Secure Automation
Beckhoff's comprehensive approach to cybersecurity is shaping the future of industrial automation. The company is not only complying with regulations but also playing an active role in the development of secure and resilient industrial systems. These efforts ensure that industrial operations remain uninterrupted and secure in a digitalizing world.
