A lock in a dark environment. The lock is surrounded by blue PCB-like lines.
empowering communication

The Cyber Resilience Act is coming: Get your necessary certifications!

The networking of IT and OT - from field level to the cloud - offers both major advantages and risks for the security of automated production systems. The German Federal Office for Information Security (BSI), for example, registers around 70 new vulnerabilities every day. But what about national and international legislation and standards that are intended to structurally increase security in the future? In this article, you can find out what companies need to look out for and where they can get additional input from experts such as the industrial communication specialist Hilscher.

Cyber Resilience Act and IEC 62443

In order to strategically strengthen and structurally anchor cyber security in Europe, the EU Commission proposed the Cyber Resilience Act (CRA) in 2022, a regulation to improve cyber security and cyber resilience in the European Union. It includes security standards for software and hardware products with digital elements. It is expected to come into force across Europe in July 2024. This also marks the start of the implementation period of up to three years, which can be a major challenge for many companies.
The IEC 62443 ("Industrial communication networks - IT security for networks and systems") a series of standards, is highly relevant for compliance with the CRA  and already covers a large part of the CRA’s requirements. The four sections of the standard describe all relevant security aspects of control and automation systems - from development and operation to maintenance through updates.

NIS-2 and  ISO 27001

Another relevant standard is the internationally applicable ISO 27001, which defines the requirements for information security management systems (ISMS) to ensure that companies deal with the topic of information security holistically and structurally rather than just taking selective measures.

ISO 27001 is relevant in part for the CRA and to a large extent for compliance with the NIS-2 directive, which regulates the cyber and information security of companies and institutions. In contrast to the CRA, however, NIS-2 does not have to be transposed into national law by the various member states until October 2024, which in Germany will be the NIS-2 Implementation and Cyber Security Strengthening Act (NIS-2UmsuCG) drawn up by the Federal Office for Information Security (BSI).

Your products and solutions are affected by the CRA?

Applying new standards to existing products and processes can be very complex for companies. If a particularly sensitive issue such as cyber security further complicates matters, things quickly become critical. As a leading manufacturer of hardware and software solutions in the field of industrial communication, Hilscher Gesellschaft für Systemautomation mbH plays a key role in industrial automation. Robust cybersecurity and compliance with regulatory requirements therefore are pivotal for the industrial communication specialist from Hattersheim near Frankfurt am Main.
Together with the German TÜV Rheinland as certifier and the consultant TÜV iSec Rheinland, Hilscher is in the midst of implementing the CRA and already has extensive know-how regarding the time constraints and practical implications of relevant certification processes. And users from industry can benefit from this.

A tray of embedded modules with a netX chip onboard in a production machine. A red gleam is seen in the background. A small golden needle for testing comes from the top pointing at the tray.
Get in touch with us, we are glad to help you:
A man in a black suit and white shirt is smiling into the camera. He wears glasses and has grey hair. The environment is very bright.
Frank Behnke
Rheinstrasse 15
A lock in a dark environment. The lock is surrounded by blue PCB-like lines.

netX 통신 컨트롤러 및 안전한 프로토콜 펌웨어를 사용하여 안전한 장치 및 시스템을 개발하세요. 이로써 IEC 62443이나 Cyber Resilience Act와 같은 표준 요건을 충족하기에 이상적으로 장착되었습니다.

턴키 제품에서 고도로 통합된 솔루션 및 보완 소프트웨어에 이르기까지 Hilscher는 산업용 통신을 위한 파트너입니다. 귀사 기계설비 네트워킹을 완전히 새로운 수준으로 끌어올릴 수 있는 방법에 대해 간단히 살펴봅시다!