Endress+Hauser receives IEC 62443-4-1 cybersecurity certification
Endress+Hauser has announced that TÜV Rheinland has certified the company’s secure product development process in accordance with the IEC 62443-4-1 security standard, maturity level 3. Five product centres have received the certification and thus meet the requirements for the lifecycle of the products.
The Council of the European Union passed the Cyber Resilience Act (CRA) in October 2024. This stipulates that products must demonstrate a high level of cybersecurity throughout their entire lifecycle. Appropriate measures and methods must be implemented as early as the product development stage. Endress+Hauser follows this ‘Security by Design’ approach to provide its customers with the best possible support in protecting their systems.
“We are particularly proud of this certificate as it recognises our many years of effort to achieve the highest level of security in our product centres,” said Mirko Brcic, Product Security Officer at Endress+Hauser. “This level of structured approach across many different development sites shows the importance Endress+Hauser places on cybersecurity.”
One visible result of the cybersecurity measures is the development of secure access to Endress+Hauser measuring devices via Bluetooth. The CPace protocol used in the Endress+Hauser SmartBlue app for password-protected access is now recommended by the internet standardisation body IETF.
In principle, a company that aligns its processes with IEC 62443-4-1 must prove that cybersecurity is incorporated throughout the entire lifecycle of a product. As part of the group certification, the certifying body checks the following aspects, among others:
- Risk and threat analyses
- Security by design
- Security testing
- Vulnerability management
- Customer security manual
“With the IEC 62443-4-1 certification, we have jointly laid the foundation for supplying secure products in the future and being prepared for regulations such as the CRA,” Brcic said. Five of the Endress+Hauser Group’s competence centres were certified: Endress+Hauser Flow, Endress+Hauser Level+Pressure, Endress+Hauser Liquid Analysis, Endress+Hauser Temperature+System Products and Endress+Hauser Digital Solutions.
Seeq and AVEVA partner to better integrate software suites
The partnership builds on Seeq Industrial Analytics and AI Suite and CONNECT to improve data...
ACSC releases guidance on cybersecurity for operational technology
ASD's Australian Cyber Security Centre (ACSC) has released new guidance to help critical...
Orro expands into critical infrastructure with OT capabilities
Digital infrastructure provider Orro has announced the launch of an OT-focused division.