Beckhoff Products Meet Growing CRA and Machinery Regulations
Beckhoff is building cybersecurity features and centralized communication systems through its PC-based control and EtherCAT technologies to help them meet requirements of the Cyber Resilience Act (CRA) and the Machinery Regulation in the European Union.
In order for its technologies to meet the requirements on manufacturers and machine builders, Beckhoff builds its technologies with secure cybersecurity and communication foundations.
The company claims that cybersecurity will require interplay between technology and processes, and therefore has been operating its own Product Security Incident Response Team over the last 10 years for professional vulnerability management and has made detailed security guidelines regularly available. Beckhoff also also shares vulnerability information across manufacturers.
“Cybersecurity is not static, but is an ongoing process that requires tailored technologies and clear guidance,” summarizes Torsten Förder, responsible for Product Compliance Security at Beckhoff. “Where others in the market recommend excessive protective measures, we focus specifically on what is needed to deliver effective security. With this streamlined approach and the Beckhoff portfolio as a technical foundation, users remain secure, protect their investments, and maintain their edge.”
Beckhoff is currently trying to drive standard development to bring automation technology in line with the new European regulations. Since the international IEC 62443 series of standards alone does not currently provide a sufficient basis for the CRA, Beckhoff is helping advance the development of the European version, EN IEC 62443, within CEN-CENELEC. The aim is to achieve practical standardization that guarantees effective security, according to the company.
Beckhoff claimed that PC-based control and EtherCAT provide a secure foundation with many key cybersecurity features built-in. By centralizing system communication through the industrial PC, the native security capabilities of the operating systems in use can be fully applied to the PLC runtime, including integrated firewalls.
The system architecture also benefits from communication via EtherCAT, which can be used in a cybersecure, standard-compliant manner without protocol changes. This allows system certifications in accordance with IEC 62443-3-3 for EtherCAT systems, even if the individual devices are not explicitly certified. Beckhoff has already received UL certifications for three different blueprint scenarios which are tailored to a typical family of industrial applications.
The company also has continuously assessed its products under CRA and IEC 62443 compliance, and full compliance with the new Machinery Regulation will be ensured in time for it to take effect in January 2027. Beckhoff is also expected to complete IEC 62443-4-1 certification this year to safeguard the product development lifecycle. At the same time, the security of the company’s own IT and production infrastructure will soon be validated through ISO 27001 certification.
More industrial communication insights from Automation World:
Industrial Ethernet Switch Selection: Choosing Among Managed, Unmanaged or Single Pair Ethernet
How Modern Drive Technologies Are Solving Industry’s Toughest Precision Challenges
