EtherCAT Meets Cyber Resiliency Act Requirements

EtherCAT Technology Group announced that EtherCAT meets the European Union CRA requirements without modification.
Jan. 9, 2026
2 min read
69544bf1a2d8ab783ac85d30 Ethercat

Industrial Ethernet organization EtherCAT Technology Group (ETG) has announced that EtherCAT meets the EU Cyber Resilience Act (CRA) requirements for Security Level 2 without modification.   

As new cybersecurity and cyber resilience legislation is emerging around the world, requiring appropriate risk assessments and proof of suitable countermeasures, manufacturers are being required to provide reliable statements toward the cyber resilience of their products. 

A key function of EtherCAT that helps it achieve these new requirements is that EtherCAT processes Ethernet frames on the fly using special EtherCAT chips. This system architecture provides a complete separation of the EtherCAT segment from an IT network to significantly reduce the attack surface. EtherCAT chips destroy all Ethernet frames that are not native to EtherCAT. The EtherCAT device protocol also uses the Ethernet frame directly, rather than via the Internet Protocol (IP) — virtually all malware is based on IP because it needs IP for routing. 

ETG added that EtherCAT cannot be attacked from the outside. An attack would require physical access to the EtherCAT segment.  

Martin Rostan, executive director of the EtherCAT Technology Group added: “We are convinced that EtherCAT already meets the requirements of the IEC 62443 standard and the CRA requirements for common applications without the need for changes or extensions to the protocol.” 

IEC 62443 defines measures and processes for the cybersecurity of industrial control systems and forms the basis for the corresponding standards of the European CRA.  

For applications with exceptionally high security requirements, the ETG is working on protocol extensions that can be activated as needed and do not require hardware changes. Additionally, the ETG is preparing its own certification authority so that ETG members can uniformly sign and authenticate EtherCAT device description files and software. 

More cybersecurity insights from Automation World:

Ixana's New Chip Eliminates the Need for USB Ports on Sealed IoT Devices

ISA Releases New Cybersecurity Guidance for Industrial Control Systems Protection

AI is Transforming Manufacturing Cybersecurity from Threat Detection to Compliance Automation

Sign up for our eNewsletters
Get the latest news and updates

Related

Oxipital AI Vision Tech Explanation
AI Vision System Uses Synthetic Data to Master Food Inspection Variability
Which Ignition Edition Is Right For Your System?
Sponsored
7 Surprisingly Powerful Benefits Of Viewing SCADA On Any Device
Sponsored

Trending

Sponsored Picks

Sponsored
Sponsored
Sponsored