Beckhoff Automation Strengthens Compliance with Cyber Resilience Act and EU Machinery Regulation
Beckhoff Automation has announced that its PC-based control and EtherCAT architecture serve as an optimal technical foundation for 'Secure by Design' compliance with the Cyber Resilience Act (CRA) and the revised EU Machinery Regulation. The company underscores its long-standing commitment to cybersecurity through its internal PSIRT team and contributions to international standardization.
📋 Article Processing Timeline
- 📰 Published: May 20, 2026 at 19:00
- 🔍 Collected: May 20, 2026 at 10:31
- 🤖 AI Analyzed: May 21, 2026 at 12:03 (25h 31m after Collected)
Beckhoff Automation (Headquarters: Verl, Germany) has announced that its PC-based control and EtherCAT-based 'Secure by Design' architecture provide the optimal technical foundation for the manufacturing industry to address risks from cyberattacks and malware while meeting requirements of the EU Machinery Regulation.
With the full implementation of the EU's Cyber Resilience Act (CRA: EU 2024/2847) and the revised Machinery Regulation (EU 2023/1230) scheduled for December 2027, the industrial manufacturing sector is at a major turning point in its regulatory requirements. Cybersecurity has become a critical issue that requires continuous maintenance and strengthening through close collaboration between component technology and operational processes. Recognizing the challenges and needs in this field, Beckhoff established an internal expert organization, PSIRT (Product Security Incident Response Team), over ten years ago and has published detailed security guidelines. Furthermore, as a co-founder of 'CERT@VDE,' a cross-industry venue for sharing vulnerability information, the company actively contributes to information sharing among manufacturers.
## Security via PC-based Control and EtherCAT
Technically, PC-based control and EtherCAT form an inherently secure foundation. By consolidating system communication on industrial PCs, native security features of the OS (Windows or Linux®), such as firewalls, can be directly applied to the PLC runtime.
Moreover, EtherCAT communication contributes to strengthening system architecture security. Even 20 years after its introduction, the EtherCAT protocol remains optimized for hardware-based real-time control and is clearly separated from upper IP networks, allowing the attack surface to be limited. Consequently, operations can be managed with cybersecurity and standardization in mind without changing the protocol. Even if individual devices are not certified separately, the entire EtherCAT system can achieve system certification based on IEC 62443-3-3.
The company has obtained UL certification for three blueprint scenarios (DK-177530-UL, DK-178394-UL, and DK-178399-UL) compatible with general industrial product groups, which is a significant advantage in maintaining existing system designs.
## Active Contribution to Standardization
Beckhoff is actively involved in standardization to promote the alignment of automation technology with EU regulations. Recognizing that the IEC 62443 series alone is insufficient for CRA compliance, the company is actively contributing to the promotion of the EU standard 'EN IEC 62443' within CEN-CENELEC, aiming to realize practical standardization for guaranteed security.
## Efforts in Assessment and Certification
At the product level, the company operates a specialized security assessment process. All products are continuously evaluated and improved for compliance with CRA and, where necessary, IEC 62443. For many products, necessary assessments and documentation maintenance are progressing while maintaining existing designs. For safety-related products, compliance with the requirements is being ensured ahead of the EU Machinery Regulation implementation in January 2027. The company also plans to obtain IEC 62443-4-1 certification, aimed at protecting the product development lifecycle, within this year. Verification through ISO 27001 certification for internal IT and production infrastructure security is also expected to be completed soon.
Thorsten Feeder, Product Compliance Security Officer at Beckhoff, stated: 'Cybersecurity is not static; it is a continuous process requiring professional technology and clear guidelines. While excessive defensive measures are sometimes recommended in the market, we focus on the elements truly necessary to achieve effective security. With this streamlined approach and Beckhoff's portfolio as a technical foundation, we protect our users' safety, safeguard their investments, and maintain a competitive edge.'
Beckhoff Automation is a controller manufacturer specializing in PC-based control. Through its unique measurement and control software, 'TwinCAT,' industrial PCs running standard OS like Windows can be utilized as real-time controllers (e.g., NC or PLC). Additionally, it is the developer of the high-speed, highly synchronized industrial communication standard 'EtherCAT,' and the EtherCAT Technology Group (ETG), the promotion organization, is known as the world's largest organization for industrial communication standards, with over 8,100 organizations from 76 countries and regions participating. Industrial controllers equipped with TwinCAT and EtherCAT are utilized in a variety of applications worldwide, including industrial robots, automotive, packaging machinery, machine tools, and wind power generation facilities.
With the full implementation of the EU's Cyber Resilience Act (CRA: EU 2024/2847) and the revised Machinery Regulation (EU 2023/1230) scheduled for December 2027, the industrial manufacturing sector is at a major turning point in its regulatory requirements. Cybersecurity has become a critical issue that requires continuous maintenance and strengthening through close collaboration between component technology and operational processes. Recognizing the challenges and needs in this field, Beckhoff established an internal expert organization, PSIRT (Product Security Incident Response Team), over ten years ago and has published detailed security guidelines. Furthermore, as a co-founder of 'CERT@VDE,' a cross-industry venue for sharing vulnerability information, the company actively contributes to information sharing among manufacturers.
## Security via PC-based Control and EtherCAT
Technically, PC-based control and EtherCAT form an inherently secure foundation. By consolidating system communication on industrial PCs, native security features of the OS (Windows or Linux®), such as firewalls, can be directly applied to the PLC runtime.
Moreover, EtherCAT communication contributes to strengthening system architecture security. Even 20 years after its introduction, the EtherCAT protocol remains optimized for hardware-based real-time control and is clearly separated from upper IP networks, allowing the attack surface to be limited. Consequently, operations can be managed with cybersecurity and standardization in mind without changing the protocol. Even if individual devices are not certified separately, the entire EtherCAT system can achieve system certification based on IEC 62443-3-3.
The company has obtained UL certification for three blueprint scenarios (DK-177530-UL, DK-178394-UL, and DK-178399-UL) compatible with general industrial product groups, which is a significant advantage in maintaining existing system designs.
## Active Contribution to Standardization
Beckhoff is actively involved in standardization to promote the alignment of automation technology with EU regulations. Recognizing that the IEC 62443 series alone is insufficient for CRA compliance, the company is actively contributing to the promotion of the EU standard 'EN IEC 62443' within CEN-CENELEC, aiming to realize practical standardization for guaranteed security.
## Efforts in Assessment and Certification
At the product level, the company operates a specialized security assessment process. All products are continuously evaluated and improved for compliance with CRA and, where necessary, IEC 62443. For many products, necessary assessments and documentation maintenance are progressing while maintaining existing designs. For safety-related products, compliance with the requirements is being ensured ahead of the EU Machinery Regulation implementation in January 2027. The company also plans to obtain IEC 62443-4-1 certification, aimed at protecting the product development lifecycle, within this year. Verification through ISO 27001 certification for internal IT and production infrastructure security is also expected to be completed soon.
Thorsten Feeder, Product Compliance Security Officer at Beckhoff, stated: 'Cybersecurity is not static; it is a continuous process requiring professional technology and clear guidelines. While excessive defensive measures are sometimes recommended in the market, we focus on the elements truly necessary to achieve effective security. With this streamlined approach and Beckhoff's portfolio as a technical foundation, we protect our users' safety, safeguard their investments, and maintain a competitive edge.'
Beckhoff Automation is a controller manufacturer specializing in PC-based control. Through its unique measurement and control software, 'TwinCAT,' industrial PCs running standard OS like Windows can be utilized as real-time controllers (e.g., NC or PLC). Additionally, it is the developer of the high-speed, highly synchronized industrial communication standard 'EtherCAT,' and the EtherCAT Technology Group (ETG), the promotion organization, is known as the world's largest organization for industrial communication standards, with over 8,100 organizations from 76 countries and regions participating. Industrial controllers equipped with TwinCAT and EtherCAT are utilized in a variety of applications worldwide, including industrial robots, automotive, packaging machinery, machine tools, and wind power generation facilities.
FAQ
How does Beckhoff's PC-based control ensure security?
By consolidating communications on an industrial PC, it allows native OS security features like firewalls to be applied directly to the PLC runtime.
What is the security advantage of EtherCAT communication?
EtherCAT is distinct from upper IP networks, which limits the attack surface and helps maintain system security.
How is Beckhoff involved in standardization?
Beckhoff is actively involved in developing the European standard 'EN IEC 62443' within CEN-CENELEC to ensure practical security compliance.