Omron Obtains Certification for the IEC 62443-4-1 International Standard for Industrial Control System Security
June 6, 2023
Omron obtained IEC 62443-4-1 certification in March 2023
OMRON Corporation is pleased to announce that in March 2023, Controller Division, Product Business Division HQ. and Advanced Solution Business Division HQ.*1 of its Industrial Automation Company obtained third-party certification for the IEC 62443-4-1 international standard, which defines process and organizational requirements for the development of secure control components to be used in industrial automation and control systems.
In recent years, there have been accelerated efforts to utilize the on-site data from manufacturing for the purpose of improving productivity and quality in a factory. As the visualization of the manufacturing floor has advanced, there has also been an increase in the importance of hedging against risks such as information leaks and production stoppages due to cyberattacks. In addition, as various devices used on the manufacturing floor are now connected to a network, security measures are now required for the production lines and production facilities in a manufacturing factory.
Against this backdrop, as information technology advances globally, various countries are developing legal requirements for security measures, including the EU’s Cyber Resilience Act and NIS2 Directive*2, and China’s Cybersecurity Law. In addition, industry associations are creating standards for security measures in the manufacturing industry, such as the ISO/SAE 21434*3 and SEMI E187/188*4. The IEC 62443-4-1 standard for which certification was acquired defines the requirements necessary for the development of secure control equipment and services throughout the product life cycle (planning, development, production, sales and maintenance).
OMRON will contribute to the realization of high information security performance for customer factories and production equipment through the development and provision of highly secure controller products and software in accordance with the development processes of IEC 62443-4-1. They will continue to work on product and service development in a manner that enables their customers to use the products and services with confidence.
OMRON will keep in mind their long-term vision of “Enriching the Future for People, Industries and the Globe by Innovative Automation” as they strive for Monozukuri innovation under their concept of advanced value generation. Controller Division provides products such as NJ/NX series of machine automation controllers and NY series of industrial PC platforms, and Advanced Solution Business Division HQ. provides “i-BELT” on-site data utilization service. Going forward, OMRON will continue to develop products and services with enhanced security functions that will promote stable factory operations and the visualization of work sites, to contribute to the resolution of manufacturing site issues that are emerging globally.
- *1. Advanced Solution Business Division HQ. is a department that creates and promotes services such as i-BELT service for the utilization of on-site data. It provides services that incorporate i-BELT Data Management Platform (i-DMP) software, which is an On-site Data Utilization Platform to collect, convert, store, and visualize on-site data from manufacturing.
- *2. The Network and Information Security 2 Directive. An EU directive defining cybersecurity risk management measures and reporting requirements in the EU for all the sectors covered, including for energy, transport, health and digital infrastructure.
- *3. An international standard that defines cybersecurity requirements in the automotive industry for the entire life cycle of automobiles, from their planning, design and production to their maintenance and disposal.
- *4. Industry standards that define cybersecurity requirements in the semiconductor industry for semiconductor equipment and systems. SEMI E187 defines cybersecurity specifications for fab equipment and E188 defines specifications for the incorporation of malware-free equipment.