Moxa, a leader in industrial communications and networking, with a focus on securing industrial networks, has obtained the world’s first IEC 62443-4-2 certification for industrial networking devices, as per the International Electrotechnical Commission for Electrical
Equipment (IECEE) Certification Body Scheme.
The certification is for one of the company’s next-generation networking solutions, EDS-4000/G4000 Series, due to hit the market in the upcoming March.
As recognized by IEC 62443-4-2 and IEC 62443-4-1 certifications, Moxa’s solutions aim to unite networking and OT cybersecurity with layered defence-in-depth approach. Solutions cover security-hardened networking devices based on the IEC 62443-4-2 cybersecurity standard, advanced IT and OT network segmentation with threat prevention, and tailored OT deep packet inspection (DPI) realizing industrial intrusion prevention system (IPS). These offerings allow Industrial Automation and Control Systems (IACS) to be built with reliable end-to-end connectivity to provide robust hardware, as well as high-performance and dependable networks.
“The IEC 62443 series of standards cover all aspects of security requirements, thus providing a common language for component suppliers, system integrators and asset owners”, says Steve Mustard, 2021 President of International Society of Automation (ISA), the Standards Development Organization responsible for IEC 62443. “The standards outline a secure-by-design approach and provide requirements through to product manufacturing. This significantly simplifies the procurement and integration processes for network devices, applications, and automation control devices that make up industrial control systems.”
“When we pursued the certification of the IEC 62443 standards, the journey was transformational for Moxa,” said Samuel Chiu, general manager of Moxa Networking. “We demonstrated that security is part of the DNA of Moxa’s product and solution portfolios by complying with the internationally recognized standards related to the process and product requirements for the secure development of an IACS. This benefits our customers who must now utilize these solutions to enjoy undisrupted operations during every step of their digital transformation.”
According to IDC’s Worldwide IT/OT Convergence 2022 Predictions, 75% of new operational applications deployed at the edge will leverage containerization by 2024. This will enable a more open and composable architecture, which will be necessary for resilient operations.
The rise in edge devices and expanded connectivity represent a pathway into operations. They are being deployed at a high rate and utilize more open architectures and capabilities compared to the isolated automation systems of the past. These devices must have both their software and hardware elements developed securely to last throughout their product lifecycle, integrate seamlessly into the network overall, and have security management capabilities.
“Networking and cybersecurity have strong synergies in operations settings, yet they both must be purpose-built for OT environments. With the digital future and increased connectedness of operations, new industry requirements and standards will be put in place to ensure providers can keep up with these requirements,” said Jonathan Lang, research director of IDC with a focus on Worldwide IT/OT Convergence Strategies.
“These specialized industry requirements can be overlooked by many IT cybersecurity solutions, and combining subject matter expertise and capabilities from operations is critical to ensure integrity of security systems.”
To create a foundation for futureproof operations, many system integrators require that component suppliers comply with the subsections of the IEC 62443 standard that pertain to their devices. The software development process-related IEC 62443-4-1 and the product-related IEC 62443-4-2 standards highlight the importance of selecting vendors that provide hardened hardware components built with a “secure by design” approach.