Manufacturing’s move to Industry 4.0 and AI in OT expands the attack surface and makes supply chains a prime target, increasing safety, availability, and financial risks. The EU Cyber Resilience Act (CRA) makes cybersecurity a CE‑mark market access requirement for all products with digital elements from December 2027, with stricter assessment for higher‑risk products and fines up to €15M or 2.5% of global revenue. CRA demands security by design from the start, secure defaults and access control, timely vulnerability handling with an SBOM and updates, and monitoring with incident reporting. Manufacturers must provide an EU Declaration of Conformity, technical documentation (including risk analysis and vulnerability processes), and clear user instructions. OT needs a tailored approach that prioritizes availability and safety, applying defense‑in‑depth and zero‑trust principles. IEC 62443 offers a practical path: IEC 62443‑4‑1 defines a secure development lifecycle and update/vulnerability processes, and IEC 62443‑4‑2 defines technical controls across seven foundational requirements with graded security levels. Embedding these practices reduces attack surface, strengthens products, and enables CRA compliance.
| Topic Fields | |
| Published | 2025 |
| Involved Institutes | |
| Project Type | ICNAP Community Study |
| Result Type | |
| Responsibles |
The solution implements a zero-trust, security-by-design framework for industrial product development and operation, aligning with the EU Cyber Resilience Act and the IEC 62443 series. Its purpose is to embed risk-informed security controls from concept through decommissioning, enabling CE conformity and resilient operation in OT environments. Core functionality spans a secure product development lifecycle (IEC 62443-4-1), technical component controls (IEC 62443-4-2, mapped to FR1–FR7), vulnerability and update management with SBOM tracking, secure default configurations, identity and access management, logging and monitoring, and structured incident response and reporting.
The architectural approach applies defense in depth and zero-trust principles: explicit verification, least privilege, micro-segmentation of zones and conduits (IEC 62443-3-3), and continuous evaluation of device and user posture. Data flow encompasses secure bootstrapping and identity provisioning via PKI, authenticated and encrypted communications (TLS/DTLS, OPC UA security), telemetry and event streaming to SIEM, authenticated patch and configuration distribution, SBOM ingestion, and coordinated incident reporting to competent authorities where required by CRA.
Key technologies include MFA-capable IAM, secure boot and firmware signing, TPM/TEE where available, application allowlisting, IDS/IPS, rate limiting, and protocol hardening for industrial protocols (OPC UA, MQTT, Modbus with gateway mediation). Deployment supports on-prem and edge gateways in constrained OT networks, with optional cloud services for update orchestration and compliance documentation; offline and staged rollout are supported to meet availability requirements. Target users are product developers, component suppliers, system integrators, asset owners, and security/compliance teams.
Performance and security considerations prioritize availability and real-time constraints, resource limits on embedded devices, and controlled maintenance windows. Notable constraints include legacy equipment, proprietary protocols, and long support lifecycles. Scalability is addressed via multi-site policy enforcement, hierarchical identity and key management, and SBOM registries. External integrations include SIEM/SOAR, CVE/NVD feeds, ticketing systems, asset inventories, and national CSIRT reporting channels.
Contact us to get in touch! With a membership, you’ll gain full access to all project information and updates.
© Fraunhofer 2026
