09/02/2019

Cyber Security for CE Mark

DEEPENING

"Intelligent" machinery requir "intelligent" technology. On the one hand, the Smart factory (more commonly known as Industry 4.0) allows perfect management of the entire production process and the management of certain parameters even remotely (such as for example, speed, force and temperature), from the other exposes the same machines to cyberattacks.

The unexpected increase in the speed of the machinery or in the pressure are some examples of how cyberattacks can pose a threat to operator safety.

For this reason, the ISO (the international organization for standardization) has prepared the document "ISO/TR 22100-4: 2018, Safety of Machinery - Relationship with ISO 12100 - Part 4: Guidance to machinery manufacturers for consideration of related IT-security (cyber security) aspects” mainly addressed to: designers, builders and users of industrial machinery.

The working group has elaborated the present document to help industrial machinery manufacturers to identify and manage, as a preventive measure, cyber security threats that could compromise the safety of the machinery. ISO/TR 22100-4 is closely connected with the ISO 12100 standard "safety of machinery - general principles for design - risk assessment and risk reduction" which establishes the fundamental principles for the risk assessment of machinery.
 
02-09-19-01.jpg
ISO / TR 22100 standard - Figure 3 - Relationship between machinery safety and IT-security

Par. 10 of the ISO/TR 22100 standard sets out important recommendations to machine manufacturer such as, for example:
 
  • the use of hardware and software components with high levels of security to mitigate or minimize the vulnerability of cyber incidents, the integrity of software and data, encrypted communications, the updates, etc.
  • the adoption of specific measures during the design of the machine such as the separation of the IT system which is relevant to safety from the IT system of the entire machine, the adoption of firewalls and antivirus tools, the reduction of the complexity of the IT system, etc.
  • the preparation of operating instructions (user and maintenance manuals) addressed to operators, containing indications on the threats and problems to which the system could be exposed during its use and on the relative measures provided by the manufacturer to try to govern them.

Visit the ENGAL Services NewsRoom where you will find news regarding the Certification procedures, the Regulatory Updates, the news on the Interpretative Trends of the technical requirements and the Problems encountered in the matter of Conformity and Certification.

Please complete the form to send us a message

Fields marked with an asterisk (*) are mandatory.

Read here the privacy policy terms of ENGAL Services s.r.l.
Contact us CLICK HERE