Certification for the IEC 62443-4-1 International Standard for Industrial Control System Security
OMRON Corporation is pleased to announce that in March 2023, the Controller Division, Product Business Division HQ and Advanced Solution Business Division HQ1 of its Industrial Automation Company have obtained third-party certification for the IEC 62443-4-1 international standard. This standard outlines the process and organizational requirements for the development of secure control components to be utilized in industrial automation and control systems.
In recent years, there have been accelerated efforts to utilize on-site manufacturing data in order to enhance productivity and quality within factories. As advancements in visualizing the manufacturing floor have been made, the importance of mitigating risks such as information leaks and production disruptions due to cyberattacks has also grown. Furthermore, with the increasing connectivity of various devices used on the manufacturing floor, security measures have become essential for safeguarding production lines and facilities.
Against this backdrop, as information technology continues to progress globally, many countries are developing legal requirements for security measures. Examples include the EU's Cyber Resilience Act and NIS2 Directive2, as well as China's Cybersecurity Law. Additionally, industry associations are establishing standards for security measures in the manufacturing sector, such as ISO/SAE 2143433 and SEMI E187/18844.
The recently acquired certification for the IEC 62443-4-1 standard sets forth the necessary requirements for developing secure control equipment and services throughout the entire product life cycle, encompassing planning, development, production, sales, and maintenance. OMRON aims to contribute to the realization of robust information security performance for customer factories and production equipment by designing and providing highly secure controller products and software in alignment with the development processes outlined in IEC 62443-4-1.
OMRON will contribute to the realization of high information security performance for customer factories and production equipment through the development and provision of highly secure controller products and software in accordance with the development processes of IEC 62443-4-1. We will continue to work on product and service development in a manner that enables our customers to use the products and services with confidence.
We will keep in mind OMRON’s long-term vision of "Enriching the Future for People, Industries and the Globe by Innovative Automation" as we strive for Monozukuri innovation under our concept of advanced value generation. The Controller Division is dedicated to providing products such as the NJ/NX series of machine automation controllers and the NY series of industrial PC platforms. Meanwhile, the Advanced Solution Business Division HQ offers the "i-BELT" on-site data utilization service.
Going forward, we will continue to develop products and services with enhanced security functions that will promote stable factory operations and the visualization of work sites, to contribute to the resolution of manufacturing site issues that are emerging globally.
(1) Advanced Solution Business Division HQ. is a department that creates and promotes services such as i-BELT service for the utilization of on-site data. It provides services that incorporate i-BELT Data Management Platform (i-DMP) software, which is an On-site Data Utilization Platform to collect, convert, store, and visualize on-site data from manufacturing.
(2) The Network and Information Security 2 Directive. An EU directive defining cybersecurity risk management measures and reporting requirements in the EU for all the sectors covered, including for energy, transport, health and digital infrastructure.
(3) An international standard that defines cybersecurity requirements in the automotive industry for the entire life cycle of automobiles, from their planning, design and production to their maintenance and disposal.
(4) Industry standards that define cybersecurity requirements in the semiconductor industry for semiconductor equipment and systems. SEMI E187 defines cybersecurity specifications for fab equipment and E188 defines specifications for the incorporation of malware-free equipment.