Moxa Inc.
Jan 26, 2022

Moxa Achieves IEC 62443 Standard Security Requirements to Futureproof Next-generation Networking


Taipei, Taiwan, January 26, 2022—Moxa Inc., a leader in industrial communications and networking, with a focus on securing industrial networks, is thrilled to announce that the company has obtained the world’s first IEC 62443-4-2 certification for industrial networking devices, as per the International Electrotechnical Commission for Electrical Equipment (IECEE) Certification Body Scheme. The certification is for one of the company’s next-generation networking solutions, EDS-4000/G4000 Series, due to hit the market in the upcoming March.

As recognized by IEC 62443-4-2 and IEC 62443-4-1 certifications, Moxa’s solutions aim to unite networking and OT cybersecurity with layered defense-in-depth protection. Our solutions cover security-hardened networking devices based on the IEC 62443-4-2 cybersecurity standard, advanced IT and OT network segmentation with threat prevention, and tailored OT deep packet inspection (DPI) realizing industrial intrusion prevention system (IPS). These offerings allow Industrial Automation and Control Systems (IACS) to be built with reliable end-to-end connectivity to provide robust hardware, as well as high-performance and dependable networks.

“When we pursued the certification of the IEC 62443 standards, the journey was transformational for Moxa,” said Samuel Chiu, general manager of Moxa Networking. “We demonstrated that security is part of the DNA of Moxa’s product and solution portfolios by complying with the internationally recognized standards related to the process and product requirements for the secure development of an IACS. This benefits our customers who must now utilize these solutions to enjoy undisrupted operations during every step of their digital transformation.”

“Networking and cybersecurity have strong synergies in operations settings, yet they both must be purpose-built for OT environments. With the digital future and increased connectedness of operations, new industry requirements and standards will be put in place to ensure providers can keep up with these requirements,” said Jonathan Lang, research director of IDC with a focus on Worldwide IT/OT Convergence Strategies. “These specialized industry requirements can be overlooked by many IT cybersecurity solutions, and combining subject matter expertise and capabilities from operations is critical to ensure integrity of security systems.”

According to IDC’s Worldwide IT/OT Convergence 2022 Predictions*, 75% of new operational applications deployed at the edge will leverage containerization by 2024. This will enable a more open and composable architecture, which will be necessary for resilient operations.

The rise in edge devices and expanded connectivity represent a pathway into operations. They are being deployed at a high rate and utilize more open architectures and capabilities compared to the isolated automation systems of the past. These devices must have both their software and hardware elements developed securely to last throughout their product lifecycle, integrate seamlessly into the network overall, and have security management capabilities.

To create a foundation for futureproof operations, many system integrators require that component suppliers comply with the subsections of the IEC 62443 standard that pertain to their devices. The software development process-related IEC 62443-4-1 and the product-related IEC 62443-4-2 standards highlight the importance of selecting vendors that provide hardened hardware components built with a “secure by design” approach. This approach should be adopted from the first day of the product development process, which includes plans for complete security lifecycle management and patch management.

“The IEC 62443 series of standards cover all aspects of security requirements, thus providing a common language for component suppliers, system integrators and asset owners”, says Steve Mustard, 2021 President of International Society of Automation (ISA), the Standards Development Organization responsible for IEC 62443. “The standards outline a secure-by-design approach and provide requirements through to product manufacturing. This significantly simplifies the procurement and integration processes for network devices, applications, and automation control devices that make up industrial control systems.”

The IEC 62443-4-1 standard defines a secure development lifecycle for the purpose of developing and maintaining secure products used in IACS. The IEC 62443-4-2 standard is important for system integrators, machine builders, and plant operators who have to consider the security aspects of their applications. Both standards are useful for device manufacturers who develop switches, routers, gateways, and other components for the automation industry.

Moxa has been following the development of the IEC 62443 standard for six years and has designed its products in accordance with its guidelines. In addition, Moxa has spent considerable resources on educating the market about not only the importance of the standard, but how we embed its principles throughout all stages of our hardware and software development. The certifications also demonstrate Moxa’s capability to identify and respond to vulnerabilities and work with customers to mitigate their risks. Only when cybersecurity awareness increases can joint forces enhance industrial network security. Moxa will continue investing in cybersecurity and work closely with our customers to ensure that “secure by design” solutions combine expanded networking and purpose-built OT cybersecurity into one capability.

For further information, please contact your local distributor; in Sweden the distributor for networking solutions is Cat AB.

IDC FutureScape: Worldwide IT/OT Convergence 2022 Predictions, Doc #US47131521, October 2021.


Nyheter från Cat AB

  • NPort 2150A-W4

    Här är W4, en uppgraderad NPort Wireless

    Uppgraderad modell, anslut dina seriella enheter –såsom exempelvis PLC:er, mätare och sensorer– till ett trådlöst LAN. Ha koll på var de är och hur de mår samtidigt som du kan lägga till en del nya säkerhetsfunktioner såsom Secure Boot.
  • Minimal i storlek, maximal ur driftsäkerhetsaspekt

    Liten, pålitlig, snabb och ändå anpassad för industriers krav

    Go Beyond the Limits With the EDS-2000/G2000-EL Series Industrial Unmanaged Switches, Minimal Size, Maximal Durability!
  • Öka hastigheten i dina nav med 3.2 hubbar

    Moxas nya USB hubb är ett nav som kan skapa upp till 7 anslutningar och ge 5 Gbps på var port. Med extern strömförsörjning matar var port 900mA, industriklassad utrustning, läs mer om UPort 400A serien.
  • Stefan Edlund ny medarbetare på Cat AB

    Ny medarbetare

    Välkommen Stefan Edlund, Business Development Manager på Cat AB!
  • Senaste nyhetsbrevet från Cat AB

    Nyheter och tips från Cat AB, så heter vårt nyhetsbrev som kommer ut 1-2ggr/ månad med någon extra utgåva när... Läs mer »
  • NAT-102 Moxas nya adressöversättare med brandvägg

    NYHET! NAT-102, Moxas industriella adressöversättare med brandvägg kan hjälpa er att få tillgång till fler IP-adresser via privat adressering, men de kan även användas för att skapa lika interna nätverk eller för att öka datasäkerheten.
  • Moxas svar ang. sårbarheter och Realtek AP-Router SDK

    Moxa svarar på sårbarhet funna i Realtek SDK där många hundra tusentals enheter världen över kan ha drabbats, Moxa har i dags dato (2 december 2021) ej funnit att sårbarheten kan användas i Moxas befintliga sortiment eller i produkter vilka omfattas av garantitid.
  • Moxas svar angående sårbarhet och InterNiche Stack (INFRA:HALT)

    Ett antal sårbarheter(14) har hittats i flera HCC Embedded’s InterNiche stack (NicheStack) samt i NicheLite. Ingen av Moxas produkter i sortimentet eller med giltig garantitid anses påverkade vid dags dato (2 dec. 21).
  • Nya avsnitt Security Talks

    Security talks med Moxas Jesse och Thomas Burk, Mitsubishi Electric Automation (tidigare chef för OPC Foundation). Hör med om säkerhet, få koll på nya förkortningar och lär av erfarenheter inom cybersecurity.
  • Lilla biblioteket

    I lilla biblioteket har vi börjat samla artiklar och publikationer som vi på Cat tycker är intressanta. Kom gärna med tips och idéer