SICK
Webinar Date: March 10, 2026
Key Takeaways
- Why safety components are prime targets for cyber attacks—and what’s at stake.
- How IEC 62443 and EU 2023/1230 set the blueprint for secure, compliant manufacturing.
- Practical steps to integrate cybersecurity into your safety strategy.
- How SICK’s certified solutions enable trusted, future-ready production environments.
Frequently Asked Questions
Do we need to update existing machines?
- Products shipped before December 2027 are exempt and effectively grandfathered under the CRA. However, any machines or components manufactured and shipped after that date must comply with the CRA, particularly if they are being sold or distributed in the EU.
Do all parts of IEC 62443 have to be implemented?
- No, they don’t have to meet every section. Standards like IEC 62443 include both relevant and non-relevant clauses depending on the product. For example, Flexi Compact complies with sections 4-1 and 4-2, which apply to it, while other sections may not be applicable. Only the relevant sections need to be met; non-relevant ones are not evaluated.
Are the SICK light curtains IEC 62443 certified?
- Light curtains were assessed as low cyber risk because they are not networked, so they don’t need to comply with IEC 62443, which applies to networked devices. However, as connectivity evolves - such as with NFC - new risks can emerge. To address this, the team is incorporating cybersecurity considerations into development and involving dedicated experts to ensure that any necessary certifications are met as products evolve and go to market.
What configuration settings do I need to have a password for within the SICK Safety Assistant App?
- With the safety assistant, certain features - like the integrated laser alignment aid - require a password because activating it puts safety outputs into an unsafe state. Additionally, resetting the device or restoring factory settings also requires a user mode and password upon commissioning to ensure only authorized users can make these changes.
Are SICK Relays IEC 62443 certified?
- They are certified under the Machinery Regulation (MR) but not under IEC 62443 because they have no communication capabilities. As purely wired hardware, they respond only to specific electrical signals to control the relay. They meet safety requirements but don’t need to comply with cybersecurity standards.
Does this apply to non-safe products?
- This applies to both safe and non-safe products. The Machinery Regulation focuses specifically on safety requirements, unlike the CRA. Even products like smartwatches fall under consideration—the key factor isn’t whether a product is classified as safe or not, but whether it can communicate, meaning it can send or receive data with another device.
What does “OT” stand for?
- It stands for Operational Technology.
Is cybersecurity still important for non-US companies exporting to the US? And, isn’t the US unrelated to EU Machinery Regulation or CRA? I guess NRTL certification would be more important.
- As of today, foreign countries do not have to comply with the CRA when exporting to the USA, unless the country is manufacturing in the EU.
I wouldn’t say the US is unrelated. The CRA is still in early phases, much like Safety standards in the past. However, ISO and ANSI now reflect each other closely regarding many Safety standards, so it’s very possible that cybersecurity could follow the same path.
What is exactly changed in devices which make them certified than current products, is it hardware change or software change?
- It’s a combination but leans more toward hardware. In many cases, firmware plays a significant role yet meeting requirements - especially standards like IEC 62443 - is difficult if the product wasn’t originally designed with them in mind. While this makes compliance more relevant to hardware, software is still important. For example, with a safety controller configured using a tool like Safety Designer, there are strict requirements around encryption during data transfer and validation to ensure the deployed project matches what is on the hardware. Overall, both hardware and software matter, but the emphasis tends to be on hardware.
Referral Webinar Link
If you would like more information from this webinar, please review the details below.