Cybersecurity + Safety Sensors: Building Trust in Modern Manufacturing

Why Cybersecurity Now Belongs in Safety Conversations

With the rise of connected factories, manufacturing has steadily integrated IT-like connectivity: edge devices, IIoT gateways, cloud analytics, and remote diagnostics. While many of these solutions increase productivity, that connectivity also increases exposure to attacks when industrial control systems (ICS) are compromised.

Safety sensors are critical to protect from cyber attacks. These sensors don’t just prevent accidents – they also sit on networks, exchange data, receive updates, and can be targets for cyber threats. Without protection from cyber attacks, manufacturers run the risk of losing access to these vital sensors for protection of people and equipment. The industry’s response is clear: align functional safety with cybersecurity, grounded in internationally recognized standards and robust certifications.

SICK’s latest milestones in safety and cyber security support this response. Flexi Compact now meets IEC 62443-4-1 and -4-2 standards, and the ReLy safety relays, Flexi Compact, Flexi Net, and Flexi Mobile secured certification under the new EU Machinery Regulation (EU) 2023/1230. This marks a decisive step toward trusted, future-ready manufacturing.

The ISA/IEC 62443 series frame this distinction between IT and IACS, highlighting the unique availability, performance, and change management needs of industrial systems alongside the consequences of cyber attacks on safety-critical equipment.

The Standards Backbone: IEC 62443 and EU Machinery Regulation

IEC 62443: Security by Design and by Component

• IEC 62443‑4‑1 (Secure product development lifecycle): Defines process requirements across the development lifecycle—security requirements definition, secure design and implementation, verification/validation, defect management, patch management, and end‑of‑life. It applies to product developers and maintainers of IACS components.
• IEC 62443‑4‑2 (Technical security requirements): Details component-level requirements for embedded devices, host/network components, and software, organized around foundational objectives (e.g., identification/authentication, system integrity, restricted data flow). Certification programs frequently reference maturity levels in 4‑1 and specific security levels in 4‑2.

Together, these parts ensure security is embedded from concept to decommissioning and enforced at the device/component layer—a critical pairing for safety controllers and relays that must remain trustworthy under attack.

EU Machinery Regulation (EU) 2023/1230: Safety for a Digital Era

Published in 2023 and entering into application on January 20, 2027, the regulation replaces the 2006/42/EC Machinery Directive and brings binding, uniform rules across Member States—no national transposition needed. Notably, Annex III adds explicit cybersecurity considerations, addressing interference from remote connectivity, software updates, AI in safety functions, and substantial modifications that trigger new conformity assessments.

For OEMs and integrators, the regulation modernizes essential health and safetyrequirements, clarifies scopes, and strengthens market surveillance. This raises the bar for documentation, risk assessment, and digital instructions.

SICK’s Leadership: Secure by Design, Certified for Safety

Flexi Compact: Certified Cybersecurity Meets Modular Safety

SICK’s Flexi Compact safety controller has been certified by TÜV SÜD to IEC 62443-4-1/-4-2, validating both its secure development lifecycle and technical component protections. As an embedded device, Flexi Compact achieves Security Level 1 or higher across applicable 4‑2 requirements—one of the few safety controllers globally to carry comprehensive cybersecurity certification—while also holding EU type-examination aligned to EU 2023/1230.

Beyond certifications, Flexi Compact’s software-programmable, modular platform, intuitive Safety Designer software, and gateways for common fieldbus systems enable fast commissioning, rich diagnostics, and end‑to‑end data availability—practical benefits for uptime and maintainability in digital plants.

Early Adopters of EU 2023/1230

SICK’s ReLy safety relays—and its Flexi Compact, Flexi Mobile, and Flexi Net families—were certified to the new Machinery Regulation (EU) 2023/1230, signaling readiness for the 2027 application date and setting a benchmark in global safety assurance. These early certifications reflect SICK’s proactive alignment with evolving requirements around digitalization, connectivity, and cybersecurity in safety-related control systems.

What These Milestones Mean for Manufacturers

Reduced Cyber Risk at the Safety Layer

Safety controllers and relays are no longer passive components; they’re networked endpoints. IEC 62443‑certified devices like Flexi Compact bring identity and access controls, integrity checks, restricted data flows, and event response capabilities into the heart of safety systems. That reduces the likelihood and impact of malicious or inadvertent changes in safety logic.

Compliance Confidence Ahead of 2027

With EU 2023/1230 on the horizon, SICK’s certifications provide early conformity signals for OEMs planning their portfolios. The regulation’s emphasis on cybersecurity of safety control systems, AI in safety functions, and lifecycle documentation aligns closely with what IEC 62443 requires and what SICK has implemented.

Operational Uptime and Faster Commissioning

The combination of Safety Designer software, modular hardware, and standardized gateways supports rapid start‑ups, efficient troubleshooting, and predictive maintenance, helping teams keep machines available while preserving safety integrity.

Future‑Proofing Digital Transformation

As plants adopt IIoT analytics, condition monitoring, and remote support, component-level security and secure development lifecycles become table stakes. SICK’s approach helps bridge IT/OT practices so safety data can be shared without compromising integrity or availability.

Practical Integration: A 5‑Step Playbook

1. Map Your Safety Assets and Data Flows
   Identify safety controllers, relays, and sensors on the network; document zones and conduits per IEC 62443 for restricted data flow and segmentation.
2. Select Certified Components Strategically
   Prioritize devices with IEC 62443‑4‑1/-4‑2 certifications and early EU 2023/1230 conformity (e.g., SICK Flexi Compact, ReLy, Flexi Mobile, Flexi Net) to anchor cybersecurity and regulatory readiness.
3. Harden Configuration and Access
   Enforce role‑based use controls, unique credential management, and secure update procedures—requirements embedded in 62443 foundational objectives.
4. Embed Documentation and Lifecycle Controls
   Align processes to 4‑1: track vulnerabilities, patches, and change control; produce technical files and digital instructions anticipating EU 2023/1230 expectations.
5. Test, Train, and Audit Regularly
   Conduct periodic cybersecurity drills and safety validations; consider third‑party assessments aligned to both IEC 62443 and the Machinery Regulation’s conformity requirements.

The Bigger Picture: From Compliance to Competitive Advantage

Cyber‑secure safety isn’t only about avoiding incidents or passing audits; it’s about trust—with operators, with customers, and across supply chains. Devices engineered and certified to resist tampering, authenticate users and updates, and maintain safe states under duress enable:

• Faster innovation cycles with less rework due to security flaws.
• Expanded remote services (condition monitoring, diagnostics) without compromising safety integrity.
• Simplified market access as regulations converge on cybersecurity expectations (EU 2023/1230, Cyber Resilience initiatives).

SICK’s early, comprehensive certifications position manufacturers to embrace Industry 4.0 practices while safeguarding the people and processes at the core of production.

Importance of Safety in Manufacturing

Safety in manufacturing is inseparable from cybersecurity. Standards like IEC 62443‑4‑1/-4‑2 and regulations like EU 2023/1230 provide the blueprint; SICK’s Flexi Compact, ReLy, Flexi Mobile, and Flexi Net bring it to life with audited development processes, component-level protections, and future-ready compliance.

For leaders planning their next plant upgrade or machine release, the path is straightforward: choose certified safety technology, integrate it with documented secure lifecycles, and treat safety sensors as first-class citizens of your cybersecurity program.

That’s how modern factories build trust—safely, securely, and sustainably.