🔧
← Back to Standards Certifiable

IEC 62443-4-2

Security for industrial automation and control systems - Part 4-2: Technical security requirements for components

Organization: IEC Category: Product Security
2
Related Articles
0
Articles with Obligations
7
Key Sections
8
Coverage Areas

Overview

Specifies technical security requirements for components (embedded devices, host devices, network devices, and software applications) used in industrial automation and control systems.

Applicability

Technical security requirements for product components

Relevance to Cyber Resilience Act (CRA)

Essential for technical cybersecurity requirements and component-level security controls

Key Coverage Areas

1
Component security requirements
2
Security level targets (SL 1-4)
3
Authentication mechanisms
4
Access control implementation
5
Data integrity protection
6
Cryptographic requirements
7
Network security
8
Security event logging

Standard Sections & Chapters

CR-1

Identification and authentication control

CR-2

Use control

CR-3

System integrity

CR-4

Data confidentiality

CR-5

Restricted data flow

CR-6

Timely response to events

CR-7

Resource availability

Related Cyber Resilience Act (CRA) Articles

Article I: ESSENTIAL CYBERSECURITY REQUIREMENTS

View Article →
Sections: CR-1, CR-2, CR-3, CR-4, CR-5, CR-6, CR-7

Comprehensive technical security requirements for all security domains

Implementation Guidance:

Implement all seven foundational requirements: authentication, access control, integrity, confidentiality, data flow restrictions, event response, and availability

Article 13: Obligations of manufacturers

View Article →
Sections: CR-1, CR-2, CR-3, CR-4, CR-7

Technical security requirements for product components

Implementation Guidance:

Apply security level targets (SL) and implement component security requirements

Quick Information

Organization
IEC
Category
Product Security
Certification
✓ Available

Related Pages

← All Cyber Resilience Act (CRA) Standards View All Articles Compliance Guide
Get Implementation Help

🤝 Still Feeling Overwhelmed?

EU cybersecurity laws can be complex. Our free tools and guides work great for most people, but if you're dealing with something particularly challenging or have tight deadlines, we're here to help.

Talk to an expert → or Browse all our free resources →