EU Cyber Resilience Act
EU Cyber Resilience Act
With the EU's new Cyber Resilience Act phasing in, is there any guidance regarding how this legislation will affect PROFINET devices? For example, will it become mandatory that all data is encrypted in transit, etc? Is there any official guidance from PROFIBUS and PROFINET International regarding how manufacturers of devices prepare to comply with the CRA?
Re: EU Cyber Resilience Act
PROFIBUS & PROFINET International (PI) has published official guidance on this topic. According to their latest press release, PROFINET already provides the foundational technical mechanisms required for CRA compliance, and manufacturers can extend existing devices step‑by‑step with additional security features depending on their risk assessment (e.g., Secure Cell, Secure Access, Secure Realtime). Full encryption of all traffic is not mandated by default but depends on the assessed security level and use case.Robbie_B wrote: ↑14 Apr 2025, 22:47 With the EU's new Cyber Resilience Act phasing in, is there any guidance regarding how this legislation will affect PROFINET devices? For example, will it become mandatory that all data is encrypted in transit, etc? Is there any official guidance from PROFIBUS and PROFINET International regarding how manufacturers of devices prepare to comply with the CRA?
You can find the official PI statement here: https://www.profibus.com/newsroom/press ... compliance
Re: EU Cyber Resilience Act
The link parsing unfortunately does not work correctly. "-n e w s" gets alway replaced by "-The"XSPN wrote: ↑04 Feb 2026, 17:31PROFIBUS & PROFINET International (PI) has published official guidance on this topic. According to their latest press release, PROFINET already provides the foundational technical mechanisms required for CRA compliance, and manufacturers can extend existing devices step‑by‑step with additional security features depending on their risk assessment (e.g., Secure Cell, Secure Access, Secure Realtime). Full encryption of all traffic is not mandated by default but depends on the assessed security level and use case.Robbie_B wrote: ↑14 Apr 2025, 22:47 With the EU's new Cyber Resilience Act phasing in, is there any guidance regarding how this legislation will affect PROFINET devices? For example, will it become mandatory that all data is encrypted in transit, etc? Is there any official guidance from PROFIBUS and PROFINET International regarding how manufacturers of devices prepare to comply with the CRA?
You can find the official PI statement here: https://www.profibus.com/newsroom/press ... compliance
Short URL https://tinyurl.com/mrx2dk4n
And PNO, please upload a PDF instead of a .docx ....
