- Semiconductor BusinessHOME
- Products and Services of Macnica,Inc.
-
technical information
-
Events and Seminars
- Handling Manufacturer
- Support
- Inquiry
- Click here to purchase products
- Semiconductor business e-mail magazine registration
Narrow down by specifying conditions
現在2154件がヒットしています。check
Start preparing for CRA here
Currently, customers are aware of the need to proceed with compliance with the EU Cyber Resilience Act (CRA). However, because harmonized standards have not yet been clarified, they are unable to determine whether their products fall under the CRA. While it is difficult to take concrete measures, product development must continue.
One way to proceed is to refer to the security requirements of IEC62443-4-2, which has a high affinity with the CRA Law. By adopting the concept of "Secure by Design" and incorporating security requirements from the design stage, this method aims for efficient development while ensuring compliance with future standards and safety.
In this article, we will introduce the types of proposals that Macnica Ultima Company can offer using the semiconductor and appliance products it handles.
CRA measures that Macnica can provide
Providing support from planning to operation and maintenance
What is IEC62443-4-2, which has high compatibility with the CRA method?
Industrial automation and control systems (IACS) are used in important areas that support the foundations of society, such as manufacturing, energy, transportation, and infrastructure. However, these systems have different characteristics from traditional IT, and are uniquely vulnerable to cyber attacks.
It was against this background that the IEC 62443 series was born. This is an international standard that systematically defines cybersecurity measures in OT (Operational Technology) environments, and was formulated by the International Society of Automatic Control Engineers (ISA) and the International Electrotechnical Commission (IEC).
IEC 62443 defines security from three perspectives:
People (organization): Security policies and operational systems
Process: Security management in development, implementation, and operation
Technology (products): Security features required for devices and systems
The European Cyber Resilience Act (CRA) requires manufacturers to comply with "cybersecurity requirements related to product characteristics." As a reference for understanding these requirements, it is possible to use the security requirements defined in IEC 62443-4-2.
The security levels defined in IEC 62443-4-2 are explained in a table below.
Security Level
| SL | explanation |
| SL1 | Identify and authenticate all users (humans, software processes, and devices) with mechanisms that protect against accidental or casual access by unauthorized entities. |
| SL2 |
Identify and authenticate all users (humans, software processes, and devices) with mechanisms that protect against deliberate unauthorized access by entities using simple means with low resources, common skills, and low motivation. |
| SL3 | Identify and authenticate all users (humans, software processes, and devices) with mechanisms that protect against deliberate unauthorized access by entities with reasonable resources, IACS-specific skills, and sophisticated means with reasonable motivation. |
| SL4 | Identify and authenticate all users (humans, software processes, and devices) with mechanisms that protect against deliberate unauthorized access by entities with enhanced resources, IACS-specific skills, and sophisticated means with high motivation. |
Security Requirements (FR)
Due to the sophistication of cyber attacks, we are now in an era where product safety cannot be ensured by simple access control alone. IEC 62443 defines security requirements to address these threats in seven categories. Next, we will explain what role each requirement plays.
| FR | explanation |
| FR1 | Identification and authentication controls |
| FR2 | Usage Control |
| FR3 | System Integrity |
| FR4 | Data Confidentiality |
| FR5 | Controlled Data Flow |
| FR6 | Timely response to events |
| FR7 | Resource Availability |
CR Categories and Relationships
In order to comply with the CRA, it is very important to clarify which security requirements your product must comply with. IEC62443 defines the requirements (CR) that apply to each component (product or equipment), which are closely related to the CRA requirements. The following diagram summarizes the relationship between each category and requirement, and can be used as the first step in complying with the CRA.
Products that Macnica can provide under IEC62443 (e.g. IoT devices)
Macnica ALTIMA Company can propose a product group that meets the security requirements based on IEC62443 from the design and development phase. In particular, we handle solutions from Altera FPGA, Analog Devices, NXP, Fortanix, Siemens, and others as products that are effective in achieving the security functions required for IoT devices.
In this section, we will introduce how these products can meet the requirements of IEC 62443 using IoT devices as examples. Please feel free to contact us for any other applications.
Altera FPGA
A programmable semiconductor, Altera FPGAs feature flexible circuit design and high-speed processing. They enable multi-layered security measures to prevent the copying, reverse engineering, and unauthorized tampering of design data and IP. They also enable security implementation with low latency, taking advantage of the characteristics of hardware.
■ CRA countermeasure related functions
・Bitstream authentication
・Key management (Virtual/Physical eFuse, BBRAM)
・PUF
Secure Boot
We have released an Altera introductory video for the event "European CRA enforcement is imminent! Key points and strengthening measures for implementing security features - Hardware and software perspectives required for CRA compliance," which was held on October 24th. Please see below. If you have any questions about the content, please contact your sales representative or the manufacturer. inquiry I would like
Altera introduction video (link to YouTube)
Analog Devices
Analog Devices offers features that are effective against CRAs, including tamper-resistant key storage, advanced encryption technology, key management, and secure boot.
■ CRA related functions -
- Bitstream authentication (AEAD/AES encryption)
- Key management (encryption of secure storage using PUF)
・PUF
・Secure boot/update
Analog Devices has released a video introducing the event held on October 24th, "European CRA Enforcement Imminent! Key Points and Strengthening Measures for Security Feature Implementation - Hardware and Software Perspectives Required for CRA Compliance." Please watch it below. If you have any questions about the content, please contact your sales representative or the manufacturer.
Analog Devices introduction video (link to YouTube)
NXP Semiconductors
NXP Semiconductors utilizes secure element functionality to provide effective countermeasures against CRAs, including public key authentication, encryption, and secure certificate storage.
■ CRA countermeasure related functions
Secure Boot
・Public key authentication
- Secure storage of encryption keys and certificates in NVM
・TLS support
- Bitstream encryption using a shared key
・PUF
NXP Semiconductors has released a video introducing the event held on October 24th, "European CRA enforcement is imminent! Key points and strengthening measures for implementing security functions - perspectives on hardware and software required for CRA compliance." Please see below. If you have any questions about the content, please contact your sales representative or the manufacturer. inquiry I would like
NXP Semiconductors introduction video (link to YouTube)
Siemens
Siemens is actively working to comply with the EU Cyber Resilience Act (CRA). Macnica handles Siemens Digital Industry products, which address Siemens' industry business.
■ CRA countermeasure related functions
・Industrial PCs (Box type, Rack type, Panel type)
・Industrial security appliance SCALANCE S
- Managed L2 switch SCALANCE X-200
・Industrial network integrated infrastructure management server SINEC INC
We have released a video introducing Siemens's "Security Feature Implementation and Strengthening Measures - Hardware and Software Perspectives Required for CRA Compliance" event held on October 24th. Please see below. If you have any questions about the content, please contact your sales representative or the manufacturer. inquiry I would like
Siemens introduction video (link to YouTube)
Foratnix
We provide a security platform that integrates encryption, key management, tokenization, etc. to strongly protect confidential data in multi-cloud and on-premise environments. It can be used to manage certificates and keys for IoT devices.
■ CRA related functions -
・DSM Data Security Manager: Key management, application encryption, DB encryption, code signing
・Certificate and key management using PKI
62443-4-2 CR Requirements and Device Capabilities
This article lists only a portion of the requirements and device functions. If you require information on other requirements and device functions, please contact your sales representative or contact us via the "Inquiries" link at the bottom of the page.
|
CR |
Altera |
Analog Devices |
Fortanix |
NXP Semiconductors |
|
CR1.8 |
〇 |
〇 |
▲ |
〇 |
|
CR1.9 |
〇 |
〇 |
〇 |
〇 |
|
CR1.10 |
〇 |
〇 |
〇 |
|
|
CR2.1 |
〇 |
〇 |
Inquiry
If you are interested in this solution, please contact us using the details below.