Safety & Security
Functionally safe products must be especially protected against cyber risks due to normative specifications. You will find our range of development services for safety & security engineering on this in-depth website. The embeX offer in the fields of functional safety and cyber security is presented on the respective dedicated pages.
The recently published IEC TR 63074 describes which security measures are required to ensure functional safety in industrial applications. The report serves as a link between the central functional safety standard IEC 61508 and the central cyber security standard IEC 62443.
For medical technology, the German BfArm has made it clear: "Manufacturers and operators must pay more attention to IT security of networked medical products: Cyber security is an essential prerequisite for medical device safety and patient protection".
In addition to the normative requirements, it should be noted in the product definition that a higher security level (SL) of a component such as a control system requires fewer protective measures to be taken externally. Since system considerations always require intensive coordination with the end user, embeX advises on the cost-benefit analysis of improved security protection, where further system components and coordination are not necessary.
The certified embeX development process covers both safety and security requirements and is made available to customers for adaptation on request. embeX develops sophisticated products for the SIL 3 and SIL 4 certifications and for the security levels required for the respective security zone according to the risk analysis.
On the one hand, synergies are created in the development of safe and secure products, as both areas place high demands on the care taken in development and predictable behaviour. On the other hand, it is necessary to strike a balance between a large number of opposing objectives of the security concepts on a project-specific basis, as the following table illustrates:
Standards and Directives
We work according to the following guidelines and standards:
- IEC TR 63069: “Industrial-process measurement, control and automation - Framework for functional safety and security”
- IEC TR 63074: “Security aspects related to functional safety of safety-related control systems”
- Medical Device Certification Group: MDCG 2019-16: “Guidance on Cybersecurity”
- Guidances for FDA
- “Premarket Submissions for Management of Cybersecurity in Medical Devices”
- “Postmarket Management of Cybersecurity in Medical Devices”
- IEC 50159: “Railway applications. Communication, signalling and processing systems. Safety-related communication in transmission systems”