Cybersecurity for electronic controllers
A necessity for you and for us?
The downside of digitisation and the connection of machines and devices to the internet is that they become more vulnerable to cyber attacks and other risks (such as ransomware, peak load on the net, circumvention of security, denial of functionality, etc). When this happens, the consequences are far-reaching. Cyber security will demand more and more attention from both electronics developers (like us), and machine and equipment builders (like you) in the coming years.
What is meant by cyber security?
Cyber security is the collective term for all measures taken to protect digital devices, systems and networks from unauthorised access, data theft or equipment damage. For years, IoT (Internet of Things) has been a growing market. We clearly notice this upward trend in the demands of manufacturers when developing custom-made electronics. They want their machines & devices to be accessible via the Internet, but of course there are risks involved. With insufficient protection, individuals with malicious intentions can gain access.
It is extremely important to build the necessary protection into both the network and the machines and devices themselves so that the devices can only be accessed by authorised people. To prevent breaches, software and hardware must be secured, and strong passwords and secure Wi-Fi networks are essential. Cyber security is thus an issue for both electronics developers and users of connected machines & devices.
Legislation requires stricter security
What makes responding to cyber security even more urgent is the changing legislation. The Radio Equipment Directive (RED)-updated in 2021 is a European Union (EU) directive that regulates the placing on the market of radio equipment(*).
Whereas originally the RED directive was limited to impact on health and preventing interference with other devices (EMC ElectroMagnetic Compatibility), it is now being extended to include security clauses. From August 2025, all machines & devices placed on the market will have to meet stricter security requirements. This applies not only to new products under development, but also to existing products. If a new weakness (vulnerability) is discovered, no matter whether it is in the software or in the Integrated Circuits (ICs) used, the product must be updated. OTA updates (**) of the software become essential, as the product may no longer be sold until the vulnerability is fixed.
What is the role of E.D.&A. in cyber security?
E.D.&A. cooperates with inspection bodies to optimally specify and standardise (new) imposed security measures in the development of our electronic controllers. Likewise, processes are discussed in case of (new) vulnerabilities.
In addition, the security team within our R&D department is developing procedures around monitoring and documenting risks for our products (risk analyses) and to follow up and resolve them in a more structured way, now and in the future.
E.D.&A. stands for transparency towards the customer. Together with the customer, we evaluate the risks and discuss in detail the security steps that can be taken. This joint effort ensures that their connected machines & appliances are not only technologically advanced because of our electronics, but also safe and reliable. We make products better together.
(*) Radio equipment refers to machines and devices using wireless technology such as Wi-Fi, Bluetooth and mobile networks.
(**) OTA (Over-The-Air)-updates. These are updates that can be distributed to devices via the internet. This makes it possible to update existing devices with end users.
