Embedded and edge computing technology provider congatec has achieved certification to the IEC 62443-4-1:2018 standard for the development and support of its embedded building blocks and tech stacks. Issued by TÜV NORD, the certification verifies that cybersecurity is fully integrated into all phases of the company’s development from the outset, providing a secure supply chain foundation for industrial customers.
The scope of the certification encompasses congatec’s application-ready building blocks and aReady.COM technology stacks, which integrate computer-on-modules with licensed operating systems like Ubuntu Pro and ctrlX OS, alongside software modules such as conga-connect (aReady.IOT) and conga-zones (aReady.VT). Customers utilizing these certified stacks benefit from verified implementation processes that include strict coding guidelines, continuous verification and validation, as well as systematic vulnerability, patch, and obsolescence management. These pre-certified layers offer a significant time-to-market advantage by simplifying security verification for regulatory authorities, particularly in strictly regulated sectors such as automation, robotics, medical devices, energy technology, and transportation.
Implementing these audited development and support processes also establishes a critical compliance pathway for original equipment manufacturers (OEMs) targeting the European market. The certified tech stacks make it easier for companies to align with the upcoming regulatory requirements of the EU Cyber Resilience Act (CRA), which becomes mandatory on December 11, 2027. By integrating hardware, operating systems, hypervisors, and internet of things (IoT) connectors developed under these standards, developers can build their own compliance and security evidence more efficiently.
“By achieving IEC 62443-4-1 certification, we are demonstrating in accordance with internationally applicable guidelines, that we integrate cybersecurity consistently and verifiably into our development and support processes,” Konrad Garhammer, COO & CTO of congatec explains. “This gives our customers application-ready embedded building blocks and tech stacks based on certified development and support processes. It further supports integration into their own applications, simplifies security verification for customers and regulatory authorities, and creates a robust foundation for CRA-relevant compliance processes.”
“Our tech stacks developed in accordance with IEC 62443-4-1, including licensed operating systems, hypervisor and IoT connectors, help customers build their own compliance and security evidence more efficiently and simplify and accelerate certification work,” Dominik Ressing, CEO of congatec adds. “Companies, already relying on our building blocks today are positioning themselves early and efficiently for the requirements of the CRA and comparable regulatory frameworks.”
