For the first time, the OPC community gathered to address critical cybersecurity requirements in an open and collaborative environment. Held in Munich, Germany, this event brought together experts, industry leaders, and legal professionals to discuss the ever-evolving landscape of industrial security and the upcoming EU cyber security requirements.
The OPC Foundation established this event to fulfill the requests of its member companies, who asked for an exchange platform to discuss cyber security requirements. To encourage an open exchange, the event was held as a pure, in-person event. In retrospect, this was a good decision, since many discussions happened which otherwise wouldn’t have taken place if the majority would have attended virtually.
The Cyber Resilience Act was one of the key themes of this conference. The summit delved into the CRA components like the SBOM (Software Bill of Materials) and CVE (Common Vulnerabilities and Exposures) but also addressed technical requirements for products to meet IEC 62443 adherence. International agencies like Germany’s BSI and the USA’s FBI and CISA, shared invaluable perspectives on the CRA’s content.
Left to right: Mike Clark (OPCF), Anna Schwendicke (BSI), Matthew Rogers (CISA), SA Gabrielle Ma (FBI), Jens Cordt (BSI), Stefan Hoppe (OPCF)
Representatives from industry giants, including Siemens, Beckhoff, Schneider Electric, and Microsoft took center stage to explain their plans on how to address these security requirements on a company-wide scale. Their insights fueled discussions during coffee breaks and moderated Q&A sessions.
Unified Automation and Systerel, as technology experts, shared important insights on OPC UA Security and how OPC UA helps address these requirements and further explained important coding practices to achieve a high level of security.
Rather exotic for the OPC Foundation conferences, were legal sessions with Dr. Gerrit Hötzel, who is a certified expert attorney for Information Technology Law. With sessions about the liability for Open-Source software under the Cyber Resilience Act, he provided the most visited session throughout the conference.
Dr. Gerrit Hötzel (Voelker)
For all attendees who would like to look at the slides again, or if you missed this important event but would like to get a feeling for the discussions, you’ll find the slides for download on the OPC Foundation website:
https://opcfoundation.org/developer-tools/marketing-communication-presentations/opc-and-opc-ua-presentations/
A sneak preview for everyone who would have loved to attend but couldn’t travel to the conference, the event group is currently in discussions to schedule a virtual event, where we provide similar, updated content on a wider scale. Stay tuned for updates regarding the event.
Thanks go out to our sponsors Beckhoff, Siemens, Systerel, Unified Automation, Microsoft and BSI.
The OPC UA Security Summit 2024 was beyond a normal conference; it was a discussion platform. Lawyers, security agencies, and product owners came together, united by the common goal: securing the future of industrial automation.