Learn about EN 50742, the standard being developed to protect machines from tampering and cyberattacks in line with the Machinery Regulation (EU) 2023/1230.
Goals and scope
EN 50742 is being developed to protect machines from corruption that could negatively affect safety-critical functions. The standard aims to ensure that machines are designed, manufactured and operated to prevent both unintentional and deliberate corruption. This specifically includes protection against safety risks arising from physical, logical or indirect connections.
EN 50742 applies to machines and their components that include safety-critical functions. It covers the following areas:
- Hardware components, including interfaces to remote devices and control systems that transmit signals or data.
- Software and data, when these can affect the safety of the machine.
The requirements of the standard span the entire life cycle of a machine, from design through manufacture and commissioning to operation, maintenance and decommissioning. Functional safety requirements, as addressed in standards such as ISO 13849 or IEC 62061, are not part of EN 50742.
Relationship with the Machinery Regulation
EN 50742 addresses requirements set out in Machinery Regulation (EU) 2023/1230, Annex III:
Protection against corruption (Annex III, section 1.1.9)
Machines must be designed so that dangerous situations do not arise from physical, logical or indirect connections.
Safety and reliability of control systems (Annex III, section 1.2.1)
Machines must be protected against both deliberate and unintentional corruption.
The standard serves as a tool to implement the Machinery Regulation requirements and to address safety risks. Manufacturers can thereby demonstrate that they systematically address protection against corruption and design their machines in conformity with the regulation.
Would you like to clarify which parts of EN 50742 are relevant for your machines and how the standard should be interpreted in the context of the Machinery Regulation? A non-binding consultation can be used to assess applicability and the regulatory context in a structured way.
Structure and composition of EN 50742
The standard is divided into several sections that systematically cover the relevant topics:
Introduction and scope
Introduction to the objectives and scope of the standard.
Terms and definitions
Clarification of central terms such as “physical connection” or “logical connection.”
Protection against corruption
Description of key concepts such as risk assessments and protection objectives.
Process requirements
Requirements for the machine life cycle based on IEC 62443-4-1.
Product safety requirements
Technical measures to protect against corruption based on IEC 62443-4-2, including requirements for connections, data storage and logging.
Information for use
Requirements for documentation and user information for the safe use of the machine.
Informative annexes and overviews linking the content to the Machinery Regulation complete the structure.
Requirements
According to the current discussion and planning status, the concrete requirements of EN 50742 will be based on IEC 62443. Process requirements will be covered by IEC 62443-4-1 and technical product requirements will draw on the content of IEC 62443-4-2.
Process requirements according to IEC 62443-4-1
EN 50742 explicitly references the process requirements of IEC 62443-4-1. These include, among others:
- Security management: Implementation of a systematic security management approach for a secure development lifecycle, including defined policies, roles and processes for all development phases.
- Specification of security requirements: Definition of clear and verifiable requirements corresponding to threats and risks to ensure security throughout the machine’s life cycle.
- Verification and validation: Requirements for testing, verifying and validating security requirements, including staging tests and penetration tests.
These requirements are intended to ensure that manufacturers identify security risks early and implement effective countermeasures.
Further information on IEC 62443-4-1 is available in our article IEC 62443-4-1 cybersecurity from the start.
Technical requirements according to IEC 62443-4-2
The product-specific requirements in EN 50742 are based on IEC 62443-4-2 and address the technical implementation of protection against corruption. These include, among others:
- Documentation of all connections: Every physical, logical or indirect connection must be identified and documented to reduce potential attack surfaces.
- Integrity and authenticity: Measures such as cryptographic signatures or HMACs must ensure that data and software cannot be tampered with.
- Secure logging of incidents: Security-relevant events must be logged and stored securely to ensure traceability.
- Protection against corruption: Systems must be designed to resist corruption, whether deliberate or accidental.
The standard requires manufacturers to implement and document technical solutions in accordance with the requirements of IEC 62443-4-2.
Current status: prEN 50742
EN 50742 is currently being developed as prEN 50742 by the technical committee CENELEC CLC/TC 44X, which specializes in electrotechnical aspects of machine safety. The draft has already been approved as a new project proposal and is expected to be released for public comment in the coming months.
After completion, the standard is intended to be published as a harmonized European standard to create a presumption of conformity for the Machinery Regulation, which will help manufacturers meet legal requirements. According to the European Commission’s standardization request, harmonized standards that cover the requirements of the Machinery Regulation are to be adopted by no later than 20 January 2026.
Conclusion
EN 50742 provides an important foundation for security requirements for modern machines in the context of digitization and interconnection. It helps manufacturers meet regulatory requirements and systematically improve safety. By aligning with IEC 62443, the standard offers a practical and proven approach for implementing security requirements both technically and organizationally. Security experts and manufacturers should therefore closely monitor the development of the standard and prepare for implementation to comply with the Machinery Regulation.
Would you like to understand how EN 50742 could affect your products and development processes? You can arrange a non-binding consultation to get orientation.
