Security concepts
Secure focus on access
To ensure comprehensive safety, holistic safety concepts for safety and industrial security on machines are required. Authorizations and access must be clearly regulated.
In the production environment, guards give people a clear signal that there is a sensitive area behind the safety gate and that caution is therefore required. Here, people are given access to the process behind the safety fence via a human-machine interface or a key. But what if the person is not qualified or authorized to do so and would put themselves or other people in danger? When it comes to access authorization, it becomes clear that safety and industrial security should be closely intertwined. What's more, industrial security ensures the integrity of safety on the machine. In production, for example, it protects machines or systems against unauthorized access from outside and sensitive process and machine data against falsification, loss and unauthorized access internally. This includes both explicit attacks and unintentional security incidents.
Safety and industrial security belong together
Industrial security will become mandatory by 2027 at the latest with the new Machinery Directive. In addition, various C standards stipulate that different operating modes must also include corresponding safety functions. Operating modes can be automatic mode, manual intervention under restricted conditions or service mode, for example. EN ISO 16090-1 for machining centers and special machines prescribes at least two operating modes for machines in order to ensure functional safety. It is important that only one operating mode is selected and active at any one time and that this is clearly displayed.
Different groups of people who come into contact with the machine are defined in order to regulate access. These include, for example, operating, cleaning or maintenance personnel. They are then assigned to a group according to their individual tasks or qualifications. Depending on the size of the company, approvals or access rights can be assigned to different user groups or, for example, to a machine type that is used throughout the group. In the course of a risk assessment, security experts estimate and evaluate the risk of anonymous access for each hazard. Measures are then defined in accordance with the state of the art and in compliance with harmonized standards to reduce the risk.
User-friendliness versus manipulation
When implementing the measures, it is important to ensure handling and usability for users during operation in order to prevent tampering. For design engineers, this already applies to the development process. Intuitively operable systems prevent safety precautions from being circumvented or machines from being operated incorrectly.
In addition, a well thought-out safety system plays a role in efficient processes without unnecessary downtimes. The topic of "bypassing safety guards" is therefore also a central point of EN ISO 14119: the standard defines guidelines for the design and selection of safety gate systems and thus offers concrete assistance on how to prevent tampering.
To prevent access doors from being opened deliberately or accidentally, they are secured with safety gate systems. Modular safety gate systems not only allow customized solutions, but also combine safety and industrial security with the appropriate extensions. They therefore offer the flexibility and decentralized intelligence to safeguard a wide range of applications. A "modular system for safety gate protection" from Pilz, for example, combines sensors, escape release, door handles and operating and push-button units. Depending on the application, the required components can be put together to create a customized solution.
Modular safety gate systems offer added industrial security if they include the issue of access authorization. Basically, intuitive operating systems come into play here. Protection against unauthorized access is implemented in conjunction with an operating mode selection and access authorization system. One such solution is the devices in the PITmode product group from Pilz, which enable switching between defined operating modes and control of access authorization. Each user receives their individually coded RFID transponder, which enables unique user authentication and thus prevents tampering.
Tracking for emergencies and careful administration
It is good if security aspects are also taken into account with regard to user authentication, qualification and access protection. Should an accident or security incident occur on the machine despite all safety measures, Pilz can trace who made which change by reading the RFID transponder. If this optional function is required, the control system also records the time of access in the internal, unchangeable audit trail (event log) based on the authentication. The possibilities of Pilz Identification and Access Management even extend to the release of special industrial USB ports, one of the main gateways for security incidents.
For a high level of safety and industrial security, it is necessary to design security concepts holistically and regularly review them to ensure they are up to date. An important building block is identification and access management, which clearly regulates authorizations and access within a company.
Christoph Baumeister, Product Management Operating and Monitoring and Tools, Pilz
You might also be interested in
European companies prioritize security over growth
With the integration of artificial intelligence (AI) into business-critical processes, European companies are shifting their priorities. Instead of pure innovation projects, the focus is increasingly on security, governance and scalability.
read more...NIS2 meets store floor
The NIS2 directive significantly increases the requirements for OT security. This article shows how companies can combine structure, verifiability and practical relevance with IEC 62443-2-1 - from governance to auditability on the store floor.
read more...From risk to resilience
NIS2 significantly increases the requirements for industrial security concepts. In addition to cyber resilience, physical access protection is becoming increasingly important.
read more...Security Operations Center module
When cyber attacks reach production
Adlon is further developing its Security Operations Center and adding another module to the existing Managed SOC for Microsoft 365 environments (based on Managed XDR): Managed SOC Advanced.
read more...Kisters at the Hannover Messe 2026
Protection of 3D CAD data in product development
The protection of design data is becoming increasingly important in cross-company exchange. Today, modern software solutions offer a wide range of technologies to effectively protect 3D CAD data from unauthorized access and reverse engineering.
read more...Cyber threats: Four key trends 2026
Autonomous AI agents, industrialized cybercrime and attacks on critical infrastructures are rapidly changing the threat situation. Why cybersecurity will only work at machine speed in 2026.
read more...Demir Imeroski takes over management of the Hamburg branch
With effect from September 1, 2026, Demir Imeroski will take over the management of the Hamburg branch of Assa Abloy Sicherheitstechnik in addition to his role as Head of Client Operations. He succeeds Klaus Germer, who is taking his well-deserved...
read more...Criminals use AI systematically
Trend Micro warns in a new study of the increasing professionalization of AI-supported cybercrime. Deepfakes, fraud and malware are gaining in importance.
read more...Lifecycle management and safe IO-Link communication
At SPS, Pilz will be presenting solutions that combine safety and security in production. The focus is on the digital Myzel Lifecycle Platform, a SaaS offering for the management of machinery and personnel over the entire lifecycle.
read more...