Attacks on Operational Technology (OT) are rising and they’re getting noisier. More frequent and severe cyber events are making headlines, driven in part by easy-to-use attack tooling and broader connectivity into plants and fleets. For critical services, the risk doesn't end with data loss - it can also cause disruptions to operations and pose a threat to public safety. A compromised PLC, a downed telemetry link, or a poisoned historian can stall production, impact safety, and erode public confidence. Most breaches start small. They begin as simple footholds gained through remote access, weak segmentation, or an unpatched edge host and then cascade into outages. Industrial environments are particularly exposed for three reasons: First, legacy systems are everywhere, and they tend to live for decades. They’re reliable at the control task but brittle when asked to support modern authentication, encryption, or patching regimes. Second, the line between IT and OT has blurred. Data that used to stay on the plant floor now feeds cloud maintenance systems, dashboards, and analytics; remote vendors and engineers need access from outside the perimeter; and the old “air gap” has been replaced by VPNs, jump hosts, and wireless bridges. Third, connectivity has proliferated: radios, 5G gateways, and IIoT sensors multiply the number of endpoints you have to secure and monitor. Regulation is catching up. In the EU, NIS2 expands risk-management and reporting duties across more sectors, while the Cyber Resilience Act (CRA) sets baseline “security-by-design” obligations for products with digital elements. In the UK, the government plans for a Cyber Security and Resilience Bill that would update the 2018 NIS Regulations and tighten oversight for essential services and digital infrastructure, and many UK organisations with EU footprints will still need to meet NIS2/CRA expectations. Against that backdrop, IEC 62443 stands out as the practical, global framework that vendors, integrators and operators can use to build defensible OT networks and prove due diligence. Even if you’re UK-only, global supply chains and cross-border operations mean you’ll feel these requirements. What’s needed on the ground is a technical framework that lets vendors, integrators, and asset owners pull in the same direction. That is where IEC 62443 earns its keep: it translates policy intent into concrete engineering practices that scale across energy, transport, water, defence, and manufacturing. The Role of IEC 62443 IEC 62443 is a family of standards covering secure product development, component hardening, system architecture, and day-to-day operations across the OT lifecycle. That breadth matters because OT risk is systemic: a hardened router won’t help if an edge computer accepts unsigned updates, and a tidy policy is useless if a switch can’t enforce VLANs or role-based access. Two parts are central to this discussion: IEC 62443-4-1 covers the secure development lifecycle for suppliers. Think threat modelling, code quality, vulnerability disclosure, and update processes. IEC 62443-4-2 defines the technical security requirements for four kinds of IACS components: embedded devices, host devices (industrial computers and gateways), network devices (switches, firewalls, routers, access points), and software applications. For buyers and integrators, 4-2 is where capabilities turn into checkable requirements: identities for devices and users, least-privilege controls, integrity protection for firmware and software, encrypted communications, event logging, and resilience under load. It gives you consistent language to specify, evaluate, and accept equipment, and it gives suppliers a clear target to design to and, where appropriate, certify against. Why it matters: Vendors get a checklist for secure design and a path to third-party certification. Integrators get consistent capabilities to engineer with (e.g., role-based access, secure boot, signed firmware). Asset owners get measurable controls and clearer procurement language tied to security levels (SL1-SL4). How Security Levels Work IEC 62443 defines four security levels, SL1 to SL4, each aligned to an assumed attacker capability and the strength of controls required. In most real-world deployments, the practical targets are SL1 and SL2. They are a useful way to set expectations in procurement and design, and to keep suppliers and integrators working to the same baseline. SL1 is aimed at protection against casual or accidental misuse, so you get the fundamentals: unique device identities, authenticated administration, basic role-based access control, encrypted management, signed firmware, and audit-friendly time-stamped logs. SL2 assumes intentional attacks using simple means and raises the bar with stronger hardening, stricter password and key policies, service minimisation, integrity checks before and after updates with rollback protection, rate limiting, and reliable log export to a SOC. In practice, SL2 often suits perimeter routers, firewalls, and managed switches, and the host devices that terminate remote access or run protocol translation. SL1 can fit lower-impact monitoring nodes or non-critical distribution layers. When it comes to SL3, this level is typically associated with enterprise networks that face direct internet exposure and broader external threats, while the OT floor is more commonly engineered for SL2. For network devices, public certification listings currently show SL2 as the highest commonly available level; SL3/SL4 component certifications are rare and tend to appear in other categories such as software applications or specialised controllers. This piece focuses on IEC 62443-4-2 for networking devices and for industrial computing. IEC 62443-4-2 for Networking Devices IEC 62443-4-2, applied to networking gear such as routers, firewalls, managed switches, and wireless infrastructure, maps concrete controls to seven foundational requirements: identification and authentication, use control, system integrity, data confidentiality, restricted data flow, timely response to events, and resource availability. In practice, industrial firewalls and routers establish authenticated, encrypted tunnels; management planes enforce role-based access instead of shared admin accounts; and devices verify firmware integrity before and after updates. Managed switches follow suit: they limit and shape flows, authenticate management sessions, and emit trustworthy, time-stamped security events your SOC can consume. The OT benefits are immediate. Secure communications shrink blast radius and make lateral movement noisy. RBAC makes routine work safer and auditable, so an engineer can change a VLAN without touching VPN or firewall baselines. Event logging surfaces reconnaissance and misconfiguration early and provides the evidence trail for investigations and due diligence. Integrity protections prevent brownouts or failed updates from leaving a device in an unknown, exploitable state. This aligns with the theme of secure products and security by design. If your estate uses devices that meet, or better, are independently certified against IEC 62443-4-2, you can show auditors that identity, access, integrity, confidentiality, restricted data flow, event response, and availability are engineered in rather than bolted on. For asset owners, that translates to lower downtime risk, clearer change control, and more predictable outcomes when things go wrong. What you get in practice: Secure communications: Authenticated, encrypted sessions (e.g., TLS, VPN), device identity and certificate handling. Access control & RBAC: Accounts, roles, least-privilege and policy-based management. Event logging & monitoring: Security audit trails and time-stamped logs for investigation. Firmware/software integrity: Signed images, secure update paths, and rollback protection. These are the security by design capabilities regulators expect. NIS2 emphasises risk management and access control, and the Cyber Resilience Act pushes manufacturers to ship secure, updatable products across the lifecycle, which makes IEC 62443-4-2 devices much easier to evidence for compliance. Why SL2 Matters in Networking Versus SL1 SL1 focuses on preventing casual or accidental misuse. SL2 assumes a motivated attacker using readily available tools, so it adds capabilities that actively resist and limit attacks rather than simply coping with them. For availability, SL1 requires a device to keep essential functions going during a denial-of-service (DoS) event, whereas SL2 adds mechanisms to mitigate flooding and manage communication load, so more functions continue to operate and the device is less likely to tip over. Under identification and authentication, SL2 introduces software process and device authentication in addition to human user authentication, so components can prove themselves to each other instead of the system implicitly trusting anything that connects. This typically relies on device certificates or other cryptographic credentials. For integrity, SL2 strengthens controls around verifying the authenticity and integrity of code and updates. In practice, suppliers meet this with signed firmware and verified update workflows; many implement this as secure boot plus pre- and post-update checks and rollback protection. The point is that untrusted code does not run and tampered updates are rejected. IEC 62443-4-2 for Industrial Computing Edge hosts and industrial PCs are the control room’s workhorses. They speak awkward protocols, buffer data, run local logic, and bridge plant to enterprise. Applying IEC 62443-4-2 starts with a hardened operating system that reduces the attack surface: unnecessary services are removed, ports are closed by default, and packages are signed and verified. Secure boot ensures only trusted code runs from power-on; measured boot adds attestations you can verify remotely. Patching must be reliable and verifiable, as OT updates occur within tight windows, and you need confidence that the staged image is the one that was actually applied. Hardware matters. Trusted Platform Modules support key storage and measured boot, and modern SoCs provide additional roots of trust you can use for device identity. Lifecycle is just as important. Industrial computers live for years, so long-term kernel support, stable drivers, and documented update cadences are risk controls, not nice-to-haves. A platform designed for extended availability with security in mind lets you schedule upgrades and security work on your terms. We are talking about industrial PCs, gateways, and embedded platforms: hosts for SCADA nodes, protocol translation, one-way transfer, and edge analytics. Benefits when designed to IEC 62443-4-2: Hardened OS & apps with attack surface reduction and signed packages. Secure boot & patching so only trusted code runs, and updates are verified. Hardware roots of trust, such as TPMs, for key protection and attestation. Longevity with security: extended kernel/LTS support and vendor update policies. For UK operators, this alignment helps satisfy the direction of travel in the planned Cyber Security and Resilience Bill and mirrors EU expectations around product security and vulnerability handling under the CRA. A recurring question is the difference between “compliant” and “certified.” A compliant system is designed and documented to meet 4-2 requirements; you can map features and processes to the standard, and the supplier can explain how each control is realised. A certified system has been independently assessed against 4-2 by a recognised scheme (e.g., ISASecure or IECEE) to an explicit security level, typically SL2 for components used in most industrial contexts. Both are useful. Compliance gives you breadth of choice and can be sufficient under a risk-based approach, while certification provides higher assurance and can simplify procurement in regulated environments. Why This Matters for UK Industry Regulation is tightening, and for good reason. Obligations around risk management, incident reporting, and product security are moving from guidance to expectation. Meanwhile, attackers keep winning by finding the one soft edge host or the flat segment that links a remote site to the plant backbone. Organisations that operate in or supply into the EU will encounter similar expectations through EU market requirements. IEC 62443 helps reconcile these pressures. It provides a structured way to improve the controls that matter most: identity, access, integrity, and observability. It gives UK organisations an internationally recognised path to prepare for and demonstrate security and resilience, and it standardises procurement and supplier assurance across complex OT supply chains. The business case is straightforward risk reduction. Downtime, safety impacts, and reputational damage from OT ransomware or lateral movement are now common drivers for board-level investment. Every day of avoidable downtime in a water plant, rail depot, or manufacturing line carries direct cost, contractual penalties, and reputational harm. UK government and NCSC messaging in 2025 underscores this urgency. Building networks and compute platforms that meet IEC 62443-4-2 requirements lowers both the probability and the impact of these events and puts you on firmer ground with boards, insurers, and regulators. MOXA Cyber Secure Networking & Computing Why MOXA? Because there are mature, IEC 62443-aligned options you can deploy today. We partner with MOXA because the portfolio includes both compliant and certified choices, so you can match assurance to risk and regulation. At Impulse, we integrate and support these across UK sectors, including selected products that are fully certified to IEC 62443-4-2 SL2. On the networking side, industrial routers and switches such as: EDR-G9010 Industrial Secure Routers - The MOXA EDR-G9010 Series bring perimeter security, VPN, and L2/L3 functionality into a hardened form factor suitable for substations, remote pumping stations, and manufacturing cells. Where certification is required, models in this family are available with IEC 62443-4-2 credentials, giving you third-party assurance on the controls you depend on. IEC 62443-4-2 Security Level 2 certified; multi-port firewall/NAT/VPN + L2 switch; built on the MX-ROS platform. Ideal for creating security perimeters in substations, water, oil & gas, and factory networks. IEC 62443-4-2 Security Level 2 certified; portfolio of rugged, PoE-capable L2 switches for harsh environments (rail, power, marine). EDS-4000/G4000 Managed Switches - Managed switching is covered by families such as the MOXA EDS-4000/G4000, which are designed to align with 4-2 requirements for authenticated management, role-based access, secure firmware updates, and event logging, while also meeting the environmental standards needed for rail, marine, and power applications. VIEW ALL MOXA IEC 62443-4-2 NETWORKING DEVICES On the computing side: UC-8200 Series Arm-based Industrial Computers - MOXA’s UC-8200 Series industrial computers, including the UC-8210-T-LX and UC-8220-T-LX, illustrate what “host device” security looks like in practice. They pair a hardened Linux distribution with secure boot, signed packages, TPM-backed keys, and a long-term support model that fits OT maintenance rhythms. For use cases like protocol conversion at a feeder substation, data buffering in a trackside cabinet, or edge analytics in a plant cell, these hosts provide the security primitives you need without sacrificing reliability or serviceability. IEC 62443-4-2 Security Level 2 certified, shipping with MIL3 (Moxa Industrial Linux). Suitable for protocol gateways, edge telemetry and secure IIoT workloads. VIEW ALL MOXA IEC 62443-4-2 COMPUTERS The goal is steady progress. Move key edges and hosts to devices that implement IEC 62443-4-2 cleanly so that each change lowers risk and strengthens evidence. If you need a specific port count or mechanical format, verify the exact certification status at selection time. Impulse can advise on certified versus compliant options for the assurance level you need. Common IEC 62443-mapped features across the portfolio include authenticated management, signed firmware, RBAC, and event logging that your SOC can consume. Deployment patterns are straightforward: Rail (EN 50155 environments) - Secure routers terminate VPNs from wayside assets and segment trackside networks from enterprise IT, while UC-series computers run protocol stacks and reporting. Energy (substations, renewables) - Firewalls enforce zones and conduits between IEDs, RTUs, and the control centre, while hardened hosts run local applications with signed updates. Manufacturing (cell/line segmentation) and utilities (remote sites with VPN backhaul) - Managed switches with authenticated management and event logging give your SOC the visibility to spot lateral movement early, and certified edge routers provide the audited perimeter controls that procurement now expects. Cyber Secure Networking & Computing with Industry Insight At Impulse, we help UK organisations specify, integrate, and support IEC 62443-aligned networks and computing platforms, from architecture and product selection through build, configuration, and lifecycle management. We work with MOXA’s certified and compliant lines across UK critical industries where uptime, safety, and evidence of due diligence matter. Because we live these deployments, we also know the rough edges, such as power quality, cabinet airflow, and unmanaged expansion, and how to design them out. Our lifecycle support covers image management, configuration version control, and sparing strategies so you can maintain assurance as assets fail or expand. OT security failures rarely begin with sophisticated exploits. They start with weak boundaries, unpatched hosts, and hard-to-audit devices. IEC 62443 offers a standards-based, testable way to fix those fundamentals and align with the UK’s regulatory direction, and with EU requirements where relevant. For most programmes, the fastest progress comes from IEC 62443-4-2 at the network edge and on the host: place certified or demonstrably compliant devices at the perimeter, harden compute close to the process, and make logging and updates routine. If you are refreshing infrastructure or preparing for stricter obligations, start with the control plane, meaning routers, firewalls, switches, and industrial PCs, and insist on IEC 62443-4-2 capabilities, certified where your risk or regulators require it. If you’d like to dive deeper or if you’re planning upgrades and new deployments, explore our IEC 62443 Networking and Computing solution pages for detailed device-level information, or contact us for specialist advice. For more information, please get in touch with our knowledgeable team at 01782 337 800 or email sales@impulse-embedded.co.uk.