- TÜV SÜD confirms cyber-secure “Security by Design” development process
- Milestone for the implementation of the EU Cyber Resilience Act (CRA)
- Key criterion for selecting IT security components
Kirchheim, April 22, 2026 – genua GmbH meets the strict requirements for a consistently highly secure process for the development of IT security products for industrial automation and control systems (IACS). This has been confirmed by the independent testing service provider TÜV SÜD for the IT security specialist from Kirchheim near Munich, which is part of the Bundesdruckerei Group, through certification according to the international standard IEC 62443-4-1. This certification demonstrates that genua has implemented a documented, repeatable, and security-oriented product development process – from conception through development to support.
genua is one of the first firewall manufacturers to be successfully certified according to IEC 62443-4-1. This strengthens genua’s relationship of trust with customers in critical infrastructure, industry, and other sectors with high security requirements. For companies, the certification provides important support in implementing the European Union’s Cyber Resilience Act (CRA), which will become mandatory for mechanical engineering companies and their suppliers starting in December 2027.
Cybersecurity is an Integral Part of Product Development
The IEC 62443 series of international standards is the leading standard for security in industrial automation. Part of this series is the IEC 62443-4-1 standard: It specifies requirements for processes and measures necessary for the development of secure products for industrial automation and control systems—from the definition of security requirements through design and implementation to verification, validation, management, and end-of-life processes for products.
Successful certification by TÜV SÜD confirms that genua
- has established secure development processes and methods,
- considers safety requirements early on and documents them in a traceable manner,
- systematically applies risk and safety analyses throughout the entire product lifecycle,
- has implemented mechanisms for secure delivery, updates, and vulnerability and change management.
“Our customers benefit from clear processes and a trustworthy, reliable security strategy. They can rely on genua to implement ‘Security by Design’ throughout the entire product lifecycle,” says Matthias Ochs, CEO of genua. “For us, the IEC 62443-4-1 certification is a milestone—and a strong signal to the market. For our customers, it is verifiable proof that we take their requirements for confidentiality, integrity, and availability seriously at every stage.”
Transparent, Audited Development Processes
For operators of critical infrastructure, industrial companies, and government agencies, transparent, audited development processes are a decisive factor in the selection of security solutions. The certification reduces integration and approval risks for customers, accelerates internal review processes, and increases legal certainty when introducing security-critical components.
“The successful certification according to IEC 62443-4-1 confirms that genua GmbH has implemented and applies a consistent, security-oriented process for the development of IT security products for industrial automation and control systems (IACS),” says Christian Angerer, Senior Associate Cybersecurity at the independent testing service provider TÜV SÜD. “This makes genua one of the first manufacturers of firewall solutions whose development processes are certified according to this leading international standard.”
About the Audit
For the certification, TÜV SÜD conducts a comprehensive review of development processes, documentation, and demonstrated practices. The certification covers both organizational aspects and specific technical measures that meet the requirements of IEC 62443-4-1.
Image caption
genua is one of the first manufacturers of industrial IT security products, such as firewalls, to have been successfully certified according to IEC 62443-4-1. Pictured is the genubox remote maintenance solution. © genua GmbH