With the introduction of a new Machinery Regulation, cybersecurity in the field of Operational Technology (OT) is assuming an increasingly critical role, with the prospect of becoming a fundamental requirement for the entire industry.
The Machinery Directive, also known as Directive 2006/42/EC, was conceived to ensure the safety of individuals (safety). However, the advent of new technologies such as artificial intelligence and the growth of sectors like the Internet of Things (IoT) and robotics have necessitated the regulation of procedures and limits in this new dimension of human interaction. Machines, now more than ever, resemble scenarios from past science fiction visions, raising concerns about their uncontrolled interaction with the human ecosystem.
Perhaps the most significant aspect of this new hybrid scenario that concerns industry professionals the most is related to cybersecurity. The introduction of a new Machinery Regulation (Regulation of the European Parliament and of the Council on machinery products) aims to assess the impacts related to the safety and cybersecurity of these technologies, further contributing to the digital transformation.
It is important to note that, being a regulation, the new text will be directly applicable in all European Union member countries after its entry into force. The document in question consists of 52 articles and 11 Annexes.
The revision proposal has been guided by several key factors, including:
1. New risks associated with emerging technologies, such as the increasing collaboration between humans and machines, known as CO-BOTS.
2. A significant increase in connectivity among the machines themselves.
3. A greater presence of software in machines, accompanied by the need for frequent updates.
4. An increase in the presence of autonomous movements and machines.
The introduction of this new landscape has revealed some legislative gaps in the previous directive, particularly regarding the obligations imposed on distributors, importers, and manufacturers, as well as new concepts like "EU Conformity" and definitions such as "substantial modification" and "quasi-machine." These have been reviewed and updated in the new Regulation to ensure the compliance of machines with the Essential Health and Safety Requirements (EHSR).
The new Regulation leans towards almost exclusively digital documentation, taking into account new digital technologies and the environmental and cost advantages they offer. It is expected that the proposal will be aligned with existing cybersecurity regulations, such as the General Regulation 2019/881. This aspect will be discussed more comprehensively in subsequent related articles.
In conclusion, the new Machinery Regulation aims to address emerging challenges related to safety and cybersecurity in the OT field, enabling the industry to adapt to new technologies and ensure compliance with essential health and safety requirements. This initiative reflects the European Union's ongoing commitment to promoting the safety and quality of industrial products in the rapidly evolving digital era.