Skip to main content
  1. Blog
  2. Article

Canonical
on 18 September 2025

Canonical achieves IEC 62443-4-1 compliance in Industrial Automation and Control Systems


Canonical is proud to announce it has achieved compliance with IEC 62443-4-1 for cybersecurity in Industrial Automation and Control Systems (IACS). Building on Canonical’s existing ISO/SAE 21434 certification, this milestone expands Ubuntu’s leadership in securing critical infrastructure at the intersection of IT and operational technology (OT) environments. Achieving IEC 62443-4-1 compliance ensures Canonical solutions can be deployed with confidence across critical sectors backed by robust and long-term-supported, open source security processes.

What is IEC 62443-4-1 certification?

IEC 62443 is a globally recognized, rigorous framework for managing cybersecurity risk across the lifecycle of industrial control systems. Developed by ISA (the International Standards Society of Automation) and IEC (the International Electrotechnical Commission), IEC 62443 is a series of standards covering everything from secure product development to network segmentation and asset management, demonstrating that the organization’s policy and procedures, system architecture, components, and evaluation methods are designed to defend critical infrastructure against threats. IEC 62443-4-1, in particular, is the part that specifies the process requirements for the secure development of products used in industrial automation and control systems.

The Canonical Security Management System establishes a fully-certified ISO/SAE 21434 and IEC 62443-4-1 framework demonstrating our commitment to systematic security governance, risk assessment, vulnerability management, and lifecycle security assurance for automotive and industrial software products. These reliable processes are based on Canonical’s Secure Software Development Lifecycle (SSDLC) and Ubuntu Pro services for vulnerability management.

The audit for the IEC 62443-4-1 certification was conducted by TÜV SÜD. The certification is part of Canonical’s long-term dedication to cybersecurity across heavily regulated industries. Combined with our recently awarded ISO/SAE 21434 certification for automotive, this IEC 62443-4-1 certification reflects a coordinated effort to deliver securely-designed solutions across a wide range of industries, especially those facing multiple overlapping regulations like the Cyber Resilience Act (CRA) and the Radio Equipment Directive (RED).

These processes translate naturally into industrial-grade controls, such as threat modeling, security update management, security-related issues management, security guidelines and lifecycle management. Canonical open source solutions with IEC 62443-4-1 compliance enable asset owners to tailor systems across multi-vendor environments, providing a hardened, software-defined foundation for HMI, PLC, and edge-compute solutions in harsh industrial settings. Canonical solutions act as a benchmark for industrial-grade compute stacks, allowing ecosystem partners and original equipment manufacturers (OEMs) to accelerate innovation when building secure control systems.

“As a ctrlX World partner, Canonical supports the security and reliability of our automation solutions. Ubuntu Core is the securely-designed, containerized Linux behind our operating system ctrlX OS. Canonical’s IEC 62443-4-1 compliance aligns perfectly with our own cybersecurity commitments for the launch of our new ctrlX OS 3.6 LTS release,” said Steffen Münch, Lead Development and Security Operations at Bosch Rexroth. “This complements our IEC 62443 certifications and allows us to deliver long-term, industrial-grade automation solutions that meet the highest standards for security, interoperability, and lifecycle support.”

Ubuntu Pro for Devices offers extended support and patching, critical for long-lived industrial systems operating for 20+ years.

Learn about Ubuntu Pro for Devices

About Canonical

Canonical, the publisher of Ubuntu, provides open source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.

Learn more at canonical.com

Related posts


Rhys Knipe
7 July 2026

Ubuntu Server: a platform made for enterprise scale

Ubuntu Article

A platform is an environment that allows software to run smoothly across the infrastructure, runtime, and application layers. The key word there is “smoothly”: a good platform connects those layers so well that you don’t notice it. That’s what Ubuntu Server has become: the essential layer between bare metal and the apps running on top, ...


Canonical
6 July 2026

Building an open source chain of trust: new research uncovers key blockers and ways forward

Canonical announcements Article

Canonical is pleased to share its latest research report, “The open source chain of trust.” Based on a survey of 500 DevOps professionals, the report highlights how organizations approach their open source software supply chains. While many companies are moving toward verifiable provenance and automated security workflows, internal misali ...


Jaume Rafols
6 July 2026

Beyond safety and security: Why automotive open source demands dependability 

Automotive Article

In the traditional automotive world, teams often work in silos: the cybersecurity experts lock down the ports, the quality assurance teams hunt for bugs, and the functional safety engineers track the ISO 26262 compliance. At Canonical, we believe this fragmented workflow causes friction rather than collaboration. ...