Canonical
on 18 September 2025
Canonical is proud to announce it has achieved compliance with IEC 62443-4-1 for cybersecurity in Industrial Automation and Control Systems (IACS). Building on Canonical’s existing ISO/SAE 21434 certification, this milestone expands Ubuntu’s leadership in securing critical infrastructure at the intersection of IT and operational technology (OT) environments. Achieving IEC 62443-4-1 compliance ensures Canonical solutions can be deployed with confidence across critical sectors backed by robust and long-term-supported, open source security processes.
What is IEC 62443-4-1 certification?
IEC 62443 is a globally recognized, rigorous framework for managing cybersecurity risk across the lifecycle of industrial control systems. Developed by ISA (the International Standards Society of Automation) and IEC (the International Electrotechnical Commission), IEC 62443 is a series of standards covering everything from secure product development to network segmentation and asset management, demonstrating that the organization’s policy and procedures, system architecture, components, and evaluation methods are designed to defend critical infrastructure against threats. IEC 62443-4-1, in particular, is the part that specifies the process requirements for the secure development of products used in industrial automation and control systems.
The Canonical Security Management System establishes a fully-certified ISO/SAE 21434 and IEC 62443-4-1 framework demonstrating our commitment to systematic security governance, risk assessment, vulnerability management, and lifecycle security assurance for automotive and industrial software products. These reliable processes are based on Canonical’s Secure Software Development Lifecycle (SSDLC) and Ubuntu Pro services for vulnerability management.
The audit for the IEC 62443-4-1 certification was conducted by TÜV SÜD. The certification is part of Canonical’s long-term dedication to cybersecurity across heavily regulated industries. Combined with our recently awarded ISO/SAE 21434 certification for automotive, this IEC 62443-4-1 certification reflects a coordinated effort to deliver securely-designed solutions across a wide range of industries, especially those facing multiple overlapping regulations like the Cyber Resilience Act (CRA) and the Radio Equipment Directive (RED).
These processes translate naturally into industrial-grade controls, such as threat modeling, security update management, security-related issues management, security guidelines and lifecycle management. Canonical open source solutions with IEC 62443-4-1 compliance enable asset owners to tailor systems across multi-vendor environments, providing a hardened, software-defined foundation for HMI, PLC, and edge-compute solutions in harsh industrial settings. Canonical solutions act as a benchmark for industrial-grade compute stacks, allowing ecosystem partners and original equipment manufacturers (OEMs) to accelerate innovation when building secure control systems.
“As a ctrlX World partner, Canonical supports the security and reliability of our automation solutions. Ubuntu Core is the securely-designed, containerized Linux behind our operating system ctrlX OS. Canonical’s IEC 62443-4-1 compliance aligns perfectly with our own cybersecurity commitments for the launch of our new ctrlX OS 3.6 LTS release,” said Steffen Münch, Lead Development and Security Operations at Bosch Rexroth. “This complements our IEC 62443 certifications and allows us to deliver long-term, industrial-grade automation solutions that meet the highest standards for security, interoperability, and lifecycle support.”
Ubuntu Pro for Devices offers extended support and patching, critical for long-lived industrial systems operating for 20+ years.
About Canonical
Canonical, the publisher of Ubuntu, provides open source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.
Learn more at canonical.com
