Cybersecurity has been identified as one of the standardization priorities, since cyber-threats impact a multitude of sectors. Cybersecurity and data protection are rapidly growing and changing technical and application domains. The threats and requirements are increasing dramatically with the progress of digitalization and the rising number of critical assets digitalized and accessible online. Therefore, protection is expected from citizens but also industry and even governments.
CEN-CLC/JTC 13 ‘Cybersecurity and data protection’ is the CEN and CENELEC horizontal technical committee that addresses these needs. Its primary objective is to transport relevant international standards (especially from ISO/IEC JTC 1 SC 27) as European Standards (ENs) in the Information Technology (IT) domain. It also develops ‘homegrown’ ENs, where gaps exist, in support to EU regulations (RED, eIDAS, GDPR, NIS, etc.). These two streams of activities aim at creating a strategic portfolio of standards in Europe, which fits the European needs. CEN-CLC/JTC 13 works closely with ENISA (The European Union Agency for Cybersecurity) in the context of the European certification schemes, and with the European Commission, in the frame of the cybersecurity-related standardization request under the Radio Equipment Directive (RED).
CLC/TC 65X ‘Industrial-process measurement, control and automation’ is the other main provider of cybersecurity-related standards in the Operational Technology (OT) domain. It prepares standards for systems and elements used for industrial process measurement, control and automation. It has created the EN IEC 62443 series of standards for Operational Technology (OT) found in industrial and critical infrastructures, including but not restricted to power utilities, water managements systems, healthcare and transport systems.
CLC/TC 47X ‘Semiconductors and Trusted Chips Implementation’ is a key provider of cybersecurity-related standards in the semiconductor (chip) domain. This committee prepares standards aimed at fostering the development and use of trustworthy semiconductor devices for microelectronics and embedded systems within the European Union, focusing on improving security, privacy, and resilience against cyber-attacks.
TC 47X's work is part of a broader effort by the European Union to enhance cybersecurity and protect critical infrastructure against cyber threats. By establishing robust standards, TC 47X aims to ensure that semiconductor devices are secure and reliable, thereby supporting the overall goal of safeguarding digital infrastructure. The committee collaborates with industry experts, academic institutions, and other stakeholders to continuously update and refine its standards. This collaborative approach ensures that the standards remain relevant and effective in addressing emerging threats and technological advancements. The initiatives undertaken by TC 47X are crucial in addressing the growing challenges posed by cyber threats.
By promoting the development of secure and trustworthy semiconductor devices, the committee helps to ensure that the European semiconductor industry remains at the forefront of technological advancements while maintaining high security standards.
