March 16, 2023 / PL / reading time: 3 min

IEC 62443-2-3: These manufacturers support the standard

IEC 62443 is an international series of standards for cybersecurity in industrial automation. The goal is to identify potential vulnerabilities in industrial control and communication technology and to develop appropriate protective measures.

Here is an overview of the current IEC 62443 standards:



If you want to learn more about the standard, take a look at our Industrial IT Glossary article or read about it at the International Society of Automation (ISA).


IEC 62443-2-3: Patch Management in IACS Environments


One of these standards is Point 2-3, Patch Management in IACS Environments, which aims to close security gaps in operating systems and applications.

According to the Department of Homeland Security and the “Seven Strategies to Defend ICSs”, Configuration and Patch Management, at 29%, is the second-largest position to prevent attacks on industrial systems.

The Federal Office for Information Security (BSI) also has a corresponding component in its IT baseline protection with OPS.1.1.3: “Patch and Change Management.”

Unfortunately, this process can become very time-, personnel-, and cost-intensive if it is not automated as much as possible. With IEC 62443-2-3, the ISA99 or IEC has created a “Technical Report” with a standardized XML format that provides plant operators with the results of manufacturer compatibility tests and allows for automatic release or suppression of corresponding updates for affected systems.

This not only significantly reduces the effort of manual testing but also reduces the potential for errors in creating and maintaining the approved lists in the patch management solution.


IEC 62443-2-3 Manufacturer Overview

Below you can find a regularly updated overview of the current state of the most important manufacturers and integrators.


Manufacturer with internal testing and approvals as well as providing an IEC 62443-2-3 XML:



Manufacturer with internal tests and approvals as well as publicly available update information:


Honeywell (PDF):

ProLeiT (PDF):

Rockwell (XLS):

Schneider Electric (XLS):



Manufacturers with their own services or offers for customers:



General Electric:




Updates are considered, but no general vendor release process known:






Do you need help with patch management?

With ondeso SR you are able to patch your production computers automatically after a one-time configuration.

Are you missing a manufacturer or integrator? Write to us!

Are you a manufacturer or integrator and do you support the IEC 62443-2-3 standard? Or do you know other manufacturers that should not be missing on this list? Then send us a message and we will be happy to include you in the overview.


About ondeso

Here you can learn more about our company and our expertise as a pioneer and market leader.


More about ondeso SR

Click here for more information about our all-in-one tool for IT operations in OT.


Contact us

Would you like to learn more? Do not hesitate to contact us, we will be happy to help you.