German Machine Builders Face Tight Cyber Deadlines as EU’s New Safety Rules Take Shape
Veröffentlicht: 27.06.2026 um 03:27 Uhr, Redaktion boerse-global.de
From September 11, 2026, German machinery manufacturers will have to report actively exploited vulnerabilities and serious security incidents to authorities. The obligation flows from the Cyber Resilience Act (CRA), which entered into force in December 2024. Full compliance—including security-by-design requirements and software bill of materials (SBOMs)—becomes mandatory in December 2027.
The reporting duty is one piece of a broader regulatory overhaul hitting the sector. In January 2027, the new EU Machinery Regulation 2023/1230 takes effect with no transition period, replacing the long-standing Machinery Directive 2006/42/EG. A key change: functional safety and cybersecurity are now tightly linked. Certification for some components, such as small controllers, is already available under the updated safety articles.
Earlier, in June 2026, the revised DIN EN 60204-1 (VDE 0113-1) came into force, redefining safety requirements for electrical equipment on machinery. The update affects control systems, electromagnetic compatibility (EMC), protective bonding, and technical documentation. Manufacturers must carry out specified tests before handover or acceptance and after significant modifications. For first-time commissioning, the German Ordinance on Industrial Safety and Health (BetrSichV) remains decisive: employers need a safety assessment covering a hazard analysis, protective measures based on the state of the art, and an inspection by a competent person under technical rule TRBS 1203. The exact inspection intervals depend on the company’s individual risk assessment.
With risk assessments now a central requirement under the updated regulations, having the right templates can make compliance straightforward. A free Risk Assessment Toolkit offers 41 ready-to-use checklists and templates to document hazards and protective measures efficiently. Download the free Risk Assessment Toolkit
Smaller companies got some relief at the end of May 2026. An amendment to the Social Code Book VII (SGB VII) raised the threshold for appointing safety officers from 20 to 50 employees. Businesses with fewer workers are no longer automatically required to designate such personnel, though they still must assign someone if special hazards exist.
The employers’ liability insurance association BG ETEM has approved a new risk tariff for 2027 through 2032. Electrical installations are grouped into risk class 9.07. After the third year, companies can claim an 18 percent contribution discount. To assist with the transition, the BGHM (another trade association) offers basic seminars—one is scheduled for early July in Saarbrücken.
On the technology front, plant builders are increasingly integrating autonomous mobile robots (AMR) into their systems. Newer models can navigate aisles narrower than 1.2 meters, using 360-degree scanners to avoid obstacles. Motor-drive combos now achieve efficiency class IE5+ over a power range up to 3.7 kW.
Software vendors are also responding to the complex safety requirements. New environment, health, and safety (EHS) applications for proactive risk management are expected from August 2026. They automate incident reporting and coordinate follow-up training.
Disclaimer zu unseren Artikeln: Keine Anlageberatung, keine Kauf oder Verkaufsempfehlung. Angaben zu Kursen, Unternehmen und Märkten ohne Gewähr; Änderungen jederzeit möglich. Börsengeschäfte können zu hohen Verlusten führen. Unsere Beiträge werden ganz oder teilweise automatisiert mit Unterstützung von AI erstellt und geprüft.
