Release 2026 : 🔒 New: B&R CRA Guide for POWERLINK

Hey everyone,

we’re excited to share a brandnew B&R CRA Guide for POWERLINK the first publicly available TÜV Rheinland-verified Cyber Security guide for an industrial network fieldbus protocol.
No marketing fluff. Real evidence. Real compliance support.
Now available for the B&R Community.

POWERLINK is a proven-in-use, deterministic real-time fieldbus widely used in industrial machines. The new guide helps users and integrators align typical POWERLINK deployments with today’s Cyber Security and documentation expectations under the EU Cyber Resilience Act (CRA) - with a clear focus on secure operation in the intended machine environment.

The B&R Difference: Transparency and Evidence You Can Build On

In Cyber Security, trust isn’t built on promises – it’s built on proof. While many fieldbus communities offer marketing claims, B&R provides a documented, independently verified foundation you can confidently build your machines on.

• From Claims to Clarity – with Direct CRA Annex Mapping
  We don’t just say—we have it inspected. TÜV Rheinland confirms the technical capabilities and environmental countermeasures in the B&R CRA Guide for POWERLINK are sufficient to demonstrate conformance for POWERLINK V2 to all relevant CRA Annexes.

• Accelerate Your Compliance
  Skip the blank page. The guide provides ready-to-use STRIDE threat scenarios, mitigation strategies, and risk assessment templates – your shortcut to audit-ready documentation.

• Leverage what You Already Have
  Leave the redesign fears behind. The guide provides a clear path to address CRA requirements through your POWERLINK network, leveraging the security capabilities of Automation Runtime 6.

• Protect Performance and Compatibility
  Security without compromise. The guidance is designed for real-world industrial machines. Address CRA requirements while preserving deterministic real-time performance and full protocol interoperability

What the guide covers

• Defense-in-depth security architecture – physical, logical, device, and runtime protections
• STRIDE threat modeling for POWERLINK systems – identify and mitigate cyber risks
• Security context and intended use for typical POWERLINK deployments
• CRA requirements mapping for compliance
• Lifecycle management – secure commissioning, operation, maintenance, and vulnerability patching
• TÜV Rheinland inspected

Why this matters

POWERLINK was designed for performance - and it still delivers. The new guide helps you enhance the cyber resilience of POWERLINK-based machine networks without modifying the protocol or compromising compatibility: it outlines the typical threat scenarios for in-machine deployments, provides practical guidance on layered, system-level protections, and shows how to make best use of the built-in security capabilities of the PLC gateway running Automation Runtime.

Where to find it

B&R CRA Guide for POWERLINK

TÜV Rheinland statement

cool, was not aware of it, thanks for sharing

Hi there,
Is this a offical B&R document?
As the URL ist not B&R (linodeobjects.com) I have my doubts?

Thanks for clarification

Yes they are official B&R documents. The URL is just from the content delivery platform (CDN).

The links can also be found on the Cyber Security page of the B&R website in the “Guidelines” section:
Cyber Security | B&R Industrial Automation