Advantech uses this interview to frame cybersecurity as a core requirement for industrial IoT rather than an optional add-on, with a focus on the EU Cyber Resilience Act (CRA) and how it will impact switches, routers and embedded PCs across factories and infrastructure. Marco Zampolli explains that Advantech already offers CRA-oriented hardware such as IEC 62443-aligned AK industrial switches and secure routers, and that the company is standardising on an AI-powered security runtime, developed with AI EdgeLabs, to continuously monitor device behaviour at the edge. https://campaign.advantech.online/en/global/intelligent-connectivity/cybersecurity/
The security runtime runs up to 25 AI models in parallel directly on the embedded PC, profiling normal traffic and system behaviour and flagging anomalies that could indicate a cyberattack or misconfiguration. Because inference happens locally, plants can still enforce policies and detect threats even with intermittent connectivity, which is crucial for remote sites and OT networks. The runtime is intentionally lightweight, with minimal CPU and storage footprint, so it can be added to existing industrial PCs and gateways without sacrificing real-time performance, making it suitable for brownfield deployments in production.
Filmed at SPS 2025 in Nuremberg, the demo also highlights Advantech’s device portal, which aggregates alerts and status from fleets of deployed systems into a single dashboard. Operators can see incidents on individual devices, track recovery actions, and generate the audit trails that regulators and customers increasingly expect. This ties directly into CRA requirements around incident reporting, lifecycle management and transparent handling of vulnerabilities across all products with digital elements in operation.
Zampolli stresses that the CRA is not only about products but also about “security by design” inside the manufacturer: internal cybersecurity committees, secure development workflows and documented vulnerability management. Advantech aligns this with standards such as IEC 62443 and uses common vulnerability databases (CVEs) to patch issues, targeting mitigation within roughly 48 hours once a problem is identified. In practice, this means coordinated firmware updates, secure boot chains and continuous monitoring are treated as part of the product lifecycle rather than afterthoughts in the organisation.
For machine builders and industrial end users, the key message is that becoming CRA-ready by the 2027 deadline does not necessarily require ripping out existing equipment. By choosing vendors that already embed CRA thinking into their hardware, software and organisational processes, most of the cost lies in adapting workflows: how applications are developed, how machines are bundled, and how updates and reports are handled. Advantech’s promise in this conversation is that, with the right partner and a security runtime that can be rolled out via software update, brownfield plants can move towards CRA-compliant, AI-assisted industrial cybersecurity with limited disruption to daily operation.
