The Crosswalk

    IEC

    IEC 62443-4-1

    Source

    Secure product development lifecycle for industrial automation, applied to medical

    Last updated ·

    What it is

    Parent standard underpinning IEC 81001-5-1. Defines the secure development lifecycle for OT and is widely used as evidence of mature SDLC across industries.

    Why it matters

    Recognised by the FDA as supporting evidence for the SPDF, and frequently cited by Notified Bodies in the EU.

    Adopted or referenced by

    FDA (supporting) EU Notified Bodies PMDA (via 81001-5-1)

    Key clauses

    Maturity levels

    Practices rated ML1–ML4; ML3+ expected for connected devices.

    Threat modelling

    Mandatory throughout the lifecycle.

    Component requirements

    Pairs with 62443-4-2 for technical security requirements.