Westermo has secured IEC 62443-4-2 Security Level 2 (SL2) certification for its Viper-3000 series of Ethernet switches, alongside its WeOS 5 operating system, positioning the milestone as a step-change in cyber assurance for onboard rail and other mission-critical environments. The company says the range spans more than 40 variants designed for train networks and rolling stock, where connectivity failures are operational problems and security failures are reputational ones.
The certification is rooted in the IEC 62443 family’s component-level requirements for industrial automation and control system (IACS) elements, including embedded devices and network components, with coverage that spans authentication, access control, data integrity, and protection against unauthorised access. For rail integrators, Westermo is explicitly selling the compliance mechanics as well as the technical result: certified components can reduce friction when pursuing system-level certification under IEC 62443-3-3, and they provide a clearer evidence trail for customers and assessors.
Niklas Mörth, CISO at Westermo, tied the announcement to the company’s secure development lifecycle work: “In accordance with our structured secure development practices under IEC 62443-4-1, we are now proud to deliver our first IEC 62443-4-2 Security Level 2 certified products. These include advanced security features such as Secure Boot, Encrypted Key Handling, and Integrity-Validated Configuration.”
Those features matter because the threat model for rolling stock networks is no longer confined to accidental misconfiguration and cable damage. Modern train architectures are dense with IP-connected subsystems, remote diagnostics, and long service lives, all of which create a large, slow-moving attack surface. Westermo is leaning into that reality by highlighting documentation, certificates, and transparency as part of the deliverable, not optional extras.
Anders Hanberg, product manager at Westermo, said: “The IEC 62443-4-2 certification for the Viper-3000 series, together with WeOS 5, is the result of years of engineering focus on secure design principles. It validates our commitment to delivering products that not only meet but exceed the cybersecurity expectations of our rail customers.” The next question, as ever, is whether the wider rail supply chain standardises on component-level assurance as a procurement baseline, or continues to treat certification as something you chase only once the customer has already put it in the contract.
