Taipei, Taiwan, June 23, 2026—Moxa Inc., a leader in industrial communications and networking, has achieved a significant industry milestone by securing dual IEC 62443-4-1 Maturity Level 3 (ML3) certifications. Recognized by both the IECEE Certification Body Scheme and ISA Security Compliance Institute (ISCI/ISASecure), this dual recognition validates Moxa's rigorous Secure Development Life Cycle (SDL). Furthermore, Moxa distinguishes itself as a premier provider of secure infrastructure, offering proven, auditable cybersecurity capabilities throughout its product life cycle.

ML3 represents an advanced maturity level within IEC 62443-4-1, demonstrating that the organization has thoroughly embedded its SDL. Achieving ML3 shows that Moxa has implemented a standardized, secure development life cycle across the entire company, which is continuously practiced, reviewed, and improved. This level of maturity includes comprehensive SDL governance, mandatory threat modeling and risk traceability, formalized operations of the Product Security Incident Response Team (PSIRT), ongoing vulnerability and patch management, and integrating supply-chain security.

The ISASecure SDLA further reinforces this by validating that the SDL is not just defined, but also independently audited and put into practice. This confirms Moxa's expertise in managing vulnerabilities and providing timely security patches across a product's decades-long life cycle. Achieving dual IEC 62443-4-1 ML3 certifications signifies strong engineering discipline at scale and builds greater confidence across the supply chain.

"Achieving IEC 62443-4-1 ML3, regarded as the baseline for critical infrastructure, is a significant accomplishment that requires a deep, thorough, and organization-wide commitment to cybersecurity," Andy Tsai, regional senior director of UL Solutions at Taiwan. "We're honored to have conducted evaluations for Moxa that enabled Moxa to obtain IEC 62443-4-1 ML3 certification from both IECEE and ISASecure, demonstrating Moxa's rigorous secure-by-design approach and life-cycle product security management."

UL Solutions is a global safety science leader and accredited Certification Body (CB) that evaluates, tests, and certifies products to international standards.

"Achieving the dual certifications of IEC 62443-4-1 ML3 from IECEE and ISASecure is a proof of our evidence-based security practices and the deep competence and expertise of our team," said John Chang, director of R&D Management and Product Security Center at Moxa. "The remarkable milestone also proves our strategic commitment to shaping the future of operational technology (OT) cybersecurity from the ground up, ensuring our products are secure by design to become the secure foundation of the world's most critical infrastructure."

The standards-based secure development approach positions Moxa and its customers to meet evolving requirements more efficiently. New regulations, such as the EU's Cyber Resilience Act (CRA), are setting higher standards for cybersecurity governance and how products are managed throughout their life cycle. Compliance in this context means proving that products are developed with security in mind from the start, with ongoing efforts in patch management, vulnerability response, and post-market security maintenance.

Moxa's early and deep investment in the IEC 62443 framework—dating back to 2016—demonstrates a proactive rather than reactive culture. Through these achievements, Moxa is now recognized not only for industrial communication and networking hardware but also as a reliable, secure infrastructure provider adept at bridging IT and OT security, thereby simplifying procurement, shortening security due diligence cycles, and commanding higher trust in long life-cycle deployments (10 to 20 years). For more information about Moxa's commitment to CRA readiness, visit the Moxa Cyber Resilience Act (CRA) Portal.