🇪🇺 The EU Machinery Regulation 2023/1230 is coming

Behind the scenes of European machine safety, more is changing than expected

When I walk through modern industrial facilities, the first thing I usually notice is the large robots. But the more exciting developments are happening at the regulatory level. In January 2027, a new EU regulation on machine regulation will come into force, and it is not just a minor revision. It marks a fundamental change in the way Europe thinks about machine safety. I wanted to understand what exactly is happening and who it affects.

Regulation 2023/1230 replaces the Machinery Directive from 2006. That may sound technical, but it has a real impact on anyone who works with or manufactures modern machinery. The reason: machines have changed fundamentally. They are networked. They learn through artificial intelligence. They are attacked by hackers. The old regulations from 2006 were not prepared for this reality.

What exactly is the difference between a directive and a regulation?

This is more than just semantics. Each EU country had to transpose the previous Machinery Directive 2006/42/EC into its own national law. In Germany, this became the Product Safety Regulation. In France, it was a different version. In Poland, it was yet another. Each country interpreted the requirements slightly differently.

A regulation works differently. It applies directly. No national implementation, no room for interpretation. The EU Commission can also adapt it more dynamically. That was one of the goals: clear, uniform rules instead of a patchwork quilt.

The regulation was published in the Official Journal on June 29, 2023. Manufacturers have until January 20, 2027, to bring their machines into compliance. That's 42 months. For some, that's a lifetime; for others, it's far too short.

Cybersecurity suddenly becomes a manufacturer's obligation

This is the key innovation, and this is where it gets interesting. For the first time, software and digital components are explicitly defined as safety elements. This means that a machine must not only protect against accidents, but also protect itself against digital attacks.

Specifically: Manufacturers must design machines in such a way that not just anyone can “hack” into the control system. Safety-related data must not be manipulable. The machine must be able to detect or at least record when someone attempts to tamper with it.

That's new. It's a real problem for many machine manufacturers because they didn't need IT security experts to the same extent as they do now. A machine manufacturer whose core competence is mechanics now also has to take cybersecurity seriously.

The hidden innovation: autonomous and networked machines

What is often overlooked in public debate is the explicit addressing of autonomously driving or working machines. These systems are no longer primarily mechanically controlled, but rely on sensors, cameras, and algorithms.

An autonomous forklift in a warehouse or a cleaning robot in a factory is essentially a mobile computer system. The new regulation requires manufacturers to specifically address these new types of machines. How does an autonomous forklift react when GPS signals are disrupted? What does it do when a safety algorithm crashes?

What's more, networked machines must be able to protect themselves against viruses, Trojans, and other cyber threats. This is groundbreaking for a regulation that didn't even have the internet in mind 20 years ago.

Human-robot collaboration: When machines work alongside humans

So-called cobots, or collaborative robots, have long been a reality. They work right alongside humans, some even physically interacting with them. If a cobot suddenly performs an uncontrolled movement due to a software error, this can be dangerous for the person working next to it.

The new regulation takes this situation seriously and sets out specific requirements for safety logic and control systems. Manufacturers must document how they ensure that an AI-controlled robot does not compromise safety if something goes wrong.

Artificial intelligence in machine control

Another hot topic is AI. Machines are increasingly using machine learning and other AI techniques. The new regulation creates an interface with the EU AI Regulation. This means that a machine manufacturer who uses AI must now comply not only with the Machinery Regulation but also with the AI Regulation. This creates additional compliance requirements.

Who is now the addressee of the regulation?

This is not trivial. The regulation is not only aimed at manufacturers. The range of addressees is broader:

Manufacturers have obvious obligations. But importers and distributors who bring machines into the EU also have responsibilities. Online and brick-and-mortar retailers must check whether a machine is compliant. Operators who equip old machines with new control software become manufacturers themselves. This is a critical point that is often overlooked.

The practical challenges for the industry

Let's be honest: this transition is a big deal for the mechanical engineering industry. Manufacturers need to rethink their development processes. IT security may have been an issue for larger companies in the past. Now it is mandatory for everyone, including small and medium-sized enterprises.

This comes at a cost. New specialists must be hired or external companies commissioned. Validation and testing processes are becoming more complex. Small businesses often suffer more than large corporations with established resources.

The EU has recognized this and is therefore allowing for a gradual transition. Manufacturers can already design their machines in accordance with the new regulation. For manufacturers involved in series production, there is also the option of a combined declaration of conformity covering both the old and new regulations.

Interfaces to other regulatory frameworks

The Machinery Directive does not exist in isolation. It is linked to other EU regulations:

The AI Act addresses AI security in general. The Cyber Resilience Act regulates cybersecurity for networked products. The Radio Equipment Directive is relevant for machines with radio connections. For a modern company, this means that compliance requirements are multiplying. It is no longer enough to understand just one regulation.

Conclusion: A turning point for machine safety

The new regulation is not simply an administrative innovation. It reflects the fact that today's machines are no longer just metal and mechanics. They are intelligent, networked systems with their own safety risks.

The point is: cyber security will no longer be an optional extra from 2027 onwards. It will become a mandatory requirement for manufacturers. This will change the industry.

For companies, this means one thing: now is the time to act. The 42 months until January 2027 may seem like a long time, but for machine manufacturers with long development cycles, it is actually very tight. Those who wait until 2026 will come under pressure.

One question remains unanswered: Are technical regulations alone sufficient? Or do we also need a genuine culture of safety in the industry that goes beyond the minimum requirements?

Primary sources:

1. EUR-Lex: Regulation (EU) 2023/1230
   https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32023R1230
2. Wikipedia: Regulation (EU) 2023/1230 (EU Machinery Regulation)
   https://de.wikipedia.org/wiki/Verordnung_(EU)2023/1230(EU Machinery Regulation)
3. OSHA Europe: Regulation 2023/1230/EU – Machinery
   https://osha.europa.eu/de/legislation/directive/regulation-20231230eu-machinery

Secondary sources – specialist analyses:

4. WEKA Product Safety: EU Machinery Regulation 2023/1230 – Digital Safety
   https://www.weka.de/produktsicherheit/maschinenverordnung-eu-2023-1230-anforderungen-an-digitale-technologien-und-cybersicherheit/
5. Schneider Electric: Differences between Machinery Directive 2006/42/EC and Machinery Regulation 2023/1230
   https://www.se.com/de/de/faqs/FAQ000261767/
6. Eticor: EU Machinery Regulation 2027 – Overview of obligations
   https://eticor.com/de/blog/die-eu-maschinenverordnung-2027
7. NTT Data: EU Machinery Regulation 2023/1230 – New cybersecurity requirements
   https://ch.nttdata.com/insights/blog/eu-maschinenverordnung-2023-1230-neue-cybersecurity-anforderungen-fuer-hersteller-ab-2027

Chamber of Commerce and Industry associations and industry organizations:

8. IHK Lippe-Detmold: New EU Machinery Regulation – Transition Analysis
   https://www.ihk.de/lippe-detmold/hauptnavigation/beraten-und-informieren/innovation-und-digitalisierung/aktuelles2/neue-eu-maschinenverordnung-5683128
9. Halle Chamber of Industry and Commerce: Machinery Regulation (EU) 2023/1230 to come into force in 2027
   https://www.ihk.de/halle/produktmarken/innovation-und-infrastruktur/produktsicherheit-ce-kennzeichnung/maschinenverordnung-5886622
10. Nuremberg Chamber of Industry and Commerce: Information sheet on Regulation (EU) 2023/1230 on machinery (PDF)
    https://www.ihk-nuernberg.de/fileadmin/IHK_Nuernberg/Innovation-Technologie-Forschung/Merkblaetter/Merkblatt-EU-Maschinenverordnung.pdf
11. Regensburg Chamber of Commerce and Industry: New Machinery Ordinance mandatory from January 2027
    https://www.ihk.de/regensburg/branchen/industrie/maschinenrichtlinie-2023-4527202

Industry information and technical analysis:

12. ESA Automation: How the automation industry is changing
    https://www.esa-automation.com/de/neue-eu-maschinenverordnung-wie-sich-die-automatisierungsindustrie-verandert/
13. Conrad: New EU Machinery Regulation – Requirements & Timeline
    https://www.conrad.de/de/ratgeber/industrie-40/eu-maschinenverordnung.html
14. Mechanical engineering: Cybersecurity at the machine level
    https://der-maschinenbau.de/allgemein/cybersicherheit-auf-maschinenebene/
15. TÜV Rheinland: New Machinery Regulation EU 2023/1230
    https://www.tuv.com/world/en/new-machinery-regulation-eu-2023-1230.html
16. Nemko: New EU Machinery Regulation 2023/1230 – Cybersecurity
    https://www.nemko.com/blog/eu-machinery-regulation-2023/1230

Trade unions and security authorities:

17. DGUV: The new EU Machinery Regulation (PDF handout)
    https://www.dguv.de/medien/fb-holzundmetall/veranst/dokumente/2024/01_die-neue-maschinen-vo_t_kirsch_zls-bayern_handout.pdf
18. Construction portal BGBau: Impact of EU Machinery Regulation 2023/1230
    https://bauportal.bgbau.de/bauportal-42024/branchenuebergreifend/auswirkung-neue-eu-maschinenverordnung-2023-1230

Comparative studies:

WEKA Manager CE: The path to the new Machinery Directive
https://www.weka-manager-ce.de/maschinenrichtlinie/neue-maschinenverordnung/

EUROGIP/ETUI: From the directive to the new regulation – what will change? (PDF)
https://eurogip.fr/wp-content/uploads/2024/01/DE-EUROGIP-ETUI_Machinery-from-the-Directive-to-the-new-Regulation-V1-2023-12.pdf

Please leave this field empty

Subscribe to our newsletter and stay up to date. No data sharing, no spam, and no washing machines or other costs.
This simply helps you to never miss any posts again.

Name *

email *

Topics

Everything! Lost Places Outdoor/Hiking/Photo trips/City trips Wuppertal 360° Model making/3D printing DIY/Crafts/Handicrafts Digital art/composites/special photos Collectibles/Film and TV Stories/Novels eroticism

If you would like to support my work, I would appreciate a small contribution in the form of a coin in my coffee fund. All you have to do is click on the image.
Every donation helps to keep this blog ad-free and ensure its continued existence.
You enable me to create high-quality, authentic content that is consistent with our shared values.

Thank you very much for your trust and support.

Check your inbox or spam folder to confirm your subscription. Please note that I can only send you newsletters after you have confirmed your subscription. Thank you for signing up!

Views: 12