As Siemens reports , the new requirements would make up a dedicated clause in all new supplier contracts worldwide. Those most affected would be suppliers of security-critical components such as software, processors and parts for steering units. Suppliers are also obligated to incorporate special norms, processes and methods into their products or services. They also need to guarantee regular security inspections, tests and corrections – as does Siemens itself, due to a voluntary obligation clause.
This initiative is part of the company’s dedication to its Charter of Trust for cybersecurity. There are currently 16 corporations participating in the initiative, which Siemens itself launched, including Cisco, Deutsche Telekom and IBM. The newest members were announced in mid-February 2019: Germany’s Federal Office for Information Security, the National Cryptologic Center, and TU Graz.