Machinery Regulation (EU) 2023/1230

The new Machinery Regulation (EU) 2023/1230 was published in the Official Journal of the European Union between July and August 2023 and will become mandatory for all member states from 20th January 2027, at the end of a long 42-month transition period.

This new normative text replaces the current Directive 2006/42/EC, which has been in force for almost two decades without substantial changes. During the transitional period, the CEN Technical Committees will be involved in adapting the harmonised standards to the new legislation.

Main innovations for manufacturers, installers and maintainers

“Self-evolving” machines (artificial intelligence and automated learning)

The Regulation recognises that machines can autonomously modify their behaviour through machine learning, going beyond the limited scope of industrial robotics alone. It is therefore necessary to assess their predictability, functional safety and impact on operational behaviour.

Regulatory references:

Article 6(2) – Substantial modification due to software altering behaviour
Annex III, point 1.1.1 – General design principles, including predictability of behaviour
Annex III, point 1.2.1(f) – Logging and traceability in control systems

Cybersecurity and artificial intelligence

The Regulation requires the assessment of IT risks and the adoption of measures to prevent unauthorised access, data alteration or manipulation of security-related software. This also includes behaviour resulting from AI.

Regulatory references:

Annex III, point 1.1.9 – Protection against corruption (software, firmware, data)
Annex III, point 1.2.1(f) – Safety and reliability of control systems, with recording of changes
Article 17 – Risk assessment, including cyber risks

Related technical standard:

prEN 50742:2025 – Safety of Machinery – Electrotechnical aspects – Protection against corruption
Provides design and procedural requirements to protect the machine from digital threats and ensure the integrity of data, software, parameters and remote connections.

Digital components as safety components

The Regulation extends the definition of “safety component’” to include software and digital components essential for the safety of machinery. These elements are subject to conformity assessment procedures and CE marking.

Regulatory references:

Article 3(17) – Definition of safety component (includes software)
Article 20 – Manufacturer's obligations
Annex III, point 1.2.1 – Reliable behaviour of the control system even in the presence of software

Extension of scope / high-risk machinery

The new Regulation expands and clarifies the scope, updating the list of high-risk machinery and strengthening the conditions for mandatory conformity assessment by a notified body.

Regulatory references:

Article 5 – Classification of products
Annex I – Updated list of high-risk machinery and components (formerly Annex IV to Directive 2006/42/EC)

Substantial modification

For the first time, a clear definition of “substantial modification” is introduced: any intervention that modifies the safety conditions provided for by the manufacturer may result in the transfer of responsibility to the operator, who is considered the new manufacturer (in whole or for the modified part).

Regulatory references:

Article 3(16) – Definition of substantial modification
Article 14 – Obligations arising from modification, including reassessment of conf

Conclusion

Machinery Regulation 2023/1230 represents a major update, in line with the evolution of technology and the requirements of the digital transition. Manufacturers, integrators, installers and maintainers will have to adapt to a new, more complex regulatory framework, which will require training, document updating and more in-depth technical assessments.