SANCTUARY Systems GmbH
About us
SANCTUARY Systems GmbH develops cybersecurity solutions with a focus on embedded systems, that is, computer systems used for control functions across a wide range of industries, for example in industrial production, mechanical and plant engineering, and aerospace. SANCTUARY Systems provides its customers with comprehensive support for all security aspects of embedded projects, ranging from the initial security analysis through to the development and integration of tailored security solutions. In addition, SANCTUARY Systems offers ready-made security solutions, for example to enable the simple and cost-effective management of OT device security in industrial production
At SAAA Heilbronn 2026, the newest innovation of SANCTUARY Systems, SANCTUARY Insight is presented. SANCTUARY Insight automatically identifies OT devices and their software stacks in automation systems using passive network observation and selective, protocol-aware queries. Then, Insight composes a system-level BOM of the automation system that integrates a hardware BOM and a software BOM, linking software components to their executing devices for unambiguous traceability. By adopting Insight, vendors and integrators can accelerate their compliance with the CRA, reduce manual effort, and improve the security posture of their systems
Products & services
SANCTUARY Insight: System BOM Generation for Mechanical & Plant Engineering
SANCTUARY Insight is a platform for OT asset inventory and cybersecurity management, designed to provide comprehensive transparency and control across the entire lifecycle of industrial systems. Modern production facilities and machinery integrate a wide range of heterogeneous components. Each of these subsystems relies on manufacturer-specific firmware and software that evolve independently. This complexity frequently results in gaps in vulnerability management, particularly when systems are modified or reconfigured after commissioning. SANCTUARY Insight is used by machine and plant manufacturers to automatically detect all integrated OT devices within a machine cell or production line during delivery and commissioning, and to generate a system-wide Bill of Materials (SBOM) that encompasses both hardware and software components. Software elements are uniquely mapped to the devices on which they are executed, enabling complete traceability throughout the entire lifecycle. The resulting SBOM can be exported in structured formats and continuously correlated with up-to-date vulnerability information. This functionality directly supports compliance with the EU Cyber Resilience Act, which requires manufacturers of products with digital elements to maintain SBOMs and manage security vulnerabilities throughout the product lifecycle. By automating SBOM generation and vulnerability monitoring, SANCTUARY Insight reduces compliance overhead while establishing a robust and scalable foundation for secure lifecycle management in industrial environments
