cetecom advanced
  • CERT
  • Accreditations
  • Newsletter
  • Jobs
  • Contact
cetecom advanced Knowledge Center Professional Articles EN 18031 – Cybersecurity testing of radio equipment

EN 18031 – Cybersecurity testing of radio equipment

The increasing networking of radio equipment poses new challenges for cyber security. The EN 18031-x series of standards introduces a uniform standard for assessing and ensuring the cyber security of such devices.
Table of contents
Table of content

EN 18031 was harmonized at the end of January 2025, which means it is now recognized as the official standard for compliance with the Radio Equipment Directive (RED). This article provides an overview of the scope of the standard, relevant articles, technical documentation requirements and the assessment criteria.

 

Scope of EN 18031-x

The EN 18031-x series of standards was developed to define cyber security requirements for radio equipment covered by the Radio Equipment Directive (RED). The standard specifies measures to minimize security risks and to ensure the integrity, availability and confidentiality of data. The aim is to ensure the security of devices throughout their entire life cycle and to increase the protection of networks, data and privacy.

EN 18031-x supplements the RED, particularly with regard to Articles 3.3 (d), (e) and (f), which deal with network integrity, data protection and protection against fraud.

 

Overview of the relevant articles 3.3 (d), (e), (f)

The Radio Equipment Directive (RED) defines specific requirements for cybersecurity, which are further specified by EN 18031-x:

  • Article 3.3 (d): The standard ensures that radio equipment does not cause interference to the network or affect its functioning. This includes measures to prevent misuse of network resources.
  • Article 3.3 (e): This concerns the protection of personal data and the privacy of users. The devices must implement suitable measures for data encryption and access control.
  • Article 3.3 (f): Fraud protection includes mechanisms to secure communication and authentication within the radio equipment to prevent tampering and unauthorized access.

 

Technical documentation in accordance with EN 18031-x

In order to demonstrate conformity with EN 18031-x, manufacturers must provide comprehensive technical documentation. This includes:

  • Functional description: Clear definition of the intended functionality of the device.
  • Technical specifications: Detailed information on hardware and software components.
  • Best practices: Evidence of implemented security measures and references to best practices.
  • Interface information: A complete list of external interfaces of the device.
  • Risk assessment: Identification of potential safety risks and measures to mitigate these risks.

This documentation is essential for the assessment and certification of radio equipment according to the new safety standards.

A detailed blueprint, showcasing the complexity and precision of architectural plans with a focus on layout and design

 

Evaluation criteria of EN 18031-x

EN 18031-x defines three main evaluation criteria to ensure the security of radio equipment:

  • Conceptual assessment: This involves checking whether the security concept of the device has been implemented from the outset (security by design). This includes the documentation and implementation of basic security principles and measures.
  • Assessment of functional completeness: This assessment ensures that all protective measures provided for in the security concept have actually been implemented. It checks whether the security mechanisms are complete and functional.
  • Assessment of sufficient protection: In addition to completeness, it is also checked whether the implemented security measures are also effective. This includes tests for resistance to attacks and threat scenarios.

 

Conclusion

A high-quality, sharp photograph of a polished metallic shield bearing a bold checkmark, symbolizing security, protection, and reliability.

EN 18031-x represents significant progress for the cyber security of radio equipment. A higher level of protection is achieved through clearly defined requirements for technical documentation and assessment mechanisms. Manufacturers must address these requirements at an early stage in order to ensure conformity and safeguard their products in the long term.

From August 1, 2025, all affected devices must meet the requirements of EN 18031-x in order to continue to be sold on the European market. Timely implementation of the new safety standards is therefore essential.

 

Further resources and services

For further information on the requirements of EN 18031-x and cybersecurity in general, we offer webinars that are available as recordings in our Knowledge Center. These webinars help you to understand the latest developments in cybersecurity and to prepare your products in the best possible way.

We also support you with comprehensive cybersecurity services. Our portfolio includes security audits, conformity assessments and certifications according to international standards. You can find out more about our services on our website: cetecom advanced Cybersecurity.

About the author and this article

cetecom advanced is a global testing and certification service provider and part of the RWTÜV Group.

We are a state-recognized testing laboratories that is accredited worldwide for a wide range of testing services. With our testing services in accordance with international regulations, we help to bring electrical/electronic products safely onto the international market. Furthermore, we carry out product approvals in over 180 countries and renowned brands from all industries have been relying on our expertise since 1993.

This technical article was written according to strict editorial standards. All information contained in the article is the result of careful research on the subject. All specialist articles have been checked by the relevant specialist departments in our laboratories, which are responsible for testing and approving a wide range of radio products on a daily basis.

Officially accredited by, among others:
Qi
Qi
WiFi
Bluetooth®
PTCRB
PTCRB
To the list of all 75+ accreditations To the about us page
Similar articles
11. February 2025
Safety Tests for Battery Transport Boxes: We Offer Top-Level Fire Testing!
Battery transport boxes | Fire Testing
24. October 2024
New version of the EMC standard DIN EN IEC 61547:2023-11
A light bulb with a purple-colored light net inside
DIN EN IEC 61547 | lighting devices and systems
12. July 2023
Radio Equipment Directive (RED) – Directive for radio equipment in the EEA
Modern WiFi router on a clean desk, with cables connected. (A radio device in operation.)
Radio Equipment Directive | RED
16. July 2020
Algeria – Certificate of conformity required for previously exempted devices
Algeria
Algeria
20. September 2021
CyberSecurity Certified (CSC) as Europe-wide security certificate for cybersecurity
State-of-the-art cybersecurity for IoT devices and the surrounding IT networks
CSC | Cybersecurity | Cybersecurity Certified
26. August 2021
The United Kingdom moves the UKCA implementation deadline to January 1, 2023
UKCA
Certification | UKCA
Stay up to date.
The cetecom advanced newsletter is sent out about once a month. No constant follow-up mails.
Only selected content from our experts.