EN 18031 is a European standard developed by the European Committee for Standardization (CEN) and the European Committee for Electrotechnical Standardization (CENELEC) under their joint technical committee CEN-CENELEC JTC 13, Working Group 8 (WG8), which focuses on cybersecurity and data protection.
The EN 18031 standards were developed in response to the European Union's Delegated Regulation 2022/30/EU, which mandates specific cybersecurity requirements for radio equipment under the Radio Equipment Directive (RED). This standard provides a framework for demonstrating conformance with the Radio Equipment Directive (RED) 2014/53/EU, specifically Articles 3.3(d), (e), and (f) and is now harmonized with some restrictions (See below).
The main goal of EN 18031 is to enhance the security of radio equipment by strengthening its ability to protect networks, user data privacy, and financial assets from common cybersecurity threats.
Here are the main features and focuses of EN 18031:
In the infographic below, we lay out the key components within the standard EN 18031 broken down into three parts:
EN 18031 provides a complete set of requirements to be met, along with detailed rationales, guidance, and assessment criteria to ensure correct application to radio equipment devices.
Each requirement is evaluated in a two-step process: first, its applicability to the product is determined, and then the implementation's suitability is examined.
It also contains comprehensive decision trees that help the evaluator and manufacturer to understand the applicability and pass/fail criteria.
The cybersecurity articles compliance under EN 18031 will be enforced starting from August 1st, 2025.
To demonstrate compliance with the Radio Equipment Directive (RED) Articles 3.3(d), (e), and (f), manufacturers can benefit from a presumption of conformity if they:
If a manufacturer does not fully apply EN 18031 or does not comply with the restrictions, they must undergo a conformity assessment by a Notified Body (NB) to verify compliance before placing their products on the EU market.
Applus+ Laboratories offers comprehensive evaluation services for radio equipment to ensure compliance with the EN 18031 standard (Part 1, 2 and 3), which aligns with the Radio Equipment Directive (RED) cybersecurity requirements.
Our services help manufacturers verify that their products meet the essential cybersecurity requirements, covering articles (d), (e), and (f) of the RED directive.
In Applus+ Laboratories, we offer the GAP analysis and Cybersecurity Compliance to our clients to help them comply with EN 18031:
If you are new and need to evaluate your product against the standard to determine how close you are to compliance, GAP Analysis is ideal for you.
Here’s an overview of GAP analysis:
If you are confident and it's time to officially evaluate your product with an official certification process, Cybersecurity Compliance will guide you through it.
Here’s an overview of Cybersecurity Compliance:
Applus Laboratories is a Notified Body for the Radio Equipment Directive, (NB number 0370), including the new cybersecurity requirements that took into effect from February 1, 2022, and will be mandatory from August 1, 2025 (the EU extended the transition period 12 months in July 2023). Additionally, Applus+ Laboratories can act as an evaluation laboratory to perform the assessments.
After a long and dedicated journey with CEN/CENELEC JTC13 WG8, Applus+ Laboratories has been actively working with key stakeholders, including our clients. These clients have chosen us for our recognised expertise in standards and the relevant technology.
Contact us and ask for our comprehensive Evidence Checklist sheet to start your journey to the EN 18031 compliance.This checklist will help you determine whether you have all the necessary evidence in place.
Watch our videos on Youtube
Exploring the EN 18031 Standard: Cybersecurity Testing for Radio Equipment Directive Compliance (24 min)
Cybersecurity Compliance for the Radio Equipment Directive (32 min)
Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). Click HERE for more information. You can accept all cookies by pressing the "Accept" button or configure or reject their use by clicking here.
They allow the operation of the website, loading media content and its security. See the cookies we store in our Cookies Policy
They allow us to know how you interact with the website, the number of visits in the different sections and to create statistics to improve our business practices. See the cookies we store in our Cookies Policy