EN 18031 is a standard developed by the European Committee for Standardisation (CEN) and the European Committee for Electrotechnical Standardisation (CENELEC) under their joint technical committee JTC 13 WG8, which focuses on cybersecurity and data protection.
The main goal is to improve the ability of radio equipment to protect its security assets and network assets against common cybersecurity threats and to mitigate publicly known exploitable vulnerabilities
Here are the main features and focuses of EN 18031:
In the infographic below, we lay out the key components within the standard EN 18031 broken down into three parts:
EN 18031 provides a complete set of requirements to be met, along with detailed rationales, guidance, and assessment criteria to ensure correct application to radio equipment devices.
Each requirement is evaluated in a two-step process: first, its applicability to the product is determined, and then the implementation's suitability is examined.
It also contains comprehensive decision trees that help the evaluator and manufacturer to understand the applicability and pass/fail criteria.
The EN 18031 standards were developed in response to the European Union's Delegated Regulation 2022/30/EU, which mandates specific cybersecurity requirements for radio equipment under the Radio Equipment Directive (RED).
These requirements will be enforced from August 2025.
Applus+ Laboratories offers comprehensive evaluation services for radio equipment to ensure compliance with the EN 18031 standard (Part 1, 2 and 3), which aligns with the Radio Equipment Directive (RED) cybersecurity requirements.
Our services help manufacturers verify that their products meet the essential cybersecurity requirements, covering articles (d), (e), and (f) of the RED directive.
In Applus+ Laboratories, we offer the GAP analysis and Cybersecurity Compliance to our clients to help them comply with EN 18031:
If you are new and need to evaluate your product against the standard to determine how close you are to compliance, GAP Analysis is ideal for you.
Here’s an overview of GAP analysis:
If you are confident and it's time to officially evaluate your product with an official certification process, Cybersecurity Compliance will guide you through it.
Here’s an overview of Cybersecurity Compliance:
Applus Laboratories is a Notified Body for the Radio Equipment Directive, (NB number 0370), including the new cybersecurity requirements that took into effect from February 1, 2022, and will be mandatory from August 1, 2025 (the EU extended the transition period 12 months in July 2023). Additionally, Applus+ Laboratories can act as an evaluation laboratory to perform the assessments.
After a long and dedicated journey with CEN/CENELEC JTC13 WG8, Applus+ Laboratories has been actively working with key stakeholders, including our clients. These clients have chosen us for our recognised expertise in standards and the relevant technology.
Contact us and ask for our comprehensive Evidence Checklist sheet to start your journey to the EN 18031 compliance.
Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). You can accept all cookies by pressing the "Accept" button or configure or reject their use. Consult our Cookies Policy for more information.
They allow the operation of the website, loading media content and its security. See the cookies we store in our Cookies Policy.
They allow us to know how you interact with the website, the number of visits in the different sections and to create statistics to improve our business practices. See the cookies we store in our Cookies Policy.