Understanding EN18031 and RED-DA 2022/30 

The evolving landscape of cybersecurity regulations has brought significant changes to how businesses approach product security. The Cyber Security Resiliency Act and the Radio Equipment Directive RED-DA 2022/30 (RED-DA 2022/30) are critical frameworks aimed at enhancing the security and resilience of connected devices. One of the key aspects of RED-DA 2022/30, EN18031, introduces stringent cybersecurity requirements for products that are sold within the European Union (EU). EN18031 provides the standards and detail what it takes to meet the needs of RED-DA 2022/30. Provided in 3 separate documents EN18031-1, EN18031-2 and EN18031-3. For more on these standards, see our previous post.  

These regulations are designed to ensure that devices meet high-security standards, protecting end users from cyber threats and vulnerabilities. 

For manufacturers and businesses integrating radio and connectivity solutions into their end products, compliance with EN18031 is not just a regulatory necessity but a crucial step in securing market access within the EU. Failure to comply could result in product restrictions, increased security risks, and reputational damage. 

Our Approach to Compliance 

As a company committed to cybersecurity and regulatory adherence, we have undertaken a structured approach to ensure that our products meet the EN18031 requirements under RED-DA 2022/30. Our focus includes: 

1. Comprehensive Analysis – We have begun an in-depth review of the EN18031 requirements to understand their impact on our products and the necessary compliance measures. 
2. Testing Strategy Development – Addressing the specifics of required testing is a key priority. We are identifying the technical requirements and corresponding test procedures to validate compliance effectively. 
3. Product Impact Assessment – We have identified the products within our portfolio that will be affected by these new standards. Our initial focus is on: 
   - RS2xx Series 
   - BL54 Series 
   - 60 Series, which includes SOM60 and 60 Series Radios 
4. Reference Platforms for Testing – Establishing reliable reference platforms to validate that our radios, Systems on Module (SOMs), and packaged products meet EN18031 requirements is a key step in our compliance process. These reference platforms will also serve as a valuable resource for our customers, providing them with the necessary guidance on how to integrate our products into their end solutions while ensuring compliance with EN18031. We are committed to working closely with our customers, offering support and information to help them navigate these requirements effectively. 
5. Engagement with Notified Bodies – We have initiated discussions with recognized Notified Bodies to define the necessary steps toward full compliance. These partnerships are essential in navigating the certification process and ensuring that our products align with all regulatory expectations. 

Moving Forward 

Our proactive approach underscores our commitment to security, quality, and compliance. As we progress through this journey, we will provide regular updates on our compliance milestones and share insights on how these regulations shape the future of cybersecurity in connected devices. 

We understand that achieving compliance is not just about meeting regulations but also about delivering secure and reliable solutions to our customers. By taking these steps, we are not only safeguarding our products but also helping our customers maintain their competitive edge in the EU market. 

Stay tuned for further updates on our path toward full EN18031 compliance.