EMC China Lab

What is the EN 18031 Standard?

Views :
Update time : 2025-03-11

EU Cybersecurity Regulations

The European Union (EU) has taken steps to regulate cybersecurity, with the first mandatory implementation occurring in 2022. Cybersecurity requirements were incorporated into the EU’s Radio Equipment Directive (RED) as essential regulatory provisions. The cybersecurity-related clauses Article 3.3 (d), (e), and (f) of the RED will become mandatory from August 1, 2025.

 

From this date onward, products covered by the RED must comply with cybersecurity requirements in order to meet the ce marking criteria. The key requirements include:

 

- Article 3.1 (a) – Safety

- Article 3.1 (b) – Electromagnetic Compatibility (EMC)

- Article 3.2 – Radio communication

- Article 3.3 (d), (e), (f) – Cybersecurity requirements

- Article 3.4 – Common charging interface

 

Products Covered by the Regulation

The RED applies to radio equipment that communicates via the internet or other devices. Additionally, wireless devices that process sensitive personal data fall within its scope. Examples include:

 

- Mobile phones, tablets, and laptops

- Wireless toys and child safety devices (e.g., baby monitors)

- Wearable technology (e.g., smartwatches, fitness trackers)

- Smart cameras, smart TVs, smart speakers, and smart displays

- Smart home appliances (e.g., smoke detectors, smart locks, window sensors)

 

Harmonized Standard en 18031

The EN 18031 series is the EU’s harmonized standard for cybersecurity. Manufacturers can use the en 18031 standards to demonstrate compliance with the new cybersecurity requirements. Different EN 18031 standards apply depending on the type of product:

 

- EN 18031-1 – Applies to Article 3.3(d): Devices connected to networks

- EN 18031-2 – Applies to Article 3.3(e): Wireless devices processing personal data

- EN 18031-3 – Applies to Article 3.3(f): Wireless devices involved in monetary transactions

 

OJ Listing and Application Restrictions

When the EU Official Journal (OJ) lists the EN 18031 standards under the red directive, it may impose specific limitations on their application. These restrictions must be carefully considered when implementing compliance strategies. Some key restrictions include:

 

- “Basic principles” and “guidelines” sections

- Use of passwords

- Parental or guardian access controls

- Monetary value transactions

 

When is a Notified Body (NB) Required?

A Notified Body (NB) assessment is required in certain cases:

 

- For products subject to OJ restrictions, specific limitations in EN 18031-1 and EN 18031-2 require NB evaluation.

- For products covered by Article 3.3(f) (i.e., using EN 18031-3), NB assessment is mandatory.

- Products integrating third-party systems or applications (e.g., Windows, third-party apps) must also be evaluated by an NB.

 

Recommendations for Manufacturers

The RED cybersecurity requirements will become mandatory on August 1, 2025. Manufacturers must act quickly to ensure their wireless products comply. Key steps include:

 

1. Review the RED scope – Determine if your product falls under the RED cybersecurity requirements. Testing labs, such as JJR Lab in China, can assist in assessing product relevance.

2. Examine the EN 18031 series – Understand how these standards apply to your product and identify relevant restrictions.

3. Conduct a compliance gap analysis – Evaluate your product’s current cybersecurity measures against EN 18031 requirements.

4. Prepare for the market – Implement necessary changes in product design, testing, and technical documentation to meet the 2025 regulatory deadline.

5. Obtain an NB certification – Getting a Notified Body conformity certificate is a reliable way to demonstrate compliance in the market.

 

Final Thoughts

The EN 18031 series, as an OJ-listed harmonized standard, provides wireless device manufacturers with clear guidance on meeting RED cybersecurity requirements. However, the OJ’s listed restrictions highlight the importance of careful assessment and expert guidance.

 

JJR Lab in China has cybersecurity laboratories, experienced cybersecurity experts, and certification auditors. We offer professional guidance to help manufacturers understand regulatory requirements and achieve compliance before the mandatory deadline. Our services include consultation, training, assessment, and cybersecurity certification for the EN 18031 series.


Email:hello@jjrlab.com


Leave Your Message


Write your message here and send it to us


Related News
Read More >>
What Are the Types of PTCRB Certification? What Are the Types of PTCRB Certification?
07 .14.2026
PTCRB certification types—Initial, Integrated, Variant, and ECO—ensure 3G/4G/5G device compliance wi...
PTCRB Test Certification Category Classification PTCRB Test Certification Category Classification
07 .14.2026
JJR LAB provides PTCRB testing based on NAPRD and PPMD test standards, efficiently guiding your prod...
What is US Operator PTCRB Certification? What is US Operator PTCRB Certification?
07 .14.2026
PTCRB is the required operator certification for North American mobile devices. Tests follow the 3GP...
Introduction to PTCRB Certification Introduction to PTCRB Certification
07 .14.2026
PTCRB is a quasi-mandatory mobile certification in North America. Tests cover RF, Protocol, SIM, OTA...
What is PTCRB Certification What is PTCRB Certification
07 .14.2026
PTCRB is a mandatory cellular cert for North American networks, testing RF, Protocol, and OTA per 3G...
What is UL 499 Certification What is UL 499 Certification
07 .13.2026
UL 499 ensures electric heating safety via rigorous testing. JJR LAB provides expert UL 499 certific...
Amazon UL499 Standard Test Report Amazon UL499 Standard Test Report
07 .13.2026
Need an Amazon UL499 Standard Test Report? JJR LAB provides expert UL499 testing for heating applian...
Heating Lamp ETL Certification UL 499 Testing Heating Lamp ETL Certification UL 499 Testing
07 .13.2026
JJR LAB offers professional Heating Lamp ETL Certification. We evaluate your commercial and industri...

Leave Your Message