【EU】The EU and EN 18031 standard

The EU will introduce a new version of the EN 18031 standard on August 30, 2024, aimed at enhancing the cybersecurity of radio equipment. Developed by the CEN-CENELEC JTC 13/WG 8 working group, this standard encompasses three parts to address the core security requirements of radio devices. Here are the detailed aspects of the EU cybersecurity standard:

Expected Launch Date

The official text of the standard is expected to be published on August 30, 2024. This will provide manufacturers and other stakeholders with 11 months to assess and implement the requirements to comply by the effective date of August 1, 2025.

The EN 18031 standard is divided into three parts:

• FprEN 18031-1: General security requirements for network-connected radio equipment.
• FprEN 18031-2: General security requirements for data-processing radio equipment (e.g., network-connected radio devices, childcare equipment, toy devices, and wearable devices).
• FprEN 18031-3: General security requirements for network-connected radio equipment handling virtual currency or monetary value.

The new EN 18031 standard covers several key security mechanisms, including:

• Access Control Mechanism (ACM)
• Authentication Mechanism (AUM)
• Secure Update Mechanism (SUM)
• Secure Storage Mechanism (SSM)
• Secure Communication Mechanism (SCM)
• Logging Mechanism (LGM)
• Deletion Mechanism (DLM)
• User Notification Mechanism (UNM)
• Resilience Mechanism (RLM)
• Network Monitoring Mechanism (NMM)
• Traffic Control Mechanism (TCM)
• Cryptographic Key Mechanism (CCK)
• General Equipment Capabilities (GEC)
• Cryptography (CRY)

These mechanisms aim to ensure the security of radio devices, covering various aspects from access control and authentication to secure communication and storage. Each mechanism includes specific requirements and evaluation criteria to ensure the devices can withstand various cyber threats.

Moreover, the standard emphasizes the requirements for technical documentation, the application of decision trees, and the introduction of implementation categories, all of which contribute to improving the applicability and effectiveness of the standard.

(Source: CEN/CLC/JTC 13/WG 8 – REDCA update, 2024-05-17)

Glodacert can provide you with professional, accurate, and prompt service, so please feel free to contact us with any queries or concerns you may have!