+91 22 40163190 info@deltaphi.in

EN 18031 Cybersecurity Testing for Radio Equipment – Ready for RED Article 3(3)(d)(e)(f)

From 1 August 2025, EN 18031 becomes mandatory for in-scope internet-connected radio equipment under the EU Radio Equipment Directive (RED). Deltaphi Labs helps OEMs generate CE-ready cybersecurity evidence and secure EU market access.

EN 18031 Applicability / Gap Assessment

EN 18031 explained by Deltaphi – What OEMs must do to secure EU market access
This video is a trust and decision-support asset, not generic awareness.

Who This Is For / Devices Covered

Personas:

=

Compliance / Certification Managers

=
Product Managers / Product Owners
=

CTO / VP Engineering

=

Quality & Conformity Leads

=

Founders of product companies

Devices:

=

Wi-Fi routers and access points

=

IoT and smart home products

=

Industrial and connected medical devices

=

Gateways, wearables, wireless equipment

=

Any internet-connected radio equipment targeting EU markets

Regulatory Urgency Block

Z
RED Articles 3(3)(d), 3(3)(e), and 3(3)(f) are activated via the Cybersecurity Delegated Act
Z
EN 18031 supports presumption of conformity for these clauses
Z

From 1 August 2025, non-conforming products cannot be lawfully placed on the EU market

What Deltaphi Does (Service Steps)

Z
EN 18031 Applicability & Gap Assessment
Scope confirmation, documentation review, initial risk view
Z
Clause-Based Testing
Network protection, misuse prevention, data and fraud-related controls as applicable
Z
CE-Ready Evidence & Reporting
Structured test reports and evidence aligned for conformity assessment

Talk to an EN 18031 Compliance Expert

Get an EN 18031 applicability and gap assessment for your radio equipment and a clear test plan for CE marking and EU market access.

FAQs – EN-18031-1 Certifications

Q1. Which devices require EN 18031-1 testing?

All internet-connected radio equipment marketed in the EU, including routers, gateways, IoT devices, and wearables.

Q2. When does EN 18031-1 become mandatory?

From 1 August 2025, EN 18031-1 compliance is required for CE marking under RED Article 3(3).

Q3. What security areas are covered?

Access control, authentication, secure communications, software update, secure storage, and resilience mechanisms.

Q4. Is fuzzing and robustness testing included?

Yes. EN 18031-1 explicitly requires fuzzing, replay, and DoS/DDoS testing to validate device resilience.

Q5. How long does testing take?

Typical project timelines range from 8 to 10 weeks, depending on product complexity. Fast-track options are available.