EN 18031-1 Reinforced “Security Asset” Requirements Ignite Testing Demand

          The EN 18031 series, issued by the European Union, establishes stringent cybersecurity regulations for radio equipment. Among them, EN 18031-1 corresponds to Article 3.3(d) of the RED Directive, focusing on internet-connected radio equipment. It plays a critical role in ensuring cybersecurity and regulating market order.

f5a76bff-f4da-42d2-a55e-b09da886a561

Scope of Applicable Products

  • Directly Connected Radio Equipment: Devices capable of independently connecting to the internet and communicating, such as smartphones, tablets, and smart home devices.
  • Indirectly Connected Radio Equipment: Devices that cannot independently connect to the internet but can communicate via intermediary devices (e.g., gateways, mobile phones).

Key Evaluation Points
The EN 18031 series categorizes assets into four types for assessment:

  • Security Assets: Related to the device’s own security protection mechanisms, such as access control and authentication.
  • Network Assets: Focus on the security of device-network interactions to prevent harm to the network.
  • Privacy Assets: Aimed at protecting user personal data and privacy from unauthorized access or misuse.
  • Financial Assets: Pertain to devices with financial transaction capabilities, ensuring transaction security and fraud prevention.

        EN 18031-1 primarily regulates Security Assets and Network Assets, ensuring that radio equipment does not harm the network or its functions when connected to the internet, prevents misuse of network resources, and avoids unacceptable degradation of service quality.

Key Testing and Evaluation Areas of EN 18031-1:

  • Access Control Mechanisms: Ensure only authorized entities can access security and network assets. Examples: device storage protection, physical access restrictions, user role permissions, encrypted communication, password protection.
  • Secure Communication Mechanisms: Ensure secure transmission during network communication to prevent unauthorized access, tampering, or replay attacks. Examples: TLS encryption, WPA2 authentication, AES-CCM protection.
  • Secure Update Mechanisms: Guarantee the updatability of devices and the security of the update process. Examples: digital signature verification for firmware integrity, disabling unencrypted HTTP channels.
  • Traffic Control Mechanisms: Effectively manage and restrict network traffic to prevent unauthorized access. Examples: IPv4 filtering, MAC address filtering, VPN.

Post time: Sep-23-2025