EU has no official “EN 18031 certification”. Businesses complete RED cybersecurity compliance using EN 18031.
1. Compliance Routes
·Module A: Self‑declaration
·Module B + C: EU Type Examination by NB
2. Six‑Stage Process
·Scope Assessment & Planning (1–3 weeks)Determine if the device connects to the internet, processes personal data or supports payments.
·Technical Documentation & Remediation (3–10 weeks)Fix weak passwords, add signed updates, strengthen encryption.
·Pre‑Testing (optional, 2–4 weeks)Reduces retest risks.
·Formal Laboratory Testing (3–12 weeks)Covers access control, encryption, penetration testing, privacy and fraud protection.
·NB Review (if applicable, 4–10 weeks)Issue Module B certificate.
·Declaration & Market Launch (1–3 weeks)Sign DoC, apply CE mark, appoint EC‑REP.
3. Overall Timelines
·Low‑risk: 2–3 months
·Medium‑risk: 4.5–8 months
·High‑risk: 6–10+ months
4. CRA Transition
From 11 Dec 2027, CRA replaces RED cybersecurity rules. EN 18031 logic will continue in ETSI standards. Early preparation for SBOM and CVD is recommended.
For EN 18031 process and timeline, contact BLUEASIA: +86 13534225140
Related News
