By 
With the new simplified, automated testing process, embedded software can be checked within minutes for potential vulnerabilities and non-compliance with the RED II, EN 18031-1 directive.
Starting in August of this year, connected digital products will be required to comply with the EU Directive RED II (Radio Equipment Directive) EN 18031. In response, Düsseldorf-based cybersecurity company ONEKEY has integrated testing for RED II, EN 18031-1 into its automated cybersecurity platform.
RELATED: Rising demand for cybersecurity in real-time operating systems
“We are expanding the capabilities of our automated platform to include this key EU directive, which is mandatory for all manufacturers of products containing radio modules. This underlines our commitment to providing customers with comprehensive and up-to-date compliance support,” said Jan Wendenburg, CEO of ONEKEY.
The new automated RED II testing is primarily aimed at manufacturers and OEMs of smart devices, machines, and systems. In addition, the ONEKEY platform’s Compliance Wizard already includes other relevant standards such as the Cyber Resilience Act, IEC 62443-4-2, ISO 303645, UNR 155, UK PSTI, and many more. Coverage of these standards is being continuously expanding.
Automated RED II Analysis and Structured Documentation via Decision Tree
Key application areas include fully automated technical software analysis to identify vulnerabilities and compliance gaps, as well as structured documentation using a decision tree.
This enables customers to automatically check specific technical RED II requirements within minutes through binary analysis. Non-compliant areas—the gaps between the standard and the software—are automatically identified and documented with supporting technical evidence.
The remaining RED II EN18031-1 requirements—mostly organizational in nature—can then be addressed step by step through an intelligent decision tree, directly linked to the specific RED provisions. In many cases, answers are pre-filled automatically based on previous analysis results, while manual review and adjustment remain possible at any time.
“With the integration of RED II EN 18031-1, we’re providing our customers another powerful tool to proactively and efficiently meet the growing demands of regulations through automation,” emphasized Jan Wendenburg, highlighting ONEKEY’s commitment to innovation leadership.
Background on RED II EN 18031
The Radio Equipment Directive (RED) 2014/53/EU of the European Union is a key regulatory framework for connected devices, systems, and machines, as it defines essential requirements for radio equipment sold in the EU market.
With the growing number of industrial machines, sensors, actuators, and other digital products being connected via wireless communication (Internet of Things, IoT, Industry 4.0), these products now fall under the scope of the updated RED II EN 18031, or Delegated Regulation (EU) 2022/30, which was introduced in 2022.
The directive is intended to ensure that these devices provide electromagnetic compatibility and appropriate cybersecurity to prevent interference in radio communications. It requires manufacturers to ensure that any product using radio technologies complies with the essential requirements of the directive before being placed on the European market.
This applies not only to traditional communication devices but increasingly to industrial products that integrate radio modules for use in smart factories, logistics, or the control of autonomous machinery.
These requirements for cybersecurity and electromagnetic compatibility are particularly critical in industrial environments, where malfunctions or cyberattacks on connected systems could have far-reaching consequences.
Click for ONEKEY Compliance Wizard
