What is RED-DA and why is it important for CE marking?
If you manufacture wireless or smart products that connect via Wi-Fi®, Bluetooth®, or other radio technologies, you are probably familiar with the CE marking on electronic products.

Technical article on RED-DA cybersecurity

That “CE” logo is more than just a label; it’s your gateway to legally marketing products in the European Union (EU), indicating that your device meets essential health and safety requirements.
Until recently, EU regulations for electronic products focused on preventing physical damage, device malfunctions, and radio interference. But as smart, connected products proliferate—from everyday consumer devices to complex industrial systems—so do cybersecurity risks. Devices are increasingly connected to networks, handle personal data, and form part of critical infrastructure, making them prime targets for cyberattacks.
To address these growing concerns, the EU introduced a major update to the Radio Equipment Directive (RED) through the RED Delegated Regulation (RED-DA), which came into force in August 2025. This new regulation ensures that all radio and IoT products marketed in the EU meet mandatory cybersecurity requirements.

Where does the RED-DA apply?
The scope of the RED-DA is broad and continues to expand with the growth of the digital ecosystem. It applies to any product that incorporates a radio interface using wireless technologies. This includes a wide range of devices, such as consumer electronics like smart speakers, connected light switches, and televisions; wearable personal devices like smartwatches and fitness trackers; health technology and medical sensors; connected toys and tracking devices; as well as IoT systems that support smart homes, industrial environments, and critical infrastructure.

Connecting the RED-DA to the Big Picture: The Cyber Resilience Act (CRA)
While the RED-DA focuses specifically on wireless and radio-connected devices, it is not an isolated initiative. It is part of a broader EU regulatory push to build a stronger and more secure digital ecosystem. Enter the CRA, a separate but complementary regulation that targets a wider category of digital products with embedded software, regardless of whether they include a radio interface.

Together, RED-DA and CRA form fundamental pillars of the EU's constantly evolving cybersecurity regulatory framework. While RED-DA ensures that devices using radio technologies are secure, reliable, and compliant before they can bear the CE mark, CRA extends this scope to cover the entire lifecycle of digital products. This includes secure development by design, ongoing software maintenance, vulnerability notification, and long-term support, ensuring greater protection and resilience across the entire digital ecosystem. In short, RED-DA is one of the pillars of the EU's layered approach to digital product security. For manufacturers, understanding RED-DA not only helps them meet immediate compliance requirements but also prepare for the broader, more systemic obligations introduced by CRA.

Along these same lines, Europe has introduced EN 18031 as a harmonized standard to meet network cybersecurity requirements. It covers network protection, data privacy, and fraud prevention, and provides manufacturers with a practical framework for demonstrating compliance. For most wireless and IoT products, the focus is on EN 18031, which sets expectations for protecting networks against misuse, disruption, and attacks. It emphasizes secure design practices, such as authentication, access control, encrypted communication, protected updates, and resilience against common threats, ensuring that connected devices are compliant and reliable. The standard offers tailored guidance for different types of devices, ensuring that security measures are appropriate for the risk.
As Europe strengthens its digital resilience, these standards and regulations will determine how products are designed, tested, documented, and maintained, while raising the bar for security.
Why regulatory compliance is important for wireless product developers.

Risk and Reputation:
For solution providers integrating wireless technologies, supporting robust network security is essential not only to ensure regulatory compliance but also to safeguard customer value and preserve market trust. Failure to comply with RED-DA requirements can expose products to vulnerabilities, recalls, or sales restrictions, disrupting business operations and damaging brand reputation and long-term credibility with partners, regulators, and end users. Compliance has been mandatory for all new wireless devices sold in the EU since August 1, 2025. Any product lacking a valid Declaration of Conformity (DoC) referencing EN 18031 now risks being banned in Europe.

Supply chain complexity:
Manufacturers often integrate wireless modules or systems-on-a-chip (SoCs) as the backbone of their wireless connectivity. Ensuring these components comply with EN 18031 and have an upstream Document of Compliance (DoC) greatly simplifies downstream compliance and reduces costs and engineering burden.

The Role of the Declaration of Conformity (DoC)
A DoC is an official declaration confirming that a product complies with all applicable directives and standards, including the cybersecurity requirements set out in RED-DA. For organizations integrating wireless modules or System-on-a-Chip (SoC), obtaining a DoC from technology vendors offers significant advantages. It simplifies documentation by allowing the vendor's DoC to be incorporated into product conformity records, accelerates CE marking by leveraging pre-certified modules, and reduces the overall compliance burden by minimizing the need for additional, extensive testing. Beyond efficiency, it also increases trust by signaling a strong commitment to regulatory responsibility to both partners and end users. SoC and wireless module vendors who prioritize RED-DA compliance enable their customers to innovate faster, more securely, and with greater confidence.

Practical Steps for Wireless Device Manufacturers
: For wireless device manufacturers, complying with RED-DA requirements involves a series of practical steps, beginning with developing a clear understanding of the regulations and identifying the harmonized standard applicable to their product. It is essential to select wireless modules or chipsets only from suppliers that comply with RED-DA and have valid Declarations of Conformity for EN 18031. Since the responsibility for the final product ultimately rests with the manufacturer, conducting a thorough gap analysis ensures that any additional requirements not covered by the selected module or SoC are adequately addressed. Security must also be built in from the outset, with security-by-design practices integrated into both the hardware and software lifecycles. To support compliance, manufacturers should maintain complete and auditable documentation, including technical files, test reports, and supplier Declarations of Conformity, for at least ten years after market launch. Finally, organizations must plan for ongoing compliance by monitoring evolving regulations, such as the Cyber Resilience Act, and implementing processes for timely security updates and vulnerability management.

Trusted Partners for RED-DA Compliance:
Microchip Technology is a global leader in secure, connected solutions for embedded systems. As a trusted provider of wireless modules, SoCs, and development tools, Microchip is committed to supporting its customers in the evolving regulatory compliance landscape.
Microchip's wireless solutions are built on security-by-design principles and developed to meet the stringent requirements of EN 18031 under RED-DA. By providing comprehensive declarations of conformity, detailed technical documentation, and ongoing support, Microchip helps device manufacturers accelerate time to market with pre-certified, RED-DA-ready modules. This helps streamline compliance processes while reducing engineering overhead and enables customers to create secure and resilient products that not only meet EU regulatory requirements but also enhance customer confidence.

By choosing Microchip as their wireless technology partner, developers gain access to a robust portfolio of compliant solutions, expert guidance, and a commitment to long-term success in the connected device market. Learn more about Microchip's wireless products and RED-DA compliance online: https://www.microchip.com/en-us/solutions/technologies/embedded-security/radio-equipment-directive

Security is a shared responsibility.
The RED-DA cybersecurity requirements, with EN 18031 as their core standard, represent a fundamental shift in how manufacturers must approach the security of wireless and IoT products. The responsibility for ensuring compliance does not rest with a single stakeholder, but is a shared obligation across the entire development and supply ecosystem.
Choosing the right wireless module or SOC provider—one that proactively supports RED-DA and provides a declaration of conformity—is essential. But it is equally important that manufacturers take responsibility for how these technologies are integrated and implemented in their final products. Security must be built into the entire design lifecycle, not added as a late-stage patch.

This includes applying the defense-in-depth principle, ensuring that security is implemented across multiple layers of the system, rather than relying on a single point of protection. For example, customers should be encouraged to enable Transport Layer Security (TLS) for encrypted communication, even if their devices already use Wi-Fi security protocols. Layering protections like these helps mitigate risk if one layer fails and prevents attackers from accessing sensitive data or system controls through a single weak point.

By working closely with experienced, compliance-ready suppliers and aligning internal development practices with recognized standards, organizations can not only meet regulatory requirements but also deliver more resilient and reliable solutions for the connected world. Now is the time to act to prepare, collaborate, and create secure wireless products that meet both current expectations and future challenges.

MCA1064 Abhinay Venuturumilli Microchip Technology

Author: By Abhinay Venuturumilli, Senior Director of Worldwide Marketing, Wireless Solutions Group, Microchip
https://www.microchip.com/en-us/solutions/technologies/embedded-security/radio-equipment-directive

Unlabeled

Load balancers with natively integrated Web Application Firewall

KEMP Technologies has announced that its LoadMaster load balancers will natively integrate Web Application Firewall (WAF) services. This will enable secure web application development, preventing Layer 7 attacks, while maintaining core load balancing services.
Discreet IP cameras for outdoor video surveillance

Designed for placement near building entrances, the new M31-VE network cameras enable discreet (palm-sized) outdoor video surveillance at an affordable price. These new fixed IP domes can operate in temperatures ranging from 50°C to 120°C.
FTX-C card for SAN protocol encryption
Fibernet has developed a new card that is capable of encrypting typical storage area network (SAN) protocols, primarily Fibre Channel services, in the same way as has been done previously with LAN protocols.
“AUTOMATIC ACTIONS OF ADVANCED DEFENSIVE INTELLIGENT MALWARE”

This article explores advanced intelligent malware in its two variants (offensive and defensive). It identifies the modes of operation of offensive malware that are neutralized by defensive malware. It explains how defensive malware blocks offensive malware...
“Cybersecurity and cyberprivacy risk analysis of information surrounding AmI systems”

Ambient intelligence (or AmI for short) represents not only an emerging computing technology and paradigm but also a new generation of proactive, supervised, user-centric computing environments designed to achieve better...
“Technical protection considerations in wireless sensor networks”

This article explores wireless sensor networks. Current cybersecurity mechanisms are generally inadequate or nonexistent. Wireless sensor networks allow for the detection and monitoring of all types of physical and environmental conditions...

Newsletter

Social networks

Subscribe to CONECtrónica magazine

You can subscribe to the Conectrónica magazine in 2 formats.

Digital Format: 5 downloadable PDF editions at an annual cost of 60 Euros (VAT included)

Paper Format: 5 editions to be received by mail at an annual cost of 180 Euros (VAT included).

Contact our subscriptions department at subscriptions@conectronica.com

Payment via Bizum or bank transfer

Connectors. FTTH Magazine. Industrial Electronics. Fiber Optic Courses, Online Seminars, Technology News and Trade Shows, Industrial Fiber Optic Cables and Connectors, Company News, Oscilloscopes and Tools, Data Centers.

Tel.: +34 91 706 56 69

Symphonic Poem, 27. Esc B. Floor 1 Pta 5

28054 (Madrid - SPAIN)

e-mail: gm2@gm2publicacionestecnicas.com or consultations@conectronica.com

Other GM2 publications include Convertronic Magazine and Gasogeno98 Channel

Privacy Policy

Legal Notice

Navigating RED-DA Cybersecurity for Wireless IoT Manufacturers

Unlabeled

Load balancers with natively integrated Web Application Firewall

Discreet IP cameras for outdoor video surveillance

FTX-C card for SAN protocol encryption

“AUTOMATIC ACTIONS OF ADVANCED DEFENSIVE INTELLIGENT MALWARE”

“Cybersecurity and cyberprivacy risk analysis of information surrounding AmI systems”

“Technical protection considerations in wireless sensor networks”

Newsletter

Latest News

Demonstration of free-space optical communication with PCSEL: a breakthrough from Vector Photonics

AI for Good Global Summit 2026: Innovation and Leadership in Artificial Intelligence in Geneva

Iceland's Parliament modernizes its security with Genetec Security Center and IoT sensors

Commvault strengthens data and AI security in Commvault Cloud with new governance and classification capabilities

Vertiv powers AI factories with converged infrastructure alongside NVIDIA Rubin DSX

Subscribe to CONECtrónica magazine

Technical Courses and Seminars

Cybersecurity and AI: risks, opportunities and keys to the new digital balance

D-Link launches the 29th season of free webinars on networks, 5G and cloud

Taoglas launches The Antenna Podcast, a new technical space about antenna design and innovation

ISE 2026 Barcelona: Summits, Megatrends and the most ambitious content program in the AV sector

E-book: the future of satellite communications

Optical Networks

Evolution of optical networks: ROADM, OpenROADM and OpenZR+ in the 400G and 800G era

Legrand launches Chroma Link, the fiber optic solution for high-density AI networks

Hollow Core Fiber (HCF) Deployment and Testing

Network infrastructure in the age of AI: why fiber optics is key beyond bandwidth

Nokia drives optical networks for the AI era with new coherent solutions and multi-fiber amplifiers

Fiber optic network testing in hyperscale data centers: keys to ensuring performance and reliability

High-Speed Network Demands: Architectures, Challenges and Technological Evolution in the Era of Exponential Traffic

Connectors. FTTH Magazine. Industrial Electronics. Fiber Optic Courses, Online Seminars, Technology News and Trade Shows, Industrial Fiber Optic Cables and Connectors, Company News, Oscilloscopes and Tools, Data Centers.

Name
E-mail