Overview

Cybersecurity testing is a comprehensive assessment conducted in accordance with international standards to verify the confidentiality, integrity, authentication,
and threat-response capabilities of security-related functions such as communication mechanisms and cryptographic algorithms in internet-connected devices.
This testing proactively identifies security vulnerabilities based on best-practice evaluation criteria and aims to enhance product reliability and strengthen cybersecurity readiness. It also serves as a core strategy for achieving global certification and improving consumer protection.

+ View Larger

Necessity of Cybersecurity Testing

１. Essential Requirement for Global Regulatory Compliance and CE RED Certification Readiness

Manufacturers are required to satisfy the cybersecurity requirements specified in Article 3.3 (d), (e), and (f) of the Radio Equipment Directive (RED) in accordance with the harmonized standards EN 18031-1, EN 18031-2, and EN 18031-3. Cybersecurity testing based on the EN 18031-1, EN 18031-2, and EN 18031-3 harmonized standards is mandatory for obtaining CE RED certification, representing a critical regulatory shift that all manufacturers aiming to enter the European market must address.

2. Advancement of Product Security Quality

Cybersecurity testing enables a practical enhancement of product security by analyzing security vulnerabilities for each product based on international standards.

3. Enhanced Personal Data Protection and Increased Consumer Trust

Personal data protection regulations are strengthening worldwide, as consumers increasingly view functionality and security as core factors when choosing IoT products. Products validated through cybersecurity testing not only gain a competitive edge in marketing but also play a decisive role in building trust with global buyers and consumers.

Cybersecurity Test Targets

WISESTONE’s cybersecurity testing evaluates a wide range of internet-connected devices including smart devices, IoT hubs, and payment terminals to assess their personal data protection capabilities and resilience against security threats.

- EN18031(applies to wireless devices that use the internet)

- ETSI EN 303 645(applies to both wired and wireless devices that use the internet)

Cybersecurity Testing Standards

Category	EN 18031-1, EN 18031-2, EN 18031-3	ETSI EN 303 645
Target	All wireless equipment that communicates over the internet and falls under the cybersecurity requirements specified in Article 3.3 (d), (e), and (f).	All Consumer IoT Products
Mandatory Requirement	Mandatory Implementation for CE RED Certification	Certification Guidelines
Content	Developed under EU policy to prevent security incidents involving internet-connected wireless devices distributed within Europe, this technical standard is based on security and network requirements and includes additional personal data and financial-related requirements according to product characteristics.	Defines the minimum security requirements and privacy protection principles that must be ensured, providing manufacturers and developers with clear security guidelines for design, development, and lifecycle management.
Test Execution	Testing of All Applicable Requirements within the Relevant Standard for the Product Standard Target EN 18031-1 Security Network EN 18031-2 Personal Data EN 18031-3 Financial	The framework consists of 15 requirements for both documentation and products, comprising mandatory and recommended detailed requirements. Testing is conducted based on the selected requirements according to implemented functionalities and predefined conditions. Selectable Scope of Requirements Testing of Mandatory Requirements Only Testing of Mandatory + Recommended Requirements
Standards by Target Device

Cybersecurity Test Preparation Requirements and Duration

Cybersecurity Testing Procedure

Cybersecurity Consulting Procedure

Cybersecurity consulting is conducted during the technical meeting stage at the time of test registration.

+ ViewLarger