EU CRA standards and the successors to EN 18031

EN 40000-1-X series

We have already reported in a previous newsletter(A normative landscape for the Cyber Resilience Act (EU) 2024/2847) that the series of standards (EN 18031-X) on cybersecurity from the RED requirement on cybersecurity will have successors, which will be continued in the EU Cyber Resilience Act.

Here is the current status of the future standards:

 

EN 40000-1-1

Cybersecurity requirements for products with digital elements

- Part 1-1: Vocabulary

 

EN 40000-1-2

Cybersecurity requirements for products with digital elements

- Part 1-2: Principles for cyber resilience

 

New in the Working Program:

EN 40000-1-3

Cybersecurity requirements for products with digital elements

- Part 1-3: Vulnerability Handling

 

EN XXXX

Cybersecurity requirements for products with digital elements

- Part XXXX: - Generic Security Requirements

 

EN XXXX

Cybersecurity requirements for products with digital elements

- Part XXXX: Threats and Security Objectives

 

The drafts of the first two standards are due to be published soon. We will have to be patient for the others.
 

The standards are being drawn up in the CEN-CENELEC Committee "CEN/CLC/JTC 13, WG9". Working Group 9 is concerned with

          "Horizontal cybersecurity for products with digital elements"

The Chairman (WG 9) is Ben Kokx, under whose leadership the EN 18031-X series was also created.

→ Click here to go directly to CEN, CENELEC


On February 16, 2026, the Commission decided to repeal Delegated Regulation (EU) 2022/30 (RED Cyber) with effect from December 11, 2027. This means that the new standards mentioned above must be finalized at least six months in advance.

→  Click here for the decision and explanatory memorandum

The requirements of the RED are then adopted and taken into account more comprehensively in the CRA.
 

We will keep you up to date and will be happy to provide you with further details.

 

Author

Dipl.-Ing. (FH) Torsten Sahm
Senior Product Compliance Consultant

 



OJEU: Official Journal of the EU

RED: Radio Equipment Directive 2024/53/EU

CRA: Cyber Resilience Act (EU) 2024/2847

CEN, CENELEC and ETSI are the three EU standard organizations (ESO)

More Information

Published on 19.02.2026
Category: Focus Industry, Fokus Electrical and Wireless, Insider-Compliance, Compliance

back to list

Standards News

The most important news or amendments regarding Standards by the European Commission at a glance.

Comprehensive expertise in Standards Management
Standards News
EU: new references of harmonized standards

hEN updates for March

Read more

European standardization: Revision of the EU standardization regulation and CEN/CENELEC plan new standardization product

Where are we going?

Read more

International: ISO und IEC Standards

FDIS: Final Draft International Standard

Read more

Expert-verified information packages for compliant products worldwide

Save resources, reduce liability risk, gain security!

learn more and order now

©Lucky_Business@shutterstock.com/ROGER-WILLCO

Product Compliance Portal

The central research platform to gather all market authorization requirements and keep them up to date.

 

©Lucky_Business@shutterstock.com/GLOBALNORM

System-based Standards Management

The efficient IT solution for centralized management and monitoring of all relevant standards.

 

De En
Login
x

In accordance with the EU ePrivacy (Cookie) Directive (2009/136/EG), we would like to inform you that our website uses cookies. By using our website, you accept and agree to our Privacy policy. Please view our Privacy policy to find out what cookies we use and how to disable them.

OK