IoT Services

Connected devices are at the core of today’s digital economy, but they also introduce new risks. To ensure compliance with European regulations and to strengthen the resilience of IoT solutions, IS Laboratory offers specialized services for the Radio Equipment Directive (RED) and the upcoming Cyber Resilience Act (CRA).

Our expertise in mobile and embedded security evaluations enables us to support manufacturers, solution providers, and integrators in achieving compliance while enhancing trust in their IoT products.

Services for RED (Radio Equipment Directive)

The RED Delegated Regulation (EU) 2022/30 requires connected devices to implement appropriate security safeguards. IS Laboratory provides the following services to support compliance with the essential requirements 3.3(d), 3.3(e), and 3.3(f):

  • Training & Workshops
    • Tailored sessions on RED security requirements and compliance strategy.
    • Hands-on workshops to build internal knowledge and prepare teams for evaluations.
  • Risk Assessment Services
    • Identification and evaluation of threats specific to your IoT product.
    • Structured risk analysis aligned with EU regulatory requirements.
  • Advisory Services
    • Guidance on implementing security controls and best practices aligned with RED.
    • Support throughout the product development cycle to reduce certification risks.
  • Cybersecurity Evaluations
    • Assessment of IoT products against EN 18031-1, EN 18031-2, and EN 18031-3 standards.
    • Evaluation of product security features, resilience to known attack techniques, and conformity with RED requirements.

Services for CRA (Cyber Resilience Act)

The Cyber Resilience Act establishes horizontal cybersecurity requirements for all products with digital elements. IS Laboratory helps organizations prepare for compliance through:

  • Training & Workshops
    • Awareness sessions for management and technical teams on CRA obligations.
    • Practical workshops on risk management and embedding CRA requirements into product development.
  • Risk Assessment Services
    • Evaluation of vulnerabilities, threats, and potential attack vectors.
    • Practical recommendations to mitigate risks and strengthen resilience.
  • Advisory Services
    • Interpretation of CRA requirements and integration into product design and development processes.
    • Support for building compliance roadmaps and internal governance models.