Contacts Customer login
ENG
Search
ENG
Back
Back to the list of services

Online Course: EN 18031-1:2024 Compliance and Implementation Leaders

/

Purpose

The increasing connectivity of radio equipment to the internet brings significant advantages, including enhanced functionality, remote control, and automation. However, such connectivity also increases security risks, including unauthorized access, data theft, and cyberattacks. Insufficiently protected devices can compromise user privacy, network stability, and the security of connected systems.
The EN 18031-1:2024 standard was developed by the European Committee for Standardization (CEN) in collaboration with industry stakeholders, regulatory bodies, and cybersecurity experts. Its goal is to establish general security requirements for internet-connected radio equipment to reduce security risks and ensure system reliability. Its implementation enables manufacturers and operators to identify, assess, and manage threats that could compromise the integrity and functionality of their devices.
To ensure compliance with these requirements, the standard defines specific security mechanisms, including access control, authentication, secure updating, data protection, and network monitoring. Proper implementation of these mechanisms is essential for protecting end users, infrastructure, and sensitive information from security threats.


This course is designed to provide participants with a detailed understanding of the EN 18031-1:2024 requirements and equip them for effective implementation. Through an analysis of security measures, practical examples, and implementation guidelines, the course enables an understanding of key security challenges and best practices for addressing them.

Lecture Content

🔹Introduction, Scope, Terms and Definitions, Abbreviations

A fundamental overview of EN 18031-1:2024 explains its scope, key definitions, and abbreviations. The standard establishes security requirements for internet-connected radio devices to protect networks and user data. Understanding terms such as access mechanisms, authentication, and encryption is essential for the correct implementation of security measures. Additionally, legal and regulatory aspects defining the application of this standard within the EU are covered.

🔹 Assessments and Evaluation Criteria

Device security assessments are based on defining criteria for compliance with the standard. This section covers evaluation methods, including an analysis of access to security resources, data protection, and resilience to cyberattacks. The assessment is conducted through conceptual, functional, and operational analysis, considering requirements for security mechanisms such as authentication and cryptography. The primary objective is to ensure that devices meet the necessary security standards before being introduced to the market.

🔹 Access Control Mechanism (ACM)

The Access Control Mechanism (ACM) prevents unauthorized access to security resources and network functions of the device. It includes defining access rules, user authentication, and applying different levels of permissions. The implementation of ACM ensures that only authorized users can modify device configurations or access sensitive data. Additionally, the standard prescribes methods for evaluating the effectiveness of these mechanisms, taking into account the principles of least privilege and the need-to-know approach.

🔹Authentication Mechanism (AUM)

The Authentication Mechanism (AUM) enables the verification of the identity of users or systems seeking access to a device’s security resources. The standard prescribes the use of multi-factor authentication, password protection, and methods to prevent brute-force attacks. Additionally, AUM includes security policies for modifying authentication data and defines rules for automatic renewal or revocation of access in case of security threats to the device.

🔹 Secure Update Mechanism (SUM)

The Secure Update Mechanism (SUM) ensures that device software updates are performed securely, without the risk of exploitation by attackers. The standard defines requirements for authentication and integrity verification of updates, including digital signatures and encrypted data transmission. Additionally, SUM prescribes rules for automated updates and rollback functionalities to reduce security risks in case of failed system upgrades.

🔹 Secure Storage Mechanism (SSM)

The Secure Storage Mechanism (SSM) focuses on protecting sensitive data within a device, including data encryption, access control, and prevention of unauthorized modifications. The standard establishes requirements for safeguarding cryptographic keys and sensitive configuration data, preventing attacks such as unauthorized access to unencrypted information or tampering with settings. It also specifies methods for evaluating the security of implemented mechanisms through penetration testing and attack resilience assessments.

🔹Secure Communication Mechanism (SCM)

The Secure Communication Mechanism (SCM) ensures the integrity and confidentiality of data transmission between a device and the network. The standard requires the use of cryptographic protocols such as TLS and IPSec to prevent threats such as interception and data manipulation. SCM also includes protective measures against replay attacks and mandates authentication of all communication participants, enhancing device resilience against cyber threats.

🔹 Resilience Mechanism (RLM)

The Resilience Mechanism (RLM) ensures that a device can continue operating despite security threats by implementing strategies for rapid identification and mitigation of vulnerabilities. The standard mandates security techniques for anomaly detection, isolation of compromised components, and automatic system recovery after failed attacks. This mechanism is essential for maintaining uninterrupted device operation in high-risk security environments.

🔹 Network Monitoring Mechanism (NMM)

The Network Monitoring Mechanism (NMM) enables continuous monitoring of security events and network traffic to detect and prevent cyberattacks. The standard prescribes methods such as log recording, traffic analysis, and automated threat responses. Implementing NMM helps organizations in the early detection of suspicious activities, allowing timely interventions and reducing the risk of security compromises.

🔹 Traffic Control Mechanism (TCM) 

The Traffic Control Mechanism (TCM) regulates how devices communicate within a network, preventing malicious activities such as DDoS attacks. The standard defines methods for traffic filtering, detecting unauthorized transmissions, and applying protective rules for network packets. This mechanism is crucial for maintaining network system stability and reducing the risk of security incidents caused by attacks on network infrastructure.

🔹 Confidential Cryptographic Keys (CCKs)

The Confidential Cryptographic Key (CCK) mechanism ensures the secure storage and management of keys to prevent their compromise. The standard prescribes the use of secure key generators, protection against static default values, and key lifecycle management. The implementation of CCKs is essential for ensuring data confidentiality and device resilience against advanced cryptographic attacks.

🔹 General Equipment Capabilities (GEC) 

General Equipment Capabilities (GEC) include requirements for software and hardware updates, minimization of exposed services, and protection of input data. The standard mandates the application of security measures to prevent the exploitation of known vulnerabilities, ensuring long-term device security through continuous improvement of security mechanisms.

🔹 Cryptography (CRY)

Cryptography (CRY) covers guidelines for implementing secure encryption algorithms, key management, and data protection against unauthorized access. The standard requires the use of advanced encryption methods, protection of communication channels, and ensuring system resilience against attacks such as quantum decryption and brute-force attacks.

🔹 Annexes A, B, C, and ZA

Annexes A, B, C, and ZA to EN 18031-1:2024 provide additional technical guidelines and regulatory requirements for implementing security measures. They cover access control methods, authentication, encryption, and network monitoring, as well as threat analysis and risk assessment. Additionally, they define procedures for testing security controls and ensuring compliance with European regulatory frameworks. Their application enables consistent implementation of the standard and enhances the security of internet-connected radio devices, reducing cyber risks and ensuring system reliability.

🔹 Conclusion

The final part of the course will provide a summary of the key security requirements and mechanisms defined in EN 18031-1:2024. The focus will be on integrating security measures throughout the entire lifecycle of internet-connected radio devices, from design and development to implementation and operational use. The emphasis will be placed on the importance of applying prescribed security measures to protect devices, networks, and data from cyber threats.

Method of Work

The course is designed to provide a systematic understanding and effective application of the security requirements of EN 18031-1:2024. Through various teaching methods, participants will develop theoretical and practical knowledge necessary for implementing security mechanisms in internet-connected radio devices.
A combination of lectures, practical exercises, case studies, and interactive workshops will allow for the implementation of a security threat analysis and risk assessment, and the application of protective measures. This approach ensures a balance between theoretical concepts and their application in real-world scenarios.

1️⃣Lectures: Lectures form the foundation of this course and provide a structured overview of the security requirements of EN 18031-1:2024. During the lectures, key security concepts will be covered, including access control, authentication, secure updating, data protection, and network security. Special emphasis will be placed on the application of security mechanisms in different operational environments, along with an analysis of regulatory requirements and best practices. Lecturers will use industry examples to facilitate understanding of the practical implications of security measures.

2️⃣Practical Exercises: To ensure an understanding of theoretical concepts, the course includes practical exercises that simulate security challenges and provide solutions to specific problems. Participants will analyse threats analysis, implement security controls, and test system resilience against attacks. The exercises are designed to encourage critical thinking and the development of skills necessary for assessing and mitigating security risks in the environment of connected radio devices.

3️⃣Case Studies: The course includes detailed analyses of real security incidents and industry examples. Case studies provide a deeper insight into the application of EN 18031-1:2024 and help in understanding security threats, vulnerabilities, and protection methods. Participants will have the opportunity to analyse different attack scenarios, discuss their causes and consequences, and propose appropriate measures to prevent similar incidents in the future.

4️⃣Workshops and Discussions: Interactive workshops and group discussions will enable participants to exchange experiences and ideas regarding the implementation of security requirements. Through structured discussions, challenges in applying security measures will be analysed, and participants will develop strategies for solving specific problems. This approach encourages active participation, develops analytical skills, and enhances the understanding of practical aspects of EN 18031-1:2024.

5️⃣ Individualized Approach: To ensure a high-quality learning experience, the number of participants in each group will be limited. This allows for content to be tailored to specific participant needs, direct interaction with lecturers, and detailed feedback. This approach enables a deeper understanding of EN 18031-1:2024 and its practical application in different operational environments, ensuring maximum learning efficiency.

The online course will take place in a live online e-classroom. The day will be divided into four parts with breaks in between. Up to two days before the course, registered participants will receive a link to the online course. Participants will need a computer with a microphone and camera and access to a reliable working internet connection to participate.

Learning Outcomes

Upon completion of the training, participants will be able to:

  • Explain the purpose and key requirements of EN 18031-1:2024 and its role in ensuring the security of internet-connected radio devices.
  • Implement security mechanisms, including access control, authentication, secure updating, data protection, and network monitoring.
  • Identify security threats and conduct risk assessments in accordance with the standard’s requirements.
  • Apply appropriate protective measures to reduce risks and enhance system resilience.
  • Manage security incidents, including detection, reporting, analysis, and implementation of corrective actions.
  • Ensure compliance with regulatory requirements through proper application of the standard in various operational environments.

Recommendation for Participation

This course is intended for professionals responsible for the implementation and management of the security requirements of EN 18031-1:2024 in the context of internet-connected radio devices. It is recommended for the following professionals:

  • Security managers and leaders, who monitor the implementation of security measures and compliance with regulatory requirements.
  • Engineers and technical experts, who develop, test, and implement security mechanisms in radio devices.
  • Cybersecurity specialists, who assess security risks and define protection strategies for connected systems.
  • Regulatory bodies and inspectors, who monitor the application of security requirements and assess compliance with the standard.
  • Manufacturers and operators of radio devices, who must ensure the application of security standards in the development and management of their systems.
  • Security consultants and auditors, who conduct assessments and assist organizations in implementing security controls.

The course is tailored for professionals with varying levels of experience and provides participants with a comprehensive understanding of EN 18031-1:2024 and its practical application.

Conditions for Obtaining Certification

To successfully obtain the certificate of completion, the following conditions must be met:

  • Participation in all training modules – Attendance at all lectures, exercises, and workshops is mandatory to ensure a full understanding of the security requirements of EN 18031-1:2024.
  • Active participation in discussions and practical exercises – Participants must demonstrate their understanding and application of acquired knowledge through case studies, discussions, and group work.
  • Successful completion of the final exam – At the end of the training, an exam will be conducted to assess participants' theoretical and practical knowledge. The exam will include questions based on the training content and scenarios related to the implementation of security measures.

Upon meeting all the specified conditions, participants will receive a certificate confirming their competence in applying the EN 18031-1:2024 standard in a professional environment.

Additional information: Bojan Varga, phone: +386 (01) 4778 108, e-mail: bojan.varga@siq.si 

Enquiry for closed groups

We value and reward your loyalty

That is why we are introducing the Loyalty Bonus to reward our loyal participants.

More about loyalty bonus