As products and technologies become increasingly connected, the need for safe and secure technologies is crucial. Protect your connected products from emerging cyber threats and accelerate global market compliance and access with Element’s Cybersecurity Testing and Certification Services. Our network of local experts help you navigate certification requirements, ensure network compatibility, and meet evolving industry standards – giving your customers confidence while streamlining your path to market deployment.

 

What is product cybersecurity testing and certification?

Product cybersecurity testing evaluates connected devices against security vulnerabilities to protect users' data, maintain privacy, and prevent weak links that malicious parties could exploit in interconnected systems. As the global regulatory demands placed on manufacturers —through regulations such as PSTI, Radio Equipment Directive (RED), and Cyber Resilience Act (CRA)-- increases, it’s crucial to complete the necessary testing and certification. At Element, an ISO 17025 accredited test lab, our Smart Technologies test engineers are well-equipped to assess your connected products against evolving industry cybersecurity standards such as EN 303 645, and EN 18031-X. We help you ensure compliance with RED, PSTI, and CRA, and offer advisory services including training and compliance strategies.

 

What can Element offer you for product cybersecurity testing and certification? 

Components and materials we test

Connected devices should be assessed against the relevant legislation and standards, to ensure they are compliant and fit-for-purpose to be placed on the market.  The testing we offer includes conceptual assessments, functional completeness assessments, and functional sufficiency assessments to a range of standards, addressing all aspects of the product’s cyber security.

Methods and solutions offered

As an ISO 17025 accredited test laboratory, we conduct accurate, repeatable testing to ensure your products are compliant with the latest standards.  Our experts can assess all aspects of a product’s cyber security, including secure communication, storage, and update mechanisms, authentication and access control mechanisms, as well as input validation, resilience, and cryptographic capabilities. We also offer advisory services including training and compliance strategies, as well as certifications including EU-Type Examination Certificates for RED.

Which labs offer this service

Our cyber security core team operates out of our laboratory in Hull, UK, supported by a global team of experts and certification engineers.

  • Consumer Electronics & Household Appliance
  • Smart Technologies and ‘Matter-enabled’ systems
  • IoT Medical Devices & Wearables
  • IoT Industrial Equipment
  • Automotive Technologies & Autonomous Driving Systems
  • IoT devices
  • IoT application layers
  • Identity authentication systems
  • 5G communications modules
  • 4G LTE communications modules
  • Wi-Fi communications modules
  • RFID devices and modules
  • GNSS receivers
  • Payment terminals
  • Network protection systems
  • Data protection systems
  • Wireless infrastructure components
  • PSTI – UK
  • Radio Equipment Directive – EU 1st August
  • Cyber Resilience Act – EU 2027
  • CTIA IoT Cybersecurity Certification Program requirements
  • NIST recommendations
  • ETSI / EN standards
  • FCC requirements

Your Challenges, Our Solutions

your testing partner

August 1, 2025 – RED Mandatory Compliance

Starting August 1, 2025, manufacturers placing internet-connected radio equipment on the EU market must ensure their product has been assessed to the Radio Equipment Directive cyber security requirements.  Element is a Notified Body for the RED and supports manufacturers to ensure seamless compliance

Security Vulnerabilities in Connected Systems

Your IoT devices need protection against unanticipated vulnerabilities that could create weak links in interconnected systems. Element's continuous testing against emerging threats helps identify and prevent security gaps, ensuring your devices maintain robust protection in an evolving threat landscape.

Constantly Evolving Compliance Landscape

With ever-changing regulations, and ongoing standards development, knowing what requirements exist for a product can be challenging.  Element’s team of global experts are embedded in the regulatory and standards-writing process and are on-hand to keep you updated before changes happen.

Networking Onboarding & Market Access Barriers

IoT cybersecurity certification from Element makes your products more attractive to security-conscious consumers and serves as a logical first step for onboarding IoT applications onto wireless networks, streamlining your market entry

Element Experts at your Service

Browse our experts by discipline and specialty, and explore their skills and experience.

Accredited Test Lab

ISO 17025 accredited laboratory providing industry-recognized testing and certification.

Expert Technical Guidance

Direct support navigating certification requirements and security optimization.

Comprehensive Device Testing

Complete validation of all aspects of product compliance.

Future-Ready Solutions

Continuous updates to address emerging threats and evolving standards.

Why Choose Element

Michael Derby

Michael Derby

Technical Director - Regulatory Approvals

Read more about Michael
Alex Toohie Element Materials

Alex Toohie

Technical Solution Manager

Read more about alex

Q: What does an assessment look like?

A: The first phase will be a review of the documentation submitted by the manufacturer to a test lab, followed by a sufficiency and completeness assessment.  The product testing can be described as grey-box testing, an interim between white-box testing and black-box testing. The manufacturer will be required to provide support to the tester to allow them access to certain device functions, update mechanisms, or cryptographies, etc. 

Q: Do the RED requirements only apply to new products?

A: As with all CE marking directives and regulations, these new RED requirements apply at the point a product is placed on the market. That should be read as meaning each individual unit, not a product type or a production run. Products which are placed on the market from August 1st, 2025 must meet the applicable requirements at that point in time, regardless of whether that same product type was available before that date or not.

Q: Does RED apply in the UK?

A: As the RED Delegated Regulation which enacted these cyber security requirements was published after the UK left the EU, the Regulation has no impact on compliance in the UK.  However, if a manufacturer placing product on the UK market is doing so by applying the CE marking, not the UKCA marking, then they must meet these requirements.

Q: Is there any product marking for PSTI?

A: No, the PSTI requirements are outside of CE or UKCA marking, and have no specific markings required.  The manufacturer must provide a statement of compliance, and the product must be identifiable by for example a product code or serial number, but there is no additional marking required.

 

Explore our global network of Labs and find your nearest location

View all locations

Article: Cybersecurity and the RED Article 3.3 Essential Requirements

In January 2022, the EU Commission published Delegated Regulation (EU) 2022/30 which relates to Articles 3.3(d), 3.3(e), and 3.3(f) of the Radio Equipment Directive (RED). These clauses relate to the protection of the network, protection of the user, and protection from fraud.

Learn More

5G New Radio - Radio Access Technology for 5G

5G allows service providers to customize wireless connectivity, a feature that is important to how the Internet of Things operates. 5G is equally adept at handling both machine-to-machine (M2M) and person-to-person communication.

Learn More

Our team of over 9,000 Engaged Experts in North America, Europe, The Middle East, Australia, Asia and Africa are ready to help you.