European Union Standards Overview
This section provides summaries of key regulations and standards originating from the European Union that impact the security of connected devices.
The EU has established a comprehensive legal framework for cybersecurity, creating horizontal requirements for products and specific rules for critical sectors. Key legislation includes the Cyber-Resilience Act (CRA), the NIS 2 Directive, and the Radio Equipment Directive (RED).
| Standard | Summary | Link |
|---|---|---|
| Cyber-Resilience Act (CRA) | Horizontal cybersecurity law for all "products with digital elements". | CRA Overview |
| NIS 2 Directive | Risk management rules for operators of essential and important services. | NIS 2 Overview |
| Radio Equipment Directive (RED) | Security & privacy rules for network-connected radio equipment. | RED Overview |
| Medical Device Regulation (MDR) | Safety and security requirements for medical devices, which are exempt from the CRA. | MDR Overview |
| In Vitro Diagnostic Regulation (IVDR) | Safety and security requirements for in vitro diagnostic devices, also exempt from the CRA. | IVDR Overview |