A Cybersecurity Laboratory for CE Mark Devices
ISO/IEC 17025 Accredited Lab in the US
We are the first ISO/IEC 17025 accredited lab in the US to support the latest EU Cybersecurity assessments to EN 303 645, EN 18031-1, EN 18031-2 and EN 18031-3 for the RED Delegated Act (RED DA).
With our ever more connected world enhancing our digital life, our world is facing unprecedented security and privacy risks. According to the US House of Representatives in 2023, 1 in 3 Americans were affected by healthcare data breaches, and cyberattacks on critical infrastructure globally increased 30%. And with the emergence of AI, cyber crime has become the most sophisticated it has ever been - automating social engineering attacks, password hacking, deepfakes, and more.
We are driven by the mission to protect our society from the growing threats that take advantage of devices still catching up to the latest Secure by Design practices.
Background
The first of its kind globally, the European Cybersecurity Resilience Act (CRA) is a broad framework governing all “digital products.” Enacted in 2024, the CRA has a goal of having security built in starting from the R&D phase and continuing throughout a product’s life cycle as well as greater transparency on security by 2027.
The Radio Equipment Directive Delegated Regulation (EU) 2022/30 requires that all devices with radios apply the new RED Articles 3.3d, 3.3e & 3.3f with essential requirements for cybersecurity by August 1, 2025.
Our Cybersecurity Service Offering
What kinds of devices can we test? Anything from Zigbee/Matter smart home devices, Internet gateways, RU, DU, CU RAN and 5G devices, WIFI enabled IOT products, Bluetooth, medical, wearables, and more.
In addition to supporting efforts for European CE mark regulatory compliance for the EU RED-DA and CRA, our services include:
1. Hardware Security Assessment & Debug Interface Exploitation
We help mitigate real-world threats on embedded devices, and identify exposed debug ports (UART, JTAG, SWD) to find vulnerabilities like insecure memory access or administrative backdoors.
2. Firmware Extraction and Reverse Engineering
We are good at finding hidden security flaws that could be exploited by attackers through extracting firmware through techniques like SPI flash dumping, JTAG access, and chip-off methods. We do deep dive analysis to uncover critical vulnerabilities and misconfigurations.
3. Secure Boot and Firmware Integrity Testing
To double check devices properly enforce trusted boot processes and prevent malicious firmware loading, we assess the effectiveness of boot implementations and firmware validation mechanisms
4. Communication Protocol and Radio (SDR) Analysis
We deliver insights on risks to device integrity and user privacy by finding unprotected transmissions, weak encryption, and insecure protocol designs. We have experience in analyzing device communications over protocols like UART, SPI, and I2C, as well as radio devices employing Bluetooth, WIFI, 802.15.4, Cellular LTE/5G, GPS, or other wireless signals.
Your Partner in Security
Our goal is to support and enhance your security team’s efforts in validating and strengthening your security posture to protect what matters most.
Inquire to us today about how we can ensure you are ready for tomorrow— whether to the EN 303 645, EN 18031, UK PSTI, CRA, or US standards.
Contact:
cybersecurity@rfsafetylab.com