Manufacturers care most about required paperwork and certificate lifecycle for CE-RED cybersecurity compliance, applicable to both DoC self-declaration and NB certification paths.
1.Full technical file: Product specs, schematic drawing, BOM, RF/EMC test reports, user manual, firmware version & OTA update policy, stored for minimum 10 years post-EU market launch with EU authorized representative in charge of file custody for non-EU factories.
2.Cybersecurity risk assessment report: Complete threat modeling, vulnerability evaluation, countermeasure formulation and post-market vulnerability monitoring plan complying with EN18031.
3.Compliance summary report + EU DoC certificate; NB-type approval certificate attached for NB route products hit by EU 2025/138 limits.
Validity rules:
1.NB certificate: No fixed expiry date, remains valid without core security hardware/firmware revision.
2.DoC declaration: Permanently effective unless core security architecture, encryption algorithm or OTA mechanism get modified which triggers re-assessment. Minor UI or non-security component replacement exempt from re-certification.
Emergency document update:
New critical CVE vulnerabilities only need internal file revision instead of full re-cert unless core security design is altered.
BlueAsia assists enterprises in standardizing document version management and filling compliance paperwork. Hotline:13534225140
Related News
