In December 2024, the Cyber Resilience Act (CRA) entered into force [1]. Covering all digital products on the European market, the CRA requires manufacturers to meet cybersecurity obligations which will fully apply from 11 December 2027. Requirements listed in the CRA shall apply to all EV charging stations.
To ensure manufacturers have guidelines to comply with the CRA, we have mapped the requirements we have developed for EV charging stations (EV-311 Security requirements from IEC 62443 for procuring EV charging stations, version 2025) to the essential cybersecurity requirements in Part 1 of Annex I of the CRA. This comparison helps us identify whether conforming to EV-311 requirements also means compliance with the CRA and the harmonized standards under development.