Standards and certifications

The Cyber Resilience Act, one of the latest EU initiatives, aims to harmonise the security requirements for digital products and create a uniform level of security in Europe. KOSTAL is actively working to ensure compliance with the CRA. This process includes the implementation of safety measures that cover the entire life cycle of the inverters - from development to production and maintenance.

KOSTAL has already begun implementing these new rules to ensure that the inverters meet current and future requirements. This proactive approach emphasises KOSTAL's long-term commitment to cyber security.

RED Directive: The standard of today - and tomorrow

The RED Directive (Radio Equipment Directive) is a central legal framework for all radio equipment in the EU and prescribes minimum requirements for cyber security. KOSTAL fulfils the current provisions of this directive and consistently integrates these requirements into product development. With a view to the stricter rules that will apply from 2025, the company is already working on the necessary adjustments. The aim is to continue offering customers products that guarantee the highest security standards in the future.

Fulfilment of international standards

In addition to European requirements, KOSTAL also complies with international standards, including those based on the EU RED Directive and the ETSI EN 303 645 and EN 18031-1 standards. These safety requirements focus on industrial cyber security in radio systems and provide a framework for the development and operation of secure systems.

The implementation of these standards ensures that KOSTAL inverters meet the specific requirements of the European market. This means that customers and partners benefit from a high level of security.

NIS2 directive: Relevance for KOSTAL and its customers

The NIS2 Directive, which focuses on the security of grid and information systems, is another important building block in the European cyber security strategy. Unlike the CRA, however, this directive is primarily aimed at operators of critical infrastructures and not directly at device manufacturers such as KOSTAL.

Nevertheless, KOSTAL is examining the relevance of the NIS2 directive for the company itself. In particular, the size of the company, its turnover and the type of products could lead to certain regulatory requirements being imposed on the organisation. Customers who are operators of critical infrastructures could also impose specific requirements on KOSTAL in the future as a result of NIS2.

KOSTAL is facing up to these challenges and is working closely with experts to assess potential obligations and take appropriate measures. Ensuring compliance with regulatory requirements is a central component of KOSTAL's corporate strategy.

Proactive adaptation for maximum security

The cybersecurity landscape is constantly evolving, and KOSTAL shows that it is ready to actively shape these changes. By fulfilling existing and future standards - from the RED directive to the CRA and NIS2 - the company is positioning itself as a pioneer in the industry.

Customers and partners can be confident that KOSTAL offers technologically leading products and will also fulfil the regulatory requirements of the future. This commitment emphasises KOSTAL's aspiration to deliver secure and sustainable solutions for a networked world.