Mandatory RED implementation for cybersecurity and interoperability of wireless devices.
In the wave of global digitalization and the proliferation of IoT devices, the application scope of wireless equipment has long surpassed traditional boundaries. From smart home appliances and wearable devices to industrial automation systems (industrial control security), all rely on stable and secure wireless communication. However, the increasing number of wireless products also brings potential risks – ranging from communication interference and data leakage to user safety hazards. In particular, within the field of industrial control security, a single attack on equipment can result in significant industrial losses.
To further enhance product safety and consumer protection, the European Union has officially announced the mandatory implementation of the new Radio Equipment Directive (RED) starting in 2025. This regulation comprehensively strengthens the requirements for cybersecurity and interoperability of wireless radio equipment. The directive not only applies to newly launched products but also indirectly impacts the design, upgrade, and verification strategies of existing devices. This brings unprecedented challenges to the industrial control security and smart device industries.
The core spirit of RED is that if a wireless device has networking capabilities, it must fully meet basic cybersecurity thresholds from both hardware and software perspectives. This is not only a ticket to market entry but also a transformational challenge that all manufacturers and brand owners must face. Especially in terms of hardware security, traditional design thinking can no longer cope with new-generation threats – advanced secure memory and Secure Flash technologies must be adopted.
Core Regulatory Impact: RED Scope, CE Mark, and Product Responsibility
According to the latest RED regulations, any product with wireless functionality – such as devices with Wi-Fi, Bluetooth, LTE, or NFC modules – falls within the scope of this directive. Whether it’s a smartphone, tablet, smartwatch, smart TV, or any network-connected home appliance, as long as the product is capable of network connection and data exchange, it is subject to regulation.
The directive not only requires that devices not interfere with the wireless spectrum but also mandates:
• Protection of user data from unauthorized access or modification
• Ensuring devices can connect to the internet securely and prevent cyberattacks
• Strengthening interoperability and upgrade management between systems
The mandatory nature of RED means that the CE mark is no longer just a symbol of electrical safety but also a critical certificate of cybersecurity compliance. Without passing RED testing and preparing the necessary technical documentation, products cannot be legally sold in the European market.
For product developers, this means rethinking security architecture at the design level and facing significant compliance costs and verification pressure. For small and medium-sized developers whose core competence is not cybersecurity, this presents an unprecedented challenge. At this point, choosing secure memory and Secure Flash with built-in hardware security features becomes the key to reducing development difficulty and risk.
Memory Is More Than Storage: Winbond Secure Flash W77Q / W77T as the Key to RED Certification
In response to the new challenges brought by RED, Winbond has introduced an innovative “Security Certification-Ready Storage Solution – Secure Flash Memory Solution W77Q / W77T.” This transforms what was once an inconspicuous storage component into a key enabler for RED certification. Winbond Secure Flash, with its leading hardware security design, provides comprehensive protection for industrial control security, smart home appliances, IoT, and more.
We have observed that in many system designs, processors and communication modules are assigned security tasks, while flash memory is often overlooked. In reality, by significantly enhancing the security mechanisms and functional design of flash memory within the system, we are not merely offloading the main controller – we are introducing advanced security and resiliency features that go beyond what most controllers can even offer. Secure memory and Secure Flash are poised to become indispensable cores of future security architectures, providing robust protection and compliance capabilities that elevate the entire system’s defense posture.
Highlight 1: 100% Compatible Upgrade Solution
The W77Q / W77T Secure Flash memory module maintains full drop-in compatibility with the original system’s SPI interface – including SPI commands, signal levels, and speeds – allowing users to replace existing flash memory without any changes to PCB design.
By upgrading the memory, security features are directly built-in, such as:
• Root of Trust for Secure Boot and Key StorageFirmware Validation and Resiliency Compliance (NIST SP 800-193) Secure Storage Solution Based on Pure Hardware
• Secure Supply chain support with LMS
• CNSA 2.0 compliance for software updates
This approach effectively reduces development costs and design risks, while enabling existing systems to meet the cybersecurity requirements of RED. The high compatibility of Winbond Secure Flash makes upgrading industrial control security and various IoT devices much easier.
Highlight 2: Comprehensive Documentation and Software Support to Lower Development Barriers
In addition to hardware security mechanisms, we provide a complete set of software development tools and application APIs, including:
• Secure storage read/write packages
• Authentication mechanism libraries
• Open-source reference code
Developers do not need to implement complex security algorithms and storage management logic themselves, enabling rapid development of RED-required security features. This greatly reduces software development burdens and avoids rework risks during the verification phase. Winbond Secure Flash enables seamless integration of hardware and software security.
Highlight 3: Regulatory Reference Documentation Package to Accelerate Time-to-Market
The W77Q / W77T product provides:
• RED clause-to-feature mapping tables
• Security function self-assessment checklists
• Technical documentation templates
These documents can be directly used in the RED certification process, greatly simplifying the review process for testing organizations or certification consultants. Customers do not need to prepare cumbersome technical materials themselves, effectively shortening the verification cycle and time-to-market. Winbond Secure Flash helps customers quickly seize market opportunities.
A Code and Data-Centric Security Solution: Redefining RED Compliance
The 2025 RED regulation will undoubtedly become a major threshold for the EU digital product market. It not only represents a new wave of cybersecurity requirements but also a complete transformation in product design logic. For developers and brand owners, this is an unavoidable revolution – not only must they comply with the law, but they must do so efficiently.
Winbond’s W77Q / W77T secure solution breaks the traditional notion that memory is just for data storage, turning secure memory and Secure Flash into active participants in system compliance:
• Reinforcing security design at the hardware level, strengthening hardware security
• Lowering development barriers at the software level
• Simplifying compliance processes at the documentation level
As the countdown to RED implementation continues, this all-in-one Secure Flash solution – combining hardware, software, and certification support – is undoubtedly the key weapon for product developers to reduce risk and accelerate market deployment. Whether for industrial control security, IoT devices, or consumer electronics, Winbond Secure Flash provides the most robust cybersecurity protection.
RED is both a challenge and an opportunity. While others are still struggling to meet regulatory requirements, we have already used secure memory and Secure Flash to help you stay ahead and seize the cybersecurity high ground in the digital era.
To learn more about Winbond’s advanced security solutions, visit Winbond’s website or contact Winbond directly, or download the latest Hardware Security White Paper.
Article edited by Jack Wu
