naSRPS EN 40000-11:2026

Essential cybersecurity requirements for products - Part 11: Hardware Devices with Security Boxes incorporating a hardware physical envelope and designed to provide security functions such as secure storage and cryptographic operations in an open environment

Scope

This document defines cyber security requirements for products with digital elements belonging to product category “Hardware Device with Security Boxes” (hereinafter called “Product” or “HWSB product”).
The technical description of “Hardware Devices with Security Boxes” can be found in Annex II of [CRA].
The Hardware Devices with Security Boxes in scope are designed for deployment in a range of environments and where the threat landscape includes attackers with various attack potential.
HWSB are hardware-based systems intended to provide secure storage, processing and use of sensitive data, including cryptographic assets, within a protected hardware boundary (envelope).
This document applies to the HWSB part of the product. The applicability of this document to specific products is determined based on their intended purpose, use case and risk assessment.

Related directives

NOTE: If the word "harmonized" (marked in green) is not found in the field with the name of the directive, it means that the European standard is not cited in the OJEU.