Test Automation & Workflow Standardization for Red 3.3 Cybersecurity Certification

Project Overview

Goal: Automation and Workflow Standardization for RED Cybersecurity Certification Testing
Location: Amsterdam/Eindhoven
Timeframe: 3–6 months
Team: SL Product Security
Supervisor: Ram (Primary), Gaurav (Co-supervisor)

Student Attributes

Education:

• Bachelor’s or Master’s student in Cybersecurity, Embedded Systems, Electrical Engineering, Computer Science, or a related technical field

Technical skills:

• Basic understanding of regulatory and cybersecurity frameworks (e.g., RED, ETSI EN 303 645, EN 18031 standards, etc.)
• Familiarity with virtual machine environments (e.g., VirtualBox, VMware)
• Hands-on experience with Linux systems and common testing tools (e.g., Wireshark, MitmProxy, Nmap, Burp Suite)
• Scripting experience for automation tasks (e.g., Python, Bash)
• Basic understanding of IoT protocols (e.g., MQTT, CoAP) and embedded system architectures is a plus

Soft skills:

• Ability to work independently and communicate technical progress clearly
• Strong analytical and organizational skills
• Proactive mindset with attention to detail
• Interest in standardization and cybersecurity testing

Project Description

As regulatory cybersecurity compliance becomes increasingly vital for IoT and radio-enabled products, our lab performs assessments based on various certification standards such as EN 18031, ETSI EN 303 645 & IEC 62443-4-2 under the RED (Radio Equipment Directive) framework. However, current testing workflows challenged by repetitive manual effort, lack consistency in documentation, and require testers to individually configure tools and environments.

This internship will contribute to solving these challenges by developing a standardized virtual machine (VM) environment pre-configured with essential tools and structured workflows for RED cybersecurity assessments. The intern will work on:

• Creating a RED-focused VM with pre-installed tools commonly used in cybersecurity and functional testing.
• Mapping test cases from multiple standards to specific tools and structured testing steps.
• Automating evidence collection and report generation using predefined templates and inputs from the tester.
• Bringing consistency and efficiency to RED 3.3 testing deliverables and documentation.

Objectives:

• Streamline and standardize the setup and execution of RED 3.3 certification testing.
• Improve reusability of testing environments across multiple devices and standards.
• Reduce manual effort in documentation and reporting.
• Ensure better traceability and repeatability of compliance assessments.

Deliverables are expected to include:

• A portable VM image with common tools
• A testing framework guide mapped to EN 18031
• Automation scripts for data collection and template-based reporting

The intern’s work will help accelerate test execution and improve the repeatability of compliance results, particularly important in light of the RED 3.3 cybersecurity deadline (August 2025).