Communication Interface Exposure & Cybersecurity Controls
Product Name: EURO 76
Part code(s): EURO76/S-UK, EURO76/L-UK and applicable kits.
Manufacturer: Pyronix Ltd. Secure House, Braithwell Way, Hellaby, Rotherham, S66 8QY
1. Purpose of This Section
This section outlines the physical and logical communication interfaces of the EURO 76 in accordance with the requirements of:
- Directive 2014/53/EU (RED) Articles 3(3)(d), (e), and (f)
- Delegated Regulation (EU) 2022/30
- Standard EN 18031, including exposure risk classification under GEC-4 and compliance decision node DT.GEC-4.DN-2.
The information supports the risk assessment and demonstrates that no interfaces are unintentionally exposed in a way that would compromise network performance, personal data, or privacy.
2. Interface Capability Summary
The EURO 76 contains or supports the following communication interfaces:
| Interface | Present by Default | Enabled by Default | Requires Auth to Enable | User Removable Hardware | Use Case |
|---|---|---|---|---|---|
| Wi-Fi | No | No | Yes | Yes | App comms via cloud/ARC comms |
| 4G | No | No | Yes | Yes | App comms via cloud/ARC comms |
| GPRS | No | No | Yes | Yes | App comms via cloud/ARC comms |
| Ethernet | No | No | Yes | Yes | App comms via cloud/ARC comms |
3. Optional Interfaces (User-Installed Modules)
4.1 Wi-Fi
- Interface Type: IEEE 802.11 b/g/n 2.4GHz
- Hardware Capability: Requires optional DIGI-WIFI module
- Enabled by Default: No
- Enablement Method: Requires physical installation and configuration
- Security Measures: WPA2 encryption, PyronixCloud pairing authentication, no broadcast without configuration
- Purpose: Remote communication with PyronixCloud platform and mobile app; and/or signalling to an ARC
- Exposure Risk: Controlled - not exposed until activated by authenticated installer
- Standard Relevance: EN 18031 GEC-4 compliant
4.2 Cellular
- Interface Type: 4G/GPRS via expansion module
- Hardware Capability: Requires optional DIGI-4G or DIGI-GPRS module (not present by default)
- Enabled by Default: No
- Enablement Method: Requires physical installation and configuration
- Security Measures: VPN/APN segregation; authenticated access; encrypted signalling
- Purpose: Remote communication with PyronixCloud platform and mobile app; and/or signalling to an ARC
- Exposure Risk: Moderate - mitigated by hardware separation and encryption
- Standard Relevance: EN 18031 GEC-4 compliant
4.3 Ethernet
- Interface Type: RJ45 Ethernet (10/100 Mbps)
- Hardware Capability: Requires optional DIGI-LAN module
- Enabled by Default: No
- Enablement Method: Requires physical installation and configuration
- Security Measures: Outbound-only communication to PyronixCloud; no open ports; encrypted signalling; engineer-level authentication required for enablement.
- Purpose: Remote communication with PyronixCloud platform and mobile app; and/or signalling to an ARC
- Exposure Risk: Moderate - mitigated via access control and outbound-only configuration
- Standard Relevance: EN 18031 GEC-4 compliant
5. Disabled or Inactive Interfaces
No interfaces are enabled unless explicitly activated by an authenticated user. Hardware interfaces (Wi-Fi, Cellular, Ethernet) are not active unless installed. No undocumented or hidden interfaces are present.
6. Risk Mitigation Summary (EN 18031 Decision Compliance)
The table summarises the compliance status of the EURO 76 against each section of the EN 18031 standard with a Pass or Fail designation. This overview highlights the key evaluation criteria met by the product. Detailed decision trees and full compliance documentation can be provided upon request for comprehensive technical review.
| EN 18031 Section | Pass/Fail | Description |
|---|---|---|
| ACM (Access Control Mechanism) | Governs the policies and mechanisms controlling user and system access rights to protect against unauthorised access. | |
| AUM (Authentication Mechanism) | Specifies authentication requirements for network and user interfaces, including password policies, authenticator validation, change management, and brute force protection. | |
| SUM (Security Update Mechanism) | Ensures the device supports secure software updates with integrity and authenticity verification, including options for automated or user-approved installations. | |
| SSM (Secure Software Mechanism) | N/A | Requires secure storage of sensitive and network-related data persistently stored on the device to protect against unauthorised access or tampering. |
| SCM (Secure Communication Mechanism) | Requires secure communication protocols with integrity, authenticity, confidentiality, and replay protection to safeguard data transmission. | |
| RLM (Resilience Mechanism) | Ensures devices can mitigate and recover from Denial of Service (DoS) attacks and other failures affecting network interfaces. | |
| NMM (Network Monitoring Mechanism) | For network devices, mandates monitoring of network traffic to detect anomalies such as DoS attacks. | |
| TCM (Traffic Control Management) | For network devices, requires mechanisms to control and prioritise network traffic to prevent overload or delays. | |
| CCK (Confidential Cryptographic Keys) | Specifies secure generation, storage, and uniqueness of cryptographic keys with minimum security strength standards. | |
| GEC (General Engineering Controls) | Tracks hardware/software components and known vulnerabilities; ensures re-mediation or acceptance. | |
| CRY (Cryptography) | Requires the use of recommended, secure cryptographic algorithms and practices to protect secure and network assets. |
7. Supporting Documents & References
EURO 76 Declaration of Conformity - view here
EURO 76 EN 18031-1 Decision Tree Reference Guides:
Author: Daniel Mills
Position: Technical Product Marketer
Date: 31/07/25
Document reference: RED-002
Revision: 01
Approved by: John Walker
Position: Compliance Engineer
Signature: ☐
Related Documents
 |
Pyronix PCX 78 Communication Interface Exposure & Cybersecurity Controls This document details the communication interface exposure and cybersecurity controls for the Pyronix PCX 78, outlining its compliance with EU directives and EN 18031 standards. It covers Wi-Fi, 4G, GPRS, and Ethernet interfaces, including their security measures, purpose, and risk exposure. |
 |
Pyronix Enforcer V11 Communication Interface Exposure & Cybersecurity Controls This document details the communication interface exposure and cybersecurity controls for the Pyronix Enforcer V11, outlining its compliance with relevant EU directives and standards like EN 18031. |
 |
Pyronix EU Declaration of Conformity for Alarm System Components Official EU Declaration of Conformity from Pyronix Limited for various alarm system input panels and components, detailing compliance with EMC, LVD, RoHS, and R&TTE directives. |
 |
Pyronix Enforcer X280 ENFX-280H/L EU Certificate of Conformity Official EU Certificate of Conformity for the Pyronix Enforcer X280 ENFX-280H/L security system, detailing compliance with EMC, RED, LVD, and RoHS directives and relevant harmonised standards. |
 |
Pyronix Enforcer X280 EU Declaration of Conformity Official EU Declaration of Conformity for the Pyronix Enforcer X280 alarm system, detailing compliance with EU directives and standards for safety and electromagnetic compatibility. |
 |
Pyronix ENFORCER Modem and Communications Guide This guide details the various modem and communication modules available for the Pyronix ENFORCER alarm system. It provides essential setup, programming, and diagnostic information for modules such as Wi-Fi, LAN, GPRS+SIM, PSTN, and GSM. Learn how to integrate your system with networks, the Pyronix cloud platform, and Alarm Receiving Centres (ARCs) to enhance security and enable remote access via the HomeControl+ application. |
 |
Android Tablet User Guide: Setup, Features, and Operation Explore the features and functionalities of your Android Tablet with this comprehensive user guide. Learn about setup, device operation, communication, connectivity, security, and maintenance. |
 |
Enforcer V11 EN18031-1 Decision Tree Reference Guide A comprehensive reference guide detailing the EN18031-1 decision trees for the Enforcer V11, covering access control, authentication, secure updates, storage, communication, resilience, network monitoring, traffic control, and cryptography. |