---
title: "RED software update impact for radio equipment"
canonical_url: "https://www.sorena.io/artifacts/eu/radio-equipment-directive/software-update-impact"
source_url: "https://www.sorena.io/artifacts/eu/radio-equipment-directive/software-update-impact"
author: "Sorena AI"
description: "Assess when firmware, app, and software updates can affect EU Radio Equipment Directive conformity, technical documentation, DoC, standards, and notified-body evidence."
published_at: "2026-05-09"
updated_at: "2026-05-09"
keywords:
  - "RED software update impact"
  - "Radio Equipment Directive firmware update"
  - "Article 3(3)(i)"
  - "RED technical documentation"
  - "RED conformity assessment"
  - "RED software compliance"
  - "EU Radio Equipment Directive"
  - "RED"
  - "Directive 2014/53/EU"
  - "software updates"
  - "firmware updates"
  - "technical documentation"
---
**[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform

[Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io)

---

# RED software update impact for radio equipment

Assess when firmware, app, and software updates can affect EU Radio Equipment Directive conformity, technical documentation, DoC, standards, and notified-body evidence.

*Artifact Guide* *EU RED*

## RED software update impact for radio equipment

Software and firmware changes can affect RED conformity when they change radio behavior, intended use, cybersecurity functions, charging information, user-configurable features, or the assessed equipment/software combination.

Use this page to decide when an update needs a conformity review, technical-file update, declaration update, standards check, or notified-body follow-up before release.

Under the Radio Equipment Directive, software is part of the compliance record when it affects essential requirements or allows the radio equipment to operate as intended. RED Article 3(3)(i) also allows the Commission to require features ensuring that software can only be loaded where the compliance of the radio-equipment and software combination has been demonstrated. A practical update review therefore asks whether the release changes the product configuration that was assessed, documented, declared, or certified.

## When a software update can affect RED conformity

Treat each update as a product-change assessment, not as a routine engineering label. The first question is whether the change can alter an Article 3 requirement: health and safety, EMC, efficient spectrum use, an activated Article 3(3) requirement, or the common-charger information and charging-capability rules for covered equipment.

The RED technical documentation must identify software or firmware versions that affect compliance with essential requirements. The release-control record should also monitor hardware and software changes, standards, legal developments, and state of the art. That makes the record important even when the conclusion is that no retest or declaration change is needed.

- Review updates that change transmitter power, frequency bands, modulation, duty cycle, antenna behavior, receiver parameters, geofencing, or region selection.
- Review updates that change cybersecurity controls for internet-connected, data-processing, wearable, childcare, toy, or payment-capable radio equipment covered by Delegated Regulation (EU) 2022/30.
- Review updates that add or remove user-installable software, companion-app control, accessories, components, charging behavior, restriction information, or operating modes described in the instructions or declaration.
- Record a no-impact decision only when the assessed model, hardware variant, firmware or software version, intended use, standards coverage, and market information remain aligned.

Sources for this answer:

- [Directive 2014/53/EU on radio equipment](https://eur-lex.europa.eu/eli/dir/2014/53/oj?ref=sorena.io) - Supports Article 3 essential requirements, Article 3(3)(i) software-combination language, Article 10 manufacturer duties, and Annex V software or firmware documentation.
- [Commission Delegated Regulation (EU) 2022/30 on RED cybersecurity](https://eur-lex.europa.eu/eli/reg_del/2022/30/oj?ref=sorena.io) - Defines which radio equipment categories are subject to Article 3(3)(d), (e), and (f) cybersecurity-related requirements.
- [European Commission - harmonised standards for radio equipment](https://single-market-economy.ec.europa.eu/single-market/goods/european-standards/harmonised-standards/radio-equipment_en?ref=sorena.io) - Supports checking current RED harmonised-standard references and restrictions before relying on presumption of conformity after a software change.

*Recommended next step*

*Placement: after standards and notified-body section*

## Review RED software-change evidence before release

Check whether a firmware, app, OTA, or configuration update changes the Article 3 matrix, standards evidence, technical file, declaration, notified-body record, or release approval for radio equipment.

- [Open RED Software Update Research Copilot](/solutions/research-copilot.md): Answer RED software-change, conformity, and technical-file questions with cited outputs.
- [Talk through RED update release controls](/contact.md): Review update scope, evidence gaps, standards impact, and release decisions.

## Update the technical file before release

The update record should let a reviewer connect the software release to the radio equipment type placed on the EU market. Keep the release identifier, affected models, affected hardware variants, changed radio or security functions, standards impact, test impact, DoC impact, notified-body impact, approval owner, and release decision.

Annex V is the anchor for the file: it calls for a general product description, conceptual design and manufacturing materials, software or firmware versions affecting compliance, user and installation information, harmonised standards or other technical specifications, EU declaration, EU-type examination material where applicable, calculations, examinations, and test reports. If the update affects any of those records, update the technical documentation instead of relying on release notes alone.

- Link each software or firmware version that affects RED compliance to the exact model, type designation, hardware revision, region configuration, and release channel.
- Add regression evidence for the Article 3 requirements touched by the change rather than retesting unrelated requirements by default.
- Update instructions, safety information, restriction information, frequency-band and power information, and DoC software descriptions when the user-facing compliance description changes.
- Keep the technical documentation and EU declaration available for 10 years after the radio equipment has been placed on the market.

Sources for this answer:

- [Directive 2014/53/EU on radio equipment](https://eur-lex.europa.eu/eli/dir/2014/53/oj?ref=sorena.io) - Supports Annex V technical-documentation contents, Article 10 instructions and DoC duties, and the 10-year retention rule.
- [Commission Notice - Blue Guide on EU product rules (2022)](https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX%3A52022XC0629%2804%29&ref=sorena.io) - Supports horizontal EU product-law context for manufacturer responsibility, technical documentation, declarations of conformity, and CE-marked product controls.

## Check standards and notified-body consequences

A software update can reopen the conformity-assessment route if the change affects a requirement that was covered by a harmonised standard, a partly applied standard, a technical specification, an EU-type examination certificate, or a full-quality-assurance approval. RED gives presumption of conformity only for the essential requirements covered by OJEU-published harmonised standards or parts of standards.

For Article 3(2) and Article 3(3), the notified-body question is especially important. If relevant OJEU-cited harmonised standards are not applied, are applied only in part, or no such standards exist for the requirement being assessed, Article 17 points the manufacturer to Annex III or Annex IV rather than Annex II for those requirements. For Annex III, modifications to the approved type that may affect conformity or certificate validity require additional approval.

- Compare the update against the exact standard versions, clauses, restrictions, and test configurations used for the current declaration.
- If a standard has lost presumption of conformity for products not yet placed on the market, decide whether the updated product needs a new standard route or notified-body route.
- For Annex III certificates, ask whether the update changes the approved type, certificate conditions, software version, radio configuration, or evidence reviewed by the notified body.
- For Annex IV quality-system approvals, check whether the update changes a design, production, inspection, testing, or quality-system control covered by the approval.

Sources for this answer:

- [Directive 2014/53/EU on radio equipment](https://eur-lex.europa.eu/eli/dir/2014/53/oj?ref=sorena.io) - Supports Article 16 presumption of conformity, Article 17 conformity-assessment routes, and Annex III modification approval for EU-type examination certificates.
- [European Commission - notified bodies](https://single-market-economy.ec.europa.eu/single-market/goods/building-blocks/notified-bodies_en?ref=sorena.io) - Supports the role of notified bodies where third-party conformity assessment is required.
- [European Commission - harmonised standards for radio equipment](https://single-market-economy.ec.europa.eu/single-market/goods/european-standards/harmonised-standards/radio-equipment_en?ref=sorena.io) - Supports release checks against current RED harmonised-standard publications, withdrawals, and restrictions.

## Common mistakes in RED software-change records

The main mistake is treating firmware as outside RED because no physical component changed. That is too narrow: software can affect radio parameters, EMC behavior, safety functions, cybersecurity controls, restrictions, charging behavior, instructions, and the evidence package used to place the equipment on the EU market.

The second mistake is treating every update as a brand-new conformity assessment. A documented impact decision can be proportionate, but it must explain why the existing Article 3 matrix, standards evidence, technical documentation, DoC, and notified-body records still cover the released configuration.

- Do not ship an over-the-air update that changes radio or security behavior without checking the assessed equipment/software combination.
- Do not leave the DoC, instructions, software identifiers, or technical file pointing to an older firmware version when the update affects compliance evidence.
- Do not rely on a supplier or lab statement unless it identifies the affected model, software version, requirement, standard, and test or assessment basis.
- Do not cite a harmonised standard for presumption of conformity unless the reference is published for RED in the Official Journal and covers the requirement and product configuration being claimed.

Sources for this answer:

- [Directive 2014/53/EU on radio equipment](https://eur-lex.europa.eu/eli/dir/2014/53/oj?ref=sorena.io) - Supports Article 4 software-combination information, Article 10 corrective action duties, and Annex V software or firmware documentation.
- [Commission Delegated Regulation (EU) 2023/2444 on RED cybersecurity application date](https://eur-lex.europa.eu/eli/reg_del/2023/2444/oj?ref=sorena.io) - Supports the 1 August 2025 application date for RED Article 3(3)(d), (e), and (f) cybersecurity requirements under Delegated Regulation (EU) 2022/30.
- [European Commission - RED policy page](https://single-market-economy.ec.europa.eu/sectors/electrical-and-electronic-engineering-industries-eei/radio-equipment-directive-red_en?ref=sorena.io) - Supports RED implementation context, guidance links, harmonised-standard resources, and Commission warnings about conformity-assessment evidence.

## Primary sources

- [Directive 2014/53/EU on radio equipment](https://eur-lex.europa.eu/eli/dir/2014/53/oj?ref=sorena.io) - Binding RED source for essential requirements, software-combination provisions, manufacturer duties, conformity assessment, technical documentation, EU declarations, CE marking, and market-surveillance controls.
  - Quote: "software can only be loaded"
- [Commission Delegated Regulation (EU) 2022/30 on RED cybersecurity](https://eur-lex.europa.eu/eli/reg_del/2022/30/oj?ref=sorena.io) - Defines which radio equipment categories must meet RED Article 3(3)(d), (e), and (f) cybersecurity-related essential requirements.
  - Quote: "points (d), (e) and (f)"
- [Commission Delegated Regulation (EU) 2023/2444 on RED cybersecurity application date](https://eur-lex.europa.eu/eli/reg_del/2023/2444/oj?ref=sorena.io) - Amends the application date in Delegated Regulation (EU) 2022/30 to 1 August 2025 and corrects the data-processing wording.
  - Quote: "It shall apply from 1 August 2025."
- [European Commission - harmonised standards for radio equipment](https://single-market-economy.ec.europa.eu/single-market/goods/european-standards/harmonised-standards/radio-equipment_en?ref=sorena.io) - Commission source for current RED harmonised-standard references, withdrawals, and restrictions relevant to software-update release checks.
  - Quote: "Radio equipment"
- [European Commission - notified bodies](https://single-market-economy.ec.europa.eu/single-market/goods/building-blocks/notified-bodies_en?ref=sorena.io) - Commission source for notified-body role where third-party conformity assessment is required.
  - Quote: "assess the conformity"
- [Commission Notice - Blue Guide on EU product rules (2022)](https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX%3A52022XC0629%2804%29&ref=sorena.io) - Horizontal EU product-law source for manufacturer responsibility, technical documentation, declarations of conformity, and CE-marked product controls.
  - Quote: "The manufacturer is responsible"
- [European Commission - RED policy page](https://single-market-economy.ec.europa.eu/sectors/electrical-and-electronic-engineering-industries-eei/radio-equipment-directive-red_en?ref=sorena.io) - Commission overview for RED implementation context, guidance, harmonised standards, notified bodies, and conformity-assessment resources.
  - Quote: "CE marking can only be affixed"

## Related Topic Guides

- [Are radio kits and evaluation boards covered by the RED? | RED FAQ](/artifacts/eu/radio-equipment-directive/faq/kits.md): RED FAQ for radio kits, construction kits, amateur-radio kits, and custom-built professional R&D evaluation boards under Directive 2014/53/EU.
- [EU Radio Equipment Directive Timeline: practical guide](/artifacts/eu/radio-equipment-directive/timeline.md): EU Radio Equipment Directive guide to Timeline with scope decisions, owner actions, evidence records, source-linked citations, and practical next steps.
- [EU RED Applicability Test for Radio Equipment](/artifacts/eu/radio-equipment-directive/applicability-test.md): Decide whether Directive 2014/53/EU applies to a connected product, which RED requirements are triggered, and what evidence belongs in the technical file.
- [EU RED Common Charger FAQ: Which devices need USB-C?](/artifacts/eu/radio-equipment-directive/faq/common-charger.md): FAQ on EU RED common charger scope, 28 December 2024 and 28 April 2026 dates, USB-C, USB Power Delivery, charger unbundling, labels, pictograms, and evidence.
- [EU RED Common Charger Obligations: USB-C scope, dates, labels](/artifacts/eu/radio-equipment-directive/common-charger-obligations.md): source-linked RED common charger guide covering in-scope device categories, 28 December 2024 and 28 April 2026 dates, USB-C, USB PD, charger unbundling, labels, pictograms, and evidence.
- [EU RED compliance evidence guide](/artifacts/eu/radio-equipment-directive/compliance.md): Build a Radio Equipment Directive compliance file with Article 3 requirement mapping, harmonised-standard checks, conformity assessment evidence, EU declarations, CE marking, and RED source links.
- [EU RED Cybersecurity Product Categories: 2022/30 scope](/artifacts/eu/radio-equipment-directive/cybersecurity-delegated-act-product-categories.md): source-linked guide to RED Delegated Regulation (EU) 2022/30 product categories for Article 3(3)(d), (e), and (f), carve-outs, 1 August 2025 application, and release evidence.
- [EU RED FAQ: Scope, CE and USB-C](/artifacts/eu/radio-equipment-directive/faq.md): Answers to common EU RED questions on radio equipment scope, Article 3 requirements, cybersecurity, USB-C common charger rules, CE marking, and technical-file evidence.
- [EU RED Radio Equipment Scope: products and exclusions](/artifacts/eu/radio-equipment-directive/radio-equipment-scope.md): Decide whether a product is radio equipment under Directive 2014/53/EU, with RED scope tests, exclusions, examples, and evidence records.
- [EU RED Requirements Map: CE and Article 3](/artifacts/eu/radio-equipment-directive/requirements.md): Map Radio Equipment Directive requirements for radio products: Article 3 safety, EMC, spectrum, selected Article 3(3) duties, common charger rules, conformity assessment, CE marking, EU declaration, and technical documentation.
- [EU RED Scope and Classification](/artifacts/eu/radio-equipment-directive/scope-and-classification.md): Classify products under the EU Radio Equipment Directive with source-linked tests for radio equipment scope, exclusions, Article 3 requirement buckets, cybersecurity, common charging, and evidence records.
- [EU RED Scope Classification Workflow](/artifacts/eu/radio-equipment-directive/red-scope-classification-workflow.md): Classify products under the EU Radio Equipment Directive with a source-linked workflow for RED scope, exclusions, Article 3 requirements, standards, CE evidence, cybersecurity, and common-charger triggers.
- [RED Article 10 labelling, instructions, and restrictions](/artifacts/eu/radio-equipment-directive/article-10-labelling-and-restrictions.md): source-linked RED Article 10 guide for radio equipment labels, manufacturer contact details, instructions, DoC statements, frequency information, and use restrictions.
- [RED Article 3 requirement selection workflow](/artifacts/eu/radio-equipment-directive/article-3-requirement-selection-workflow.md): Select the right RED Article 3 branches for radio equipment: safety, EMC, spectrum, delegated Article 3(3) duties, cybersecurity, common charging, evidence, and conformity assessment.
- [RED Article 3 Requirements: Safety, EMC, Spectrum and Cyber](/artifacts/eu/radio-equipment-directive/article-3-1-3-2-and-3-3-requirements.md): Map Radio Equipment Directive Article 3(1), 3(2), and 3(3) requirements to safety, EMC, spectrum, interoperability, emergency, software, and cyber evidence.
- [RED Compliance Checklist for Radio Equipment](/artifacts/eu/radio-equipment-directive/checklist.md): source-linked RED checklist for radio equipment scope, Article 3 requirements, technical documentation, DoC, CE marking, cybersecurity, common charger, and notified-body decisions.
- [RED compliance deadlines calendar: 2016, 2024, 2025 and 2026 dates](/artifacts/eu/radio-equipment-directive/deadlines-and-compliance-calendar.md): Calendar the EU Radio Equipment Directive deadlines that affect launches: RED applicability, transition end, common charger dates, cybersecurity requirements, OJEU standards, CE marking, declarations and technical files.
- [RED conformity assessment and CE marking](/artifacts/eu/radio-equipment-directive/conformity-assessment-and-ce.md): EU Radio Equipment Directive guide to Article 17 conformity modules, notified-body triggers, technical documentation, EU declarations, and CE marking.
- [RED Conformity Assessment Template](/artifacts/eu/radio-equipment-directive/red-conformity-assessment-template.md): Template fields for documenting RED Article 3 requirements, Article 17 route selection, harmonised standards, notified-body evidence, technical documentation, EU declaration, CE marking, cybersecurity, and common-charger checks.
- [RED Cyber Compliance Workflow for Article 3(3)(d/e/f)](/artifacts/eu/radio-equipment-directive/cyber-compliance-workflow.md): A source-linked RED cybersecurity workflow for internet-connected radio equipment, privacy and data safeguards, payment-fraud features, evidence packs, and CE release gates.
- [RED Cybersecurity Delegated Act Guide | Article 3(3)(d/e/f)](/artifacts/eu/radio-equipment-directive/red-cybersecurity-delegated-act-guide.md): Practical guide to Delegated Regulation (EU) 2022/30 under the Radio Equipment Directive, covering Article 3(3)(d), (e), and (f) cybersecurity scope, 1 August 2025 application, evidence, standards, and notified-body checkpoints.
- [RED Cybersecurity Requirements for Radio Equipment](/artifacts/eu/radio-equipment-directive/cybersecurity-requirements.md): EU RED cybersecurity requirements under Article 3(3)(d), (e), and (f): scope, affected radio equipment, application date, standards, notified bodies, and evidence.
- [RED DoC and CE marking file: what to include](/artifacts/eu/radio-equipment-directive/faq/doc-and-ce.md): FAQ answer for Radio Equipment Directive declarations of conformity, CE marking evidence, technical documentation, notified-body records, and related labels.
- [RED EMC and LVD Safety Interplay for Radio Equipment](/artifacts/eu/radio-equipment-directive/emc-and-lvd-safety-interplay.md): Explain how EU RED Article 3 applies LVD safety objectives and EMC requirements to radio equipment, with evidence, test-plan, and technical-file guidance.
- [RED Harmonised Standards and Test Plans: OJEU evidence guide](/artifacts/eu/radio-equipment-directive/harmonized-standards-and-test-plans.md): Build a Radio Equipment Directive standards matrix and test plan around OJEU-cited harmonised standards, Article 3 requirements, Article 17 route triggers, and Annex V technical-file evidence.
- [RED importer obligations FAQ | Directive 2014/53/EU](/artifacts/eu/radio-equipment-directive/faq/importers.md): What importers must check before placing radio equipment on the EU market: conformity assessment, spectrum use, technical documentation, EU declaration, CE marking, traceability, instructions, restrictions, storage, corrective action, and authority cooperation.
- [RED notified body route selection under Article 17](/artifacts/eu/radio-equipment-directive/notified-body-route-selection.md): Decide when RED radio equipment can use internal production control and when Article 17 requires Annex III EU-type examination or Annex IV full quality assurance.
- [RED Notified Body Trigger Workflow: Article 17 evidence guide](/artifacts/eu/radio-equipment-directive/notified-body-trigger-workflow.md): Decide when the EU Radio Equipment Directive needs a notified body by mapping Article 3 requirements, OJEU-cited harmonised standards, Annex III EU-type examination, and Annex IV full quality assurance evidence.
- [RED penalties, fines, and enforcement actions](/artifacts/eu/radio-equipment-directive/penalties-and-fines.md): EU Radio Equipment Directive penalties guide covering Article 46, Member State penalty rules, recalls, withdrawals, formal non-compliance, and enforcement evidence.
- [RED radio modules FAQ: host product assessment](/artifacts/eu/radio-equipment-directive/faq/radio-modules.md): FAQ on how Directive 2014/53/EU treats RF modules and host products, including module evidence, final-product responsibility, Article 3 assessment, technical documentation, instructions, antennas, software, and DoC records.
- [RED SAR and RF Exposure Evidence FAQ](/artifacts/eu/radio-equipment-directive/faq/sar-and-wireless-exposure.md): What SAR and RF exposure evidence to keep under the EU Radio Equipment Directive, including Article 3(1)(a), foreseeable use, frequency, power, antenna, and standards evidence.
- [RED standards not cited in the OJEU: can you use them?](/artifacts/eu/radio-equipment-directive/faq/standards-not-cited-in-ojeu.md): FAQ answer for Radio Equipment Directive products when a standard is useful but not OJEU-cited, including presumption of conformity, Article 17 route selection, and technical-file evidence.
- [RED vs Cyber Resilience Act: radio equipment cyber scope](/artifacts/eu/radio-equipment-directive/red-vs-cyber-resilience-act.md): Compare RED cybersecurity duties with Cyber Resilience Act planning for connected radio equipment, using grounded RED scope, evidence, dates, and caveats.
- [RED vs EMC Directive: when radio equipment uses RED instead of EMCD](/artifacts/eu/radio-equipment-directive/red-vs-emc.md): Compare the EU Radio Equipment Directive and EMC Directive for radio products, EMC evidence, CE marking, declarations, technical files, and scope boundaries.
- [RED vs ETSI EN 303 645: IoT cyber evidence comparison](/artifacts/eu/radio-equipment-directive/red-vs-etsi-en-303-645.md): Compare EU RED cybersecurity duties with ETSI EN 303 645 evidence reuse for connected radio products, OJEU standards, CE files, and 1 August 2025 planning.
- [RED vs LVD: when radio equipment uses RED for electrical safety](/artifacts/eu/radio-equipment-directive/red-vs-lvd.md): Compare the EU Radio Equipment Directive and Low Voltage Directive for radio-product safety, voltage limits, CE marking, technical files, and declarations.
- [RED vs Market Surveillance Regulation: radio equipment compliance roles](/artifacts/eu/radio-equipment-directive/red-vs-msr.md): Compare RED product conformity duties with EU Market Surveillance Regulation controls for radio equipment, online sales, responsible operators, customs holds, and evidence.
- [RED vs UK PSTI for connected radio products](/artifacts/eu/radio-equipment-directive/red-vs-uk-psti.md): Compare EU RED duties with UK PSTI planning for connected radio products: scope, actors, evidence, cybersecurity overlap, CE marking, and separate UK product-security workstreams.
- [When do RED cybersecurity requirements apply to connected radio equipment? | RED FAQ](/artifacts/eu/radio-equipment-directive/faq/cybersecurity-applicability.md): RED FAQ explaining when Article 3(3)(d), (e), and (f) cybersecurity requirements apply to internet-connected, childcare, toy, wearable, and payment-capable radio equipment.
- [Which receivers and transmitters are covered by RED? | Directive 2014/53/EU FAQ](/artifacts/eu/radio-equipment-directive/faq/receivers-and-transmitters.md): RED scope FAQ for products that intentionally emit or receive radio waves for radio communication or radiodetermination, including receiver-only products, transmitters, accessory-dependent products, and common exclusions.
- [Wi-Fi and Bluetooth Products Under the EU RED](/artifacts/eu/radio-equipment-directive/faq/wi-fi-and-bluetooth-products.md): FAQ for assessing Wi-Fi, Bluetooth, BLE and other short-range wireless products under the EU Radio Equipment Directive, including Article 3, CE, technical file, cybersecurity and notified-body triggers.


---

[Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us)

(c) 2026 Sorena AB (559573-7338). All rights reserved.

Source: https://www.sorena.io/artifacts/eu/radio-equipment-directive/software-update-impact