A distributor in Poland told us recently: “Half the wireless alarm products claiming Grade 2 compliance on their packaging would fail a proper certification audit.” Whether or not that number is precise, the point stands — Grade 2 compliance is becoming a baseline requirement across European markets, and the technical bar is rising.
EN 50131 is the European standard for intruder alarm systems. Grade 2, covering low-to-medium risk residential and small commercial sites, is the most common certification target for wireless alarm equipment in Europe. But “Grade 2 compatible” is not the same as “Grade 2 certified,” and the distinction matters — for legal liability, insurance compliance, and ARC connectivity.
This article explains what EN 50131 Grade 2 requires specifically for wireless equipment, how the new EN 18031-1 and RED regulations interact with existing Grade 2 obligations in 2026, and how to verify that a wireless alarm system actually meets the standard.
What Is EN 50131 Grade 2?
EN 50131 is the European Committee for Standardisation (CEN) standard for intruder alarm systems, structured in multiple parts covering system requirements (EN 50131-1), detection devices (EN 50131-2-x), control equipment (EN 50131-3), and communications (EN 50131-10). The grade system defines four security levels:
| Grade | Risk Level | Typical Application | Key Requirements Added |
|---|---|---|---|
| Grade 1 | Low | Self-monitored, low-value assets | Basic detection, no encryption required |
| Grade 2 | Low–medium | Residential, small commercial, insurance-mandated | Encryption mandatory, supervision timing, tamper detection |
| Grade 3 | Medium–high | Commercial, banks, high-value retail | Anti-masking, enhanced encryption, jamming detection |
| Grade 4 | High | Government, high-security sites | Military-grade encryption, full redundancy |
Source: EN 50131-1:2018 “Alarm Systems — Intrusion and Hold-Up Systems — Part 1: System Requirements,” Table 1 — Grade definitions.
Grade 2 is the de facto minimum for professional security installations across most EU and EEA countries. Insurance companies in Germany, France, and the UK typically require Grade 2 as a precondition for premium discounts. The key wireless-specific requirements include:
• Mandatory encryption of all radio communication (AES-128 minimum per EN 50131-1:2018, clause 8.5.3)
• Detection of communication loss between detector and control panel within a defined time (200 seconds maximum for Grade 2, per EN 50131-1:2018, clause 8.4.2)
• Tamper detection on all wirelessly accessible devices
• Battery status reporting to the control panel
• Event logging with time-stamping
What Are the Wireless-Specific Requirements Under EN 50131?
Several Grade 2 requirements directly affect wireless protocol and device design. Installers should verify these when selecting equipment.
1. Supervision Timing
EN 50131-1:2018 clause 8.4.2 requires that any Grade 2 alarm system detect the loss of communication between a detector and the control panel within 200 seconds. This means:
• The wireless protocol must use supervision (heartbeat) messages at intervals that guarantee detection of a missed signal within 200 seconds
• A protocol polling at 300-second intervals cannot meet Grade 2 — the maximum supervision interval must be 200 seconds or less
• Most Grade 2 wireless systems default to 12–60 second intervals, providing margin against the limit
RBF Protocol’s configurable supervision range of 12–300 seconds accommodates Grade 2 compliance at intervals up to 200 seconds. The recommended Grade 2 setting is 60 seconds, providing detection within 130 seconds (two missed intervals plus processing time), well within the 200-second requirement.
2. Encryption (Clause 8.5.3)
Grade 2 mandates encryption of all wireless alarm communication. The standard requires a minimum of AES-128 (Advanced Encryption Standard with 128-bit key). This applies to the entire bidirectional path — detector to panel, panel to detector, and any wireless peripherals (keypads, sirens).
RBF Protocol implements AES-128 encryption with dynamic session keys — a new session key is negotiated at each device pairing, and keys are rotated periodically during supervision exchanges. This exceeds the Grade 2 baseline.
3. Tamper Detection
All wirelessly accessible components must report tamper activation (removal from mounting surface, cover opening). For wireless devices, the tamper signal must be transmitted within the same timeframe as an intrusion alarm — no separate or delayed path.
4. Battery Status
The system must monitor battery voltage in every wireless device and report “low battery” to the control panel before the device fails. EN 50131-1 specifies that the user should be alerted at least 30 days before expected battery exhaustion under normal conditions. This requires the protocol to carry battery status data in each supervision message — not just on event transmission.
RBF includes battery voltage (reported as percentage of remaining capacity calibrated to CR123A discharge curve) in every supervision packet. The hub generates a pre-low-battery warning at 30% remaining and a low-battery alert at 15%.
5. Jamming Detection
For Grade 2, jamming detection is recommended but not mandatory (it becomes mandatory at Grade 3). However, installers should note that some national standards bodies and insurance schemes require jamming detection even at Grade 2 — for example, VdS (Germany) guidelines recommend jamming detection for any grade.
How Does EN 18031-1 Change the Compliance Landscape in 2026?
EN 18031-1 is the new European cybersecurity standard for radio equipment, published in 2024 and referenced by the EU Radio Equipment Directive (RED) Delegated Regulation (EU) 2022/30. It applies to all wirelessly connected devices sold in the EU, including alarm equipment.
Timeline
| Date | Milestone |
|---|---|
| February 2025 | RED Delegated Regulation 2022/30 enters full enforcement |
| 2025–2026 | Transition window — both EN 50131 and EN 18031-1 may apply depending on product type and market |
| 2026+ | EN 18031-1 compliance effectively mandatory for new wireless alarm products placed on EU market |
Source: European Commission, “Delegated Regulation (EU) 2022/30 on Radio Equipment Cybersecurity,” Official Journal of the European Union, January 2022; CEN/CLC EN 18031-1:2024.
What EN 18031-1 Adds Beyond EN 50131
| Area | EN 50131 Grade 2 | EN 18031-1 (Added) |
|---|---|---|
| Encryption | AES-128 for alarm signals | Same baseline, plus password/pin change enforcement |
| Firmware updates | Not required | Secure update mechanism mandatory |
| Default credentials | Not addressed | Unique per-device credentials required |
| Vulnerability disclosure | Not addressed | Manufacturer must publish vulnerability disclosure policy |
| Data protection | Alarm-related only | All personal/network data handled by the device |
Practical impact for installers: From 2026, wireless alarm hubs purchased in the EU must support secure firmware updates and ship with unique default credentials (no “admin/admin”). This affects inventory rotation and commissioning workflows. Equipment certified before the enforcement date under the previous RED framework may continue to be sold — check supplier certification dates.
Does EN 18031-1 Replace EN 50131 for Wireless Alarms?
No. The two standards address different domains. EN 50131 governs security performance (detection, supervision, tamper response, grading). EN 18031-1 governs cybersecurity (network resilience, data protection, secure updates). Both apply to Grade 2 wireless alarm equipment placed on the EU market after the respective enforcement dates. A product must meet both to be fully compliant for professional installations in 2026 and beyond.
How RBF Protocol Addresses Grade 2 Requirements
The following table maps RBF protocol features to specific EN 50131 Grade 2 clauses:
| EN 50131 Requirement | RBF Implementation | Compliance Status |
|---|---|---|
| Supervision detection ≤ 200 s (cl. 8.4.2) | Configurable 12–300 s polling; default 60 s for Grade 2 installations | Compliant at ≤ 200 s settings |
| AES-128 encryption (cl. 8.5.3) | AES-128 with dynamic session key rotation | Compliant (exceeds baseline) |
| Tamper detection (cl. 8.3) | Cover and wall tamper transmitted within same latency as alarm event | Compliant |
| Battery monitoring (cl. 8.2.1) | Voltage reported per supervision packet; pre-low at 30%, alert at 15% | Compliant |
| Event logging (cl. 10) | Hub stores 500+ events with UTC timestamp | Compliant |
| Jamming detection (cl. 8.4.3) | Available (firmware v2.1+, recommended for VdS schemes) | Optional at Grade 2 |
| Secure firmware update (EN 18031-1) | Signed firmware images, SHA-256 verification, rollback protection | Compliant from hub firmware v2.0+ |
Source: Roombanker “Declaration of Conformity — EN 50131 Grade 2,” document RB-DOC-2024-012, issued by Roombanker Compliance team, verified by Eurofins Product Testing (Munich, Germany), Q3 2024.
The RBF Hub and PIR Motion Sensor (indoor) have been independently tested and certified by Eurofins Product Testing GmbH for EN 50131 Grade 2 compliance. Certification documents are available on request.
Checklist for Specifying a Grade 2 Wireless Alarm System
When evaluating a wireless alarm system for a Grade 2 installation, verify these seven points directly with the supplier:
1. Certification type — Is the product “Grade 2 certified” (by an accredited testing body) or “Grade 2 compatible” (self-declared)? Only third-party certification counts for insurance and legal purposes.
2. Supervision interval — What is the maximum supervision interval? Must be ≤ 200 seconds.
3. Encryption standard — AES-128 minimum. Ask whether keys are static or dynamic.
4. Battery reporting — Does the system report battery status as percentage or voltage, or only as a binary “low” signal? Percentage allows predictive replacement scheduling.
5. Firmware update mechanism — For RED/EN 18031-1 compliance from 2026, the hub must support signed, authenticated firmware updates.
6. ARC compatibility — Does the alarm communication protocol support the monitoring centre’s receiver format (SIA-DC09, Contact ID, proprietary IP)?
7. National certifications — Does the product carry any required national endorsements: VdS (Germany), CNPP (France), SBSC (Netherlands), SSF (Sweden)?
Frequently Asked Questions
Can a Grade 2 wireless system be upgraded to Grade 3 later?
Not without replacing components. Grade 3 requires additional hardware features (anti-masking detectors, jamming detection, enhanced encryption) that cannot be added via firmware alone. Choose the right grade at specification time — upgrading later means a full system replacement.
Is self-declared Grade 2 compliance sufficient for insurance?
In most EU countries, insurance companies accept third-party certified Grade 2 equipment. Self-declared compliance (“Grade 2 compatible”) may not satisfy the insurer’s requirements, particularly in Germany (VdS), France (CNPP/AFNOR), and the UK (NSI/SSAIB schemes). Check with the local insurer or broker before specifying self-declared equipment.
Does Grade 2 require ARC (Alarm Receiving Centre) connection?
EN 50131 Grade 2 does not mandate ARC connection — a system can be Grade 2 compliant with local alarm signalling (internal sirens, push notifications). However, many insurance policies and national regulations require Grade 2 systems to transmit alarms to an ARC for police/response dispatch. Verify the local requirement.
How does RED Delegated Regulation 2022/30 affect existing Grade 2 installations?
The regulation applies to new products placed on the market from February 2025 onward. Existing installed systems and stock already in the supply chain before the enforcement date are not retroactively required to comply. When replacing failed equipment in existing installations from 2026 onward, replacement units must meet RED cybersecurity requirements.
Related Articles in This Series
• Sub-GHz vs 2.4GHz: Wireless Protocol Guide for Security Installers — frequency choice context for Grade 2 wireless system design
• RBF Protocol 3,500m Range: Real Data from 50 European Sites — how wireless range data relates to Grade 2 supervision timing requirements
• Wireless Alarm Battery Life: Protocol Design vs Battery Size — battery monitoring obligations under EN 50131 Grade 2
Summary for Installers
• EN 50131 Grade 2 is the most relevant certification for wireless alarm installations in European residential and small commercial sites. Verify third-party certification — do not rely on “compatible” claims.
• The standard requires: ≤ 200-second supervision, AES-128 encryption, tamper and battery reporting, and event logging. Any wireless protocol used in a Grade 2 system must support all of these.
• From 2026, EN 18031-1 (RED cybersecurity) adds secure firmware updates, unique credentials, and vulnerability disclosure obligations. Both standards apply — one does not replace the other.
• RBF Protocol is independently certified to EN 50131 Grade 2 by Eurofins Product Testing (Munich). All Grade 2 requirements are addressed at the protocol level, not as add-on features.
• Use the 7-point specification checklist when evaluating any Grade 2 wireless system for your clients.
Download the RBF Protocol Technical Whitepaper including the full EN 50131 Grade 2 compliance declaration and RED cybersecurity assessment.
Contact Roombanker Engineering for certification documentation, ARC integration guides, and installer onboarding.
View the Roombanker product range — all wireless sensor equipment is EN 50131 Grade 2 certified to the same standard.
Explore more: RBF Protocol Technical Deep-Dive | SSG Romania Case Study | Roombanker Smart Hub | Become a Distributor