What is Hardware Compliance ?
Imagine you buy a new mobile phone and the battery explodes. Or you plug in a hair dryer and get shocked. Or you work in a factory and a robot arm hits you. Would you want to buy that phone, use that hair dryer, or work in that factory? I assume you would NOT.
Such incidents lead to hefty lawsuits and fines against brands and severely damage their reputation. For example, if iPhones started exploding, sales would plunge—which is bad for any business.
Another important aspect is holding companies accountable. Incidents like the Bhopal Gas Tragedy of 1984, the Beirut Explosion of 2020, or the recent crashes involving autonomous vehicles raise a critical question: Who is responsible when accidents happen and human lives are at risk?
To prevent these kinds of incidents and ensure accountability, hardware compliance is enforced. It is the process of making a product safe to use.
Several organizations are involved in this process:
Standard committees that write the "compliance rules" (also called "standards") like ISO, UL, ANSI, IEC, and SAE
Regulators like the FCC, EU Commission, and NHTSA
Third-party testing labs like UL, Intertek, CSA, and TUV
Manufacturers, who are ultimately responsible for building compliant products
All of these parties work together to bring safe products to market. Almost everything you use has gone through compliance and testing.
Next time you use your phone charger, look for markings like UL, CE, or ETL. Your mobile phone, car, airplane, battery, LED light, or headphones likely went through a rigorous compliance process.
Now that you understand what hardware compliance is, let’s dive a little deeper into it.
How Compliance Works for a Manufacturer
Let's say you want to build a product and get it certified. You need to follow a few steps as given below.
-
Define Product: A manufacturer can sell one product for different type of buyers/industries like aviation, military, industrial companies, or household use cases. And there could be many types of products like medical equipment, fire protection, safety equipment, equipment for hazardous locations like oil & gas. Based on type of product and market you chose to go, there could be minimal, or a lot of standards, testing, and costs for access to the markets you chose. Hence it is very important to define the product, specs, use cases, etc and then follow the step 2.
-
Identify Markets: Decide where the product will be sold (US, EU, CA, etc.)
-
Find Applicable Standards Based on the following:
a. Product type: Is your product electrical, battery powered, or powered from outlet ? Is it component (relay, sensor, Lidar, switch, battery, etc) or system(car, mobile robot, stationary robot, ) ?
b. End user and Environment: Will your product be used in factory environment or household, military, hospital, mines, used indoor or outdoor ? What is the ambient temperature range ? Is your product's end user trained, or the product is for regular user ?
c. Product specifications: Voltage, Current, Power, weight, size, metal or plastic body, internal components, etc.
-
Design as per the Standard: You then find which standards are applicable to you. You can also find certified components where possible so you do not have to certify at component level. Then you just design the product as per the standard requirements. (You can identify applicable standards on Saphira by just answering a few questions)
-
Testing & Approval: Some products don’t need certification/testing by a third-party lab (NRTLs). But legislation still allow you to “self-declare” meaning that you as a manufacturer take care of the compliance without a third-party lab. Self declaration is usually allowed in EU(Europe). In the USA, it is not required to certify a variety products, but a lot of products need certification, you need to find it out. But, then the question arises, why should I go through all the hassle if it is not even required? Well, even if it is not required, the distributor, seller or end buyer will mostly ask for it. Or, if there is an unfortunate accident leading to a lawsuit, you will be liable. So, either self-declaration or third-party certification, which will be liable in such scenarios, certification is absolutely necessary in today’s world.
-
Documentation: Self-explanatory, but documentation with version control is important. In some industries like oil and gas, even changing one small resistor is not acceptable without revision of the product report by third party labs. So, the following should be kept safe with version control.
- Schematics
- Analysis & Calculations
- Test results
- User manuals and safety instructions, maintenance, etc.
-
Approval: As mentioned earlier one can do self-declaration or get certification by 3rd party labs. If you decide to go with third party lab, they might need to inspect your factory every quarter to assure you are following the practices and meeting the requirements.
- Self-declare (CE)
- Submit to lab (UL, TUV, etc.) for certification
Why regions/countries are important? Why not one standard for all regions?
There are few main countries that have their own standard bodies and standards that they follow. For example, USA follows UL, ANSI standards, while EU follows IEC, ISO, and other standards. It would be nice if all requirements would be in one single standard. But, standards are hard to write and update as the industry advances every few years. Adding something to a standard which help one group of people or countries, and not the others, is not the best way to write standards. Imagine you have 500 page standard which has all requirements from all around the world, and another standard which is 50 pages only for USA. Which one would you like to read and follow ? So, different standards have been written for different region based on regional requirements.
Now, some countries have accepted IEC standards since they don’t want to write and maintain their own standards. On the other hand USA and Canada have written their own standards to consider the edge cases applicable to the region. Also, good to note that IEC and ISO are the “base standards” for most of the other standards like UL and ANSI. For example, IEC 61010 is base standard used in EU and other parts of world, while UL/CSA 61010 is mostly a copy of IEC 61010 with some additional requirements. For example, equipment used outdoors should be able to work in extreme low temperatures in Canada. So, UL/CSA 61010 specifically mentions those temperature requirements. Similarly, there are many other edge cases in these regional standards. If you go to NRTL. You will most probably get a different report for USA and Canada and a separate report for IEC(also called CB report) or EN report.
There are other bodies and standards like Indian Standard (IS) in India mostly harmonized with IEC, Guobiao Standards (GB) in China and Japanese Industrial Standard (JIS) in Japan. One must assess the regional standards and requirements if you plan to sell in those markets.
Harmonized standard
Did you notice I wrote UL/CSA 61010? Why UL and CSA are written together? This is because the USA and Canada have similar geographies and the edge cases we talked about apply to both countries. So rather than having two different standards, they have been harmonized, i.e. merged, and these are evaluated as one piece.
What are ANSI, UL, ISO, IEC, NEC, NFPA, ROhS, FCC, etc. ?
| Role | What They Do | Examples |
|---|---|---|
| Standards Bodies | Write the technical rulebooks (standards) | ISO, IEC, IEEE, SAE, RTCA, ANSI |
| Regulators | Enforce laws and mandate compliance | FAA, FCC, EU Commission, NHTSA |
| Standard Committees | Experts who draft and revise standards | Working groups under ISO/IEC/SAE |
| NRTLs (Labs) | Test and certify products to standards | UL, TUV, Intertek, CSA, SGS |
| Manufacturers | Design, build, and document compliant products | Any company making hardware |
| Compliance Engineers | Ensure design meets safety and regulatory needs | In-house or external consultants |
| Notified Bodies (EU only) | Approve high-risk CE-marked products | TÜV SÜD, DEKRA, BSI (for CE) |
| Accreditation Bodies | Approve test labs and ensure quality | A2LA (US), DAkkS (Germany), UKAS |
| Suppliers | Provide certified components, material data | Chip makers, enclosure vendors, etc. |
| Importers/Distributors | Ensure products entering markets are compliant | Often need DoC and labels before selling |
Difference between UL, Intertek, TUV, Nemko ?
There are all called NRTL(Nationally Recognized Testing Laboratories). Basically these are testing labs recognized by OSHA who help manufacturers in assessing and testing the product, and put a formal marking(stamp) on your product. See the following sample markings.
There is often some confusion about whether manufacturers can get ETL, SGS, TUV marking if they are using UL standards like UL 61010, UL 121201, etc. Yes, this is totally possible. UL(Underwriter Laboratory) and CSA (Canadian Standards Association) are NRTLs but they also write standards. UL standards are prevalent in USA and CSA standards are used in Canada. However, UL and CSA have a secondary branch, which is NRTL, which actually work with manufacturers, test the product and issue compliance reports and markings. Intertek on the other hand do not write standards and you will not see any standard with their name. However, they participate in standard committees of UL, CSA, IEC, ISO, etc.
Common product types and the relevant standards.
a. Core Categories of Hardware Compliance
| Category | What It Covers | Key Standards & Regions |
|---|---|---|
| Electrical Safety | Shocks, fire, insulation | UL 508 (USA), IEC 61010, IEC 62368-1 |
| Functional Safety | Safe behavior even in fault conditions | ISO 13849, IEC 61508, ISO 26262 (automotive) |
| EMC/EMI | Does it emit/radiate interference? | FCC Part 15, EN 55032, IEC 61326-1 |
| Environmental & Material | Toxic substances, disposal, recycling | RoHS, REACH, WEEE (EU), Prop 65 (US) |
b. Industry-Specific Compliance Fields
| Field | Focus | Examples |
|---|---|---|
| Medical Devices | Patient safety, hygiene, traceability | ISO 13485, IEC 60601, FDA 21 CFR |
| Hazardous Locations | Preventing explosions in gas/dust areas | ATEX (EU), IECEx (Global), UL 1203, NEC 500 |
| Industrial Automation | Robots, AMRs, safety-rated motion | RIA R15.06, ISO 10218, ISO 3691-4 |
| Consumer Products | Toys, electronics, home devices | ASTM F963, UL 1642 (batteries), CPSC rules |
| Automotive | Reliability + functional safety | ISO 26262, UNECE R10, FMVSS |
| Telecom / Radio | RF, Wi-Fi, Bluetooth, SAR | FCC Part 22/24/27, RED (EU), IC (Canada) |
c. Automotive Standards
| Standard | What It Covers | Example |
|---|---|---|
| ISO 26262 | Functional safety for road vehicles | Safety of ECUs, sensors, ADAS, etc. |
| ISO 21434 | Automotive cybersecurity | Protects against hacking, tampering |
| UNECE R10 | EMC (electromagnetic compatibility) | Required for UN vehicle approval |
| ISO 16750 | Electrical & environmental conditions | Testing: voltage, vibration, temperature |
| ASIL (A–D) | Automotive Safety Integrity Levels | Used inside ISO 26262 for safety targets |
| FMVSS (USA) | US vehicle safety regulations | Enforced by NHTSA, e.g., crash, lighting |
| SAE J3016 | Defines levels of driving automation | L0–L5, used for AV (autonomous vehicles) |
d. AI and Software Standards
| Standard | What It Covers | Key Use |
|---|---|---|
| ISO/IEC 23894 (2023 draft) | AI risk management | System-level AI safety management |
| ISO/IEC 22989 | AI concepts & terminology | Shared language for AI development |
| ISO/IEC 24029 | AI robustness & bias | Evaluation of trustworthiness |
| ISO/IEC 42001 (coming soon) | AI Management Systems (AIMS) | Like ISO 9001, but for AI governance |
| IEEE 7000 series | Ethical and safe AI design | AI bias, transparency, and accountability |
| DO-178C | Software safety in aviation (used in AI flight control) | Certifies airborne software |
| UL 4600 | Safety for autonomous products | Targets AI-driven systems with no human fallback |
Summary
Compliance can be overwhelming for engineers new to it. However, giving some time to understand the terms, identifying applicable standards, understanding use case, and reading the standards can make the process easier. Not understanding the process and requirements can lead to extended time and cost to your product launch. There is a lot more to the compliance, and we will cover it in upcoming blog posts. At Saphira, we are trying to help manufacturers get through compliance with our AI powered platform and help speed up the latest industrial revolution.
Want to see how it works for your team?
