With the Alternative Fuels Infrastructure Regulation (AFIR) now in full effect and the latest Delegated Acts and Implementing Rules adopted in Spring 2025, the EV charging industry faces a rapid and mandatory transformation. These are not abstract goals for 2030 – the first compliance deadlines hit in 19 months, and they will change the technical architecture of every new and renovated charging station in the EU.

Here’s what’s changing, what it means for charger manufacturers, and how to prepare.

Quick Background: What is AFIR?

AFIR (Regulation EU 2023/1804) sets the binding framework for deploying public EV charging and alternative fuels infrastructure across the EU. Its goals are clear:

• Ensure interoperability and accessibility of charging stations
• Standardize payment and pricing transparency
• Enable smart charging and bidirectional integration into the grid
• Create a seamless European-wide network for EV drivers
  

So far the regulation applies to all publicly accessible charging stations and, under certain conditions, also to semi-public and fleet-related deployments.
And new: also private Type 3 and 4 Chargers from Jan 2027 on are regulated!

The Spring 2025 update to AFIR comes in the form of new Delegated Acts and an Implementing Regulation (EU) 2025/655, which specify the technical nuts and bolts. And it’s here that the real work begins.

The New Timeline: 19 Months to Rethink Your Architecture

These are the critical dates you need to internalize:

🗓️ From October 2025:

• All new or renovated public chargers must support ISO 15118-1 to -5‍

🗓️ From January 1, 2027:

• All new or renovated public and private chargers must support:
  
  • EN ISO 15118-20:2022 (the version enabling Plug & Charge + bidirectional charging)
  • EN IEC 61851-1:2019 for electrical safety
• If a charger offers Plug & Charge, it must support:
  
  • Both ISO 15118-2:2016andISO 15118-20:2022

What’s more, smart charging (and the ability to go bidirectional) is not optional anymore — at least not on the communication side. Every charger installed or renovated after Jan, 1st, 2027 must be prepared to support smart communication and system integration.

What This Really Means: Big Shifts in Hardware & Software

Let’s break down the consequences across five dimensions:

1. Communication Protocols: ISO 15118-20 Takes Over

ISO 15118-20 is not just “another version.” It brings major architectural changes:

• Support for bidirectional charging (V2G)
• Enhanced security (certificate handling, TLS 1.3)
• More flexible Plug & Charge mechanisms
• New use cases like smart energy management‍

⚠️ Many current AC chargers on the market — especially those running on low-cost microcontrollers — will be unable to support 15118-20. These systems now need:

• ‍PLC mode for vehicle communication
• Support for secure boot, TLS 1.3, and encrypted communication
• Easiest and most future proof realized by a strong Software defined Linux-based architecture like EVerest!

2. Hardware Requirements: From Microcontrollers to Real Computers

To be AFIR-compliant, future chargers must feature:

• PLC modems for high-level communication (ISO 15118)
• AFE circuits conforming to IEC 61851-1 for analog safety
• μControllers for real-time, safety-critical logic
• (Linux-based) processors for application logic and secure communication
• Displays on public chargers for transparency and accessibility

3. Displays & Transparency: What Counts as Public?

AFIR makes clear distinctions:

✅ A display (or equivalent visual interface) is required if:

• The charger is publicly accessible‍
• Users can pay ad-hoc (without a contract or app for chargers with more than 50 kW, which is creating a new market segment of the 49.9kW fast chargers….)
• Pricing and payment options need to be shown at the site

❌ A display may not be needed if:

• Access is restricted (e.g. fleet depots, private company parking)
• Payment is always handled via apps or contracts‍
• Real-time pricing and status are available via other “barrier-free” means (e.g. QR code linking to web portal)

📌 Important: Supermarket chargers and semi-public sites are considered public under AFIR if general access is not restricted — and will likely require visual interfaces to remain compliant.

4. Cybersecurity & Safety: It’s Not Just About Charging Anymore

AFIR is now tightly coupled with other regulatory frameworks like the Cyber Resilience Act (CRA), NIS2 and GDPR. This means:

• Encrypted firmware updates must be supported
• System access must be protected through certified secure elements
• Secure boot and TPM for cryptographic operations and firmware integrity
• Roaming, cloud services and payment interfaces must not leak personal data

This is the first time EU-wide cybersecurity standards directly affect EVSE firmware, bootloaders, and remote maintenance logic.

Getting ready to deliver: Testing & Certification for ISO 15118-20: Manual Testing Won’t Scale

With hundreds of new EV models expected by 2027, compatibility can’t be guaranteed by ad-hoc testing anymore. The future is:

• ‍Automated test harnesses
• Formal certification paths for ISO 15118 and OCPP
• ‍Cloud-based CI pipelines for EVSE firmware

Without robust testing, certification delays or failures could cost months in time-to-market — and possibly entire market segments.

The Triple Squeeze: Cost, Time, and Complexity

The industry is facing a perfect storm:

1. ‍Shorter development cycles (19 months until hard deadline)‍
2. Rising R&D and testing costs
3. Margin pressure in a highly competitive hardware market

Even experienced charger manufacturers are struggling to maintain velocity without compromising quality or compliance.

What You Can Do: EVerest + BaseCamp

We built EVerest for exactly this moment.

EVerest, a project hosted at LF Energy, is:

• ‍Fully compliant with ISO 15118-2 and -20 (Plug & Charge ready)
• ‍Interoperable with major backend protocols like OCPP and OCPI
• ‍Security by many, continuous automatic code scanning, experts review, external penetration testing, and a Vulnerability management process with responsible disclosure
• ‍Open-source and community-driven, ready for what will come next!

‍BaseCamp, Pionix’s enterprise-grade implementation of EVerest, goes one step further:

• Hardened for commercial deployments
• ‍Designed for security, with TPM, TLS 1.3, external security checks and CRA alignment*
• Ready for display integration, TPM modules, and payment terminals
• Meets the emerging requirements of CRA and NIS2
• Actively used in OEM and certification labs around the world and real-world field tests
• ‍Quality build automatically: Automatically Tested, Pre-Certified* and with a Cloud based CI integration, so you can deliver!

By using EVerest or BaseCamp, you can reduce technical risk, accelerate time to market, and align with what AFIR – and the industry – will expect in 2027 and beyond.

Final Thoughts: The Future of Charging is Regulated, Secure, and Interoperable

Whether you're a charger OEM, CPO, or software provider, AFIR is no longer a future concern – it's today's engineering blueprint.

Those who adapt early will win market share. Those who wait may find themselves locked out of the next wave of EV infrastructure funding, tenders, and partnerships.

There’s still time. But not much.

By embracing these standards now, we’re not just meeting today’s requirements – we’re building the foundation for what comes next: more standards, even tighter regulation for critical infrastructure, smart, secure, and truly interoperable e-mobility.

Ready to align with AFIR and future-proof your charging platform?

Explore EVerest on GitHub or contact Pionix to talk standards, software stacks, and how to ship AFIR-compliant chargers faster.

📚 Further Reading & References

• AFIR Regulation (EU) 2023/1804 – Full Legal Text: EUR-Lex: CELEX 32023R1804‍
• AFIR Regulation EU 2023/1804 - Annex II: Regulation - 2023/1804 - EN - EUR-Lex‍
• Overview of Delegated Acts adopted 04/2025 – Data & Interoperability: European Commission Announcement
• ‍Common Technical Requirements for AFIR Data Exchange (Delegated Act); Commission Implementing Regulation (EU) 2025/655 - specifications and procedures relating to the availability and accessibility of data on alternative fuels infrastructure: Data accessibility
• ‍NEVI (National Electric Vehicle Infrastructure) Requirements – USA: Indiana DOT – Appendix B: NEVI Requirements
• ‍Why TPM and Secure boot is needed by CRA: Enhancing Security in the ISO 15118-20 EV Charging System - ScienceDirect

‍

*Certifications are work in progress