The Gaia-X project was initiated in 2019 by the German and French Ministers of Economy to ensure that companies would not lose control of their industrial data when it is hosted by non-EU cloud service providers.
Since then, Gaia-X holds an international association presence in Belgium with more than 334 members, representing both users and providers across 20 countries and 16 national hubs and 5 candidate countries.
The Association aims to increase the adoption of cloud services and accelerate data exchanges by European businesses through the facilitation of business data sovereignty with jointly approved (user and provider) policy rules on data portability and interoperability.
Although for many enterprises, data sovereignty is seen as a prerequisite for using the cloud, a significant driver to boost the digital economy in business is incentivizing business data sharing. Two decades of cost optimization have constrained business value creation, driving many companies to neglect the opportunity to create shared value within a wider industry ecosystem.
Now, thanks to the participation of large numbers of cloud users in the domains of Finance, Health, Energy, Automotive, Travel Aeronautics, Manufacturing, Agriculture, and Mobility, among others, Gaia-X is ideally positioned to help industries define appropriate data spaces and identify/develop compelling use cases, which can then be jointly deployed to a compliant-by-design platform architecture under the Gaia-X specifications, trust, and labeling frameworks.
The creation of national Gaia-X hubs that act as independent think tanks, ambassadors, or influencers of the Association further facilitates the emergence of new data spaces and use/enabler cases at a country level, before these are subsequently extended to a European scope and beyond. Gaia-X partners share the view that data spaces will play a similar role in digital business as the web played 40 years ago to help the Internet take off.
The Gaia-X Working Groups are at the core of the Gaia-X discussions and deliverables. There are three committees: the Technical, the Policies and Rules, and the Data Spaces and Business.
The Technical Committee focus on key architectural elements and their evolution, such as and not limited to:
Identity and Access Management: bridge the traditional X509 realm and new SSI realm, creating a decentralized network of identity federations
Service Composition: how to assemble services in order to create new services with higher added value
Self-Description: how to build digital trust at scale with measurable and comparable criteria
The Policy and Rules Committee creates the deliverables required to develop the Gaia-X framework (compliance requirements, labels and qualification processes, credentials matrix, contractual agreements, etc.):
The Labels and Qualification working group defines the E2E process for labels and qualification, from defining and evolving the levels of label, the process for defining new labels, and identifying and certifying existing CABS.
The Credentials and Trust Anchors working group will develop and maintain a matrix of credentials and their verification methods to enable the implementation of compliance through automation, contractual clauses, certifications, or other methods.
The Compliance working group collects compliance requirements from all sources to build a unique compliance requirements pool.
The Data Spaces Business Committee helps the Association expanding and accelerating the creation of new Gaia-X service in the market:
The Finance working group focuses on business modeling and supports the project office of the Association.
The Technical working group analyzes the technical requirements from a business perspective.
The Operational Requirements working group is the business requirements unit.
The Hub working groups hold close contact with all Gaia-X Hubs and support the collection and creation of the Gaia-X use and business cases. These working groups maintain the international list of all use cases and data spaces and coordinate the Hubs.
4.1 A Quick Introduction to Gaia-X
The Gaia-X Association was created by its 22 founding members [1] on September 15, 2020. It was officially authorized by royal Belgium decree on December 21, 2021. Gaia-X is open to all cloud service providers and cloud users which endorse its Article of Associations and the objectives of the Association as defined in the original Franco-German Position Paper [2]. At the Gaia-X Board on March 29, 2021, the Association added a further 212 members on top of its initial founding members, bringing together all the major cloud service providers (CSPs) and a significant number of user companies in the selected data spaces (see Fig. 4.1).
Fig. 4.1
Gaia-X Association members distribution (29 March 2021)
×
At this time, the Association has 343 members, the distribution of which may be seen in Fig. 4.2.
Fig. 4.2
Gaia-X Member distribution by country (end of April 2022)
×
Anzeige
The inclusion of the main US and Chinese CSPs has been agreed by the 22 founding members since the top 3 US CSPs already provide 70% of cloud services to European cloud users. However, cloud usage by European businesses (26% of processing in 2020) will only tend to increase if CSPs commit to respect policy rules on portability and interoperability of infrastructure, data, and applications. Such policy rules will be defined in joint Gaia-X working groups that are made up of users, European CSPs, international CSP, academia, and start-ups. Jointly designed policy rules will be published by the Policy Rule Committee that has been nominated by the Board of the Association.
Gaia-X expects cloud usage in Europe to double over the next 4–5 years, a growth which will increase market opportunities both for European CSPs and International CSPs whose offerings respect policy rules.
The openness, non-compete, and non-discrimination guidelines of Gaia-X will facilitate ex-ante compliance with relevant policy rules because they will be designed jointly with all cloud service providers. However, the 22 founding members have decided that the Board will be restricted to members of companies that have their worldwide headquarters in Europe.
The Association will define and prototype federated services for topics, such as identity management, data sharing, and compliance checking. These will be made available as open source to all members. It will also facilitate the creation of data spaces in markets that have been prioritized by the European Commission in its digital strategy [3]—the data spaces will be restricted to deployment cases, where ecosystem partners include the major European players in the respective markets. Today, the Association is active in the following markets: aerospace, agriculture, circular economy, education, energy, finance, geoninformation, health, manufacturing/industry 4.0, media, mobility, public sector, smart cities, smart living, and space. Further data spaces will be facilitated through national Gaia-X hubs (see Chap. 5).
Anzeige
4.2 The Business World with Gaia-X
The objectives of Gaia-X are ambitious but are already reflected by the number of partners (343 by the end of April 22) and the impressive participation of the first two Gaia-X Summits in November 2020 and November 2021, bringing in more than 4500 participants each. Gaia-X is conscious of the challenges it faces and has decided (at the start of 2021) to create a Gaia-X Institute, a body which will ensure that the conceptual foundations of the Association are rooted in proper academic research and thinking in the areas of the economy of data, legal principles of compliance, and objective measurement of success.
4.2.1 Economy of Data
The economy of data has been studied for 20 years in several European universities including Toulouse, Mannheim, and Bologna.
The most significant result has been the definition of multisided markets by Jean Tirole, who was awarded the Nobel Prize of Economy in 2014 for his work on this topic.
The extension of multisided markets concepts to the business world has been widely developed at the Toulouse School of Economy by Jacques Cremer who wrote the foreword of a book summarizing these advances [4].
The value that can be created by sharing data can be generated in two ways:
1.
Several partners agree to share similar types of data to increase the volume of available data. This requires a common definition of data to ensure that any partner can readily use data created by the others. Increasing the volume of data sharing is important in areas such as the effective training of AI algorithms. A good example of volume data sharing is given by “Here,” a former Nokia company bought by Audi, BMW, and Daimler, which has decided to share all data related to road conditions that is collected by each of their connected cars. Their objective is to get a comprehensive set of road images, whatever the day of the year or the hour of the day. Such data is essential to feed AI algorithms for vehicle autonomy at level 5 (fully autonomous driving on normal roads). Interestingly, “Here” has recently welcomed the Intel subsidiary Mobileeye to its ecosystem—this new partner brings specialisms in LiDAR sensors capturing images on the road.
2.
Several partners decide to share different, but complementary types of data in order to create services that none of them can offer with their own data alone. Complementary data sharing brings tremendous possibilities for added value in use cases as diverse as preventive maintenance and fire detection. One example is Skywise, an ecosystem launched by Airbus, which uses an industrial data platform to combine production data collected on Airbus aircrafts with operational and flight data collected by airline companies like EasyJet or United Airlines. The benefit for Airbus is to gain access to operational data so it can improve the design of its future aircraft. For EasyJet, the value is to have access to detailed data collected at the time of aircraft production in order to better anticipate potential future failure. Airbus is claiming 30% productivity improvement thanks to such industrial data sharing. Another example is the use of satellite data generated by the Copernicus system—by combining satellite broad range image data with data collected by surveillance stations on the ground, local authorities can detect forest fires earlier.
While the principle of business data sharing is intuitively understood, the mechanism of value creation is less well defined, although its principles were described by Jean Tirole. Initially formulated to reflect the market of payment cards, the principles of value creation describe a two-sided market with, on one side, cardholders and, on the other, merchants. The cardholders expect many shops to accept their cards, but before the merchants will invest in payment terminals, they want to be sure that a sufficient number of customers are willing to use them. A two-sided market needs to reach a critical mass of adoption to be sustainable. On its own, each side has little chance of reaching a viable scale, but if an operator takes the risk in committing to each side that they will reach critical size, then the market can take off.
In the extreme, the operator will become unbeatable, requiring authorities to intervene to avoid a monopoly situation. While Tirole’s work focused on the consumer market, it has recently been extended to business markets, especially in the context of reflecting the incentives for complementary data sharing—with the most attractive opportunities residing within ecosystems of partners belonging to the same value chain.
While competition in conventional business models has forced companies to concentrate on specific parts of a value chain (e.g., production of aircrafts for Airbus, operation of aircrafts, and customer relationships for EasyJet), complementary data sharing provides an opportunity for partners within a given value chain to reap the incremental benefits of sharing business data, while still maintaining their business autonomy.
4.2.2 Compliance
What are the incentives which can be proposed and which arguments can be used to facilitate the creation of data spaces?
The first approach is to impose new regulations, as has been done in the finance sector with the 2019 Payment Services Directive (PSD2). This requires that any financial institution, which is providing personal bank accounts has the obligation, if the owner of the account agrees, to provide API-enabled access to certain account data to stimulate the creation of additional value services. PSD2 has clearly been a catalyst for the explosion of Fintech activity over recent years. The Finance sector is ahead of other industries in respect of data sharing and is currently the only one to have a directly related regulation. However, the approach is limited because APIs are sector specific and not suitable for cross-domain data sharing. A promising approach is the one taken under the Connecting Europe Facility program run by the European Commission where FIWARE open API is recommended for cross-domain and cross-border data sharing.
The second approach is to agree on a common data model, as it has been done in the management of physical building infrastructures (plan, design, construct, operate, and maintain). The Building Information Modeling (BIM) concept has existed since the 1970s, but it has become generalized across the construction industry since the early 2000s. ISO defines BIM as “Use of shared digital representation of a built asset to facilitate design, construction and operation processes to form a reliable basis for decision.” For the professionals involved in a project, BIM enables a virtual information model to be shared by the design team, the main contractor, subcontractors, and the owner/operator.
Unfortunately, the timeframe described in the two previous sections is not compatible with a rapid deployment of data spaces. How can quicker progress be made?
The first option is to get rid of obsolete and overly constraining regulations, which were originally created for the pre-digital world. Typically, in payment markets, merchants heavily subsidized the acquisition of customers by selling their services below cost and could, according to existing regulations, be accused of dumping. This is similar to the story of “free” services which have allowed GAFAM to take off in their respective markets. An attractive proposition is to build regulatory sandboxes, sponsored by governmental authority, that allow a controlled relaxation of regulations which would otherwise block complementary data sharing, thereby allowing alternative models to be tested.
An example of such a regulatory sandbox is the one proposed by the French Commission de Regulation de l’Energie: it concerns the creation of an energy data space to make the best possible use of data collected by the 30 million smart meters in France—of which only 5% is currently usable because of regulatory issues. After a period of a few years, services to be offered will have been clarified and the business cases proven. The results will help industry and regulators to decide how to organize the energy data space for the longer term.
Among the main risks and concerns that prevent companies from sharing business data, the most often cited relate to “security” and “data usage control.” Data usage control defines the policies under which data will be shared in a transparent manner. In this way, data is associated with well-defined services that are agreed between the partners—it cannot be considered as open data, even between the partners. Through the use of industry data platforms, it is technically possible to control and check data usage according to agreed policies by linking data and services and enforcing that these compliance checks with these policies are performed by the platform operator.
Security is a risk that is not specific to data sharing and can be addressed through proper identity and access management and appropriate use of data encryption.
The primary technical challenge is typically the lack of interoperability. Today a large share of data is stored in public clouds, 70% of which are operated by US providers. While cloud customers gain flexibility in terms of their own access to compute and storage resources, they can face challenges when sharing data with ecosystem partners that use different cloud service providers. Interoperability challenges exist at an infrastructure level because of incompatible communication protocols and also at an application level because of a lack of common API’s (a challenge that PSD2 has helped to address in financial services). One way forward is for cloud service providers to demonstrably comply with agreed common policies for infrastructure and applications.
While the current focus for digital and business data sharing is policy and regulatory compliance, it is important to remember that compliance was initially created to combat money laundering. It then extended into corporate social responsibility and further into personal data protection.
Corporate compliance is not always well accepted, largely because enterprises consider it to be an additional process and control mechanism linked to objectives, which are beyond the immediate control of their own company. In addition, unlike traditional regulations which trigger ex-post penalties if not respected, compliance brings ex-ante constraints which have to be checked by the company itself.
Corporate compliance was initially instigated in the USA but must be seen as mandatory in a world of globalized industry. Two attitudes are possible in Europe: either defensive to complain about additional bureaucracy and costs, or offensive to include appropriate objectives for Europe, which will become a self-validated prerequisite for all companies operating in Europe.
We believe that business data sharing and associated data sovereignty are objectives which can be translated to specific policies for interoperability, security, and data usage control.
In our view, compliance is the only way for Europe to make business data sharing possible in a timely and transparent manner that guarantees data sovereignty for participating companies.
Creating data spaces will be a collective task involving several players who recognize that data sharing with other partners will be of collective benefit for their companies when endorsing the compliant-by-design portability and interoperability architecture proposed by Gaia-X. Data space success will be achieved through investment from initial partners supported by public funding. In contrast to traditional investments in software which can be protected by Intellectual Property Rights (IPR), data spaces creation will be funded by initial participants to the eventual benefit of all players in the resulting ecosystem. In the past, standardization tasks have been funded by public money with the active participation of industry users and providers, typically resulting in long lead times for design, implementation, and adoption of new standards. The stated intent of Gaia-X to facilitating the doubling of cloud usage in Europe within the next 4–5 years doesn’t allow for such a lengthy process.
Moreover, governments and the European Commission, which have announced that they will financially support the creation of data spaces (EC has announced a contribution of 1.2 B€ for the creation of nine data spaces) want to be able to justify to their citizens that they have properly invested public money.
Tokenomics, which is a new branch of economics, might be an appropriate tool for co-operatives to reflect capital investment and gain voting rights. The design of rules and policies for achieving the desired goals of data spaces creation could be based on the game theory using tokens for incentive alignment and rules enforcement. The related mechanism is often referred to as tokenomics.
“Generally speaking a token is a thing which serves as a visible, tangible or intangible representation of a fact or a right; for example, a driving license card is a token which represents the fact that you are trained and allowed to drive a car.
A cryptographic token is a cryptographically secure, provable representation of a fact or right, which can additionally be processed in digital systems like decentralized networks. Tokens are digitized multipurpose instruments, ranging from simple-single to multi-complex designs. It could be value, stake, voting right, or anything. A token is not limited to one specific role or utility, it can fulfill a lot of roles in its ecosystem.
Tokenomics encompasses the concept of economic system design and implementation to incentivize specific behaviors in a community, using tokens to create a self-sustaining ad hoc economy. It includes game theory, mechanism design, and monetary economics” [6].
An example of Tokenomics was proposed during the Gaia-X summit where the Bosch Team used the case of the design and implementation of a collective transportation system to be installed in a given territory; a funding mechanism can be created by selling tickets which are tokens of no value before the transportation system operates but which will progressively gain value. Cities or regions can participate through the acquisition of tokens which can be later transformed into real tickets for delivering social policy (e.g., for elderly, unemployed, and students).
For the Association, Tokenomics is being considered for two purposes: (1) increase its financial resources in order to accelerate the creation of data spaces. In addition to regular fees paid as a member, companies belonging to an ecosystem can put additional funding represented by a token. This additional funding will be used to support the efforts of active companies that contribute their expertise in the creation of data spaces; companies that want future benefits from data spaces can buy tokens, which will support the costs of the active companies. (2) Public institutions can support the creation of data spaces by acquiring tokens which give them voting rights in the definition of the data spaces as well as opportunities to facilitate the participation of start-ups in the future ecosystem.
Bringing together the economics of data, compliance and measuring success through Tokenomics will pave the way for the new world of Gaia-X.
4.3 The Gaia-X Principles
Gaia-X is an initiative to provide a regulatory and technical framework that supports the generation of data and infrastructure ecosystems. It will provide a set of “Federation Services,” which allow interactions between all participants without any specific company taking on a dominant role in controlling the flow of information (see Fig. 4.3).
A common set of policy rules and functional and technical specifications will provide interoperability and portability of data and applications, avoiding the lock-in effect that many users experience with existing providers. This will also provide economies of scale for the many small- to medium-sized cloud service providers and specialized data centers. The distributed and federated infrastructure further provides the basis to integrate EDGE and HPC/QLM “as a Service” capabilities.
The infrastructure is the basis for the generation of data spaces (as they are also described in the European Data Strategy), which will form the basis for “advanced smart services.” These will be built around “collaborative use cases” where multiple parties agree to share data with a view to improve supply-chain process efficiency (smart connected supply chains generate about 20% savings), as well as bringing new value in competitive scenarios (e.g., mobility data spaces where each provider publishes their itineraries and real-time traffic information and costs, allowing the creation of new mobility services).
One critical enabler for these services is that each data provider maintains sovereignty of their data usage. Gaia-X uses the “International Data Spaces” Reference Architecture to ensure that data usage controls are provided, and compliance is assured.
4.3.1 Objectives
Objectives of Gaia-X have been described in the Franco-German Position on Gaia-X [2] published on February 18, 2020; they are a prerequisite for new members of the Association. This document has been agreed between the 22 founding members regrouping Cloud Users and Cloud Service Providers; it has been endorsed by the 27 European Countries and the European Commission in its document “Towards a next generation cloud for Europe”:
The European cloud federation initiative will aim at creating synergies between national and cross border initiatives, to enhance and broaden their scale and coverage. The Gaia-X initiative for a European federated data infrastructure is a leading example of a public-private initiative aiming at a broad European scope.
Gaia-X is a strong private partnership to implement the European Strategy for Data announced in February 19, 2020, in its entire dimensions of data space creation and next generation of cloud compliant with portability and interoperability requirements.
4.3.2 Policy Rules and Specifications for Infrastructure Application and Data
Policy rules will be jointly created by cloud users and cloud service providers both European and international. The aforementioned Franco-German paper which has been agreed by all Gaia-X partners described them in the following terms:
For the area of infrastructure:
Reversibility: Changing the cloud provider with portability for data and services, in the frame of Art. 6 “Porting of Data” of the European Free Flow of Non-personal Data Regulation. First codes of conduct have been handed over to the European Commission.
European CSP certification scheme: The scheme was developed by a European Working Group, including German BSI (C5) and French ANSSI (SecNumCloud), and handed over to ENISA in June 2019. Based on the European Cybersecurity Act or within the framework of the New Legislative Framework, certification schemes for an efficient onboarding of cloud infrastructure services providers into Gaia-X should be developed. To this end, Gaia-X has to develop the appropriate self-description and discovery schemes.
Security of data: Security policy is associated with the data about its usage and shall be controlled irrespective of the providers. Beyond existing cybersecurity approaches, the need and requirements for a trusted execution within the edge environment should be considered.
Identity and access management (IAM): Resources and devices shall be identified in a way which is common regardless of the provider. All agents and devices, like all assets, are identified regardless of which provider is involved in a Gaia-X service instantiation. This is covered by interoperability, common trust requirements (international technical standards and harmonized legal framework), and an approach covering the Gaia-X IAM requirements. Both Gaia-X core components and provider offer a sufficiently high degree of security regarding the integrity, confidentiality, traceability, and availability of Gaia-X identities. The solution will be selected based on industry best practices and accepted international standards. It forms the Gaia-X baseline for flexibility regarding different technical and national/legal requirements. On top, distributed access and (decentralized) identity management schemes, including verifiable credentials, should be considered enabling a robust ecosystem.
Energy efficiency: Transparency of energy consumption and its comparability regarding equivalent workloads should be encouraged. Users should have better visibility of the energy consumed by processing their data, including in the context of self-description. Criteria may be applied to all type of cloud facilities, including edge computing facilities.
Protection against non-European extra-territorial regulations: Protection against abuse of national regulations that allow to access data stored in cloud infrastructures or services is an essential part of the European federated data infrastructure.
For the portability and interoperability of applications among cloud providers:
Avoiding “lock in” by agreeing on open API describing the use of technical facilities provided between SaaS offerings and third parties, including individual bricks internally (e.g., changing the data storage service or other individual services).
Common data standards enabling data sharing through file exchange or functional API (as in PSD2 for finance).
Common definition of data security policy defining data security policy in logical and legal terms.
Encryption to be used for stored data where relevant, with a portability of the keys used to encrypt and interoperability of key management systems.
Virtualization of distributed data across multiple service providers (e.g., data cashing, data prefetching) to enable distributed cooperating application and services.
Edge computing as a possible processing paradigm to create possibilities for real-time processing and distributed algorithms, cloud-native apps vs edge apps.
Data portability and interoperability: Data interoperability has to go further than data portability, i.e., domain-specific data semantic harmonization is the next degree of data interoperability and should include inter alia through (domain-specific) standardized management dishes for digital twins.
Service and contractual interoperability to enable on-demand CSP collaboration.
4.3.3 Federated Services in Business Ecosystems
Theoretically, in closed few-to-few ecosystems, a consortium of partners could just implement federation services on their own (see Fig. 4.4). When they need to open up to a more dynamic ecosystem or want to achieve interoperability and data sovereignty beyond their own ecosystem borders, they will need to rely on federation services owned/provided by the Gaia-X Association.
Federated services provide basic digital services that are required in closed few-to-few communities to create an ecosystem (data or infrastructure) without any party being in a position to take advantage of having access to the key controls. This is very similar to the setup in the physical world where governments control commercial registers and trade rules which in turn enable (for example) a group of independent auditors or payment providers to provide such services. A key element in this setup is that the provider of such services is not part of the individual business relationships, working instead on commonly defined standards.
“Identity and Trust” provides a common mechanism to identify individual companies and data providers together with associated trust mechanisms. In a way, this is like what Amazon/Google/Microsoft do with their authenticators—only that the identity and trust provider can and must not use these services for any external commercial purpose.
“Federated Catalogue” this is the listing of all available services and data endpoints. It provides the necessary attributes to search for services that are compliant with specific regulations, and provides an independent assertion through the Compliance Services.
“Data Exchange services” ensures compliance to the data usage policies.
Fig. 4.5
Gaia-X Federation Services
×
Federation Services are governed by the Gaia-X—a membership-based organization where no single company or organization can define the rules, but where, building on policy rules and architectures of standards, the members jointly establish the definition and implementation of Federation Services. (This model is similar to one of the cornerstones of the WWW. “Domain Name Services” provide a federated registry of domain names; it is governed by the multi-stakeholder group ICANN.) Availability of Federation Services for Identity, Trust, Catalogues, and Compliance greatly simplifies the setup of multiparty ecosystems as it is not necessary to provide individual solutions and agreements, since the Federation Services already provide a base for legal and technological compliance:
Federation Services enable efficient creation of ecosystems:
Commercially: No single party has control over the ecosystem.
Legally and technically: They provide a basis for legal compliance and provide interoperability across different Identity, Trust, Catalogue, and Data Usage Controls.
4.4 The Gaia-X Data Spaces
Currently, Gaia-X has committed to cover six data spaces, which will be gradually augmented when Gaia-X has onboarded representatives of additional domains in the fields of agriculture, education, and green. Gaia-X national hubs will help to identify these new partners, initially on a national geography basis, but eventually to be extended to a European dimension.
4.4.1 Finance and Insurance
The Finance and Insurance Data Space is driven by Caisse des Depots et Consignation in France. It already includes Arkea, BNPP, BPCE, CDC, Credit Agricole, Commerzbank, Intesa San Paolo, and MAIF.
Four main benefits are expected by Gaia-X partners:
Easily build, assemble, and use trusted and value-creating data-based cloud services
Gaia-X as a European-wide accelerator of innovation and co-construction to provide secured data sharing and artificial intelligence services at scale and in a compliant and secure way
Create new financial product/services and foster new business models that are “compliant by design” with European regulations and values
Foster Europe’s competitiveness and financial market’ stability
The next steps are to develop a “compliant by design” framework aligning Gaia-X policy rules and financial sector regulations and deliver a first data space demonstrator based upon the “Financial Big Data Cluster” initiative launched in Germany.
4.4.2 Energy
The energy domain is driven by EDF and includes also global companies as Engie and Enel, as well as distributors like Enedis.
The key focus of the domain will be smart grids, with its four dimensions of customer/services, industrial data, environment data, and financial data. Electricity data is not yet sufficiently shared, and this prevents the creation of new business models based upon multiparty cooperation between technology providers and data owners. The energy partners want to enable interoperability with proper data governance and security to facilitate data analytics and edge computing.
4.4.3 Automotive
In December 2020, German automotive manufacturers have created and announced the German Auto Data Alliance with BMW, SAP, Siemens, Robert Bosch, and ZF Friedrichshafen with the support of Deutsche Telekom. In its press release announcing the Automotive Alliance, BMW stated:
How much CO2 is produced in the production of an SUV? And in which models are defective parts installed? These are pressing questions for automakers. The BMW Group is looking for ways to make its supply chains faster, more transparent and safer.
Bosch and BMW explained during the summit that because of a lack of interoperability between the systems operated by OEM and Part Suppliers, there is a 6-month delay between failure occurrence and failure notification to the part supplier. In addition, 80% of parts investigation at the supplier are redundant as failure and root cause are already understood.
The German Automotive Alliance is currently extending its reach to French and Italian car manufacturers.
4.4.4 Health
Health data space is currently driven by Philips with the participation of Healthineers (formerly Siemens Medical), Sanofi, APHP (Parisian Hospitals), and Dassault Systems which has recently bought Medidata (specialized in clinical test management).
Philips want to establish a Longitudinal, 360-degree health profile of citizens enabled by ecosystems at the national and EU level. Establishing secure, open, federated health data spaces and cloud services is a key enabler for the transformation of healthcare to continuous health tracking, image-guided therapy, computational pathology, and genomics as the basis of personalized medicine.
As for the other regulated business of Health Philips wants to develop a “compliant by design” framework aligning Gaia-X Policy rules and healthcare sector regulations.
4.4.5 Aeronautics
Three years ago, the Aeronautics sector launched the Skywise system regrouping Airbus with 130 Airlines companies to reduce aircraft maintenance cost by 30% (See Supra).
During the Summit, Gaia-X invited the other industry participants: Dassault Aviation, Safran, Thalès, Ariane Group, MDBA Systems, Leonardo but also EASA, Eurocontrol as well as GIFAS, BDLi, and Academics (TÜM, ISAE, etc.) to cooperate for the creation of an Aerospace Data Space.
The initial common objective is to leverage common specific use cases (e.g., export control management, high-performance computing for simulation and modeling, pseudo-real time data collaboration for air traffic optimization, etc.) that will support the design of the aerospace policy rules, data ontology, architecture of standards, and service federation that will ensure the European aerospace ecosystem.
4.4.6 Travel
The travel data space is driven by Amadeus and includes Air France KLM and Aéroport de Paris. The group wishes to extend to other French companies like SNCF and other European travel companies.
The objective is to offer to the traveler in Europe a multi-modal ecosystem encompassing all aspects of travel. Two use cases have been identified: seamless travel allowing the sharing of digital identity, passenger name record, travel record, and social media interactions, and health pass to provide safe corridors and avoid repeated health checks. The compliance with GDPR and Health Authorities regulation is a prerequisite for these two cases.
4.5 The National Hub Organization and the Launching of Additional Data Spaces
Gaia-X National Hubs already exist in 16 countries and 5 candidate countries as per Fig. 4.6. Japan and Hungary are also in the process of joining.
Fig. 4.6
Hub Map
×
Additional Gaia-X Hubs will be created to cover all 27 European countries. Their objective is to collect cloud users’ priorities and to channel the various national members to the appropriate European Data Spaces. In addition, national hubs will help addressing new domains such as education, farming, green, and public sector—starting with local companies, possibly within two or three countries, before launching them at a European level.
4.6 Conclusion: Data Spaces—The Enabler of Digital in Business
Data spaces have so far been seen as a nice-to-have feature like standards. They are very useful if they exist, but virtually impossible to justify in economic terms. Therefore, only a political decision can trigger their creation, with consequential long lead times (5–10 years) between the initial intention and the agreed standards.
Cloud adoption is so critical for European industries that Gaia-X has decided to take another route. Initiated by 22 founding members, Gaia-X has demonstrated during the Summer of 2020 that 159 new members from all over the world were in line with the Gaia-X value proposition. Currently, there are more than 334 members.
During the Gaia-X summit attended by more than 5000 participants, two additional proofs were given: (1) the data space concept is now understood at board level (three of the six data spaces were presented by board members of Philips, Airbus, and CDC), and (2) the hyperscalers (representing more than 70% of cloud provision in Europe) are ready to adhere to this approach of the business.
Many similarities can be seen with the situation of the Internet 40 years ago. The 70s saw the emergence of the internet protocol (IP) as a new way for data transmission through packets; it was seen as an efficient data transmission protocol that allowed better use of transmission circuits by sharing resources thanks to software. Before the invention of the web, it remained a technical mechanism for telecom operators. But the web could not have existed without IP, and IP only took off with the generalized use of the web.
Gaia-X partners believe that data spaces will have a similar role in the business for cloud; there will be no take off of cloud in business without a strong adoption of data spaces by companies belonging to the same ecosystem, but conversely data spaces will not take off if cloud providers do not offer portability and interoperability of their services.
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
