3. Gaia-X Context¶

This section provides basic notions related to ecosystems and data spaces to set the context where Gaia-X is positioned. It also describes the Gaia-X mission and how Gaia-X is aligned with other relevant initiatives, stakeholders and ongoing standardisation efforts.

3.1 Basic Principles¶

A digital ecosystem is defined by a group of participants, who define a common set of rules governing the exchange of data and services. These documents typically include the definition of purpose, the common ruleset (which includes technical and commercial) and the underlying legal and commercial agreements. To ensure compliance with the rules defined, a compliance mechanism is built through a list of designated trust service providers.

The Ecosystem provides value to its participants by:

defining and publishing the purpose and the underlying rule set
offering services which enable the value creation inside the ecosystems, which may include catalogues, directories, registries and shared services which support specific use cases e.g.,
- vocabularies defining common data models, digital twin registries, (pseudo-) anonymization services
- mechanisms to negotiate and audit the use of data (incl. the management of data usage agreements)
providing participant directories to find potential business partners
enabling discovery and exposure via service and data directories, allowing participant to find and respectively publish own offerings

Generally, these services are available through a portal.

Gaia-X provides the mechanisms to translate the rulesets and roles to a digital framework allowing:

automated participant onboarding
assurance of compliance for ecosystem and participant services
validation of claims by participants in individual digital negotiations

Figure 3.1 - Ecosystem overview

3.2 Understanding Ecosystems and Data Spaces¶

A digital ecosystem is a non-hierarchical organisational structure of a multilateral set of partners (or, equivalently, participants) that interact digitally in order for one or more focal value propositions to materialise.

The key characteristics are:

Non-hierarchical means there is no single partner who is controlling or governing the whole ecosystem. While many, if not all, ecosystems feature something like a center of gravity for organising and structuring the rules and activities within the ecosystem. Any such “ecosystem governance authority” must not be controlled by a single partner. If that were the case, we cannot speak of a true ecosystem as it would simply be a hierarchy.
Multilateral indicates that ecosystem participants have to be interrelated and organised towards achieving a common goal; just bringing together buyers and sellers on a (single) digital platform does not qualify as an ecosystem in our sense.
We deliberately do not further restrict the notion of partner or participant: Typically, businesses, enterprises, and other legal persons form ecosystems, but natural persons are equally permitted to be prime participants in ecosystems. For instance, in health data spaces or the construction sector. Conversely, whole ecosystems or data spaces may also collude and co-operate in order to achieve overarching, cross-ecosystem or cross-data space value propositions. In that sense, the Mobility Data Space, the Smart Connected Suppliers Network (SCSN), the transport & logistics data space and a Smart City ecosystem may form a “Super-Mobility-Transport-Supply”-ecosystem.
The focal value proposition or overarching goal is holding and binding together the individual partners in any (digital) ecosystem. We do not restrict the range (broadness) or specificity of such a shared value proposition, although existing initiatives strongly suggest: the more concrete the value proposition, the stronger the ecosystem. For instance, the simple idea of “just sharing data in the [insert your favourite industry here]” is rather weak; forming a digital ecosystem to shorten the time for building new (nuclear) power plants by 50% is quite strong.

The four leading questions discriminating digital ecosystems from other forms of organisation and collaboration are:

Who are the partners or participants?
What is the common value proposition participants share?
Who is organising the set of partners?
What are the participants doing digitally?

Note that – in this Architecture Document – we intentionally do not ask about the commercial viability and sustainability of a digital ecosystem. This (fifth) question would run like

How do participants earn back the money they need to sustain the digital ecosystem?

Digital ecosystems can be established around infrastructure (and respective services, Infrastructure as a Service (IaaS)), applications and related services (Platform as a Service (PaaS), Software as a Service (SaaS)), data services, or any combination thereof. Participants within an ecosystem agree, through a formal governance body (often called Ecosystem Governance Authority as above), to a set of “Policy Rules” to which all participants must conform. Typically, these Policy Rules encompass a list of attributes, criteria for ecosystem conformity, methods for conformity attestation, and procedures for verification by mutually agreed-upon trusted parties.

Digital ecosystems typically operate within specific contexts:

Regional: Participants must ensure compliance with regional regulations and legal requirements.
Domain: Industry-specific standards and regulations are applicable.
Sub-Domain: In addition to domain-specific standards, certain industries or sub-domains may impose further specific standards.
Commercial Context: Interactions may be governed by particular commercial agreements.

A data space is defined as an “interoperable framework, based on common governance principles, standards, practices and enabling services, that enables trusted data transactions between participants.” (source: DSSC Glossary) and is a particular instantiation of a digital ecosystem. The formal governance body of a data space is often called Data Space Governance Authority (DSGA).

While data spaces typically arise around domains or domain-specific value propositions, digital ecosystems are increasingly being recognised (also) on a higher organisational level as a broader infrastructure and governance layer uniting multiple data spaces. While this may sound confusing, our question 1 from above (“Who are the partners or participants of a particular ecosystem?”) will immediately reveal the organisational level(s) at which a digital ecosystem operates.

Note

Enabling Services facilitate the operation of ecosystems. There are multiple technologies, products and implementations of each of the enabling services available.

In this context, a Gaia-X Ecosystem consists of entities which are Gaia-X technically compatible, as described later in the document. See also, Gaia-X Technical Compatibility Specifications

3.2.1 Federation of Ecosystems¶

Ecosystems can agree on common Trust Service Providers, ontologies, and shared services based on individual agreements. This allows a high level of interoperability between ecosystems and for participants in multiple ecosystems. Providers which are cooperating to provide interoperable services can agree on a common set of criteria, which they can use to create offering-specific “labels” (e.g. an infrastructure or middleware platform which has been validated for interoperability across different providers).

Figure 3.2.1 - Ecosystem Federation

3.3 Gaia-X high-level Positioning¶

Gaia-X has the mission to create the de facto standard to enable federated and/or decentralized and trusted data and infrastructure ecosystems, by developing a set of specifications, rules, policies, and a verification framework.

This mission centers around establishing a federated and/or decentralized notion of trust in digital ecosystems as opposed to creating trust by relying on a single central party or contrary to zooming in on actual mechanisms or protocols related to data sharing or providing XaaS services (therefor our focus on trust). A verification framework is needed to automate trust by design: The sheer size of digital ecosystems – a single large airplane manufacturer has a supply network of around 10,000 enterprises; the whole automotive sector supply chain comprises in excess of 250,000 companies mandates this. Gaia-X not only defines the standards but also provides an (initial) open-source implementation of this verification framework. All components are collectively known as the Gaia-X Trust Framework (see Chapter 4 for a more rigorous definition and exposition).

The Gaia-X Trust Framework shall form the very basis for creating and ensuring interoperable, trusted relationships in any data space or digital ecosystem. It probably constitutes the only truly decentralized, cohesive, consistent, and future-proof set of standards needed to automate trusted digital transactions in arbitrary ecosystems. Of course, there exist several other partial solutions, many of which:

feature a much more narrowly designed trust architecture
do not discriminate between (technical) compatibility and (rule) compliance
do not and will not provide a form of TCK (Technical Compatibility Kit)
work on standardising the ontological underpinnings for defining an arbitrary ecosystem

We believe that using our Gaia-X Trust Framework is the only way to allow cross-ecosystem interoperability at the level of trusted identities (of ecosystem participants) and trusted digital transactions (aka “service credentials”, or “data credentials” or any other “credential” an ecosystem may define) available today.

Figure 3.3 - The Gaia-X Technical Compatibility as an enabler for ecosystem interoperability

3.3.1 Trust Plane¶

Figure 3.3.4 features a Trust Plane (at the bottom) common to all ecosystems comprising two distinct features: 1. Technical compatibility: A mechanism by how ecosystems specify their particular notions of trust, for instance, which identity providers or catalogues to trust. Technically, this amounts to defining,

(i) a common but extensible vocabulary (actually, it is an ontology) and
(ii) a consistent set of standards on how to define and (later) verify and enforce compliance.
Ecosystem-specific compliance rules: Using the “common language” (lingua franca) of point 1, ecosystems then are free to declare their individual rules for compliance, such as rules for participant onboarding, service provision or data assets management.

The Gaia-X Trust Framework is contributing to both features of the Trust Plane by providing the following deliverables:

No	Gaia-X contribution	Technical compatibility	Ecosystem specific compliance rules
1	An extended vocabulary to describe Ecosystem Participants (Consumers, Trusted Service Operators, and Providers), Service Offerings, ICT infrastructures, and resources used in service composition: the Gaia-X Ontology	X
2	A vocabulary to describe data spaces and ecosystems: the Data Space Ontology	X
3	Software libraries, software components, test beds, and a Gaia-X Technical Compatibility Kit (GX-TCK)	X	X
4	Compliance criteria and their deployment in production through the network of Gaia-X Digital Clearing Houses (GXDCH)	X	X

Ecosystems then become interoperable because they (a) use the same language for specifying their trust model and (b) by agreeing on a common set of trusted ecosystem services for those (few) services both deem relevant for becoming interoperable, for instance, agreeing on a set of mutually accepted identity providers, notaries, or conformity assessment bodies.

Gaia-X itself is an example for the application of this two-fold approach: Gaia-X provides a rulebook for Gaia-X compliant services as defined in the Gaia-X Compliance Document. Validation of Gaia-X service compliance is accomplished by the so-called Gaia-X Digital Clearing Houses (GXDCH), which are the approved Trust Service Providers in this case. This is indicated by marking these Gaia-X contributions as “optional” in the figure above.

3.3.2 Management Plane¶

In addition to the basic notions of trust shared (or not shared) by different ecosystems, the purpose of the Management Plane is to specify additional rules and embodiments or enforcement of these rules. Examples for this kind of Trusted Ecosystem Services are catalogues, wallet providers, or marketplaces. Depending on an ecosystem’s needs, these services may also be shared with other ecosystems (cf. the catalogue service shared by Ecosystem 2 and Ecosystem 3 or the wallets shared by all ecosystems from Ecosystem 2 until Ecosystem N).

3.3.3 Usage Plane¶

The notion of the Usage Plane refers to the level where individual participants of an ecosystem exchange data or engage in mutual service interactions with other participants of the same ecosystem or of another ecosystem.

3.3.4 Complementarity of Technical Compatibility and Compliance¶

As indicated above, trust frameworks discriminate between technical compatibility and compliance with certain rules. The following diagram depicts how the Gaia-X Trust Framework approaches this separation of concerns by showing the two main pillars, namely, Gaia-X Technical Compatibility on the left-hand side and Gaia-X Compliance in the middle. Elements of the Gaia-X Endorsement Programme (right-hand side) essentially target the adoption of our Gaia-X Trust Framework. A thorough and precise definition is given in Chapter 4.

Figure 3.3.4 - The Gaia-X Framework

3.4 Complementarity with additional TSP and support in the Gaia-X OSS releases¶

3.4.1 Integrating with external trust frameworks¶

Ecosystems whose Governance Authorities are extending the set of compliance rules, choose to integrate external Trust Frameworks (e.g. eIDAS) or decide to trust TSP from other ecosystems in general, require interoperability between the credential formats and the protocols for credential exchange.

Figure 3.4 - Federated Trust scenario

Within such an environment, a compliance service can use credentials issued by another TSP as a basis for rule evaluations and issue credentials which in turn can be used across different ecosystems.

3.4.2 Gaia-X 3.0 “Danube” software release¶

With the Gaia-X 3.0 “Danube” release of the Gaia-X OSS, the code base introduces support to allow integration of arbitrary compliance or rules engines to provide facilities for specialized TSPs for any ecosystem not limited to (i) the criteria specified in the Gaia-X Compliance Document or (ii) Gaia-X Digital Clearing Houses (GXDCHs) as sole TSPs for establishing compliance.

Based on an exhaustive re-engineering of the existing Gaia-X Loire components, the “Danube” release completely separates Gaia-X technical compatibility from any form of compliance, be that Gaia-X compliance or any other ecosystem compliance. This is based on the high-level requirements of the Geography and Domain Extension White Paper issued by the Gaia-X PRC in July 2025. The “Danube” architecture and software release allows the implementation and automation of all four scenarios identified in this document (see diagram below).

Figure 3.4.2 - Gaia-X 3.0 “Danube” architecture

The Danube architecture recognizes two major building blocks: - Gaia-X Core Engine - ensuring Gaia-X technical compatibility, hosting local compliance engines (called “local (compliance) extensions”), and providing means (proxys) to access remote compliance extensions. - Gaia-X Metaregistry - exposing metadata characterizing different ecosystems, their respective trust services, and the verifiable credentials associated with these services.

From a compliance automation point of view, the Gaia-X Core Engine recognizes two forms to run or access compliance engines or rules engines called extension types:

Extension Type	Description	Example (in diagram)
local (compliance) extension	The component that checks compliance with a certain set of criteria runs in the same local context as the `Gaia-X Core Engine` (e.g., as a microservice within the same K8S cluster).	IMX Participant Credential IMX Service Credential
remote (compliance) extensions	The component that checks compliance runs outside the run-time control of the `Gaia-X Core Engine` and will be accessed through the network. Network access to the remote extension will be mediated within the `Gaia-X Core Engine` through a so-called `proxy`.	Gaia-X Loire Participant Credential Gaia-X Loire Service Credential iSHARE Participant Credential

Note

We acknowledge that the difference between local and remote is somewhat vague. The exact mechanism for adding local extensions and for accessing remote extensions may vary technically depending on the actual “Danube” release and the (future) requirements.

The Gaia-X Core Engine itself consists of the following four (types of) components:

Component	Description
`Gaia-X Compliance Dispatcher`	accepts incoming verifiable presentations and dispatches the verifiable credentials contained therein to the correct local or remote compliance extension. Local and remote extensions will have to be registered with the `Gaia-X Compliance Dispatcher` with their ecosystem identifier and the VC types they support.
`Gaia-X Basic Functions`	implements and exposes a set of commonly used functions such as - SHACL verification - resolving a `did:web` - validating and verifying a `did:web` and verification method - following the trust chain of X.509 certificates - signature verification
local compliance extension(s)	runs in the same local context as the `Gaia-X Core Engine` (e.g., in the same K8S cluster as a microservice)
`proxy`(s)	accesses remote compliance extensions

3.5 Gaia-X Alignment¶

This section briefly explains how Gaia-X aligns with several other associations, initiatives, external projects, and standards and regulations.

Note that the vignettes contained in this section neither attempt to give a thorough technical evaluation nor propose a specific course of (technical) convergence. The set of initiatives, standards, or regulations covered in this release of the Architecture Document also does not indicate any specific preference but rather reflects the current state of discussion in the various Working Groups or Committees of Gaia-X.

3.5.1 Aligning with Other Associations and Foundations¶

3.5.1.1 IDSA¶

Gaia-X and the International Data Spaces Association (IDSA) deliver complementary technical frameworks to enable secure, interoperable data spaces. Their collaboration spans decentralized trust, protocol design, and governance, anchored in shared standards such as ISO/IEC 20151 (Dataspace concepts and characteristics).

The two complementary scopes of work are:

Gaia-X: Decentralized digital trust framework
IDSA: Dataspace Protocol and the specific design concepts for data spaces

Both associations support the creation of the global standard ISO/IEC 20151 Dataspace concepts and characteristics, which is the foundation for a common understanding of data spaces.

Semantic and technical interoperability are supported by the Dataspace Protocol and by the Gaia-X Technical Compatibility specifications. The Dataspace Protocol was initiated by the IDSA and is currently maintained and developed within the Eclipse Dataspace Protocol project associated with the Eclipse Dataspace Working Group, under the governance of the Eclipse Foundation (EF). It defines the steps for sharing data between parties, including policy language, the use of catalogs for datasets, contract negotiation, and the transfer process.

The Gaia-X Technical Compatibility specifications define the use and combination of standards to automate compliance verification, perform Policy reasoning, and manage Identity, Credentials, and Access. They also address the discoverability of Catalogues and Registries.

The organisational interoperability is enabled by the concepts defined by IDSA within the IDS RAM (Reference Architecture Model for governance and technical requirements) and IDSA Certification Scheme (compliance requirements for infrastructure components and services) and at the same time by the compliance criteria and related Labels defined by Gaia-X and addressing ICT services, data exchange services and ecosystem participants.

At a higher level, both Gaia-X and IDSA support the designing and building of data spaces, respectively via the establishment of an Endorsement Program selecting and supporting initiatives in line with the Gaia-X principles and architecture, and through the definition of the IDSA Rulebook, including legal, business, and operational guidelines for data spaces.

3.5.1.2 FIWARE¶

FIWARE Foundation is a non-profit organisation supporting the adoption of open standards (implemented using Open-Source technologies) that ease the development of smart solutions across domains such as Smart Cities, Smart Energy, Smart AgriFood and Smart Industry, based on FIWARE technology. The goal of the foundation is also to support the evolution of data platforms into data spaces, aligning with the strategy and the specifications developed by both IDSA and Gaia-X with regard to the creation of a trust layer.

FIWARE provides OSS components for:

value creation, such as sectoral platform components and marketplaces (using Linked Data through NSGI-LD, in the development of which the foundation is involved, DCAT, and the TMForum Product Model).
data exchange, with the FIWARE Dataspace connector, an integrated set of components in line with IDSA and Gaia-X technical specifications, meant to be deployed by organisations participating in a data space to connect to the data space.

The Foundation is also involved in the common work under the DSBA related to data value creation, provenance, and interoperability.

3.5.1.3 Ocean Enterprise¶

Ocean Enterprise Collective e.V. is a German non-profit organisation with international members that develops and maintains a free open-source enterprise-ready dataspace ecosystem software solution that enables companies and public institutions to securely manage and monetize software & AI & data products and services in a trusted and compliant environment.

Domain agnostic and collectively governed by an independent non-profit association, Ocean Enterprise Collective e.V. is shaping a new transparent era of the data economy and is already being used by leading data-driven businesses in aerospace, agriculture, manufacturing, industry 4.0, mobility, smart cities and more.

Ocean Enterprise provides FOSS dataspace components, also part of the DSSC Toolbox, for:

Value Creation: Marketplaces and smart contract-based catalogues and participant agent tooling.
Data and Digital Service Exchange: Connectors and automated smart contract-based contracting services.
Privacy and IP-Protection: Compute-to-Data orchestration enables technical data sovereignty and the exploitation of sensitive data without unnecessary replication.
Monetization: Integration of e-money for real-time payment and settlement, besides usual postpaid mechanisms

Ocean Enterprise is the basis for the Pontus-X dataspace ecosystem and several interoperable Gaia-X lighthouse dataspaces and endorsed projects. It has continuously aligned with the Gaia-X Trust Framework since 2021 and supported every version of the Trust Framework by integration of Gaia-X Participant and Service Credentials and Gaia-X Digital Clearing Houses (GXDCH).

The alignment process with Gaia-X now results in a native integration of the Gaia-X Loire standards, VC-JWT Credential format, and standards for credential exchange, and more.

The Ocean Enterprise Catalogue and FOSS framework enables distributed, tamper-proof, self-sovereign storage of data, services, and other offerings descriptions. Metadata records are stored as signed Verifiable Credentials utilizing Ocean Enterprise smart contracts. Metadata is openly extensible to support domain-specific descriptions and standards, such as DCAT, Gaia-X, and others.

Ocean Enterprise and the Pontus-X reference dataspace ecosystem are fully committed to supporting Gaia-X de facto standards as the basis for future interoperability between different dataspaces, technology stacks and solutions.

3.5.1.4 BDVA¶

The Big Data Value Association (BDVA) is an industry-driven, international not-for-profit organisation committed to developing an innovation ecosystem that facilitates the data-driven and AI-enabled digital transformation of Europe’s economy and society.

The Association actively advances and promotes key areas such as big data technologies and services, data platforms and data spaces, Industrial AI, and data-driven value creation. Currently, there is a particular emphasis on data value creation in conjunction with AI, including the application of generative AI for data knowledge management and enhancing semantic interoperability.

BDVA collaborates closely with Gaia-X, focusing on the decentralisation of ecosystems and data spaces, as well as the integration of computing and data ecosystems.

3.5.1.5 The Data Spaces Business Alliance (DSBA)¶

The collaboration between Gaia-X, the IDSA, the BDVA, and the FIWARE Foundation is exemplified by the collective establishment of the Data Spaces Business Alliance (DSBA). This alliance represents over 1,000 key industry players, associations, research organisations, innovators, and policymakers worldwide, aiming to provide specifications and tools for the establishment of data spaces, from inception to deployment.

DSBA deliverables offer an integrated framework that incorporates existing components for business, organisational, and technical building blocks to implement and derive value from data spaces. The alliance focuses on converging common standards in areas such as distributed credential validation, decentralized identifiers, policy definition languages, and data catalog vocabularies.

Furthermore, the DSBA is aligning on technical specifications that enable the operationalization of the Trust Framework and the Dataspace Protocol. This alignment facilitates Data Space Governance Authorities in digitally defining and verifying their Data Space Rulebooks, allowing participants to negotiate data exchange and sharing based on their selection of trusted services.

DSBA deliverables also provide tools for implementing connectors built atop the Trust Framework and Dataspace Protocol, serving as a means for interoperability. These tools include specifications for utilizing standards in the implementation of modules for authentication and authorization management.

Finally, the DSBA offers a Data Value Creation framework that supports the use of Artificial Intelligence, enhancing the capabilities and applications of data spaces.

Figure 3.5.1.5 - DSBA based Data Space blueprint

3.5.1.6 iShare¶

The iSHARE Foundation was established to address the data handling and exchange needs of the Dutch logistics industry. iSHARE introduced a Trust Framework comprising legal, operational, and technical agreements designed to create favourable conditions for data sharing.
Within a data space or iSHARE network, participants must comply with these agreements, which are role-specific and vary according to each participant’s function. To ensure consistent adherence, all organisations in the iSHARE network, including Data Owners, Data Providers, and Data Consumers, accept the same Agreements and Terms of Use. Through the federated Authorisation Registry, Data Owners can grant consent for specific data attributes to selected Data Consumers using licences.

The iSHARE Trust Framework provides a standardized approach to identification, authentication, and fine-grained authorisation, ensuring that only verified and authorised parties can access business data.

While the Gaia-X and iSHARE Trust Frameworks share common principles and objectives and can be used in parallel, additional efforts in architectural and technical alignment, particularly regarding the adoption of common standards, are required to achieve full technical compatibility.

3.5.1.7 X-Road¶

X-Road is an open-source software and ecosystem solution designed to facilitate secure and standardised data exchange between Public Administrations and between Public Administrations and the private sector. It provides a unified and secure data exchange layer between information systems within a collaborative ecosystem, ensuring confidentiality, integrity, and interoperability among data exchange parties.
X-Road was initially launched in Estonia in 2001, with Finland adopting it in 2014. In 2018, the two countries federated their X-Road ecosystems, establishing cross-border interoperability. As of 2024, X-Road is implemented in over 20 countries worldwide.

The Nordic Institute for Interoperability Solutions (NIIS), a non-profit organisation established in 2017 by Estonia and Finland, manages the development and maintenance of the X-Road core technology. NIIS oversees source code management, documentation, and facilitates the X-Road open-source community and adoption of X-Road in various jurisdictions. In 2022, Gaia-X and NIIS formalized their collaboration through a partnership.

An X-Road ecosystem comprises an X-Road Operator, Member organisations, and Trust Service Providers. The Operator manages the ecosystem and defines its regulations, policies and practices. Ecosystems can be national or limited to specific groups or domains. X-Road includes an authorisation framework for managing access rights based on organisation and service-level identifiers. Each service provider retains ownership of its data and is responsible for managing access rights to its services.

To connect with the emerging data space scenario and increase interoperability with other data exchange ecosystems and data spaces, X-Road is moving from X-Road-specific protocols to the data space protocol stack. In X-Road 8 “Spaceship”, scheduled to release in 2026, the X-Road custom protocol stack will be replaced by the dataspace protocol stack, and the X-Road Trust Framework will be interoperable with the Gaia-X Trust Framework. All in all, the aim is to make X-Road technically compatible with the Gaia-X specifications and make X-Road interoperable with other Gaia-X data spaces.

3.5.1.8 NeoNephos Foundation¶

Launched by Linux Foundation Europe and originating under the EU’s IPCEI-CIS initiative, the NeoNephos Foundation is an initiative focused on advancing open-source cloud infrastructure to address the demand for secure, scalable, and transparent cloud solutions aligned with European digital sovereignty goals. It is funded by the EU’s NextGenerationEU program and supported by the German Federal Ministry for Economic Affairs and Climate Action.

While NeoNephos prioritizes open-source cloud infrastructure development, it shares Gaia-X’s vision of advancing digital sovereignty and interoperable ecosystems.

Both initiatives align in fostering transparent, secure, and interoperable digital environments, with NeoNephos’ open-source components (e.g., Kubernetes-based tools) potentially complementing Gaia-X’s framework to support a multi-provider cloud-edge continuum.

3.5.2 Aligning with Other Initiatives¶

3.5.2.1 EuroStack (original)¶

Note

Currently, there are two initiatives carrying the name EuroStack. The original one, initiated in 2023, is described in this subsection. The “new” initiative (of the same name) split off the original one around the change of years 2024/25 and is described in the next subsection

The (original) EuroStack initiative (https://euro-stack.info//), ideated in late 2023, prepared in September 2024, and launched in the beginning of 2025 by releasing a 128 pages report, is an industry-driven effort to establish the continent as a leader in digital sovereignty by designing and building a sovereign, open, and collaborative digital ecosystem in Europe comprising the following 7 layers and concomitant key components:

Layer	Key Component
data and AI	DataCommons and SovereignAI
software	EuroOS
cloud	SovereignCloud
internet of things (IoT) and devices	SmartEurope IoT
networks	EuroConnect
chips	EuroChips
critical resources: raw materials, energy, and water	-

By integrating digital infrastructure into a cohesive framework, the EuroStack initiative ensures that Europe’s Single Market remains robust and adaptive to 21^st-century challenges. Complete self-sufficiency (aka “sovereignty”) is neither feasible nor desirable in an interconnected world, but by building the capabilities and control necessary to protect its interests and those of its member states, Europe can create a resilient and at the same time competitive digital ecosystem that still benefits from global exchanges. The EuroStack initiative is more than a strategy for reducing dependencies: it is a forward-looking plan to build a thriving digital future for Europe.

EuroStack focuses on five core strategic actions:

Develop a European common digital stack
Deploy high-impact digital services (in the form of MVPs first)
Foster sovereign AI and federated data spaces
Lead in next-generation technologies
Scale innovation through “Europe first” procurement and strategic investments; establish a European Sovereign Technology Fund

The EuroStack Initiative represents Europe’s ambition to achieve digital strategic autonomy through a total investment of €300 billion over ten years. This effort proposes the creation of a European Sovereign Tech Fund, which includes an initial €10 billion earmarked for the development of digital EuroStack demonstrators. These demonstrators – selected through an open competition known as the EuroStack Challenge – will serve as minimum viable products to showcase Europe’s capacity to innovate and scale foundational digital technologies.

The Gaia-X AISBL has not joined the initiative yet.

Gaia-X and EuroStack share common values, such as data sovereignty, transparency, and interoperability. Specifically, Gaia-X is focused on enabling trust, while EuroStack is focused on the much broader goal reducing the EU’s digital dependence on external providers while at the same time and with the same measures increasing Europe’s competitiveness.

The two initiatives could benefit from collaboration, particularly by integrating the Gaia-X Trust Framework into the ecosystem/s formed by EuroStack services and operators, and by enriching the Gaia-X Trust Framework, for example, with regard to criteria for Gaia-X Labels, according to specific requirements from the EuroStack initiative.

3.5.2.2 EuroStack (spin off)¶

Note

Currently, there are two initiatives carrying the name EuroStack. The original one, initiated in 2023, is described in the previous subsection. The “new” initiative (of the same name) split off the original one around the change of years 2024/25 and is described in this subsection.

This (newer) EuroStack initiative (https://euro-stack.eu/) spun off the original EuroStack movement around the 2024/25 year change and released a Pitch Paper in January 2025 condensing the broad range and deep stack of its parent (cf. the 128 pages of the original report, Bria/Timmers/Gernone (2025): EuroStack – A European Alternative for Digital Sovereignty; Bertelsmann Stiftung. Gütersloh; see the pervious sub-section) into 19 pages focusing much more (but not exclusively) in IT infrastructure and services (XaaS).

It features only three layers (compared to the original seven):

Component	Description
Hard/Physical Infrastructure	Hard/Physical infrastructure requires investment of patient capital, targeted regional deployment to meet local needs, a strong research pipeline with networked universities, and public/private partnerships on licensing.
Soft/Logical Infrastructure	Soft/Logical infrastructure requires that we drive adoption by focusing on integrating components with attractive products that drive demand. We can sidestep the race to the bottom in data and energy with nimbler solutions designed to address users’ needs rather than catering to tech fashion. The intention is to accelerate cloud and development ecosystems by creating governance and funding structures that share benefits with the Open-Source community.
Intermediation	Intermediation requires that we federate existing protocols and Open-Source implementations that require scaling and industrialisation. Building on prior experience elsewhere, we can develop and deploy Open Transaction Networks (OTNs) built atop a common core, across all domains of digital commerce and set up stakeholder governance for all intermediated services.

Within each layer, several components are identified:

Hard/Physical Infrastructure
- chips
- data centers
- connectivity
- high-performance computing (HPC)
- quantum technologies
- supporting energy infrastructure
Soft/Logical Infrastructure
- identity
- cloud
- AI engines
- browsers
- operating systems
- data spaces
Intermediation
- commerce
- advertising
- search & social
- app stores
- communications & productivity
- energy/green
- mobility

The constraints of capital and time render it impossible to build any alternative comparable to existing incumbents within a feasible timeframe. Given the urgency, EuroStack proposes to identify existing assets that can be integrated into federated networks, which are commercially and technically interoperable.

Over 200 European companies and organisations (as of April 2025) have signed an Open Letter to European Commission’s President Ursula von der Leyen and Executive Vice President Hanna Virkkunen (amongst others, responsible for digitalization in the EC, including the EU Data Union) proposing their approach.

The Gaia-X AISBL did not join the initiative yet, while several of its members did (see the Open Letter).

Technically, the (new) EuroStack initiative and Gaia-X can, in principle, collaborate and complement each other’s purpose on several fields including,

enhancing trust and trust services for lowering compliance barriers
interoperability from hyper-centralized to hyper-distributed
identity where EuroStack capitalizes strongly on eIDAS 2.0
data spaces

3.5.3 Aligning with External Projects¶

3.5.3.1 DSSC¶

The Data Spaces Support Centre (DSSC) is an initiative funded by the European Commission under the Digital Europe Programme. Its primary objective is to facilitate the development of common European data spaces that collectively establish a sovereign, interoperable, and trustworthy data-sharing environment.

The DSSC supports data reuse within and across sectors, ensuring alignment with European Union values, including data sovereignty, interoperability, and trust.

Gaia-X is a consortium partner in the DSSC project and actively contributes to several key activities, such as:

Development of the DSSC Blueprint, which encompasses business and technical specifications essential for data space implementation.
Engagement with the Community of Practice, a set of existing and emerging data space initiatives in all sectors and the set of (potential) data space building block implementers.
Communication and Dissemination Activities to promote the DSSC’s objectives and outcomes.

3.5.3.2 Simpl¶

Simpl is a programme commissioned by the European Commission to a consortium of private companies to develop an open-source middleware platform to support data-sharing and service interoperability. The programme consists of three products:

Simpl-Open (the open-source software development);
Simpl-Lab (a playground environment for Simpl-Open to test interoperability);
Simpl-Live (adoption of Simpl-Open in specific data space instances, related to the Common European Data Spaces). All develop code and documentation completely on their own.

Simpl-Open has presented the first MVP and a first version of its architecture (refer material related to the Simpl Annual Event Jan-2025). It is understood that Simpl’s current centralised trust approach may significantly evolve in the future of the project, which will last another 2.5 years.

Gaia-X AISBL is regularly aligning and investigating synergies with Simpl through multiple channels, within the Gaia-X Data and Services Business Committee and Technical Committee and through the DSSC.

3.5.3.3 DOME¶

The Distributed Open Marketplace for Europe (DOME) project establishes a catalogue of trusted cloud and edge services spanning multiple domains.

DOME employs Verifiable Credentials to assert that all service providers within its marketplace are trustworthy and adhere to EU legislation. Notably, DOME has introduced the “LEARCredential”—used to delegate rights to employees—and the “Verifiable Certification,” which attests to compliance with specified certifications.

Recognizing the shared objectives of DOME and Gaia-X in promoting transparency and compliance within service offerings to foster a trusted ecosystem, efforts are underway to facilitate the integration of Gaia-X-compliant services into the DOME Marketplace. This integration targets Participants who satisfy DOME’s specific requirements.

Concurrently, initiatives are in progress to harmonize compliance criteria for providers adhering to EU legislation, particularly concerning the Label levels defined by Gaia-X. Furthermore, DOME is considering the adoption of Notaries as specified by Gaia-X.

Lastly, ongoing discussions are focusing on the evolution of business models for the forthcoming DOME Operator, responsible for managing the primary instance of the DOME Marketplace, and the Gaia-X Digital Clearing Houses (GXDCHs).

3.5.3.4 IPCEI-CIS and the 8ra Initiative¶

The IPCEI-CIS (Important Project of Common European Interest – Next Generation Cloud Infrastructure and Services) is an EU initiative aimed at developing a European interoperable and openly accessible multi-provider cloud-to-edge continuum.

IPCEIs are a framework guided by the European Commission, designed to support large-scale, collaborative projects that significantly contribute to the EU’s strategic objectives. Their innovative aspect lies in permitting State Aid and fostering cooperation across Member States.

Specifically, the IPCEI-CIS encompasses 19 companies (each leading one project) from seven Member States—France, Germany, Hungary, Italy, the Netherlands, Poland, and Spain—as well as 90 ecosystem partners. These 19 direct projects are united under the umbrella of the 8ra Initiative, which focuses on:

Cloud-edge infrastructure: edge nodes, clouds, and components to interconnect,
Cloud-edge capabilities, e.g., software to operate cloud-edge resources,
Advanced data processing tools and services, e.g., toolkits for software developers,
Advanced applications and customer use-cases, e.g., autonomous driving cars.

The 8ra Initiative can leverage the Gaia-X Trust Framework to establish an organisational and governance foundation for the large-scale digital transition, enhancing interoperability and upholding key values of the initiative, such as environmental sustainability and digital sovereignty.

3.5.4 Aligning with Standards and Regulations¶

3.5.4.1 European Digital Identity Framework Regulation (eIDAS, eIDAS 2.0)¶

The European Digital Identity Framework Regulation (“eIDAS 2.0”; Regulation (EU) 901/2014) updates and strengthens the rules for electronic identification and trust services (“eIDAS”, Directive 1999/93/EC) across the EU internal market, mandating mutual recognition of qualified trust services and the publication of Member State Trusted Lists alongside the Commission’s LOTL (List of Trusted Lists).

Under eIDAS 2.0, each Member State must offer a notified European Digital Identity Wallet (EUDI Wallet) that lets citizens and businesses authenticate at a high‐security level and store user‑controlled attestations of attributes. Qualified Electronic Attestations of Attributes (QEAA) are issued by certified Trust Service Providers, who expose interfaces for mutual authentication with EUDI Wallets and for verifying attestations against Authentic Sources. Non‑qualified Electronic Attestations of Attributes follow the same conceptual model but rely on an appointed body to define the attribute schemas and Trust Architecture—collectively the “Attestation Rulebook.”

Gaia‑X’s mission as a trust framework for data spaces maps directly onto these concepts, offering a governance layer for issuing and validating Verifiable Credentials (VC) and managing Trust Anchors and trusted issuers.

Both Gaia‑X and eIDAS 2.0 share a reliance on:

Trust anchors and published issuer registries
User‑centric wallets for secure authentication and attribute presentation
A rulebook or specification that governs credential issuance and verification

By aligning Gaia‑X Credentials (as an Electronic Attestation of Attributes service) with the EUDI Wallet architecture and the eIDAS attestation rulebooks, Gaia‑X can ensure seamless cross‑ecosystem interoperability.

Gaia‑X is exploring how to integrate with eIDAS 2.0, for example by performing mutual authentication between EUDI Wallets and the Gaia‑X Trust Framework, defining a Gaia‑X Attestation Rulebook for non‑qualified attributes, and publishing a Gaia‑X registry of trusted issuers conformant with eIDAS specifications.

On the technical level, the following features are worth noting:

The current implementation of an eIDAS 2.0 conformant EUDI Wallet (see Architecture and reference framework, ARF) and also Gaia-X use the OID4VC specification for credential exchange
Gaia-X’s notion of Trust Service Provider (TSP) is compatible with the same notion of eIDAS 2.0 in the sense that an eIDAS 2.0 TSP may also be appointed as a Gaia-X TSP should an ecosystem Governance Authority choose to do so.

3.5.4.2 CEN/CENELEC WSA on Trusted Data Transactions¶

The pre-standardization workshop program focuses on defining key concepts and mechanisms of data transactions, aiming to establish criteria that serve as a baseline for creating trust. The program seeks to accelerate the development of data exchange standards and effectively support various data regulations.

Gaia-X is actively contributing to the workshop, particularly in identifying trustworthiness requirements for policies, claims, and evidence, as well as in utilizing trust frameworks to support trusted data transactions.

3.5.4.3 Eclipse Foundation - CAP¶

In the Eclipse Dataspace Working Group (EDWG), Gaia-X contributions to the Eclipse Conformity Assessment Profile (CAP) are released in March as v1.0. This is being tested by CISPE, DOME and Fulcrum projects.

Gaia-X design proposals for the profile’s reference implementation and the profile’s TCK are approved by the EDWG (Note: those artefacts, along with the specification itself, are required for ISO Publicly Available Specification submission).