A commercially viable highly-secure cloud-based collaborative platform for the management of industrial programmes in the aeronautics and security sector.
The governance implications that the operations of such a platform would have on the sector, notably how such platform can operate, be deployed, be accessed, and how projects can be managed through their lifecycle.
A significant contribution to the discussions for an EU-level single set of rules and accreditation for data sharing in the aeronautic and security sector.
The objective is to develop a commercially viable highly secure cloud-based collaborative platform for the management of sensitive multi-country industrial initiatives in the aeronautics and security sector, including civil security.
This platform will allow the development of highly sensitive industrial projects, from design to production. In particular, the platform should be able to support the development of products and services financed under future calls of the European Defence Fund.
The need for a new platform derives from the very specific requirements from the aeronautics and security sector. Over the years, the European industry in general has embraced several paradigm changes resulting from new ICT capabilities: collaborative platforms, co-design, concurrent engineering, decentralised and multi-supplier collaboration, the virtualisation of software and hardware, etc. But the aeronautics and security sector has only embraced such changes with caution, if at all. This is due inter alia to different national standards for the classification of data, complex user-access requirements or justified localisation obligations for data infrastructures, typically on the grounds of public security. Such situation has become untenable and seriously undermines the sector’s competitiveness against other world’s regions, not the least against an international context that implies the multiplication of multi-country and multi-stakeholders’ projects.
The highly secure collaborative platform should:
Allow the aeronautics and security sector to reach a similar level of decentralised/distributed working along its supply chains as other sectors already enjoy today (e.g. the automotive sector).
Be cloud-based (i.e. operated from a highly-secure cloud infrastructure), as opposed to require on-premise software deployment.
Provide for a broad range of secure and user-friendly collaborative tools including general purpose collaboration tools (messaging, wikis, file sharing, videoconferencing, chat) as well as more advanced tools (computer-assisted design, product lifecycle management, data analysis…).
Provide for a stack as deep as needed to cater for the specificities of the aeronautics and security sector, including where applicable at IaaS and PaaS levels.
Cater for state-of-the-art security, interoperability, reversibility, sovereignty and sustainability standards.
Allow for the concurrent management of different industrial programmes without the need to duplicate the platform (for each programme/country/contractor/etc).
Be anchored in the security requirements specific to the aeronautics and security sector.
Cater at minima for the specific needs of information classified at the level of RESTRICTED and equivalents (cf. equivalence table in Council Decision 2013/488/EU and Commission Decision (EU, Euratom) 2015/444), and allow ad-hoc segregation to handle specific national needs or requirements. To the extent possible, the collaborative platform should provide sufficient safeguards so that physical segregation of data is no longer required.
Incorporate, where appropriate, the outcome of a possible process for defining an EU-level single set of rules and accreditation for data sharing in the aeronautic and security sector.
Allow for the evolution over-time of the platform, given the very long industrial cycles specific to the aeronautic and security sector (50+ years).
Allow for multi-cloud tenancy.
Be tested in quasi-real situations, for example by using it in a real co-design situation which, in reality, does not imply particular confidentiality but where hard user access controls are simulated.
The following items fall outside of the scope:
– the provision of the hardware infrastructure to deploy and operate the platform
The consortium should be structured around private stakeholders (typically: software vendor, data infrastructure providers, aeronautic and security stakeholders, cybersecurity stakeholders). However, to maximise its impact, public authorities, in particular Ministries responsible for national security, home affairs and/or defence, should as well integrate the consortium. Higher education entities, and research and technology organisations with demonstrated cooperation with the above-mentioned public/private stakeholders could also join the consortium where they can make a distinct contribution to the development of the envisaged platform.