Oracle plays a key role in standardization in Europe

April 23, 2024 | 4 minute read
Text Size 100%:

Oracle is committed to building standards-based products to reduce complexity and help customers get the most out of their technology investments. Oracle participates actively in more than 100 standards-setting organizations and more than 300 technical committees, with examples including the International Organization for Standardization (ISO), World Wide Web Consortium (W3C), Organization for the Advancement of Structured Information Standards (OASIS), Institute of Electrical and Electronics Engineers (IEEE), and Internet Engineering Task Force (IETF).  We build products based on globally recognized standards and consume, contribute to, and manage open source to provide our customers with interoperability, choice, and lower costs. For more about Oracle’s global standards engagements, see Standards at Oracle.

European standardization supports the ambition of the Single European Market by removing internal trade barriers and promoting the free movement of goods and services. This freedom also benefits companies that want to offer their products and services in Europe, such as to Oracle. European standardization is considered by the European Commission as a driver of European competitiveness and resilience, ensuring that standards support investments in the green and digital transitions. These elements are included in the EU Strategy on Standardisation published by the European Commission on February 2, 2022.

The strategy also established the High-Level Forum on European Standardisation, which brings together stakeholders from EU and EEA countries, European standardization organizations, industry, civil society, and academia.  The forum aims to assist the European Commission in anticipating upcoming standardization priorities and improvements of the European standardization system. Machiel Bolhuis represents the Confederation of European Business, shortened as BusinessEurope, in the group that supports the forum.

The following post is a summary on the relevance of recent and forthcoming standards in Europe for Oracle and our customers relating to artificial intelligence (AI), cloud, and products with digital elements.

Artificial intelligence standards

The AI Act regulates artificial intelligence in the Europe Union by setting key requirements and obligations for different actors across the AI value chain, based on specific AI use cases. Standards will be drafted to help ensure that the requirements of the AI Act are transposed into detailed specifications that provide presumption of conformity.

The European Commission has sent a request to CEN-CENELEC to draft AI standards by April 30, 2025. The request covers topics such as risk management system for AI systems, cybersecurity specifications for AI systems, robustness specifications for AI systems, accuracy specifications for AI systems, human oversight, transparency and information to the users, record keeping through logging capabilities, data and data governance, quality management systems for providers of AI systems, and conformity assessment for AI systems. Harmonization with globally recognized AI standards and AI terminology is being addressed not only by CEN-CENELEC, but also by the EU-US Trade and Technology Council and the Organisation for Economic Co-operation and Development (OECD).

Photo of plenary meeting of CEN-CENELEC Joint-Technical Committee 21 “Artificial Intelligence”
Figure 1: Plenary meeting of CEN-CENELEC Joint-Technical Committee 21 “Artificial Intelligence” 
Source: CEN-CENELEC

Cloud standards

Cloud is the key technology for accelerating digital transformation, enabling businesses and governments around the world to significantly improve their performance, flexibility, and agility in a more cost-effective manner. This technology also serves as the foundation for unlocking the spectrum of AI’s capabilities, considering most AI applications are now cloud-based.

Standards for the interoperability and portability of cloud services are being referred to in the European Data Act that was published at the end of last year. It also includes requirements to remove obstacles for effective switching between cloud services and support for the multicloud strategy. The standards have no deadline, but the Data Act goes into effect on September 12, 2025. 

The EU Cloud Cybersecurity Certification Scheme (EUCS) harmonizes the security of cloud services with international standards, industry best practices, and existing certifications in EU Member States. The EUCS will replace national cloud cybersecurity standards. Cloud services providers only need to get certified against the EUCS to be able to sell throughout the EU. In turn, European customers can assess consistent information and assurances before acquiring cloud services. The first EUCS certificates are expected to be issued by 2025.

Standards for products with digital elements  

Standards play a key role in the implementation of EU product legislation. The content of product legislation in Europe includes ‘essential requirements,’ leaving the technical details to European harmonized standards. Customers can use these standards to demonstrate conformity and sell the products in Europe.

Products with digital elements are in scope of the European Cyber Resilience Act, such as microprocessors, firewalls, intrusion detection and prevention systems, and operating systems. The Act mandates that such products meet specific essential cybersecurity requirements to be made available on the European market. It requires manufacturers to factor cybersecurity into the design and development of these products and includes essential requirements for the vulnerability handling processes. Standards will be developed, and mapping with globally recognized product standards will take place to promote harmonization and efficient use of time and resources. The timeline for the standards has not been set, but it’s expected that the Act itself will take effect in 2026 or 2027.

Conclusion

Oracle engages in standardization activities in Europe and elsewhere to support globally harmonized standards and to help ensure that our standards-based products continue to enable our customers to get the most out of their technology investments, providing them with interoperability, choice, and lower costs.

For more information, see the following resources:

 

 

 

Machiel Bolhuis

Machiel Bolhuis from the Oracle External Standards and Community Engagement team is based in the Netherlands and responsible for standards engagements in Europe. He participates in several working groups of the European Standards Organisations: the European Committee for Standardisation (CEN), the European Committee for Electrotechnical Standardization (CENELEC), the European Telecommunications Standards Institute (ETSI), and has a close relationship with the European Agency for Cybersecurity (ENISA). Machiel also looks at the harmonisation of European and globally recognized standards, as IT products and services in general are most efficiently provided for a worldwide market.

Machiel is the editor and project leader of the EU standard that sets cybersecurity requirements for the EUCS. The standard contains requirements regarding access control, business continuity, and risk management that are aligned with national and international standards. An interview with Machiel about his role as editor and project leader is available on the Dutch Standardisation Body NEN website. 


Previous Post

On-demand Linux-based GPU rendering in HPC

Arun Mahajan | 5 min read

Next Post


Announcing OCI Secure Desktops Image Builder and Readiness Checker