Cybersecurity Certification of Cloud Computing Services: An Enabler of Industry 5.0?

Graça Canto Moniz

doi:10.5772/intechopen.115017

Abstract

This chapter presents an insightful exploration of cloud computing’s role as an enabling technology in the evolution from Industry 4.0 to Industry 5.0, particularly within the European Union context. This shift highlights the integration of advanced digital technologies with human-centric and value-driven industrial processes, emphasizing ethical practices alongside technological efficiency. The chapter also critically examines the cybersecurity challenges inherent in cloud computing in the Industry 5.0 landscape, underlining the importance of securing digital infrastructure and data to maintain public trust and operational integrity. Furthermore, it assesses the European Union’s strategic approach to cloud certification, focusing on the proposed European Union Cybersecurity Certification Scheme for Cloud Services (EUCS). The chapter concludes by emphasizing the EUCS’s alignment with Industry 5.0’s objectives, underscoring its potential role in shaping a secure, value-driven, and technologically sovereign future in the European Union and its industrial processes.

Keywords

cybersecurity
certification
digital sovereignty
industry 5.0
data localization

Author Information

Show +

Graça Canto Moniz*
- Lusófona University and NOVA School of Law, Lisbon, Portugal

*Address all correspondence to: gracacantomoniz@live.com.pt

1. Introduction

In the ever-evolving landscape of industrial development, the advent of Industry 5.0 marks a transformative era that redefines our approach to technology and its interaction with society. This chapter delves into the critical role of cloud computing as a catalyst in this transformative journey.

The genesis of this transformation lies in the foundations of Industry 4.0, which revolutionized manufacturing through digital technologies such as Internet of things (IoT), artificial intelligence (AI), and cloud computing. However, the focus of Industry 4.0 was predominantly on enhancing productivity and efficiency through technological solutions. In contrast, Industry 5.0 emerges as a response to the limitations of a purely technology-centric approach, heralding a paradigm shift towards integrating human elements, values, and ethical considerations into industrial processes.

This chapter, focused on the European Union (EU), starts by exploring how cloud computing, a cornerstone technology of Industry 4.0, has evolved to align with the unique demands of Industry 5.0. It is no longer just a tool for automation and efficiency but has become a platform for fostering human–machine collaboration, enabling personalized, ergonomic, and fulfilling work environments. The narrative unfolds to highlight how cloud computing supports the core tenets of Industry 5.0 – a values-driven approach to technology that emphasizes human creativity, problem-solving, and ethical practices in tandem with technological efficiency.

Moreover, the chapter will address the significant cybersecurity challenges inherent in cloud computing within the context of Industry 5.0. The protection of digital infrastructure and data is paramount in maintaining public trust and realizing the seamless functioning of interconnected systems.

Finally, the chapter will explore the European Union’s strategic approach to cloud certification, particularly through the proposed EUCS. This initiative is a testament to the EU’s commitment to digital sovereignty, safeguarding European values, and establishing a secure, competitive cloud service market. The EUCS aligns closely with Industry 5.0’s goal of blending technology-centric approaches with a value-driven mindset.

2. Cloud computing as an enabling technology of Industry 5.0

Cloud computing is a widespread technology bringing important benefits to millions of consumers and enterprises across the world. According to a recent report, cloud computing is the most widely adopted technology across industries [1]. In this section, we delve into the multifaceted role of cloud computing as an enabling technology in the context of Industry 5.0.

The ubiquitous nature of cloud computing has made it an indispensable part of modern industrial ecosystems, offering scalable, efficient, and flexible solutions. Here, the article explores how cloud computing, once a foundational pillar of Industry 4.0, has evolved to meet the unique demands of Industry 5.0, which places a greater emphasis on human-centric and ethical practices. This text examines the transition from the automation-centric Industry 4.0 to the more inclusive and value-driven Industry 5.0, highlighting cloud computing’s role in this paradigm shift. This section also underscores the importance of cloud computing in facilitating the integration of advanced digital technologies with human-centric industrial processes, thereby enabling a more holistic approach to industrial development. Through an exploration of cloud computing’s essential characteristics and service models, the article explores its versatility and adaptability, making it a key technological driver in the realization of Industry 5.0’s vision.

2.1 From Industry 4.0 to Industry 5.0

Industry 5.0 represents a significant progression from its predecessor, Industry 4.0, characterized by the reintegration of human elements and values into industrial processes. To fully appreciate the essence of Industry 5.0, it is essential to understand the foundations laid by Industry 4.0.

This industrial framework conceptualized primarily around the early 2010s, marked a leap in manufacturing through digital technologies such as the Internet of things (IoT), artificial intelligence (AI), and cloud computing, fostering automation and efficiency in manufacturing processes [2]. However, Industry 4.0’s focus was predominantly technology-oriented, aiming to solve specific manufacturing challenges and enhance productivity through digitalization.

In contrast, Industry 5.0, emerging as a response to the limitations of this technology-centric approach, emphasizes a more holistic, value-driven paradigm. It integrates the technological advancements of Industry 4.0 into a broader context, addressing human, ethical, and social needs in industrial process [3]. As explained in the next section, this shift is not just an extension of Industry 4.0’s capabilities but a reorientation towards a human-centric and socio-centric perspective [2, 4].

2.2 A values-driven approach to technology as a key component of Industry 5.0

Industry 5.0, therefore, is characterized by its emphasis on human–machine collaboration, where technology complements rather than replaces human skills [2, 3]. This approach allows for more personalized, ergonomic, and satisfying working environments, enabling human creativity and problem-solving to flourish alongside technological efficiency. The focus is on selecting technologies based on their capacity to support human values and needs, rather than solely on technical or economic potential. This paradigm shift highlights the importance of merging human and technological skills to the mutual benefit of industry and workers [3].

The transition to Industry 5.0 is also strongly influenced by the societal-driven transformation of manufacturing, dictated by the need to redefine man’s role in cyber-physical systems. The European Union, recognizing the importance of this shift, has made significant efforts to advance Industry 5.0, aligning it with broader policy priorities such as creating an economy that works for people, the European Green Deal, and digital-age readiness [2]. This approach underscores the necessity of cross-sectoral collaboration, resilience, and governance to foster a more inclusive and sustainable industrial future.

2.3 Cloud computing and Industry 5.0

2.3.1 A definition of cloud computing

Cloud computing can be described as the delivery of various computing services, such as servers and storage, over the Internet [1]. A commonly used definition from the United States National Institute of Standards and Technology (‘NIST’) elaborates: “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” [5]. This cloud computing definition encompasses five essential characteristics and three primary service models.

The five essential characteristics of cloud computing, as identified by NIST, include: (i) on-demand self-service; (ii) broad network access; (iii) resource pooling; (iv) rapid elasticity or expansion; and (v) measured service. Cloud computing offers on-demand self-service, enabling users to autonomously provision computing resources as needed, without direct intervention from the service provider. This is complemented by broad network access, allowing these services to be accessible over the network and support various client platforms. Another crucial aspect is resource pooling, where the provider’s resources are pooled to serve multiple consumers, with dynamic assignment and reassignment of resources based on demand. The model also boasts rapid elasticity or expansion, allowing resources to be quickly scaled up or down in alignment with fluctuating demand. Finally, measured service is a significant characteristic, where the usage of cloud services is measured and optimized automatically, ensuring efficient resource utilization.

The three service models of cloud computing are the following: software, platform, and infrastructure. The terms software-as-a-service (‘SaaS’), platform-as-a-service (‘PaaS’), and infrastructure-as-a-service (‘IaaS’) emanate from those service models. A fourth model, known as ‘serverless’, has also recently emerged [1]. These service models cater to different needs.

Software-as-a-service (SaaS) offers software applications via the Internet, eliminating the need for users to install or maintain these applications. Popular examples include Outlook 360, Dropbox, and Google Workspace. Platform-as-a-service (PaaS) provides customers with a platform, enabling them to develop, run, and manage applications without the complexities of maintaining the underlying infrastructure. Examples of PaaS include Amazon Web Services and Oracle Cloud. Infrastructure-as-a-service (IaaS) offers essential computing resources such as processing power and storage on a pay-as-you-go basis. Examples include Microsoft Azure and Google Compute Engine.

Additionally, a newer development, Serverless Computing, extends the PaaS model by abstracting the server element. These servers still exist, but they are run and managed by the cloud service provider, on a ‘pay-as-you-go’ basis [1]. This allows cloud providers to manage resource allocation dynamically and is cost-efficient, with pricing based on actual resource consumption rather than pre-purchased capacity.

Collectively, these service models highlight the versatility and adaptability of cloud computing, enabling businesses and individuals to effectively leverage Internet-based resources for a wide range of computing needs.

2.3.2 The relevance of cloud computing in Industry 5.0

Cloud computing, a cornerstone technology in Industry 4.0, continues to play a pivotal role in the evolution of Industry 5.0. In this framework, cloud computing is pivotal technology, bridging the gap between advanced digital capabilities and human-centric industrial processes. As a facilitator of Industry 5.0, cloud computing supports a myriad of functions essential for a more humane, sustainable, value-driven, and efficient industrial model.

At the heart of Industry 5.0 lies a commitment to human–machine collaboration, where the goal is to augment human capabilities rather than replace them. In this context, cloud computing serves as the digital backbone, enabling sophisticated human–machine interfaces. These interfaces are crucial for creating ergonomic work environments that enhance human creativity and problem-solving, supported and amplified by technological efficiency [2].

The complex landscape of Industry 5.0, characterized by an amalgamation of bio-inspired technologies and interconnected systems, demands a robust and scalable digital infrastructure, a role aptly filled by cloud computing. It facilitates the seamless integration and management of these diverse systems, ensuring that the potential of Industry 5.0 is realized in a cohesive and systemic manner [2].

Also, Industry 5.0’s ethos extends beyond individual industries, advocating for cross-sectoral collaboration to tackle broader societal and environmental challenges. Cloud computing emerges as a key facilitator in this domain, enabling collaborative efforts across various sectors. This approach is essential for building resilience and adaptability in industrial processes, aligning them with the larger goals of sustainable development [2, 4].

Aligned with the European Union’s vision for a digital and green transition, cloud computing plays a pivotal role in enabling sustainable, energy-efficient, and regenerative industrial practices. Through cloud-based solutions, industries can significantly reduce their environmental impact, contributing to the larger objective of sustainability and ecological stewardship [4].

The move towards personalized manufacturing, a cornerstone of Industry 5.0, relies heavily on cloud computing’s capacity to handle and analyse vast amounts of data. This capability is fundamental for driving customization and digital transformation across various industrial sectors, fostering customer-centric approaches and manufacturing agility [6].

Furthermore, the implementation of Industry 5.0 brings forth significant safety, security, and legal considerations, especially in areas involving human–robot interactions and artificial intelligence. Cloud computing can be instrumental in addressing these challenges, providing a secure and compliant framework for technology deployment [4].

In summary, cloud computing in the era of Industry 5.0 is not just a technological tool, but a cornerstone for fostering innovation, collaboration, and sustainability. Its strategic deployment is crucial for realizing the vision of Industry 5.0, aligning technological advancements with societal well-being and environmental sustainability, marking a new chapter in industrial evolution.

3. Cybersecurity challenges in cloud computing and in the Industry 5.0

The realization of Industry 5.0 hinges on the responsible and ethical use of cloud technologies, which is essential for maintaining public trust in these systems. However, cloud computing infrastructures and solutions face cybersecurity challenges [7].

In language terms ‘cybersecurity’ or ‘cyber security’, depending on the organization and the spelling of the word within its context, is a rather young term [8]. To ensure terminological accuracy, this article uses the term ‘cybersecurity’ to refer to security of cyberspace, where cyberspace itself refers to the set of links and relationships between objects that are accessible through a generalized telecommunications network and to the set of objects themselves where they present interfaces allowing their remote control, remote access to data, or their participation in control actions within that cyberspace [8].

In the context of Industry 5.0, this definition becomes crucial as it involves protecting the digital infrastructure and data amidst the interconnected nature of modern industries. The rise of cloud computing and IoT in industrial settings makes this particularly relevant, highlighting the need to protect networks, devices, and data comprehensively.

This section delves into four critical cybersecurity challenges pertinent to Industry 5.0 and cloud computing: ensuring secure data transmission, storage and analysis; building trust; addressing interoperability challenges; coping with dynamic and complex systems.

3.1 Ensuring secure data transmission, storage, and analysis

As the backbone of Industry 5.0, cloud computing is tasked with handling vast amounts of data. Ensuring the security of data transmission, storage, and analysis is paramount. This includes the development of energy-efficient and secure data transmission methods, scalable multi-level cybersecurity measures, and safe cloud IT infrastructure. Effective big data management and ensuring data traceability are also critical in a landscape where manufacturing companies are a prime target for cyberattacks, as evidenced by over 25% of global cyberattacks targeting this sector in 2022 [2].

To achieve this, a multifaceted approach is required. Firstly, deploying advanced encryption techniques ensures data confidentiality and integrity during transmission. Secondly, adopting resilient storage solutions with robust access controls and regular vulnerability assessments can safeguard data at rest. Thirdly, leveraging data analytics securely requires implementing privacy-enhancing technologies (PETs) and secure multi-party computation (SMPC) techniques, ensuring data is analysed without compromising its confidentiality.

These strategies must be underpinned by a commitment to energy efficiency, ensuring that the cybersecurity measures do not unduly increase the carbon footprint of cloud services. This holistic approach to data security not only protects against current threats but is also adaptable to the evolving landscape of cybersecurity risks.

3.2 Building trust

For Industry 5.0 to succeed, enhanced trust in new technologies, particularly in cloud computing, is vital. This requires not only secure technological frameworks but also encouraging customers and users to make informed decisions about the technologies and products they use.

Establishing this trust involves several key initiatives. First, cloud service providers should implement and transparently report on comprehensive security measures, including regular security audits and compliance with international standards. Second, educating end-users and stakeholders about these measures and the principles of safe online behaviour is critical. Building individual trust in new technologies, including cloud computing, is closely tied to their competence in manoeuvring these technologies. Therefore, substantial training and upskilling across supply chains are needed [2, 4].

Third, fostering a culture of security within organizations, where every individual understands their role in maintaining cybersecurity, is essential. By taking these steps, trust in cloud computing technologies becomes a byproduct of demonstrable security, user education, and organizational commitment to cybersecurity.

3.3 Addressing interoperability challenges

The integration of various technologies in Industry 5.0, such as smart materials with embedded bio-inspired sensors, demands that cloud computing platforms handle and ensure system interoperability [2].

Ensuring that diverse systems—from IoT devices to cloud platforms—can operate together seamlessly is a significant challenge. Addressing this requires the adoption of standardized protocols and open interfaces that facilitate communication across different technologies and vendors.

Furthermore, adopting a modular architecture in cloud services allows for easier integration and upgrade paths as new technologies emerge. Collaborative efforts among industry players, standards organizations, and regulatory bodies are also vital to develop and maintain interoperability standards. Such collaborative frameworks not only enhance interoperability but also ensure that cybersecurity considerations are embedded within these standards, creating a secure and flexible foundation for the industry 5.0 ecosystem.

3.4 Coping with dynamic and complex system

The dynamic nature of Industry 5.0’s technological landscape, including real-time digital twins and simulation models, requires cloud computing to be adaptable and responsive to new or unexpected conditions. The cybersecurity measures must be capable of detecting and responding to threats in these complex and ever-evolving systems [2, 3, 4, 6]. This entails not only defending against known threats but also anticipating and mitigating emerging vulnerabilities.

Adopting a proactive cybersecurity stance, powered by threat intelligence and predictive analytics, enables early identification of potential threats. Implementing adaptive security architectures that can automatically adjust to new threats and changing environments is crucial. Moreover, fostering a culture of continuous learning and adaptation among cybersecurity professionals ensures that defences remain robust against evolving threats.

Finally, leveraging AI and machine learning for anomaly detection and response can significantly enhance the capacity to cope with the dynamic and complex cyber threats faced by Industry 5.0 systems.

4. The European Union’s approach to cloud certification: the role of the proposed cybersecurity certification scheme for cloud services (EUCS)

In addressing the challenges referred before, it is crucial to recognize that cybersecurity in Industry 5.0 goes beyond technology. The approach must include modifying the production chain to integrate equipment with cybersecurity capabilities, strengthening access protection, analysing protocols, and segmenting flows. Increasing cyber-maturity through technical diagnoses, robust authentication mechanisms, and ongoing monitoring is essential for building a secure future in Industry 5.0.

In this section, before analysing the proposed cybersecurity certification scheme for services (4.2.), the article explores the rationale of this certification according to the European Commission and the Member States (4.1.).

4.1 Certification of cloud computing services in the EU’s strategy

Since the adoption of the first European Cloud Computing Strategy in 2012, cloud computing has been recognized by the EU and the Member States as a potential game changer in corporate governance and security management [9, 10]. The European Commission’s strategy, focused on enabling and facilitating the rapid adoption of cloud computing across all sectors of the economy, recognizes its potential to reduce ICT costs, boost productivity growth, create jobs, and enhance competitiveness. This approach is aimed at making Europe a key global player in cloud provision and use, capitalizing on the widespread application of cloud technologies.

The Commission has identified several actions to address concerns regarding the use of cloud computing. These actions focus on clarifying the applicable legal framework, making it easier to signal and verify compliance (e.g. through standards and certification), and developing legislative initiatives on cybersecurity [8]. The Member States’ perspective emphasizes the importance of developing a competitive and resilient EU cloud supply. Among other things, the declaration highlights the need for joint efforts to reverse the trend of market dominance by non-European players and to mobilize both users and suppliers in developing a truly competitive EU cloud supply. The initiative focuses on addressing data sharing needs, decentralizing data processing, and ensuring data sovereignty for users [10].

In both perspectives, the importance of cloud computing certification is emphasized as a key element in fostering trust and security in cloud services. The Commission’s Strategy underscores the need for clarity and knowledge about the legal framework applicable to cloud computing, with certification playing a pivotal role in signalling and verifying compliance. The Member States’ Declaration aligns with this perspective, focusing on the development of a secure, energy-efficient, and interoperable cloud supply in the EU. This includes the establishment of common technical rules and norms, underpinned by certification processes, to ensure data sovereignty and security, thereby reinforcing the strategic importance of certification in the overall European cloud computing landscape.

4.2 Analysis of the proposed EU cybersecurity certification scheme (EUCS) for cloud services

4.2.1 Overview of the EUCS

The draft of the European Union Cybersecurity Certification Scheme (EUCS) for Cloud Services was prepared by ENISA and the first version dates from December 2020 [10]. The last version was leaked in May 2023 [11].

The legal basis for the proposed European Cybersecurity Certification Scheme for Cloud Services (EUCS) is primarily grounded in the Cybersecurity Act (Regulation (EU) 2019/881), which was adopted by the European Parliament and the Council on 17 April 2019. This regulation establishes a framework for the certification of ICT products, services, and processes and repeals the previous Regulation (EU) No 526/2013.

The EUCS, as a candidate scheme, was developed following a request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act. This led to the formation of an Ad Hoc Working Group (AHWG) by ENISA to support the preparation of the scheme.

The EUCS targets a specific category of ICT services and is based on the ISO/IEC 17065 standard in terms of requirements applicable to Conformity Assessment Bodies (CABs) performing certification. The scheme also takes into account the ISO27000 series of standards and International Auditing Standards, ensuring a comprehensive approach to cybersecurity certification that aligns with established international norms.

The stated goal of the EUCS is to enable cloud service providers to ‘demonstrate their trustworthiness and the effectiveness of their cybersecurity defences [12].

According to Article 52 EUCS, the certification supports three assurance levels: ‘basic’, ‘substantial’, and ‘high’. These levels correspond to increasing degrees of security requirements and assessment rigor. Each level corresponds to a different degree of security requirements and assessment rigor.

The EUCS was designed to be voluntary to allow companies to demonstrate the soundness of their security measures. It is also intended to be a horizontal scheme, applying uniform criteria across all cloud services.

The proposed scheme focuses on the design and implementation of the cloud service, including its security features and essential processes used throughout its lifecycle. The scheme also introduces a simplified assessment methodology for the ‘basic’ assurance level, based on self-assessment audited by a conformity assessment body.

4.2.2 The EUCS as a tool to improve European ‘digital sovereignty’

Trade associations like AmCham EU, BSA, CCIA Europe, and ITI have criticized the EUCS, echoed by Member States such as Germany, which advocates for future decisions to be made by ministers rather than regulators and for additional transparency about the process [13, 14]. The critics are focused on issues two main issues: (i) legal confusion and uncertainty caused by the interplay with other EU legislation and (ii) the data localization requirements also known as sovereignty requirements or, more broadly, independence from non-EU laws.

Regarding the interplay with other EU laws, various laws operate with the EUCS as a functional certification scheme (e.g. the European Cyber Resilience Act) while others require further legal clarity to avoid regulatory compliance challenges for entities in scope of said law (e.g. Digital Operational Resilience Act and NIS2 Directive).

Regarding the second issue, the EUCS looms to impose data localization requirements on any cloud service provider aiming to qualify for a high level of cybersecurity certification within the EU. The proposed EUCS also stipulates that ‘high’ level cloud service contracts must be governed fully by the law of an EU Member State and not that of a third country. This imposition reflects an effort of the EU to ensure that cloud service providers are ‘immune’ from foreign law as an effort to escape the long arm of U.S. national security surveillance and law enforcement authorities [15]. The EU has a strong focus on personal data protection regulation as exemplified by the General Data Protection Regulation (GDPR) which in the past as clashed with foreign laws [16].

The EU’s endeavours in advancing its ‘digital sovereignty’, as noted by the US Chamber of Commerce, are pivotal in establishing the region’s autonomy in the digital sphere [17, 18]. This ambition transcends merely reducing dependence on foreign technology companies. It encompasses a broader ambition to establish its own technology rules and to ‘achieve strategic autonomy in the digital sphere and boost European competitiveness in tech’ while shaping global norms in the process [17]. Significantly, digital sovereignty in the EU context is not limited to the control over the use and design of digital systems and platforms or the data contained therein. It also extends to societal and democratic dimensions, reflecting a comprehensive approach [19]. Or, as scholars point, digital sovereignty aims to safeguard ‘European values’ [20].

In the specific case of the EUCS, Brussels believes that data localization requirements will create new market opportunities for European cloud service providers and, consequently, exclude U.S. and other international companies. In addition to this demanding that ‘high’ level cloud service providers are fully governed by the law of an EU Member State and not that of a third country aims to block foreign jurisdictions from accessing European cloud data in violation of the EU’s Charter of Fundamental Rights [16].

5. Conclusions

Cloud computing has emerged as a linchpin in the transition from Industry 4.0 to Industry 5.0, offering a bridge between advanced technological capabilities and a human-centric industrial approach. Its widespread adoption across various industries highlights its integral role in facilitating this transition, where it supports a myriad of functions crucial to realizing a more humane, sustainable, and efficient industrial model.

The advancement of Industry 5.0 is contingent upon the responsible and ethical utilization of cloud technologies, underpinning the necessity for robust cybersecurity measures. Section 3 explored the various cybersecurity challenges in cloud computing, particularly in the context of Industry 5.0, underscoring the importance of protecting digital infrastructure and data. Addressing these challenges is crucial for maintaining public trust and ensuring the seamless functioning of interconnected systems, a cornerstone of Industry 5.0’s vision for a more sustainable and resilient industrial future.

The European Union’s approach to cloud certification, particularly through the draft EUCS, is a strategic step towards enhancing public trust in Industry 5.0 but also digital sovereignty. The EUCS not only aims to establish a standardized framework for certifying cloud services but also reflects the EU’s broader ambition to assert its autonomy in the digital sphere and shape global norms. This certification scheme, while facing certain criticisms, stands as a testament to the EU’s commitment to safeguarding European values and establishing a secure, competitive cloud service market. Hence, it is this paper main conclusion that the EUCS is particularly aligned with the Industry’s 5.0 goal to blend a technology-centric approach with a value-driven mindset. Indeed, this emphasis on value-driven technology selection and use aligns with the EU’s digital sovereignty ambitions. By ensuring data is stored and processed within the EU, there is greater control over how this data is used, ensuring it aligns with Industry 5.0’s focus on ethical and sustainable practices.

References

1. Bania K, Geradin D. The regulation of cloud computing: Why the European Union failed to get it right. Information & Communications Technology Law. 2023;1:1-15. DOI: 10.1080/3600834.2023.2260687
2. Muller J: Enabling Technologies for Industry 5.0. Results of a workshop with Europe’s technology leaders. 2020. Available from: https://research-and-innovation.ec.europa.eu/knowledge-publications-tools-and-data/publications/all-publications/enabling-technologies-industry-50_en [Accessed: December 20, 2023]
3. Fukuda K. Science, technology and innovation ecosystem transformation toward society 5.0. International Journal of Production Economics. 2020;20:220. DOI: 10.1016/j.ijpe.2019.07.033
4. Barata J, Kayser I. Industry 5.0 – Past, present and near future. Procedia Computer Science. 2023;780:778-788. DOI: 10.1016/j.procs.2023.01.351
5. Mell P, Grance T. The NIST Definition of Cloud Computing. Gaithersburg: National Institute of Standards and Technology; 2011. Available from: https://csrc.nist.gov/pubs/sp/800/145/final [Accessed: December 20, 2023]
6. Dixson S, Balland P, Bria F, Charveriat C, Dunlop K, Giovannini E, Tataj D, Hidalgo C, Huang A, Isaksson D, Martins F, Renda A, Serger S. Industry 5.0: A Transformative Vision for Europe. Governing Systemic Transformations towards Sustainable Industry. 2021 Available from: https://research-and-innovation.ec.europa.eu/knowledge-publications-tools-and-data/publications/all-publications/industry-50-transformative-vision-europe_en [Accessed: December 20, 2023]
7. European Commission: The EU’s Cybersecurity Strategy for the Digital Decade. Brussels: European Commission; 2020. Available from: https://digital-strategy.ec.europa.eu/en/library/eus-cybersecurity-strategy-digital-decade-0 [Accessed: January 3, 2024]
8. ENISA: Definition of Cybersecurity – Gaps and Overlaps in Standardization. Athens: ENISA; 2015. Available from: https://www.enisa.europa.eu/publications/definition-of-cybersecurity [Accessed: January 3, 2024]
9. European Commission: Communication from the commission to the European Parliament, the council, the European economic and social committee and the Committee of the Regions. Unleashing the Potential of Cloud Computing in Europe. 2012;1:1-25. Available from: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0529:FIN:en:PDF [Accessed: January 3, 2024]
10. Declaration Building the next generation cloud for business and the public sector in the EU. 2020. Available from: https://digital-strategy.ec.europa.eu/en/news/towards-next-generation-cloud-europe [Accessed: January 3, 2024]
11. EU Cloud Certification Headed for Tiered Approach on Sovereignty. 2023. Available from: https://www.euractiv.com/section/cybersecurity/news/eu-cloud-certification-headed-for-tiered-approach-on-sovereignty-criteria/ [Accessed: January 16, 2024]
12. EUCS – Cloud Services Scheme. 2020. Available from: https://www.enisa.europa.eu/publications/eucs-cloud-service-scheme [Accessed: January 16, 2024]
13. Cybersecurtiy Certification Scheme for Cloud Services (EUCS). 2023. Available from: https://www.amchameu.eu/system/files/position_papers/amchameu_eucs_pop.pdf [Accessed: January 16, 2024]
14. Germany Calls for Political Discussion on EU’s Cloud Certification Scheme. 2022. Available from: https://www.euractiv.com/section/cybersecurity/news/germany-calls-for-political-discussion-on-eus-cloud-certification-scheme/ [Accessed: January 3, 2024]
15. Swire P, DeBrae K. The effects of data localization on cybersecurity – Organizational effects. Georgia Tech Scheller College. 2023;1:1-31. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4030905 [Accessed: January 3, 2024]
16. Gerke S, Rezaeikhonakdar D. Privacy shield 2.0 – A new trans-Atlantic data privacy framework between the European Union and the United States. Cardozo Law Review. 2023;45:353-403
17. The European Union’s Proposed Cybersecurity Certification Scheme for Cloud Services (EUCS): how “sovereignty” requirements undermine cybersecurity and harm transatlantic ties. 2022. Available from: https://www.uschamber.com/assets/documents/221205_Comments_EU-Cybersecurity_Administration.pdf [Accessed: January 3, 2024]
18. Christakis T. European Digital Sovereignty. Successfully Navigating Between the “Brussels Effect” and Europe’s Quest for Strategic Autonomy. Studies on Digital Governance. 2020. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3748098 [Accessed: January 16, 2024]
19. Moerel, L, Timmers, P: Reflections on Digital Sovereignty. EU Cyber Direct, Research in Focus. 2021. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3772777 [Accessed: January 19, 2024]
20. Roberts H, Cowls J, Casolari F, Morely J, Taddeo M, Floridi L. Safeguarding European values with digital sovereignty: An analysis of statements and policies. Internet Policy Review. 2023;780:778-788. DOI: 10.1016/j.procs.2023.01.351

[1] 1. Bania K, Geradin D. The regulation of cloud computing: Why the European Union failed to get it right. Information & Communications Technology Law. 2023;1:1-15. DOI: 10.1080/3600834.2023.2260687

[2] 2. Muller J: Enabling Technologies for Industry 5.0. Results of a workshop with Europe’s technology leaders. 2020. Available from: https://research-and-innovation.ec.europa.eu/knowledge-publications-tools-and-data/publications/all-publications/enabling-technologies-industry-50_en [Accessed: December 20, 2023]

[3] 3. Fukuda K. Science, technology and innovation ecosystem transformation toward society 5.0. International Journal of Production Economics. 2020;20:220. DOI: 10.1016/j.ijpe.2019.07.033

[4] 4. Barata J, Kayser I. Industry 5.0 – Past, present and near future. Procedia Computer Science. 2023;780:778-788. DOI: 10.1016/j.procs.2023.01.351

[5] 5. Mell P, Grance T. The NIST Definition of Cloud Computing. Gaithersburg: National Institute of Standards and Technology; 2011. Available from: https://csrc.nist.gov/pubs/sp/800/145/final [Accessed: December 20, 2023]

[6] 6. Dixson S, Balland P, Bria F, Charveriat C, Dunlop K, Giovannini E, Tataj D, Hidalgo C, Huang A, Isaksson D, Martins F, Renda A, Serger S. Industry 5.0: A Transformative Vision for Europe. Governing Systemic Transformations towards Sustainable Industry. 2021 Available from: https://research-and-innovation.ec.europa.eu/knowledge-publications-tools-and-data/publications/all-publications/industry-50-transformative-vision-europe_en [Accessed: December 20, 2023]

[7] 7. European Commission: The EU’s Cybersecurity Strategy for the Digital Decade. Brussels: European Commission; 2020. Available from: https://digital-strategy.ec.europa.eu/en/library/eus-cybersecurity-strategy-digital-decade-0 [Accessed: January 3, 2024]

[8] 8. ENISA: Definition of Cybersecurity – Gaps and Overlaps in Standardization. Athens: ENISA; 2015. Available from: https://www.enisa.europa.eu/publications/definition-of-cybersecurity [Accessed: January 3, 2024]

[9] 9. European Commission: Communication from the commission to the European Parliament, the council, the European economic and social committee and the Committee of the Regions. Unleashing the Potential of Cloud Computing in Europe. 2012;1:1-25. Available from: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0529:FIN:en:PDF [Accessed: January 3, 2024]

[10] 10. Declaration Building the next generation cloud for business and the public sector in the EU. 2020. Available from: https://digital-strategy.ec.europa.eu/en/news/towards-next-generation-cloud-europe [Accessed: January 3, 2024]

[11] 11. EU Cloud Certification Headed for Tiered Approach on Sovereignty. 2023. Available from: https://www.euractiv.com/section/cybersecurity/news/eu-cloud-certification-headed-for-tiered-approach-on-sovereignty-criteria/ [Accessed: January 16, 2024]

[12] 12. EUCS – Cloud Services Scheme. 2020. Available from: https://www.enisa.europa.eu/publications/eucs-cloud-service-scheme [Accessed: January 16, 2024]

[13] 13. Cybersecurtiy Certification Scheme for Cloud Services (EUCS). 2023. Available from: https://www.amchameu.eu/system/files/position_papers/amchameu_eucs_pop.pdf [Accessed: January 16, 2024]

[14] 14. Germany Calls for Political Discussion on EU’s Cloud Certification Scheme. 2022. Available from: https://www.euractiv.com/section/cybersecurity/news/germany-calls-for-political-discussion-on-eus-cloud-certification-scheme/ [Accessed: January 3, 2024]

[15] 15. Swire P, DeBrae K. The effects of data localization on cybersecurity – Organizational effects. Georgia Tech Scheller College. 2023;1:1-31. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4030905 [Accessed: January 3, 2024]

[16] 16. Gerke S, Rezaeikhonakdar D. Privacy shield 2.0 – A new trans-Atlantic data privacy framework between the European Union and the United States. Cardozo Law Review. 2023;45:353-403

[17] 17. The European Union’s Proposed Cybersecurity Certification Scheme for Cloud Services (EUCS): how “sovereignty” requirements undermine cybersecurity and harm transatlantic ties. 2022. Available from: https://www.uschamber.com/assets/documents/221205_Comments_EU-Cybersecurity_Administration.pdf [Accessed: January 3, 2024]

[18] 18. Christakis T. European Digital Sovereignty. Successfully Navigating Between the “Brussels Effect” and Europe’s Quest for Strategic Autonomy. Studies on Digital Governance. 2020. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3748098 [Accessed: January 16, 2024]

[19] 19. Moerel, L, Timmers, P: Reflections on Digital Sovereignty. EU Cyber Direct, Research in Focus. 2021. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3772777 [Accessed: January 19, 2024]

[20] 20. Roberts H, Cowls J, Casolari F, Morely J, Taddeo M, Floridi L. Safeguarding European values with digital sovereignty: An analysis of statements and policies. Internet Policy Review. 2023;780:778-788. DOI: 10.1016/j.procs.2023.01.351