Case study 4
Industrial Data Space:
data sharing within a secure and trusted ecosystem
Industrial Data Space (IDS) enables companies to leverage the potential of their data within a secure and trusted ecosystem. It is based on a reference architecture model for data sharing, that supports the secure exchange and simple linking of data in business ecosystems using collaborative governance models. A key aspect is ‘data sovereignty’ – a data owner can share their data within the ecosystem, but can attach usage rights and usage restrictions at the time that the data is shared that can be remotely enforced. The model provides the basis for multiple uses by supply chains within and across sectors, including logistics, transportation and manufacturing. It creates the potential for organisations to develop business models based on data.
Summary: the eight dimensions of data sharing
Industrial Data Space allows for secure exchange and linking of data by different organisations, while allowing organisations to retain sovereignty of data.
The data and its use:
Multiple sources of data and uses, including uses in logistics, manufacturing and health applications.
The business model and value creation:
It has multiple possible business models.
The model for data sharing and the partnership:
The project is a reference architecture model for controlled and secure data sharing. It is funded by the German Federal Ministry of Research and Education. The Industrial Data Spaces Association, a not-for-profit organisation, provides a forum for ensuring that requirements from various industrial sectors are met.
People with the right skills and expertise:
Twelve Fraunhofer institutes provide expertise in: data management, governance and valuation; discovering and linking data; security; and domain expertise. Industrial partners also provide domain expertise. Software partners provide expertise on how concepts might be implemented in practice.
Constraints on how data is shared and used:
GDPR and commercial sensitivity are constraints.
The data architectures and technologies:
An architecture that provides a blueprint for different implementations of industrial data space, encompassing business, security, data and service and software aspects.
Governance / oversight / enabling trust:
The project has bespoke governance depending on the application.
The Industrial Data Space (IDS) project, which commenced in 2014, was prompted by the Germany’s Industrie 4.0 initiative. It builds on an earlier project that identified a key principle of new digital business models: specifically, that they depend on forming ecosystems around a comprehensive end-to-end customer process and require the sharing of data.  The project also builds on research on distributed usage control – a fundamental principle of IDS - that has been developed over the last 10 to 15 years.
The German Federal Ministry of Research and Education has funded the project to bring forward the architecture and deploy it as a prototype in use cases. Initial use cases include ‘truck and cargo management in inbound logistics’, ‘development of medical and pharmaceutical products’, ‘collaborative production facility management’ and ‘end-to-end monitoring of goods during transportation’.
The Industrial Data Spaces Association, a not-for-profit organisation, provides a forum for ensuring that requirements from various industrial sectors are met and puts forward use cases. Increasingly, members of the association are software technology companies. It is hoped that they will take up the ideas so that there are multiple providers of IDS software. The association is open to members from abroad.
Twelve Fraunhofer institutes are involved, and the project is coordinated by the Fraunhofer Institute for Software and Systems Engineering in Dortmund. The 12 institutes bring together different fields of expertise; for example, Dortmund has a strong background in data management, governance and valuation. Other institutes have expertise in linked data and ensuring that data can be found, and domain expertise, such as production management, logistics and healthcare. Institutes with expertise in security have built the trusted connector.
A few ‘lighthouse companies’ (members that are well-known and already driving standardisation processes in their domain) are involved in driving forward use cases. The involvement of the software industry is key in reaching critical mass, as they will be implementing the concepts and technologies.
Companies have realised that they need to share more data than in the past, including data that was previously considered too sensitive to share. Companies are also recognising that data has value, so they want to be able to protect it. Data is only exchanged if it is requested from trustworthy certified partners. The data owner determines who is allowed to use the data and in what way. As a result, the partners of one supply chain may have joint access to certain data by mutual consent so that they can innovate, develop new business models, design their own processes more efficiently or initiate additional added value processes elsewhere, either alone or together. [36, 37]
“Each participant has their own idea of a business model, but they are all relying on each other for the business model to work”
One of the motivating factors for companies to join a data ecosystem is the knowledge that new business models will be characterised by interdisciplinary, cross-domain approaches. The project attempts to lay out the ‘ecosystem governance’, that will enable the ecosystem to emerge. Each participant has their own idea of a business model, but they are all relying on each other for the business model to work. The architecture of IDS provides organisations with the freedom to create this system of business models.
The core roles in the ecosystem include data owners, data providers and data consumers. Data owners may be interested in monetising data through IDS. Other trusted organisations may act as intermediaries within the ecosystem, taking on roles such as certification, brokering data, settling financial and data exchange transactions, verifying the identity of organisations wishing to access data, and data service providers. Added value is created by these roles as they promote trust throughout the IDS and provide metadata to the other participants. IT companies play a role here, providing software and services to the other participants of the IDS.
“Participants jointly decide on data governance such as data management processes and applicable rights and duties”
Technical and data curation arrangements
The reference architecture provides a blueprint for different implementations of the IDS, that can be customised by the participating organisations according to their individual requirements. It consists of the following architectures:
- The business architecture addresses questions regarding the economic value of data, the quality of data, applicable rights and duties, and data management processes.
- The security architecture addresses questions concerning secure execution of application software, secure transfer of data and prevention of data misuse.
- The data and service architecture specifies the functionality of the IDS, especially the functionality of the data services. These may include smart data services such as alerting or monitoring, or basic data services such as data aggregation or mapping.
- The software architecture specifies the software components required for pilot testing of the IDS. Existing technologies are being used as far as possible.
The use of existing domain-specific data standards in IDS is being explored. For example, a use case project in collaboration with SAP and Siemens will show how the concept of the administrative shell – developed under Industrie 4.0, and providing the semantic model for the items in factory or warehouse – works alongside the information model developed in IDS. Similarly, in the logistics use cases, heavy use is made of existing standards used for supply chain business processes. So again, the semantic information model is taken from that particular domain.
Usage constraints need to be attached to particular data items to enable data sharing in a ‘sovereign fashion’. A major gap is having a standardised or harmonised understanding of usage rights – the rules for data sharing. In the past, every company has come up with its own data models, and these need to be aligned to develop a common understanding of the rules. IDS is working with the automotive industry to develop this.
The approach to data management should be able to address uncertainties in data quality. There may be a combination of high-quality, structured data and data that is unstructured, volatile and fuzzy. There could potentially be value in bringing both types of data together.
IDS will be one of several channels for exchanging data; other channels might include open data sources that are freely available, or other data markets that make volumes of data available without restrictions, but without any guaranteed quality.
Data analytics is crucial to providing smart services and differentiating providers, so it is not offered by IDS. There is a question about where the boundary lies between the infrastructure and the data services that the infrastructure supports: in future, an increasing number of data services could become part of the infrastructure.
Legal and commercial arrangements
The IDS supports the governance arrangements by providing an infrastructure for data exchange, interoperability, and the use of new business models, while establishing trustworthy relationships between data owners, data providers and data consumers.  It acts as a ‘trustee’ for mediation between participants, facilitating the negotiation of agreements and contracts. It offers a decentralised architecture that does not require a central authority.
Participants jointly decide on data governance such as data management processes as well as on applicable rights and duties. The overall architecture envisages services that make sure the data is packed and described according to the information model and usage restrictions attached, and then made available under the restrictions.
It is not the intention to help set legislative frameworks, but the project will follow the legislative process very closely. For example, at the European Commission level there are lots of discussions going on about the rights of data producers.
“The project embarks on making a data economy happen, but there are outstanding areas of research”
Outcomes and lessons learned
- IDS potentially ensures that the data owner is realising value from the data that they share with others. It helps to spread the benefits so that, for example, the costs of data creation, capture and management are not incurred by one party while another yields the benefit. The project embarks on the first steps of making a data economy happen, but there are a number of outstanding areas of research including:
- monitoring data transactions, ensuring they can be billed
- mechanisms for putting a cost on data in a repeatable or accepted way
- technical challenges in distributed usage control, in particular enforcing usage rights in a remote environment – currently it is not possible to guarantee that data is not used elsewhere
- accepted information models to describe data goods: semantic information models and domain-specific data models
- identity management for the IoT ‘things’ that share data
- management of data flows if multiple platforms are involved
- the benefits and limitations of different types of platforms along the spectrum from centralised, such as data lakes, to decentralised, such as Hyperledger blockchains.