How: Data Space Governance
Standardization
Why do we standardize?
The success of the digital transformation of the automotive industry critically depends on multilateral collaboration between all stakeholders along the automotive value chain. Our growing Catena-X ecosystem will enable enormous amounts of data to be integrated and collaboratively harnessed.
However, this vision is complex: companies at various stages of the automotive value chain, such as production, delivery, or logistics, often have their own IT systems to manage their data. To ensure that these complex data volumes can be sent, received, and processed smoothly across all stages of the value chain, we need one language for all players: common standards and frameworks.
What do we standardize?
The standards of our Catena-X data ecosystem define how the exchange of data and information in our network works. They are the basis for ensuring that the technologies, components, policies, and processes used are developed and operated according to uniform rules. All standards developed for the Catena-X data ecosystem are based on the technological and industry-specific requirements of the automotive industry.
The Catena-X Association publishes standards for generic core and enabling services as well as for domain-specific business applications (see KITs Chapter KITs - Keep It Together). These standards and artifacts form the basis for the development and operation of software components in the Catena-X network to ensure interoperability and data sovereignty between different software components and providers. All relevant standards are accessible in the Catena-X standard library.
How do we standardize?
Based on Catena-X's Intellectual Property(IP)-Regulations and in compliance with applicable antitrust law, the Catena-X standardization process aims to develop and implement uniform standards for networking and data exchange in the automotive sector. A general overview of the process is depicted in Figure Catena-X Standardization Process:
Catena-X Standardization Process
The Catena-X Website offers a comprehensive overview of the importance of standardization, how standards are being developed and the core elements of standardisation.
Conformity Assessment and Certification
Why do we certify?
Cross-company interactions highly rely on mutual trust. Catena-X issues certifications to provide trust via transparency and reliability based on our Catena-X standards. By setting up a certification process, we guarantee that our major principles are considered in every component of the network. Independent of size and role, core service providers or small application, a consistent framework was created to ensure beneficial participation for all participants in the network. A chain is only as strong as its weakest link, and to gain trust we need to ensure that all links are as strong as possible by encouraging the consistent use of standards and providing a quality label to those who do.
What do we certify?
Catena-X certification is done in a modular, role-based way, to fulfill different requirements of participants in our ecosystem, whether IT application providers, service providers or onboarding partners. The modularity allows high flexibility and lowers the efforts and redundancies for all parties involved. The certification framework details all standards a company has to comply with based on their role, the goal of their service and the use-case in which they participate e.g. PLM & Quality, Sustainability, Resiliency. Catena-X standards become mandatory for certification as soon as they have been integrated into the certification framework. The Catena-X Association aims to release an update of its certification framework simultaneously with newly released standards. The most current version can always be found on the Catena-X website.
How do we certify?
An overview of the certification process is depicted in Figure Catena-X Certification Process.
Catena-X Certification Process
As part of the certification, the data space participant commits to listing Catena-X solutions on the Catena-X Marketplace in accordance with the mandatory requirement of the Operating Model. This includes adherence to governance components such as Trust ID and related mechanisms. This requirement also applies retroactively to already onboarded partners. However, internal systems that are used solely within a company and are not intended for external provisioning do not require listing on a Catena-X marketplace. Catena-X does not allow the provision of solutions without a marketplace listing. For clarification: All solutions that exchange data within the Catena-X data space and pass it on to other Catena-X users must be certified. A list of all currently certified solutions can be made available through the association upon request. All commercial offers must be listed on a marketplace.
The Catena-X Conformity Assessment Handbook provides a detailed description of how Catena-X conducts conformity assessment through the Conformity Assessment Bodies. The most current version can always be found on the Catena-X Library.
Prerequisite of any certification is the registration / onboarding of the participant who wants to get certified. The registration (see Chapter Registration) is ideally done before any certification request or latest started with the start of the certification request.
Certification framework
Certifications and qualifications at Catena-X can be obtained for different types of services or solutions. The certifications are split into different "roles" indicating the type of relationship to Catena-X, as well as the "module", the specific service provided. The roles of certified companies vary between the provision of a key part of infrastructure or service (Enablement Service Provider or Core Service provider) and complementing further solutions or services to the data space.
Decisions about whether a role or module requires certification are authoritatively made through:
- Normative statements in this Operating Model
- Association decision processes, including Board of Management resolutions where applicable
Individual Catena-X Standards published in the standard library provide the technical and semantic requirements that must be fulfilled when certification is required, but they do not determine whether certification is mandatory and for what roles.
The Modular Certification System is published separately as a consolidated view that visualizes these certification requirements. It does not establish new requirements but rather provides a structured representation of what roles and modules must be certified against which standards. All certification decisions remain the responsibility of the Catena-X Association through the processes described above. The detailed visualizations of the modular certification system, including standards applicable to each role and module, are published on the Catena-X standard library page.
Companies shall always mention the specific role and module they have been awarded the certification in e.g. Connector, Traceability, MaaS...
Certification updates
Each certified partner must ensure compliance with the standards in order to be active in the data space. Each certified participant in the data space must remain compatible with at least one of the supported ecosystem versions through certification by a CAB. If, after the expiry of the ecosystem version associated with the respective certificate, no valid certificate is available, the partners lose their certification/qualification status and will be removed from the Catena-X data space.
The certification requirements become binding as of the official go-live date of the new release. The time between the publication of the standards and the go-live date serves as a transition phase, allowing partners to prepare and complete the certification process. Each label is issued after successful completion of the Catena-X certification or qualification process.
Further clarifications for Ecosystem Releases
For ecosystem releases, all major components of the Catena-X data ecosystem will be updated for all active and future users of the network. To offer a smooth transition to all our stakeholders to a new major release, certain measures are taken during the transitional period:
1. Certification of business applications vs. internal systems that fall under the definition of a Catena-X business application*
A business application provides specific logic and schemas defined in a Catena-X use case (e.g., data processing, transformation functions) that is applied to input data to produce an expected output. This includes the use of Catena-X semantic models (semantic interoperability) as well as the technical data exchange using standardized protocols and APIAPI An API is a way for two or more computer programs to communicate with each other.-specifications (technical interoperability). This does not apply to internal systems of an organization, such as internal databases, data lakes, data pipelines (ETL), or source systems.
Companies may want to integrate internal systems including company-internal business applications into the Catena-X data space. However, it is crucial that all participants can rely on a standardized data exchange to ensure stable and consistent multi-tier data chains based on data sovereignty and interoperability. Consequently, the following principles apply:
- All company-internal business applications required to maintain a stable and consistent multi-tier data exchange must comply with Catena-X standards and be certified by a CAB.
- All company-internal business applications associated with the Catena-X brand and/or offered on a Catena-X marketplace must comply with Catena-X standards and be certified by a CAB.
If an company-internal business application meets either of these criteria, Catena-X certification is mandatory.