IFIP WG 8.9 · International Federation for Information ProcessingVienna, Austria · 12–13 September 2027
C27

CONFENIS 2027

13th International Conference on Enterprise Information Systems

TU Wien, Vienna
Hosted by Vienna University of Technology

CONFENIS 2027 · Paper 05 · Data Spaces and Inter-Organisational Information Systems

GAIA-X Compliant Federated Data Spaces for Cross-Organisational Supply Chain Visibility

Sophie Bauer, Markus Lindner, Elena Petrova

University of Vienna · TU Munich · Sofia University 'St. Kliment Ohridski'

Paper numberCONFENIS 2027 / 05
TrackData Spaces and Inter-Organisational Information Systems
Pages61–75
ProceedingsSpringer LNBIP vol. 528 (2027)
Correspondingsophie.bauer@univie.ac.at
DOI10.1007/978-3-031-XXXXX-X_5
Abstract

European supply chains face a structural information-asymmetry problem: visibility across organisational boundaries is critical for resilience, sustainability, and compliance, yet the data-sharing infrastructure remains either bilateral or vendor-locked. GAIA-X and the IDS Reference Architecture offer a sovereign federated alternative but their concrete instantiation in supply-chain contexts is still emerging. We design and prototype a GAIA-X compliant federated data space for cross-organisational visibility in a three-tier European automotive supply chain (OEM, Tier-1, Tier-2). The prototype implements verifiable-credentials based access control and policy-enforced data usage tracking. Evaluation against a six-month operational pilot shows feasible end-to-end performance and surfaces the governance — not technical — bottlenecks of sovereign data sharing.

Keywords: GAIA-X; Federated Data Spaces; Supply Chain Visibility; IDS; Catena-X; Data Sovereignty

1. Introduction

The disruption of European supply chains during 2020–2023 — pandemic, semiconductor shortage, Russia's invasion of Ukraine, Red Sea shipping interruption — has exposed a long-known weakness: most enterprises have visibility only to their direct counterparties (n+1 visibility), and so cannot anticipate disruption from deeper tiers. Federated data spaces, formalised in the GAIA-X Architecture Document (GAIA-X AISBL, 2023) and the IDS Reference Architecture Model 4 (IDSA, 2022), promise sovereign cross-tier visibility without the centralisation of data in a vendor platform.

2. Method

We design FED-SCV (Federated Supply Chain Visibility), a reference architecture for GAIA-X compliant cross-tier visibility, and instantiate it as a prototype across three European partners: a German automotive OEM (anonymised as O), an Austrian Tier-1 (T1), and a Bulgarian Tier-2 (T2). The prototype uses Eclipse EDC 0.4 as the connector layer, the Catena-X Item Relationship Service for product genealogy, and a self-issued verifiable credential framework based on W3C VC 2.0. Evaluation covered a six-month operational pilot (April–September 2026) of three concrete use cases: forward inventory visibility, carbon-footprint pass-through, and quality incident propagation.

3. Results

Technically, FED-SCV achieved end-to-end latencies of 1.8 seconds median (95th percentile 4.6 s) for inventory queries propagating O→T1→T2. Verifiable credential verification added 240 ms median. Throughput peaked at 180 queries/second, well above operational requirements. Governance-wise, the substantive bottleneck was not technical: the three partners required 14 weeks to agree on usage-policy semantics — specifically, what 'authorised internal use' meant for carbon-footprint data that, if recombined with other sources, could reveal Tier-2 cost structure. The Carbon-footprint use case consumed 60% of the governance effort despite being the smallest by data volume.

4. Discussion

Our pilot supports the operational feasibility of GAIA-X compliant supply-chain data spaces, but corroborates the emerging practitioner consensus that the bottleneck is data-sharing governance, not connector technology. The 14-week negotiation period for usage-policy semantics across three partners suggests that ten-partner Catena-X instances will require fundamentally new collective-governance tooling — perhaps drawing on commons-management theory (Ostrom, 1990) rather than on bilateral contracting.

5. Conclusion

GAIA-X compliant federated visibility is technically mature; the open research and practice agenda lies in scalable, multi-party usage governance. FED-SCV offers a reference instantiation and a baseline empirical study for the field.

References

  1. GAIA-X AISBL: Architecture Document — Release 24.04. GAIA-X European Association for Data and Cloud (2023).
  2. IDSA: IDS Reference Architecture Model, Version 4. International Data Spaces Association (2022).
  3. Otto, B., ten Hompel, M., Wrobel, S.: Designing Data Spaces. Springer (2022).
  4. Ostrom, E.: Governing the Commons: The Evolution of Institutions for Collective Action. Cambridge University Press (1990).
  5. Petrova, E., Bauer, S.: Federated identity in cross-border B2B data spaces. Data & Knowledge Engineering 145, 102119 (2024).
  6. W3C: Verifiable Credentials Data Model 2.0. W3C Candidate Recommendation (2024).

Citation: Sophie Bauer, Markus Lindner, Elena Petrova. "GAIA-X Compliant Federated Data Spaces for Cross-Organisational Supply Chain Visibility." In: Tjoa, A.M., Mendling, J., Wimmer, M. (eds.) Research and Practical Issues of Enterprise Information Systems. CONFENIS 2027. LNBIP 528, pp. 61–75. Springer, Cham (2027).

© Springer Nature Switzerland AG 2027. Reproduction with permission.

← Back to proceedings