In the modern digital landscape, ensuring secure data sharing within complex infrastructures is not trivial. This paper presents an in-depth analysis of dataspaces and their crucial role in enhancing privacypreserving data exchange within the energy supply chain. The main contribution of the work includes the design of the architecture of dataspaces, emphasizing their utility in addressing legal and technical challenges while ensuring data sovereignty and stakeholder trust. Through a focused case study and STRIDE analysis, the practical application and security benefits of dataspaces are illustrated, underscoring their significance in fostering a secure, eficient, and collaborative data-sharing environment.
CEUR ceur-ws.org
In today’s interconnected world, existing systems are asked to fulfil increasing data-sharing
requirements. The rapid expansion of data-centric applications underscoring the real value
of data [
While the importance of a unified data-sharing ecosystem is evident, the energy sector faces
specific privacy and security challenges that need to be addressed. As an example, the
integration and exchange of data among energy stakeholders necessitates robust privacy-preserving
mechanisms to prevent unauthorized access and to ensure the integrity and confidentiality of
the exchanged information. This is crucial for maintaining operational security and trust within
and across the energy supply chain [
The remainder of this paper is structured as follows. Section 2 addresses the related work. Section 3 ofers a comprehensive overview to clarify the concept of dataspace and to address the ambiguities and uncertainties identified. Section 4 outlines specific European initiatives promoting the advancement of dataspaces, while Section 5 concentrates on eforts pertinent to the development and enhancement of dataspaces supporting the energy supply chain. Section 6 explores a practical case study where the dataspace paradigm has been applied, providing an analysis of security considerations and employing STRIDE methodology to assess communications based on dataspaces. Lastly, Section 7 ends the paper drawing final remarks.
The challenges linked to privacy-preserving and secure data sharing have been subject to
multiple research works. Among others, blockchain-based solutions have been proposed in
several application domains [
The present research is motivated by the specific need for privacy-preserving data exchange in the energy supply chain, aiming to clarify and tailor the concept of data spaces to this context. Additionally, advanced privacy-preserving techniques suited for the energy sector’s demand are identified and deployed. Furthermore, a detailed case study is presented, applying STRIDE analysis to develop a targeted threat model for data exchange among energy stakeholders. The scope of the model is to demonstrate how dataspaces can enhance data security and privacy in the energy supply chain, aligning with European data strategy goals and fortifying resilience against cyber threats.
To the best of the authors’ understanding, identifying a universally acknowledged definition of
“dataspace” appears unfeasible. The GAIA-X initiative provides an initial perspective,
describing dataspaces as federated, open infrastructures that facilitate data sharing and sovereignty,
based on unified policies, rules, and standards [
Policies Company A
R O T C E N N O C
App Store
Data Description
Data Marketplace
Data Broker Identity Provider (CA) Vocabulary Provider ... Participants Certificates
R O T C E N N O C
Policies Company B Company A Cloud Platform
Traditional Inter Data Exchaning
Company B Cloud Platform
Given these diferent definitions and the consequent complexity of such a concept, this section aims to ofer a concise yet right-to-the-point description of a dataspace, detailing the essential requirements and elucidating the key roles of privacy-preserving mechanisms and data sovereignty in its definition.
What a Dataspace Is. A dataspace is an open ecosystem facilitating data sharing and accessibility among diferent entities. This shift towards dataspaces relies on principles of transparency and trust that govern these ecosystems. Traditional data exchange methods face numerous challenges: a primary concern dataspaces seek to mitigate is the complexities stakeholders experience when establishing legal frameworks for collaboration. Stakeholders across vital sectors, like energy, encounter obstacles in creating contracts and establishing reliable data-sharing policies, hindering broader participation and innovation due to legal complexities. Conventional data exchange lacks full control over post-exchange data, posing risks in scenarios where data governance is crucial, potentially resulting in financial losses.
What a Dataspace Requires. To establish a collaborative and open environment for data sharing, developing a trusted ecosystem where each participant is recognized, has assigned roles, and is authorized for dataspace activities, is essential. Techniques ensuring privacy-preserving data exchange, authentication, authorization, and overall security are vital, as highlighted in the European Claim for dataspaces [20]. For this reason, dataspaces are designed to ensure data sovereignty, providing a framework where data owners maintain control over the usage and sharing of their data. This is a key concept in establishing trust and encouraging more entities to participate in data sharing, as it ensures the respect of their data rights and privacy. In a dataspace, ensuring compliance with regulations and ethical standards is vital, alongside an interoperable infrastructure supporting data sharing across diverse systems, achieved through common standards, vocabulary, and protocols.
Privacy-Preserving Data Exchange. In the dataspace paradigm, data exchange is enabled through connectors, which can be deployed on-premises or in a cloud environment, primarily using helm charts and Kubernetes clusters, following an architecture ensuring security mechanisms. As depicted in Figure 1, establishing the data marketplace requires, among others, a Certification Authority (CA) and a shared vocabulary. The former ensures that diferent stakeholders can be identified and authorized to participate in the marketplace, while the latter enables participants to comprehend a shared language. This common understanding is essential for facilitating machine-to-machine (M2M) communication and simplifying the creation of privacy-preserving policies. From a technical perspective, it is also essential to guarantee the minimum requirements needed for stakeholders’ computing nodes, verify the level of security provided (e.g., Trusted Execution Environment support [21]), and confirm their geographical locations. Stakeholders can publish descriptions of their data oferings on a data broker, while developers can provide applications that utilize this data to create added-value services. All transactions between diferent connectors are recorded by a clearing house, to ensure the accurate processing of payments and data exchanges. Examples of policy enforcement in dataspaces include restrictions on the duration of data usage, the rights to view and utilize data, and the conditions under which data may be shared or processed. For instance, policies might dictate that certain data can only be accessed for a limited time, or specify that data must not be transferred to unauthorized parties. Additionally, policies can enforce data anonymization or de-identification before it is shared to protect privacy. These rules ensure that all data handling within the dataspace adheres to agreed-upon ethical and legal standards, fostering a secure and trusted environment for all participants.
The evolving data-driven landscape and the need for value-added services drive European eforts to establish Common European data spaces [22]. This section highlights the key stakeholders shaping this shift to a novel paradigm, prioritizing European values and facilitating new criteria for data sharing.
The International Data Space Association [23] (IDSA) plays a significant role in the data-sharing revolution. Its mission focuses on ensuring data sovereignty and bridging the gap between industry and research communities to establish data spaces. From a technical point of view, the association has devised the IDSA RAM [24], a reference architecture that delineates the technical and organizational principles for implementing dataspaces. The Reference Model (Figure 2) encompasses three primary aspects: security, certificates, and governance, organized into five layers of granularity: Business, Functional, Information, Process, and System. The Business Layer is devoted to articulating business models and value chains, clarifying the roles and interactions of stakeholders to ensure alignment with business goals. In the Functional Layer, the key capabilities and services necessary for data exchange are delineated, including specific functions such as data sharing and processing that underpin business requirements. The focus of the Information Layer is on organizing data, defining its semantics, and managing its governance to guarantee that data can be exchanged and interpreted across diverse systems. The Process Layer concentrates on the operational aspects, defining the processes and protocols that ensure data is exchanged securely and eficiently, adhering to established policies and standards. Lastly, the System Layer is concerned with the technical foundation, specifying the necessary infrastructure and components, like connectors and networks, that enable the secure exchange of data within the data space. IDSA’s key contribution includes the specification of Roles
Interactions
FUNCTIONAL LAYER TRUST
SECURITY DATA ECOSYSTEM
INTEROPERABILITY APPS DATA
SYSTEM LAYER
MARKET
SERVICE ARCHITECTURE
INFORMATION LAYER MODEL SPEC VODCOABMUALINARY
DIGITAL RESOURCE REPRESENTATION
PROCESS LAYER ONBOARDING DATA OFFERING CONTRACT NEGOTIATION
DATA EXCHANING
Connectors, essential for establishing a dataspace instance. These, detailed in the IDSA RAM, enable multiple parties to create the data-sharing platform.
As data-driven technologies are becoming increasingly integral in today’s digital world [25], the FIWARE foundation plays a crucial role in supporting the development of smart applications and services [26, 27]. FIWARE provides open-source software enabling developers to craft data-centric applications. The building blocks are the Generic Enablers, which ofer a range of functionalities to integrate various data sources and services. This enhanced ecosystem of opensource resources is crafted to optimize the development process, simplifying and accelerating the ability of developers to create advanced, data-centric solutions. FIWARE is crucial in the realization of Digital Twins: the core is the Context Broker, a Generic Enabler that orchestrates the management and storage of context information, bridging the physical devices and their digital replicas. The Context Broker acts as a central hub, ensuring consistent, up-to-date context information between various data sources and applications. It synchronizes real-world entities with digital twin models, enabling real-time responsiveness and dynamic updates. FIWARE’s commitment to interoperability and manufacturer-independent solutions is evident in its IoT agents, which translate messages from diverse protocols into a standardized format, facilitating the creation of manufacturer-agnostic solutions within the FIWARE ecosystem.
This approach is fundamental in advancing the concept of data spaces, where diverse data sources and systems coalesce in a unified, interoperable environment. Additionally, FIWARE’s contribution extends to the standardization of data models through its Smart Data Models initiative. This efort provides a common vocabulary and a set of standardized data structures, vital for the homogenization of data and the facilitation of interoperable data exchange. These data models ofer significant value in the context of data spaces, enabling disparate systems to understand and interpret shared data consistently, and enhancing collaboration and innovation in data-driven environments.
The European Common Data Spaces in the energy sector are crucial for several reasons as illustrated in Table 1. It ofers key benefits and enables utilities and governments to develop new services for citizens and uncover new revenue streams. It is a transformative paradigm in the energy sector, uniting stakeholders—energy providers, consumers, grid operators, and regulators—under a shared digital context. This unification is not only about connecting dots but about creating a secure exchange of data that bridges the traditional silos, fostering a seamless flow of information and insights across the energy landscape. Such integration and interoperability are fundamental for the sector’s eficient resource management and distribution, ensuring that energy reaches where it is needed most when it is needed. Within this context, initiatives like Enershare [28] and CyberSEAS [29] emerge in the realization of this vision. Enershare’s objectives are emblematic of the broader ambitions of the European Common Data Spaces. It aims to democratize energy data, making it accessible and actionable for a spectrum of stakeholders. This democratization is not only about data sharing but about creating a platform where this data can be transformed into actionable intelligence, driving decision-making, and innovation across the energy sector. In Particular, Enershare focuses on harnessing the power of shared data to enable more sustainable energy practices, enhance grid eficiency, and foster the development of new business models and services that can contribute to the energy transition. Indeed, the CyberSEAS Project, funded by the EU, targets the crucial objective of securing European data spaces among its strategic objectives. This initiative underscores the importance of robust security measures in the realm of data sharing and exchange. CyberSEAS is dedicated to advancing applications of enabling technologies that are crucial for facilitating privacypreserving data exchange and sharing among various utility operators. By focusing on these technologies, the project aims to establish a secure framework that ensures data confidentiality and integrity across diferent entities within the utility sector, enhancing trust and collaboration in European data spaces.
The significance of establishing data exchange mechanisms among various operators and stakeholders within the energy supply chain is well acknowledged. This aspect has been addressed in the energy domain through the adoption of standardized schemas for representing assets. This has been made possible by the existence of an industry standard, the IEC 61970 Series, commonly referred to as the Common Information Model (CIM) [34]. The CIM fosters interoperability, enabling seamless integration and communication across diferent systems and platforms used by utility operators and stakeholders. By adhering to CIM standards, organizations can achieve consistency in data representation, ensuring that critical information about assets, operations, and grid conditions is accurately interpreted and shared among relevant parties. CIM is implemented using RDF (Resource Description Framework). In this context, RDF is used to define the hierarchical structure of CIM classes and their relationships. Each CIM class, such as Substation or VoltageLevel, is represented as a resource identified by a unique
ergy assets within the energy grid [32].
URI (Uniform Resource Identifier). Predicates encapsulate the properties and attributes of CIM classes, while their respective values are embodied as objects. CIM schemas enable Transmission System Operators (TSOs) to readily access real-time information on RES generation output, thereby empowering them to efectively balance supply and demand. Likewise, Distribution System Operators (DSOs) leverage CIM to acquire data on distributed energy resources (DERs), which supports grid planning and operation. Therefore, when developing an energy data space, ensuring services compliant with this schema representation should not be overlooked. To efectively harness the benefits of CIM while mitigating its drawbacks, the solution is the development of dataspace services and data applications that are compliant with CIM standards.
This section describes a case study focused on the sharing of energy data, which shows how the strategic alignment of diverse stakeholder requirements can benefit from a more unified and efective power grid management. It demonstrates that substantial benefits derive from advanced data-sharing mechanisms within a well-structured dataspace. This case study comes from the experience with utility operators, within the CyberSEAS project [29], from multiple national stakeholders involving a wide array of end-users, integrating them into the dataspace to enhance collective outcomes. The final objective is to create an environment where stakeholders can exchange vital infrastructure data, thereby enriching the ecosystem’s value and functionality. This approach also played a pivotal role in providing essential protections for the public, mitigating cybersecurity risks that could influence critical services, including billing. The case study allows us to point out the twofold benefit of the proposed approach: augmenting operational eficiency and fulfilling the consumers’ privacy.
As anticipated in Section 5, to secure the common European energy data space we follow the STRIDE methodology in conjunction with Data Flow Diagrams (DFDs). The initial phase
National StakeholderA SERVER
T-T Communication
C-S Communication SERVER
T-S Communication
D SS
O SERVER erviceProviderTrustBoundary SERVER
TSOs Services DSOs Services
Customer
Services LEGEND
Software Analysis Physical Device Entity Data
Source CommDiurencictation applies the STRIDE threat modelling framework and involves the identification of the system’s boundaries and the construction of the DFD, shown in Figure 3. This diagram identifies diferent trust boundaries for each participant in the energy dataspace, acknowledging the premise that diferent entities do not inherently trust one another. The diagram reports the various energy sector stakeholders, such as TSOs and DSOs, abstracting their complex internal communications. In particular, this DFD shows how data related to the power grid’s operational status and the CIM infrastructural descriptions are essential for the operational and strategic management of the grid. These data aspects are crucial for TSOs and DSOs to access real-time information and for supporting grid planning and operational decisions. Another delineated trust boundary pertains to customer premises. Data from meters, IoT devices, and Demand Response assets (DR Devices) can be collected by the utility operator or leveraged to develop new services to enhance power savings, among other objectives. Beyond direct communication with the utility provider, there may also be data exchanges with untrusted parties, such as cloud-based IoT control mechanisms that could be hosted globally. This potential interaction warrants careful consideration within the threat modelling efort.
Once we have delineated the entire system, we map the assets identified in the DFD with their corresponding STRIDE threats. This mapping enables us to associate each asset with the specific security threats it may face, providing a comprehensive understanding of the potential risks within the system. As depicted in Table 2, each device within this system is subject to various threats that must be carefully considered. When analyzing the dataspace-facilitated interactions, it is crucial to recognize that privacy-preserving techniques and policy enforcement measures must be specifically tailored to address these threats. For example, strong authentication mechanisms such as multi-factor authentication can be implemented to counteract spoofing. Policy enforcement can be strengthened by using attribute-based access controls (ABAC) to finetune who has access to data under what conditions. Furthermore, to protect against information disclosure, data can be encrypted both at rest and in transit, ensuring that sensitive information remains confidential. These measures, when carefully specified and applied, can significantly bolster the security of dataspace interactions.
While the establishment of dataspace-based communication enables participants to devise their policies for ensuring privacy during data exchanges, it’s important to highlight the intricate complexities involved in this solution. Specifically, the adoption of a common vocabulary has been facilitated through the use of smart data models from FIWARE, particularly those related to the Common Information Model (CIM). This adoption has streamlined the implementation of communication, allowing participants to comprehend a shared language and exchange valuable data efectively for information creation. However, another potential drawback is the reliance on such standardized models, which may not always accommodate the specific needs or nuances of all participating entities. While standardization promotes interoperability and simplifies data sharing, it can also constrain organizations’ flexibility to represent their data in ways that fully capture its unique aspects or proprietary nuances. Additionally, aligning diferent data models to a common standard can be resource-intensive and require significant transformation or mapping eforts, which could introduce data fidelity concerns. The resulting framework is depicted in Figure 4, where the interactions among diferent national stakeholders (including TSOs and DSOs) and (potential) service providers through the dataspace are mediated by a set of security policies, well-defined and enforced by the cited technologies and frameworks. It is important to acknowledge that this set of policies has to be dynamically updated and adjusted when it is needed.
and distribution of energy Repudiation
and controls physical devices Tampering
cessing information mation Disclosure,
based on demand signals Tampering
the status of the electrical grid tion Disclosure
data, like weather services tion Disclosure
enforce security policies in dataspace connectors begins with the initialization of the connector using baseline security policies and the importation of an initial STRIDE-based threat model. The enforcement process is structured as a continuous loop that only concludes when the connector is deactivated. Within this loop, the connector first collects real-time data on its interactions. Simultaneously, it integrates both external threat intelligence and insights from internal monitoring logs to comprehensively update the threat model. As the loop continues, for each type of interaction that the connector facilitates, it is important to assess whether the existing security policies adequately mitigate the identified risks. This approach involves strengthening authentication protocols, refining access controls, and bolstering data encryption to counteract the assessed threats. Finally after implementing the necessary adjustments, these updated policies are enforced in real time. This proactive and adaptive approach ensures the connectors are secured against evolving threats throughout their operational life.
This paper focuses on the pressing need for methods of exchanging data that preserve privacy and has shed light on the emerging paradigm of dataspaces. These innovative ecosystems allow for the free flow of data among various parties, facilitating the establishment of domain-specific data markets that ofer novel solutions for stakeholders in industry, research, and institutions. Among the primary contributions, the work addressed the definition, requirements, and privacypreserving techniques of the dataspace. Then, the most significant European initiatives focusing on dataspaces utilization and contribution to security were presented. Finally, a real-world case study was shown, to demonstrate the practical applications, the potential benefits, and the challenges associated with the adoption of this paradigm. The present research highlights the significant opportunities ofered by data sovereignty in improving data exchange across various sectors. However, realizing its full potential requires a thorough understanding of its operational dynamics and security measures, to ensure stakeholders fully comprehend its benefits. By promoting understanding and facilitating the adoption of this paradigm, steps forward can be made toward secure and eficient data exchange, with a focus on individual and organizational data rights.
This research has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 101020560 CyberSEAS. The content of this publication reflects the opinion of its authors and does not, in any way, represent the opinions of the European Union. The European Commission is not responsible for any use that may be made of the information that this publication contains.
This work has been also partially funded by the European Union under NextGenerationEU PRIN 2022 Prot. n. 202297YF75 S2: Safe and Secure Industrial Internet of Things. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or European Commission. Neither the European Union nor the granting authority can be held responsible for them. [18] Open DEI, Position paper: Design principles for data spaces, 2022. URL: https://www.opendei.eu/wp-content/uploads/2022/03/ Position-Paper-Design-Principles-for-Data-Spaces.pdf, accessed: 2024-02-26. [19] European Commission, European Data Spaces, Technical Report, Publications Ofice of the European Union, 2023. URL: https://op.europa.eu/en/publication-detail/-/publication/ dcac6aee-0e7a-11ee-b12e-01aa75ed71a1/language-en, accessed: 2024-02-26. [20] European Commission, Data Spaces, 2024. URL: https://digital-strategy.ec.europa.eu/en/ policies/data-spaces, accessed: 2024-02-26. [21] L. Coppolino, R. Nardone, A. Petruolo, L. Romano, Securing fiware with tee technology, in: New Trends in Intelligent Software Methodologies, Tools and Techniques: Proceedings of the 22nd International Conference on New Trends in Intelligent Software Methodologies, Tools and Techniques (SoMeT_23), volume 371, IOS Press, 2023, p. 149. [22] E. Union, Commission staf working document on common european data spaces, 2020. URL: https://op.europa.eu/en/publication-detail/-/publication/ dcac6aee-0e7a-11ee-b12e-01aa75ed71a1/language-en, retrieved from https://op.europa.eu/. [23] International Data Spaces, 2024. URL: https://internationaldataspaces.org/. [24] I. D. S. Association, International data spaces reference architecture model (ids-ram) 4.0, 2023. URL: https://github.com/International-Data-Spaces-Association/IDS-RAM_4_0. [25] M. A. Camilleri, The use of data-driven technologies for customer-centric marketing,
International Journal of Big Data Management 1 (2020) 50–63. [26] Á. Alonso, A. Pozo, J. M. Cantera, F. De la Vega, J. J. Hierro, Industrial data space architecture implementation using fiware, Sensors 18 (2018) 2226. [27] L. Coppolino, R. Nardone, A. Petruolo, L. Romano, Building cyber-resilient smart grids with digital twins and data spaces, Applied Sciences 13 (2023) 13060. [28] Enershare, Enershare | the energy data space for europe, 2024. URL: https://enershare.eu/. [29] CyberSEAS | Cyber Securing Energy dAta Services, 2024. URL: https://cyberseas.eu/. [30] V. Janev, M. E. Vidal, K. Endris, D. Pujic, Managing knowledge in energy data spaces, in:
Companion Proceedings of the Web Conference 2021, 2021, pp. 7–15. [31] E. Curry, S. Hasan, S. O’Riain, Enterprise energy management using a linked dataspace for energy intelligence, in: 2012 Sustainable Internet and ICT for Sustainability (SustainIT), 2012, pp. 1–6. [32] L. Coppolino, R. Nardone, A. Petruolo, L. Romano, A. Souvent, Exploiting digital twin technology for cybersecurity monitoring in smart grids, in: Proceedings of the 18th International Conference on Availability, Reliability and Security, 2023, pp. 1–10. [33] S. Meneguzzo, A. Favenza, V. Gatteschi, C. Schifanella, Integrating a dlt-based data marketplace with idsa for a unified energy dataspace: Towards silo-free energy data exchange within gaia-x, in: 2023 5th Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS), IEEE, 2023, pp. 1–2. [34] M. Uslar, M. Specht, S. Rohjans, J. Trefke, J. M. González, The Common Information Model CIM: IEC 61968/61970 and 62325-A practical introduction to the CIM, Springer Science & Business Media, 2012.