SCS certification overview
Digital sovereignty drives SCS certification
The SCS project takes a comprehensive perspective on digital sovereignty. Please read Digital Sovereignty and SCS certification for more details.
The basic level, control over data that at least allows to comply with the European GDPR regulation, is not certified by SCS; while the SCS software makes it easy to build (local) clouds that fulfill these, it depends on the operators of the infrastructure what compliance rules they fulfill.
The SCS project however has defined certification levels for levels two, three and four in the sovereignty taxonomy.
| Digital Sovereignty level | SCS certification |
|---|---|
| 1: Data Sov'ty / Legal compliance | (Refer to ENISA/Gaia-X) |
| 2: Provider switching / Tech Compatiiblity | SCS-compatible |
| 3: Ability to shape technology | SCS-open |
| 4: Transparency & SKills for Operations | SCS-sovereign |
As of September 2024, the SCS-compatible certification level is defined and used; the details for the higher levels are still being worked on.
Certification process
To get certified, the infrastructure needs to fulfill the criteria. As far as possible, these are implemented as automated tests that run continuously (daily) to assure continuous compliance. The results are made transparent via the the Certified Clouds overview page.
To get officially certified with the right to use the SCS brand and getting listed on this page requires to work with the Forum SCS-Standards at the OSB Alliance which takes over this aspect from the SCS project. It requires membership or certification fees to cover the efforts of standardization and certification.
The process is described in more details on the Getting SCS-compatible certification (for Operators) page. An example with technical testing and adjustments is on the Testing and Adjustment example page.