What the “cloud” is going on in ETSI?


As a part of the route taken by the European Commission to “unleash the innovative potential in Europe” and investing in ICT solutions such as “cloud”, the European Telecommunications Standards Institute (ETSI) has been requested to identify a detailed map of the standards required to support EU policy in such areas as security, interoperability, data portability and reversibility. ETSI therefore launched the Cloud Standards Coordination (CSC) initiative in collaboration with numerous stakeholders: cloud industry players, public authorities, user associations and more than 20 standards setting organisations.

The CSC involves series of reports on various topics: needs of cloud computing users’, interoperability and security, standards maturity assessment, but one of those is particularly interesting: titled “Standards and Open Source”, it claims to “investigate the relationship and the interactions between standardisation and Open Source based software and solutions in Cloud Computing”. The rationale behind such document is, according to the Report, in following statement: “Open Source development plays a very important role and changes significantly the traditional approach to standardisation”. The start is rather promising as it instantly gives hope to the closer assessment of Open Standards, the prerequisite for Free Software.

Next the Report attempts to make a clear distinction between Standards and Free Software. No objections so far. Standards and Free Software are indeed different concepts, and according to the Report “are serving rather different purposes and have developed different ways to achieve their own goals”.

Then the Report identifies the purpose of the document, i.e. the “realisation that in more and more cases standards setting organisations have found it useful to address some of the ways of working of Open Source organisations [OSS], and vice-versa.” The hope for addressing Open Standards has slightly shrunk. “Some of the ways of working” is rather vague definition of the basis for analysis, but okay, it could still potentially include the evaluation of Open Standards.

Further digging into the definitions provided in the Report: standards are praised as “stable”, “focused on core functionality”, “widespread”, “interoperable” and “technology neutral”. No mention of Open Standards whatsoever throughout the whole Report. Furthermore it seems that in fear of “unclear definition” of “open”, the word ‘open’ in front of standards is avoided like the plague. A small disclaimer in the beginning states that the report is not addressing the debate on the many meanings of “open”. The disclaimer, nor the introduction is giving any further insight about which unclarity concerning the term “open” the authors of the Report are excluding from the scope of it.

If the Report was trying to stay neutral in this regard, then it failed to do so. The Report explicitly states that due to the characteristics of Free Software, the latter is incompatible with Standards by stating the following:

  • “OSS is not concerned with interoperability”, while “the major objective” of standards is “to guarantee interoperability”
  • “impossible to find similar ways of working and expected outcome”,
  • “OSS do not feel the pressing need for cooperation”.

 

The approach taken in the Report towards analysing the “ways of working” of OSS is somehow confusing and contradictory: it acknowledges the importance of Free Software in standardisation, and at the same time rejects it by stating that OSS is not willing to cooperate with standard setting organisations that per se are the cornerstone of interoperability according to the Report. This statement is rather surprising, because it slightly goes against the current policy aim to “cut through the jungle of standards” taken by the EU. Using jungle when describing standardisation does not sound as this is a particularly easy process and self-sufficient for interoperable solutions.

A little background check on ETSI and a simple internet search unveil its close cooperation with Trusted Computing Group (TCG), that according to ETSI allegedly “develops, defines and promotes open, vendor-neutral, global industry standards supportive of a hardware-based root of trust, for interoperable trusted computing platforms”. Notoriously, the group is not in favour of ‘openness’ and avoidance of customer lock-in, and especially is not the hardware-based root of trust. TCG is responsible for developing far-reaching restrictions on the use of hardware, in the form of Trusted Platform Module that restricts users from replacing proprietary hardware with Free equivalents. IBM, Microsoft, Hawlett-Packard, the members of TCG, are also one of the 700 members of ETSI.

In addition it is noteworthy, that considering the fact that CSC initiative is supposed to be a collaboration between numerous “prominent” players: cloud industry players, public authorities, user associations and standards setting organisations, only the list of collaborating standard setting organisations is public. Therefore, it is difficult to assess how much are the user interests actually represented in this collaboration, and whether ETSI collaborated with any of Free Software actors when drafting the Report.

What is clear is that ETSI participates in the European standard setting scene and is envisaged to produce results in order for Europe to finally have its ‘own’ push in the standardisation processes. As their work is supposed to be linked to the European policies, then it would have at least been logical to use EU’s own definition of Open Standards when preparing the Report.

According to the European Interoperability Framework, definition of ‘open’ in ‘standard’ has to fulfill following criteria:

 

  • The standard is adopted and maintained by a not-for-profit organisation, and its ongoing development is based on an open decision-making procedure available to all interested parties.
  • The standard has been published and its specification document is available either freely or at a nominal charge. It must be permissible to all to copy, distribute and use it.
  • The intellectual property of (parts of) the standard is made irrevocably available on a royalty-free basis. There are no constraints on the re-use of the standard

 

And what has this all to do with “cloud”? Based on the obvious lack of actually addressing cloud in the Report, the answer is left open. Perhaps the reason of avoiding cloud in the Report may derive from the fact that the concept may seem too fuzzy for the ETSI, as after all:

“There is no cloud – just other people’s computers”

Image: Creative Commons License
No Cloud is licensed under a Creative Commons Attribution 4.0 International License.