Deutschland-Stack: IT Planning Council makes open-source cloud standards binding

The IT Planning Council has made the standards of the Sovereign Cloud Stack (SCS) binding within the Deutschland-Stack (Germany stack). With this, federal, state, and local governments have agreed on a uniform platform core and an initial portfolio for the joint digital infrastructure of the administration.

State Secretary Markus Richter from the Federal Ministry for Digital and Transport (BMDS) spoke of a "groundbreaking decision" that federal, state, and municipal associations had made together. The standards, developed over several consultation rounds, are now binding across all levels, as stated in the BMDS announcement.

The Open Source Business Alliance (OSBA) welcomed the decision. Board member Felix Kronlage-Dammers explained: "The Deutschland-Stack takes a step towards digital sovereignty. Building on existing open-source standards like those of the Sovereign Cloud Stack and the German Public Administration Cloud is exactly the right path: interoperable, verifiable, and without lock-in." This will make it significantly easier for the administration to switch between different providers and control its own digital infrastructures.

Open Standards Against Vendor Lock-in

The platform core of the Deutschland-Stack is intended to provide uniform solutions for identification, data exchange, data retrieval, payment processing, and notifications. The integration of SCS standards plays a central role in this: The Sovereign Cloud Stack, developed under the umbrella of the OSBA, defines open interfaces and specifications for cloud and container infrastructures based on open source. The standards cover areas such as Infrastructure as a Service (IaaS) – including Flavor Naming, Volume Types, and Key Management – as well as Kubernetes as a Service (KaaS) with specifications for versions, networking, and storage classes. In addition, there are specifications for Identity and Access Management, including Single Sign-on.

Certification and Interaction with the Verwaltungscloud

According to the OSBA's assessment, the SCS standards complement those of the German Public Administration Cloud (DVC) in many areas. Kronlage-Dammers described this as an "ideal basis for consistently developing further together, for example, through clear conformity and certification procedures based on the already existing SCS standards." In fact, with the standard SCS-0004, there is already a set of rules for SCS-compliant certifications. The OSBA signaled its willingness to cooperate in further development.

The decision marks the transition from a longer consultation process to binding implementation. The OSBA had previously warned in the consultation rounds against "sovereignty washing" and called for stronger anchoring of open source. However, the association is now satisfied with the decision made.

(fo)