ESS.VIP.CRC.ESDEN Business Case · ESS.VIP.CRC.ESDEN Business Case Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 3/24 [0.5] 19/11/2014 Alvaro Diez

Commission européenne, B-1049 Bruxelles / Europese Commissie, B-1049 Brussel - Belgium. Telephone: (32-2) 299 11 11.

Office: GUIM 05/53.

Commission européenne, L-2920 Luxembourg. Telephone: (352) 43 01-1.

Eurostat

ESS.VIP.CRC.ESDEN Business Case

Date: 16/12/2014 Version: [0.7 – Draft]

This is a template provided by:


Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 2/24

Document Control Information

Settings Value

Document Title: Business Case

Project Name: ESS.VIP.CRC.ESDEN

Document Author: (?) Alvaro Diez Soto (ESTAT)

System Owner: (?) [System Owner (SO)]

Project Manager: (?) [Project Manager]

Revision Status: (?) [0.7 – Draft]

Sensitivity: (?) [Public, Limited, High]

Issue Date: (?) 16/12/2014

PM² Business Case Guide: See PM² Wiki Business Case

Document Approver(s):

(All Approvers are required. Records of each approver must be maintained.)

Approver Name Role

[Name] Choose Role.

Choose Role.

Choose Role.

Document Reviewers: (Records of each required reviewer must be maintained.)

Reviewer Name Role

[Name] Choose Role.

Choose Role.

Choose Role.

NOTE: All Reviewers in the list are considered required unless explicitly listed as Optional.

Summary of Changes:

The Document Author is authorised to make the following types of changes to the document

without requiring that the document be re-approved:

• Editorial, formatting, and spelling

• Clarification

To request a change to this document, contact the Document Author or Owner.

Changes to this document are summarised in the following table in reverse chronological order

(latest version first)..

Revision Date Created by Short Description of Changes

[0.1] 06/06/2013 Alvaro Diez Soto Initial version for DIME & ITDG

[0.2] 20/06/2013 Alvaro Diez Soto Minor changes and rewording related to

web forms solution

[0.3] 16/09/2014 Alvaro Diez Soto Update to be presented to HUB

[0.4] 30/10/2014 Alvaro Diez Soto Implementation of ITAC comments,

alignment with the Feasibility Study and

implementation of EA comments



[0.5] 19/11/2014 Alvaro Diez Soto Modification of the BC to adapt to the new

PM2 template

[0.6] 24/11/2014 Christine Wirtz Minor modifications

[0.7] 13/12/2014 Alvaro Diez Soto Minor modifications after DIME/ITDG

steering committee

Configuration Management: Document Location

The latest version of this controlled document is stored in [this location].



Table of Contents

1 Project Initiation Request Information ................................................................ 5

2 Context .................................................................................................................. 5

2.1 Situation Description and Urgency ........................................................................... 5

2.2 Situation impact ........................................................................................................ 8

2.2.1 Impact on Processes and the Organization ................................................... 8

2.2.1 Impact on Stakeholders and Users ................................................................. 8

2.3 Interrelations and interdependencies ....................................................................... 9

3 Expected outcomes .............................................................................................10

4 Possible alternatives ...........................................................................................11

4.1 Alternative A: Do nothing ........................................................................................ 11

4.2 Alternative B: Evolution of the EDAMIS platform ................................................... 11

4.3 Alternative C: Replacement of EDAMIS by another system available in the Commission ............................................................................................................................ 13

4.4 Alternative D: Initial planning phase to deeply evaluate alternatives B and C with a parallel improvement of the EDAMIS platform ........................................................................ 14

4.5 Conclusion .............................................................................................................. 15

5 Solution description ............................................................................................15

5.1 Legal basis .............................................................................................................. 16

5.2 Benefits ................................................................................................................... 16

5.3 Success Criteria ...................................................................................................... 17

5.4 Scope ...................................................................................................................... 17

5.5 Solution Impact ....................................................................................................... 18

5.6 Deliverables ............................................................................................................ 18

5.7 Assumptions ........................................................................................................... 19

5.8 Constraints .............................................................................................................. 20

5.9 Risks ....................................................................................................................... 20

5.10 Costs, Effort and Funding Source .......................................................................... 21

5.11 Roadmap ................................................................................................................ 21

5.12 Synergies and Interdependencies .......................................................................... 21

5.13 Enablers .................................................................................................................. 22

6 Governance..........................................................................................................22

6.1 Project owner (PO) ................................................................................................. 22

6.2 Solution Provider (SP) ............................................................................................ 22

6.3 Approving authority ................................................................................................. 22

Appendix 1: References and Related Documents ..................................................23



1 Project Initiation Request Information

2 Context

2.1 Situation Description and Urgency

One of the actions to contribute to the creation of efficient and robust statistical processes in the ESS

is the sharing of IT services and infrastructure and this requires a common and interoperable

technological environment; a common secure IT network for data exchange and a suitable IT

environment for data exchange/access are the grounds of this shared infrastructure.

The current IT network is based on the concept of the single exchange point. The ESS single exchange

point (SEP) is a central node of a network for exchange of information among the different ESS

partners, operated by Eurostat, receiving the statistical data, handling the information and

redistributing it to other organisations where relevant. This network is, from the logical point of view,

split in two different layers: the physical layer and the data exchange layer.

The physical layer is the physical communication layer between Eurostat and the different ESS

partners. The “as is” situation is based on communication over the Internet using a proprietary

protocol based on FTP (STATEL).

The data exchange layer is the logical layer on top of the physical layer assuring the communication

of the statistical data and the delivery to the destination (production systems, dissemination systems

or other partners). This layer is composed of a set of information systems and services providing the

following modes of exchanging information:

• PUSH mode: The ESS single exchange point provides this way of sending information where

the different ESS partners will send the information to the single exchange point, initiating on

their side the communication. The single entry point will then deliver the data to Eurostat as

organisation or to any other organisation. Different channels for the push communication

like direct file transmission using the EWA software tool (installed locally) or uploading of the

file via the EDAMIS portal are allowed.

• PULL mode: SDMX-RI installed in the ESS partners provides a way to expose the statistical

data instead of sending the data. The data are only transmitted on demand when they are

requested. The example of this is the Census HUB where a central dissemination component

installed in European Commission Data Centre requests the data to the ESS network if and

only if this is requested by a user of the dissemination system.

• Online data collection: EDAMIS Web forms provide a set of functionalities to create online

questionnaires to be filled in by the ESS partners. Once the information is filled they can be

automatically transmitted to Eurostat.

The infrastructure can also be used for the exchange of confidential statistical data. However, such

exchange poses extra complexity to the architecture as confidential data must be stored in a secured

Project Title: ESDEN (European Statistical Data Exchange Network)

Initiator: ESS.VIP Program DG / Unit: Eurostat/B3

Date of Request: NA Target Delivery Date: NA

Type of Delivery: ☐In-house ☐Outsourced ☒Mix ☐ Not-known



environment, should not be disclosed and only accessed by a restricted set of operators under the

control of Eurostat. It implies that the network should provide protection of confidentiality and one

consequence is that the physical layer connects to a specific environment hosting the confidential

data.

The today’s architecture described above was built for the data collection in Eurostat and although

some exchange capabilities have been added it was mainly designed as Eurostat data collection

system.

The ESS requires a broader focus of providing a data exchange platform to support modernized

production processes. The current architecture presents the following issues that should be tackled

in order to provide a common secure network infrastructure for data exchange:

• The current design of the data exchange layer is based on a set of monolithic applications

and systems which does not provide easy means of interaction between them and does not

permit easy interaction with common services like validation services. In addition, it is highly

coupled to the physical layer and this makes it impossible to integrate EDAMIS with different

existing physical networks (like CCN1/CSI).

• EDAMIS is getting old and maintenance costs are very high. It comprises a set of processes

and inventory tasks to ensure that the data are securely transmitted to their destination, but

lacks a proper process management system and modular architecture. Consequently,

EDAMIS is costly and difficult to modify and to adapt to new needs.

• Confidential information can only be transmitted from ESS partners to Eurostat and only

making use of the PUSH mode (via the SEP). It is not possible to send confidential

information from Eurostat to the rest of ESS with automated encryption/decryption (only

manual encryption for outgoing datasets is possible now in EDAMIS).

• The SEP does not provide an end to end service to all users. For instance, the online data

collection IT system designed to deal with small data collections (up to 50 items) does not

satisfy all user requirements. In particular it does not enable to integrate collection solutions

which are based on proprietary tools (like Excel) and to fully automate data collection based

on standard formats. The online data collection tool cannot handle confidential information.

• The current physical layer is based on information exchange over the Internet and in some

cases using sTesta. This exchange is done via the creation of a secure channel and additional

security measures are provided to ensure that confidential data is rightly protected (double

encryption). However, this is not a private network and the security of a public network

cannot be compared with other private physical networks used for the exchange of

information like the CCN1/CSI provided by DG TAXUD. These aspects have led to complex

and heavy workflows for confidential data processing.

• The current network architecture does not provide mechanisms for researchers to access

and process the confidential statistical information stored in Eurostat other than through the

usage of the secured data rooms in Eurostat. Such a safe access is for example requested in

the framework of the DARA project in order to enable researchers to have access to

confidential statistical data in Eurostat from secured data rooms in NSIs in order to process

this information in the framework of their research projects. This processing has to be

executed in a secured IT environment under the control of Eurostat and ESDEN project

should assist in the connection to this environment.

Several projects of the ESS.VIP programme call for the development of a robust and secured network

architecture and related hardware and software infrastructure to provide the secured information

access and exchange functionalities.

This network architecture and associated IT environments will act as the ESS communication

backbone and provide service enabling better sharing/access of data and integration of processes at



stake in ESS.VIP projects and beyond. It will be a key element for the implementation of the Vision by

removing communication barriers between ESS stakeholders and pushing the security provision at

the frontier of the entire system.

The SEP function will continue to provide the required services for data exchange. The infrastructure

will be upgraded to enable the sharing of statistical services based on Service Oriented Architecture

(SOA).

Due to the needs expressed by the ESS.VIP projects and the above mentioned issues, the aim of this

project is to upgrade the current infrastructure based on the following principles:

• The revamped infrastructure for exchanging information should allow and foster the

coexistence of different physical networks. In particular, ESDEN should explore the

integration and reuse of already existing Commission infrastructure for data exchange like

the already mentioned CCN1/CSI of DG TAXUD.

• The data exchange layer should allow as much as possible decoupling from the other

network layers, so the information could be treated in the same way independently of the

network channels (physical network) used to receive the information (the information can be

transmitted via STATEL, CCN1/2 or other networks like sTESTA1/2).

• The network should allow the transmission of statistical confidential information between all

the parties (and not only from others partners to Eurostat) and also to enable the exchange

of confidential information not only via push mechanism but also via pull and the usage of

online data collection.

• The data exchange layer should provide means/services implemented as abstraction layer on

top of its stack to orchestrate and better interface with common services like validation and

format transformation of the data acting like the service bus for the data collection of the

ESS network.

• Secure access can be granted to researchers from NSI premises to access a secured IT

environment under the control of Eurostat in a secure way in order to process confidential

statistical data stored in Eurostat.

• As the current online data collection tool is integrated with EDAMIS, the revamping of the

system will demand the creation of a new and loosely coupled online data collection tool

that will work as another entry channel for the data collection.

The following picture shows the desired future status, instead of the current monolithic architecture,

a real split of the network in two different layers enabling different physical networks to coexist and

using the data exchange layer as a single and loosely coupled interface with the upper shared

services layer that will provide shared services to the production systems (ESS.VIP.CRC.SERV project):



Figure 1: Logical view of the future state, it does not intent to provide detail on the different IT environments of the

solution

2.2 Situation impact

2.2.1 Impact on Processes and the Organization

As it has been indicated in the previous point, the problem described is related to the physical layer

and the data exchange layer (EDAMIS) on top. Analysis of EDAMIS, in its current state, revealed that

after years of maintenance and enhancements, due to changes in the business needs, that it is not

only dealing with its original purpose of being the postman of the organisation, but that it also

incorporates "ad hoc" processes that are outside of its initial scope. The modifications done to offer

these "à la carte" services have led to a complex and heterogeneous closely coupled environment

which is difficult and costly to maintain.

Also, confidential data exchange has been identified as a key problem impacting the current

infrastructure. In order to send confidential data from Eurostat to the Member States the

information has to be manually encrypted by an official. This process is limiting either the amount of

the information that can be exchanged or compromising the work of the official that should do the

manual encryption (and for sure not allowing any kind of automation of this task and affecting all the

applications that would like to send confidential data to the rest of ESS partners as they cannot be

automated).

Transformation from the current network infrastructure to a services oriented and confidential one

addressing all the indicated problems of the current infrastructure layers will impact all business

processes enabling better integration as well as a smoother and streamlined approach to security.

This complete transformation will require the involvement of business users as some of the

functionalities implemented "ad hoc" in the SEP should go back to the production systems as they

are related to data processing. It will also involve business users in the definition of the requirements

of the online data collection tool.

2.2.1 Impact on Stakeholders and Users

The current infrastructure does not provide the base for sharing services among ESS partners and for

integrating business processes in the ESS. The pull mode which at this moment is limited to the



Census Hub data collection and dissemination can be considered as a path finder for a new type of

infrastructure.

The current data exchange layer (EDAMIS) serves its original purpose of a postman of Eurostat having

little interaction with the production and dissemination systems. It was designed to cover one of the

core business processes of Eurostat, the data collection, but it was designed as a stovepipe, isolated

system with a single communication mean and with a tight integration with the physical layer over

which it is installed.

Modern information systems architecture have now integrated key aspects like reusability, service

orientation and integration (plug & play) and the current data exchange network was not designed

according to these key aspects.

As a consequence of this stove pipe design, the current architecture does not allow for integration of

common services and does not ease up the redesign of ESS business processes as planned in the

ESS.VIP projects.

Users, both in Eurostat and in the NSIs are impacted as well by the current architecture when it

comes to the exchange of confidential statistical information, as there is only one restricted way to

send confidential statistical data to Eurostat (push mode) and there is no automatic way to send back

confidential statistical information from Eurostat to the rest of the partners of the ESS.

The problem is becoming urgent and critical for the development of the ESS.VIP flagships as both

cross cutting projects and business projects will rely on a network that should be robust, secure and

to provide a layered framework for service oriented communication. Also, due to the extra

complexity added by the "ad hoc" closely coupled functionalities implemented and not related to its

original "postman" duties EDAMIS is becoming more difficult to maintain with very high maintenance

costs.

2.3 Interrelations and interdependencies

The network infrastructure is a critical non-functional requirement for a significant number of

projects of the ESS.VIP program. The current infrastructure (no abstraction layering, no service

oriented architecture, no possibility of loosely coupled systems) significantly hinders the

development of ESS.VIP projects and the realisation of business outcomes and will increase

maintenance and legacy costs in the future.

The following ESS.VIP projects require the modernisation of the exchange network as planned in the

ESDEN project:

• ESS.VIP.BUS.SIMSTAT: more frequent and bidirectional flows of confidential micro data

needs to be enabled and a remote access from MS to the data Hub hosted in Eurostat.

Specific need of the project has been identified in order to make use of the CCN1/CSI

network to exchange the micro-data information with the countries.

• ESS.VIP.BUS.Validation : the possibility to validate data at the transmission step and offer MS

a service for controlling their data according to commonly agreed validation rules

• ESS.VIP.BUS.ESBRs : the possibility to exchange detailed register information on Enterprises

and the remote control and access to Eurogroup register.

• ESS.VIP.CRC.SERV : the possibility to integrate business processes at ESS level, to access to

shared services stored in repositories and exposed over the network.



• DARA: The ESSnet on “Decentralised and Remote Access to Confidential Data in the ESS”

(DARA) has finished in November 2013 and has provided the IT- and security requirements

for a remote access infrastructure to confidential micro-data from a safe centre within

National Statistical Institutes (NSIs). DARA basically requires a proper IT infrastructure to

access and process statistical confidential data stored in Eurostat. This access and processing

has to be executed in a secured IT environment under the control of Eurostat. A specific need

identified by DARA for ESDEN is to provide connectivity to the IT infrastructure that will be

created in the DARA project.

3 Expected outcomes The simplification and protection of confidential data and metadata exchange among ESS partners

and other key stakeholders and more efficiency and flexibility for the design, implementation and

execution of EU statistics production and dissemination.

The ESDEN project will contribute to the creation of an ESS communication network infrastructure

and services that will ensure adequate availability, integrity, confidentiality and scalability for the

data and metadata exchange.

This network will provide interoperability among the different statistical partners allowing

distributed processing of the data (e.g., centres of excellence), providing means to share services

distributed among the different partners of the ESS and ensuring fully security of the data exchanged

and providing a broader range of service for exchanging data in the ESS.

A revamped ESS/EUROSTAT network infrastructure building on and reusing existing secure networks

like CCN1 (or in the future CCN2), sTESTA or other secure physical network making use of standard

protocols and providing a set of generic and robust function for information exchange and service

integration will increase reliability, security and efficiency of ESS business processes.

In the framework of the ESS VISION 2020 ESDEN will contribute to the delivery of coherent, relevant

and reliable statistics by delivering a secure infrastructure that will provide the technical measures to

protect the statistical confidential data according to the existing legal framework. It will contribute to

the efficiency and productivity gains by providing a technical infrastructure that will enable the data

exchange based on well-defined standards and that will provide a flexible framework for data

exchange between the ESS members. It will contribute to the usage of new data sources in the

production of statistics by providing a flexible architecture that could be connected to different

physical networks to get access to the available data sources and that should be suitable to deal with

high volume of data (big data or micro-data exchange).

Indirectly the project could contribute to meet new users' demands (especially on the field of access

to statistical confidential data and micro-data exchange, not possible with the current architecture).



4 Possible alternatives

4.1 Alternative A: Do nothing

Continue using the current network, same physical layer and already in place data exchange layer.

The current infrastructure is able to deal with the current data collection offering push and some pull

mode for the exchange of information and allowing transmission of confidential data from the ESS

partners to Eurostat. Business projects may need to review their scope as this architecture will not

provide solutions for all the requirements.

Strengths Weaknesses

No additional development costs

No integration needed with external networks

(like CCN)

Well known system already used by all Member

States

Cannot cope with all the requirements of the

ESS.VIPs ;

Scope redefinition to fit in the current

architecture.

ESS will not meet the increasing demand for

more complex and high quality statistics

If confidential information is to be sent from

Eurostat it has to be encrypted/decrypted

manually

Eurostat unable to meet the goals of the

ESS.VIP program

High maintenance costs

Opportunities Threats

No opportunity identified ESS relevance shrinks.

Eurostat being unable to provide solutions to

process confidential information due to the

limited capabilities offered by the current

infrastructure.

Eurostat being unable to share or reuse

services provided by other partners of the

ESS.

Some of the projects of the ESS.VIP program

may decide to follow their path for a

network solution (going for CCN for example)

and doing nothing will imply that this

solution cannot be reused in the future.

4.2 Alternative B: Evolution of the EDAMIS platform The current implementation of EDAMIS must be adapted and iteratively redesigned in order to both

guarantee business continuity and to be able to deal with new needs for data exchange. The

approach will be to start with the modernisation activities in the current EDAMIS implementation

based on gradual redesign of the application to prepare the system to integrate the communication

mechanisms implemented for SIMSTAT.

Integration of SIMSTAT will imply the integration of CCN/CSI platform as part of the communication

protocols by the creation of a new abstraction layer on top of the different network layers being able

to deal with both CCN1/CSI and standard protocols over the Internet or sTESTA.



Part of this solution will be to find the best technical implementation for the evolution of the

platform in order to migrate from the legacy technology and architecture to a modern SOA oriented

architecture. One of the existing possibilities will be to use the technical platform used for SIMSTAT

and to integrate the new version of the already existing functionalities in EDAMIS. This will be

carefully analysed in the next stages of the project, once the SIMSTAT pilot solution is implemented.

Roughly, the following modifications will be needed:

• Redesign of the current EDAMIS inventory extending the information with process metadata

in order to create a metadata driven process to collect the data.

• Improvement of the monitoring database to store all the information related to the

transmitted information and also related to the different alerts and notifications that can be

linked to a specific data collection. Improve or provide new tools (new implementations) to

facilitate the end-to-end monitoring to the business units.

• Redesign of the EDAMIS portal into two different modules, one for monitoring of the data

exchange and alert/reminders management and a different one for the configuration of the

needed metadata for the data exchange.

• Simplification of the whole communication infrastructure in terms of review of unused

functionalities, simplification of the delivery mechanisms and adoption of standard

protocols.

• Implementation of additional pulling mechanism and integration with the already existing

pushing mechanisms.

• The network layers should provide means/services implemented as abstraction layer on top

of its stack to orchestrate and better interface with common services like validation and

format transformation of data. The abstraction layer should act like service bus for the data

collection of the ESS network.

• Implementation of an abstraction layer on top of the current network layers stack to allow

working with a different network layers stack (like CCN1/CSI from DG TAXUD or STATEL). This

will be basically a mechanism that could fetch the files either from CCN1/CSI or from the

standard protocol channel over the Internet in order to process them in the same way

independently from the input channel. Inclusion of standard protocols like FTPS or SFTP in

this communication layer.

• Redesign of web forms in order to have an online collection tool that keeping the existing

functionalities will cope with new requirements and will be loosely coupled to the integration

layer (the current web forms is highly integrated with EDAMIS, so redesign of EDAMIS implies

redesign of web forms).


Does not require a disruptive development.

Gradual improvement of the system will

facilitate the adoption of the new platform.

No major migration needed of the current data

model

Simplification of the current EDAMIS should

be carefully done

Modernization of the platform should be

carefully analyzed and planned in order to

maintain the current system operational

Migration from the current system to a new

one based on new technologies may probe

very difficult


Integration of CCN1/CSI can enable in the

future a full migration of the old infrastructure

As the solution will be based on the current



to this kind of secured network, aligned with

the commission policy on IT rationalisation.

Cost reduction

With a new design of EDAMIS we should be

able to provide more agile response to new

requirements.

legacy and monolithic network layers it may

be not flexible enough to adapt to new

needs in the future.

In order that the solution can be considered

as a base for the enterprise architecture,

EDAMIS must be substantially modernized.

This will require time and support from all

the different stakeholders.

Integration of the CCN1/CSI network with

the traceability systems of EDAMIS may not

be simple due to the complexity of the

infrastructure of the different environments

containing confidential and not confidential

data.

4.3 Alternative C: Replacement of EDAMIS by another system available in the

Commission

The solution aims for keeping the existing services provided by EDAMIS by replacing the product by

an already existing solution provided by the European Commission.

There are some potential initiatives to be analysed, like the usage of e-TrustEx or ECIDES in the

European Commission.

Both solutions provide a service for data exchange based on a modern SOA platform and are already

in use in different domains.

This kind of products cannot be considered alone. On top Eurostat will have to implement features to

deal with the specific needs of the ESS. However, the transport layer (the pure transport mechanism)

could be outsourced to an existing product.

The product to be used should be designed in a layered way, providing means to create extensions

for transport protocols like CCN1/CSI.

The following functionalities should be implemented on top of the pure transport mechanism:

• Manual and online data sending: It should include upload and download files functionalities

and WebForms like application to continue providing the same level of service to the users.

• Reporting: It should provide reporting functionalities like the current EDAMIS.

• Inventory management: Provide means to create and maintain Eurostat dataset inventory

and to link it to the exchange mechanism used

• Compliance monitoring: It should provide means to notify users when dataset have not been

received on time by Eurostat.

• Integration with external applications to provide feedback to the users: It should be

integrated with Eurostat systems to provide feedback to senders on the data received.


Modern architecture and based on off the shelf

tools of the market.

Solution already exists and it is already in used

elsewhere.

It does not cover all the functionalities of

EDAMIS. The non-existing ones should be

implemented on top of the solution.

Rely on a third party as a provider of the

solution.



Fully confidential data exchange is possible. Migration of the already existing data in

EDAMIS could be very difficult

Based on different protocols for

communication, it may require adaptations

in the Member States

It should be extended to allow

communication via CCN1/CSI


Cost reduction.

IT rationalization.

Agile response to requirements not linked to

the data transmission.

Migration to SOA architecture.

Reduction of the complexity of the tools by

making use of a third party service for data

exchange.

Insufficient support from the involved

stakeholders.

Migration to the new infrastructure could be

costly and delayed by the different domains.

4.4 Alternative D: Initial planning phase to deeply evaluate alternatives B and C with a

parallel improvement of the EDAMIS platform

This approach proposes to develop the communication infrastructure for SIMSTAT while at the same

time options B and C are further analysed in a broader context.

For the moment, the development of the communication infrastructure for SIMSTAT needs its own

solution and this will be built according to the principle of a layered and modular architecture in

mind and a prerequisite for both B and C is to be able to accommodate this solution. While the

solution is being implemented for SIMSTAT it will become more clear whether it is feasible to evolve

the current EDAMIS towards a SOA like approach integrating the SIMSTAT communication

developments (alternative B) or whether this alternative is more risky and costly than moving

gradually from EDAMIS to an already existing system in the Commission (alternative C).

The feasibility study should provide at least a limited time where both approaches B and C should be

evaluated and should indicate the actions to be done in order to modernise the infrastructure for

data exchange and to streamline the exchange of confidential and non-confidential data.


Phased approach based on decision gates

Decision based in evidences and on the

experiences implementing SIMSTAT

communication component

More time consuming as it will require an

initial analysis phase to decide for an

alternative

Both alternatives should be carefully

analysed and checked against the

requirements for data exchange in order to

come up with an efficient solution


Cost reduction foreseen due to the better

analysis of the options

Less complex than previous alternatives as it is

Insufficient support from the stakeholders

Due to the analysis phase needed,



based in a phase of detailed analysis improvements may take longer than

expected

4.5 Conclusion

Alternative A should be discarded as it does not solve the current problem.

The SWOT analysis supports alternative D as the most suitable one as it will further analyse the

feasibility of options B and C and will continue with the most suitable way forward once both options

will have been carefully analysed.

5 Solution description The ESDEN project will focus on the redesign of the Eurostat network architecture, its layering and

the derived infrastructure in order to move from monolithic "stove pipe like" network layering to

horizontal network layering in order to adapt to different networks (like Internet, CCN1/CSI (CCN2)

and possibly others) providing a transparent exchange of confidential and non-confidential data

between the different members of the ESS network based in well-defined access rights and providing

a layer of common services on top of the network services itself.

The project will start from the concrete needs of the ESS.VIPs (SIMSTAT) and the DARA project to

develop a solution that can be reusable in the future for other statistical domains and will

progressively integrate within the single exchange point.

Three high level phases are foreseen for this project:

• Phase 1: Integration of CCN1/CSI network in Eurostat's infrastructure, ensuring secure

exchange of confidential information between ESS partners and production applications like

SIMSTAT ensuring proper level of traceability of the information exchanged and integration

with common services like validation. Modernization of the online data collection tool to

adjust to new user needs and creation of an environment for the remote access of the

researchers to confidential information. Feasibility study and further analysis on the best way

of modernising the current data exchange infrastructure. This feasibility study and detailed

analysis will act as a decision gate to move to a complete new data exchange platform based

on the requirements on the ESS.VIP projects to be gradually used by the rest of the domains

or to go ahead with the modernisation and evolution of the current data exchange platform

to integrate the needs of the ESS.VIP projects.

• Phase 2: Extension of the developments of phase 1 to non-confidential information,

integrating this development with the exchange of non-confidential information creating a

single bus for the exchange of information. Extension of the infrastructure for confidential

information to PULL mode and feasibility study for the integration of the network with other

commission initiatives like sTESTA or CCN2.

• Phase 3: Integration of the data exchange platform with other physical networks like CCN2

(based on the previous feasibility study) and fine tuning of the infrastructure.

The developments on this project will be aligned with the IT development principles described in the

Eurostat's IT Strategy, aiming at corporate optimisation, reusability and generic solutions, focus on

the production environment and stepwise approach.

As part of the corporate optimisation, the project will make use of as many as possible services from

DG DIGIT (like ECAS or sTESTA).

As part of the reusability and generic solution, already existing services for validation and

transformation will be used when needed. What is more, already existing solutions like CCN1/CSI

network of DG TAXUD will be used for the communication (SIMSTAT).



Focus on the production environment is one of the key aspects of the project (especially in the first

phase), as it will start from the specific business case of SIMSTAT and will develop a solution to be

used in this domain.

The project will take a stepwise approach, starting with the specific needs of SIMSTAT and DARA and

trying to generalise the solutions applied to these domains later in order to be reused in other

domains.

5.1 Legal basis

Regulation (EC) No 223/2009 on European statistics

5.2 Benefits

The purpose of the communication network infrastructure is to provide value added services for

exchange of confidential and non-confidential statistical data among ESS partners at reasonable cost,

with high agility, high security and high reliability. This cross cutting project is considered as the

backbone for the future ESS common infrastructure and a key enabler for all of services proposed in

the different VIP projects involving the ESS.

The following high-level goals should be achieved after the realisation of the project:

• A new network infrastructure is available to enable the communication between the

different members of the ESS network. This network infrastructure is based on an enterprise

service bus, fostering reusability of common services and providing a service oriented

architecture that will serve as the base for the development of shared services among the

different ESS partners.

• The network infrastructure should allow different underlying physical networks, starting with

the integration with the CCN1/CSI network, the current internet based physical

infrastructure and in the long term with CCN2 (successor of CCN1/CSI).

• The network will assure secure exchange of confidential and non-confidential information

between the different partners of the ESS network.

• The network will assure traceability of the entire information exchanged providing a

centralised platform to monitor the traffic.

• An online data collection tool for the collection of limited amount of data and to create

questionnaires, allowing exporting them in a proprietary format but according to a set of

guidelines that will allow the automatic data extraction from these questionnaires.

• The network will host a platform to provide remote access to confidential data to the

researchers.

The project will be one of the pillars for the modernisation of the ESS statistical production chain,

providing a modern, reliable and secure network that will simplify the communications between the

different ESS partners.

The network will streamline the exchange of confidential and non-confidential data between the

different ESS partners in a secure way. For end users, the service oriented architecture will abstract

the services from their physical location (for example Member States being able to integrate the

validation service hosted in Eurostat in their own production process).

One of the estimated benefits will be its contribution as an enabler to the success of the other

ESS.VIP projects. For example, the service oriented architecture of the network proposed will be used

as a basis by other ESS.VIP projects like shared services or as a communication network for SIMSTAT.

The integration of a secure network like CCN1/CSI for the exchange of confidential information will

ensure a higher level of security, increasing the trust between the ESS members for the exchange of

sensitive information. On top of that, the intrinsic secure nature of this network should allow the

simplification of the exchange mechanisms used for the confidential information (no need of double



encryption if the data is transmitted using a secure channel which assures that the information will

arrive directly to Eurostat).

The extension of the functionalities provided by the current web forms application will allow wider

usage of this tool. Based in the experience with the current version, this will reduce the number of

Eurostat internal resources needed to deal with data collection activities. According to figures

provided by Directorate E, thanks to the usage of web forms 1 FTE can now process the same

number of data collections that in the past needed 3 FTE. In addition, the project will provide

automatic means to process questionnaires in excel (designed according to specific guidelines),

reducing the number of resources needed to deal with these questionnaires while their data

collection migrate to a more automatic and standard way of collecting the data.

The simplification of the complexity of the network to be developed compared with the current

EDAMIS and the higher level of traceability and security will reduce the operational costs of the

network. It is expected that starting in the second half of 2017 the resources needed to manage the

network should be reduced from the current 6.5 FTEs (3.5 officials plus 3 intramuros) to

approximately 4 FTE (2 officials + 2 intramuros). Also the budget needed for maintenance and

enhancement (currently around 1 million € per year), should be reduced by half, as we will have a

flexible infrastructure that will require less modernisation efforts.

In general terms, foreseen rationalisation in the IT environments and moving to a service oriented

paradigm for the data exchange based on existing standard protocols should simplify the

maintenance of the ESS network infrastructure and reduce the maintenance cost both for Eurostat

and the rest of the members of the ESS.

In the context of the ESS VISION 2020 it is difficult to make a quantitative cost-benefit assessment

beyond the concrete figures provided above. Infrastructure related projects are usually complex

projects involving many stakeholders and in some cases very expensive equipment and services.

Setting up the proper network infrastructure to contribute to the implementation of the vision 2020

will not be an exception.

However, cost estimation done in the business case was taking into account the extreme case

scenario for the case of the micro-data exchange for the ESS.VIP.BUS.SIMSTAT. The ongoing activities

are probing that the majority of countries were able to join the CCN network without major

investment though already existing networks. In this sense the cost of the project for SIMSTAT is

below what was estimated in the business case.

Apart from the financial costs of the projects there are other non-tangible costs linked to the

implementation of the ESS VISION 2020. Without a suitable infrastructure for the data and micro

data exchange, without a technical infrastructure that can host services the whole implementation of

the vision could be in danger.

5.3 Success Criteria

• The new network meets all the requirements of the different ESS.VIP projects that will make

use of it, ensuring reliable and secure transfer of confidential and non-confidential

information across the ESS network.

• The network will assure secure exposition of services to the different partners of the ESS

network allowing them to share confidential and non-confidential data over a secure service

oriented infrastructure.

• The network will make use of standard protocols and will allow the integration of different

physical networks (like CCN1/CSI or Internet) making this transparent for the users.

5.4 Scope

The scope of this project is mainly related to the Eurostat centralised architecture to exchange data

to redesign and extend the transport layer provided and also to enable the integration of different

physical networks in the underlying infrastructure in order to foster the interoperability between the

ESS members and contribute to the implementation of the ESS VISION 2020.



The scope is not only internally limited to Eurostat as it affects the way that Eurostat exchange data

with other members of the ESS and affects other external stakeholders like DG DIGIT and DG TAXUD

(we will integrate with CCN1/CSI which is managed by DG TAXUD and also we should collaborate

with DG DIGIT as part of the physical network is under their control). The goal of this project is not to

replace the Single Exchange Point of Eurostat, but to modernise the infrastructure that host the

services provided by the SEP.

5.5 Solution Impact

The impact of the project in the business processes of the ESS will be mainly focused on the data and

metadata exchange. ESDEN will enhance the exchange capacities providing end to end monitoring. It

will increase the security of data exchange and make the system more reliable. The future state of

the ESS network will include connections to different physical networks and thereby increase

flexibility making it easier for the partners to exchange data.

Another impacted dimension will be IT. ESDEN is will lead to modernisation of the network and data

exchange layer and will offer standard protocols for communication. It targets a more automated

and standardised exchange of the data that will reduce the resources needed for system

maintenance and a more open environment that will foster the collaboration between the ESS

members, moving from a Eurostat centric environment to a more interoperable one.

5.6 Deliverables

The following deliverables will be delivered as part of this project for the different phases:

• Phase 1 (2013-2015):

o Feasibility study for the integration of Eurostat systems with CCN1/CSI or other

secure Commission network like sTESTA: Gathering of all requirements coming from

the different projects (not limited to SIMSTAT needs), understanding what is needed

and studying the different options for the data exchange platform and what are the

implications taking into account the current EDAMIS architecture to simplify the

integration in phase 2 and taking into account the requirements for the integration

with the SOA platform provided by ESS.VIP.CRC.SERV, project.

o Configuration of CCN1/CSI access in Eurostat, making the network infrastructure

available for SIMSTAT and in the future for other potential projects. The

configuration of the CCN gateway DG TAXUD will take care of it, but it will be

Eurostat’s responsibility to decide which gateway to use in order to ensure that the

confidentiality of the data is assured and that the gateway is accessible by the

different applications (usage over Snet of the CCN1/CSI GW in the DG DIGIT TC DMZ).

o In parallel to the feasibility study, development of a routing and monitoring platform

based on an Enterprise Service Bus product to be installed in Eurostat acting as a

local gateway for the production systems connecting to CCN1/CSI in one side and

exposing the data via web service interface or file interface to the production

systems on the other side. This platform will provide inventory and monitory

interfaces and will be the core of the future data exchange layer..

o Configuration of a secured IT environment under the control of Eurostat to provide

remote access and processing for researchers from NSI’s secured data rooms based

on the needs of the DARA project.

At the end of this first phase a secured and connected IT environment to exchange microdata

should be put in place in the context of the SIMSTAT project, infrastructure for the secure

data exchange between researchers should be provided and there should be a decision point

based on the feasibility study and complementary analysis on the future of the data

exchange platform.

• Phase 2 (2015-2017):



o In depth analysis on how to simplify the communication infrastructure, by either

simplifying or modernising EDAMIS or by making use of an alternative corporate

solution for the data exchange. Analysis of all the components to be developed and

migration plan for the data collections. Feasibility study for the replacement of the

current network solution used over Internet (STATEL) by a standard secure solution

like FTPS and study of the integration of other secure networks available at ESS level

like STESTA network.

o Reference implementation of a client to transmit files via CCN1/CSI or sTESTA to be

provided to the Member States as a demo on how to implement a single client to

communicate with the infrastructure (API will be provided as well so ESS members

can develop their own implementation).

o ESSNet to support Member States with the implementation/validation and testing of

the new approach.

o Implementation of the integration of the data exchange layer with the network

infrastructure creating a single service bus for the exchange of the information and

replacing the current EDAMIS.

• Phase 3 (2017-2018):

o Feasibility study of the integration of CCN2 or sTESTA2 in the network infrastructure.

o Integration of CCN2 or sTESTA2 in Member States

o Implementation of the changes needed based on the previous feasibility study to

integrate CCN2.

5.7 Assumptions

The following assumptions will apply to this project:

• Human and financial resources are available for the duration of the project. .

• Secure infrastructure available in the European Commission to access confidential data from

ESS partners is up and running before project needs it. This is a potential candidate to host

CCN application platforms and should be ready as soon as possible.

• ESS VIP projects can provide clear requirements for the project in order to take them into

account and create a solution reusable for the rest of the domains.

• All tasks related to the installation and maintenance of the CCN gateways are managed by

DG TAXUD (funded by Eurostat) in an autonomous way following SLA between Eurostat and

DG TAXUD. Eurostat responsibility is limited to the communication between the gateways

and the rest of Eurostat infrastructure.

• Member States take care of the configuration and security of the communications of the

national networks in order to communicate with their national CCN gateways. Eurostat

assistance may be provided based on experience (and financially) but management of the

national networks is outside the scope of this project.

• The project will provide standard protocols and APIs for the exchange of information and

encryption within the ESS network. It will provide, if needed, a reference implementation

based on the APIs covering the minimum requirements for communication. This may serve

as a reference for the partners of the ESS to develop specific software covering their needs.

• The project aims to develop reusable communication software to serve common needs;

custom "ad-hoc" modifications to serve specific needs of a domain will be out of the scope.

• The project assumes that security may be assured by a secure communication channel as

long as the data is received in the secure infrastructure described before.



5.8 Constraints

The following constraints have been identified related to this project:

• The first phase of this project is devoted to analyse the needs of the ESS.VIP projects and

primarily to provide a solution for SIMSTAT. The SIMSTAT project’s strictly fixed schedule

constraints what can and cannot be included in this phase in order to deliver in time for their

project.

• Key resource needed for this project with network expertise may have limited knowledge of

Eurostat environment (and possible Commission) at the beginning of the project.

• The CCN1/CSI environment is completely new for the different stakeholders of the project.

• Regulations on the treatment of confidential data will constraint the architecture of the

network.

5.9 Risks

The following risks have been identified related to this project:

• The other ESS.VIP projects may not have staff capable to adequately describe in detail their

network requirements. In order to mitigate this risk a close cooperation with these projects

is needed in order to provide the adequate support on the definition of these requirements.

• The secure infrastructure to protect the confidential data is not ready when needed by the

project. In order to mitigate this risk, the secure infrastructure deployment should be aligned

with the developments. Continuous follow-up is required to assure the alignment.

• Different timing of the ESS.VIP projects can impact the architectural decisions of the

network. The SIMSTAT project is more advanced than other projects and at the time of the

definition of the architecture key requirements of other projects are still in definition phase

and may be unknown. To mitigate this risk the architecture proposed for SIMSTAT should be

flexible enough to accommodate the needs of new projects. A layered design based on

interface and loosely coupled components should be used for that matter.

• Key resources (network) needed by the project are not available on time. To mitigate this risk

close relationship with the ESS program management monitoring the assignment of the

resources is a key factor, on time reporting on the foreseen needs of staff will help to

mitigate this risk.

• Communication with external CCN1/CSI infrastructure relies on the installation provided by

DG TAXUD. During the first phase of this project a detailed plan for the installation of

Eurostat gateways will be prepared. Development of the first phase will rely on this plan, if

the committed date for the installation of the gateways is not respected the plan may be

affected. To mitigate this risk, continuous follow-up of the activities of the CCN installation

will be done. Contractual framework is in place in order to reinforce the commitment of both

organisations to collaborate on this matter.

• EDAMIS "ad hoc" developments for some domains may be difficult to migrate and fit into the

standard solution as part of the phase II of the project. To mitigate this risk, collaboration

with the EDAMIS team will be key in order to standardize as much as possible the situation

across domains before starting with the migration to the new infrastructure.

• Due to complexity of the current EDAMIS solution and the amount of "ad-hoc" components,

potential underestimation of the cost of migration to a new standard and data exchange

solution. Real estimation cannot be done until the execution of the integration feasibility

study at the beginning of the second phase of the project. To mitigate this risk, an

involvement of the EDAMIS team is needed in order to analyse and take measures to simplify

as much as possible the usage of "ad-hoc" components per domain to try to reduce the cost

of migration to the new infrastructure.



• Integration with CCN2 network as part of the third phase of the project is based on the

promise that it will be a natural modernisation of CCN but with the same principles, but as

the development of this network has not yet started is difficult to accurately estimate this. To

mitigate this risk, further collaboration with DG TAXUD in order to have up to date

information about the progress of the new CCN2 is foreseen.

• CCN2 is not available during 2017 as it was planned. In this case the third phase of the

project cannot start. Follow-up of the CCN2 activities with DG TAXUD are foreseen to try to

mitigate this risk.

• As the Eurostat network is highly dependent on Commission network, DG DIGIT involvement

will be required. Availability of the resources needed could affect the schedule of the project.

In order to mitigate this risk, close collaboration with DG DIGIT is foreseen, at different levels

to highlight the importance of the project for Eurostat and to ensure that the infrastructure

required is delivered on time for the project.

• Insufficient support from the Member States: The revamping of the network infrastructure

will require Member States to collaborate and to make use of the network infrastructure for

the data exchange. Support from the Member States will be required to move from the "as

is" to the "to be" scenario. Continuous information to the Member States and involvement of

them in all the stages of the project is required in order to mitigate this risk.

• Connection to DARA IT environment depends on the on time set up of this IT environment. If

the environment is not set up in the framework of the DARA project on time, the connection

will not be available according to the project's schedule.

5.10 Costs, Effort and Funding Source

The funding sources of the project will be:

• Eurostat operational budget will be used as main financial source of the project.

• Eurostat administrative budget will be used for missions and meetings in this project.

• ISA programme to be investigated as a potential source of funding for the project.

5.11 Roadmap

The estimated timing of the project, according to the activities and deliverables previously described

will be the following:

5.12 Synergies and Interdependencies

The project has interdependencies with the ESS.VIP.CRC.SERV project, as it will be provide the

infrastructure where the statistical services could be exposed to the ESS.

It also has interdependencies with the DARA project, as it will provide the connectivity to the secured

IT environment where the confidential data for researchers will be hosted.

Task Name Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4

Phase I

Feasibility study

Configuration of CCN environment

Development ESDEN

SIMSTAT start-up support

Connection to DARA IT infrastructure

Phase II

Feasibility study network integration

Network integration and data migration

Support

Phase III

Feasibility study network integration (CCN2 or sTESTA2)

Network integration

Support

2013 2014 2015 2016 2017 2018



The project has synergies with the SIMSTAT project as it will provide the connectivity layer to this

project but may also profit from the data exchange platform for micro data that will be set up in this

project.

5.13 Enablers

Enabler Yes/No Reference

ESS VISION

2020 �

https://myintracomm-

collab.ec.europa.eu/dg/ESTAT/DO.U.C.EUR/DOUCEUR/X_Cybernews/X_Cybernews/2-

Management/Policies/Vision/The%20ESS%20Vision%202020.pdf

PM² � http://www.cc.cec/wikis/display/PM2

BPM � http://www.cc.cec/wikis/display/bpmatec

IT Related

RUP@EC � http://www.cc.cec/RUPatEC

ESS EA

Reference

Framework �

6 Governance

6.1 Project owner (PO)

Mariana Kotzeva, ESTAT dir. B (Methodology, Corporate statistical and IT services).

6.2 Solution Provider (SP)

Christine Wirtz, ESTAT B.3 (IT for statistical production).

6.3 Approving authority

This business case will be submitted for consultation/approval to the following bodies:

DIME/ITDG

ESS Portfolio Management Office

Vision Implementation Group

ESS Committee

Signature of the approving authority …………………………… Date ………



APPENDIX 1: REFERENCES AND RELATED DOCUMENTS

<Use this section to reference (or append if needed in a separate annex) any relevant or additional information.

Specify each reference or related document by title, version (if applicable), date, and source (e.g. the location of

the document or the publishing organisation).>

ID Reference or Related Document Source or Link/Location

1 <Example of a related document>

<01.Project_Initiation_Request.XYZ.11-11-

2013.V.1.0.docx>

<Example of a location>

< U:\METHODS\PM²@EC\Documents\>

2 Project folder <Insert project folder location.>

3 <Example of a reference>

<"The Communication on Risk Management,

SEC(2005)1327">

<Example of a source>

<20/10/2005, European Commission>