Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Commission européenne, B-1049 Bruxelles / Europese Commissie, B-1049 Brussel - Belgium. Telephone: (32-2) 299 11 11.
Office: GUIM 05/53.
Commission européenne, L-2920 Luxembourg. Telephone: (352) 43 01-1.
Eurostat
ESS.VIP.CRC.ESDEN Business Case
Date: 16/12/2014 Version: [0.7 – Draft]
This is a template provided by:
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 2/24
Document Control Information
Settings Value
Document Title: Business Case
Project Name: ESS.VIP.CRC.ESDEN
Document Author: (?) Alvaro Diez Soto (ESTAT)
System Owner: (?) [System Owner (SO)]
Project Manager: (?) [Project Manager]
Revision Status: (?) [0.7 – Draft]
Sensitivity: (?) [Public, Limited, High]
Issue Date: (?) 16/12/2014
PM² Business Case Guide: See PM² Wiki Business Case
Document Approver(s):
(All Approvers are required. Records of each approver must be maintained.)
Approver Name Role
[Name] Choose Role.
Choose Role.
Choose Role.
Document Reviewers: (Records of each required reviewer must be maintained.)
Reviewer Name Role
[Name] Choose Role.
Choose Role.
Choose Role.
NOTE: All Reviewers in the list are considered required unless explicitly listed as Optional.
Summary of Changes:
The Document Author is authorised to make the following types of changes to the document
without requiring that the document be re-approved:
• Editorial, formatting, and spelling
• Clarification
To request a change to this document, contact the Document Author or Owner.
Changes to this document are summarised in the following table in reverse chronological order
(latest version first)..
Revision Date Created by Short Description of Changes
[0.1] 06/06/2013 Alvaro Diez Soto Initial version for DIME & ITDG
[0.2] 20/06/2013 Alvaro Diez Soto Minor changes and rewording related to
web forms solution
[0.3] 16/09/2014 Alvaro Diez Soto Update to be presented to HUB
[0.4] 30/10/2014 Alvaro Diez Soto Implementation of ITAC comments,
alignment with the Feasibility Study and
implementation of EA comments
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 3/24
[0.5] 19/11/2014 Alvaro Diez Soto Modification of the BC to adapt to the new
PM2 template
[0.6] 24/11/2014 Christine Wirtz Minor modifications
[0.7] 13/12/2014 Alvaro Diez Soto Minor modifications after DIME/ITDG
steering committee
Configuration Management: Document Location
The latest version of this controlled document is stored in [this location].
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 4/24
Table of Contents
1 Project Initiation Request Information ................................................................ 5
2 Context .................................................................................................................. 5
2.1 Situation Description and Urgency ........................................................................... 5
2.2 Situation impact ........................................................................................................ 8
2.2.1 Impact on Processes and the Organization ................................................... 8
2.2.1 Impact on Stakeholders and Users ................................................................. 8
2.3 Interrelations and interdependencies ....................................................................... 9
3 Expected outcomes .............................................................................................10
4 Possible alternatives ...........................................................................................11
4.1 Alternative A: Do nothing ........................................................................................ 11
4.2 Alternative B: Evolution of the EDAMIS platform ................................................... 11
4.3 Alternative C: Replacement of EDAMIS by another system available in the Commission ............................................................................................................................ 13
4.4 Alternative D: Initial planning phase to deeply evaluate alternatives B and C with a parallel improvement of the EDAMIS platform ........................................................................ 14
4.5 Conclusion .............................................................................................................. 15
5 Solution description ............................................................................................15
5.1 Legal basis .............................................................................................................. 16
5.2 Benefits ................................................................................................................... 16
5.3 Success Criteria ...................................................................................................... 17
5.4 Scope ...................................................................................................................... 17
5.5 Solution Impact ....................................................................................................... 18
5.6 Deliverables ............................................................................................................ 18
5.7 Assumptions ........................................................................................................... 19
5.8 Constraints .............................................................................................................. 20
5.9 Risks ....................................................................................................................... 20
5.10 Costs, Effort and Funding Source .......................................................................... 21
5.11 Roadmap ................................................................................................................ 21
5.12 Synergies and Interdependencies .......................................................................... 21
5.13 Enablers .................................................................................................................. 22
6 Governance..........................................................................................................22
6.1 Project owner (PO) ................................................................................................. 22
6.2 Solution Provider (SP) ............................................................................................ 22
6.3 Approving authority ................................................................................................. 22
Appendix 1: References and Related Documents ..................................................23
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 5/24
1 Project Initiation Request Information
2 Context
2.1 Situation Description and Urgency
One of the actions to contribute to the creation of efficient and robust statistical processes in the ESS
is the sharing of IT services and infrastructure and this requires a common and interoperable
technological environment; a common secure IT network for data exchange and a suitable IT
environment for data exchange/access are the grounds of this shared infrastructure.
The current IT network is based on the concept of the single exchange point. The ESS single exchange
point (SEP) is a central node of a network for exchange of information among the different ESS
partners, operated by Eurostat, receiving the statistical data, handling the information and
redistributing it to other organisations where relevant. This network is, from the logical point of view,
split in two different layers: the physical layer and the data exchange layer.
The physical layer is the physical communication layer between Eurostat and the different ESS
partners. The “as is” situation is based on communication over the Internet using a proprietary
protocol based on FTP (STATEL).
The data exchange layer is the logical layer on top of the physical layer assuring the communication
of the statistical data and the delivery to the destination (production systems, dissemination systems
or other partners). This layer is composed of a set of information systems and services providing the
following modes of exchanging information:
• PUSH mode: The ESS single exchange point provides this way of sending information where
the different ESS partners will send the information to the single exchange point, initiating on
their side the communication. The single entry point will then deliver the data to Eurostat as
organisation or to any other organisation. Different channels for the push communication
like direct file transmission using the EWA software tool (installed locally) or uploading of the
file via the EDAMIS portal are allowed.
• PULL mode: SDMX-RI installed in the ESS partners provides a way to expose the statistical
data instead of sending the data. The data are only transmitted on demand when they are
requested. The example of this is the Census HUB where a central dissemination component
installed in European Commission Data Centre requests the data to the ESS network if and
only if this is requested by a user of the dissemination system.
• Online data collection: EDAMIS Web forms provide a set of functionalities to create online
questionnaires to be filled in by the ESS partners. Once the information is filled they can be
automatically transmitted to Eurostat.
The infrastructure can also be used for the exchange of confidential statistical data. However, such
exchange poses extra complexity to the architecture as confidential data must be stored in a secured
Project Title: ESDEN (European Statistical Data Exchange Network)
Initiator: ESS.VIP Program DG / Unit: Eurostat/B3
Date of Request: NA Target Delivery Date: NA
Type of Delivery: ☐In-house ☐Outsourced ☒Mix ☐ Not-known
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 6/24
environment, should not be disclosed and only accessed by a restricted set of operators under the
control of Eurostat. It implies that the network should provide protection of confidentiality and one
consequence is that the physical layer connects to a specific environment hosting the confidential
data.
The today’s architecture described above was built for the data collection in Eurostat and although
some exchange capabilities have been added it was mainly designed as Eurostat data collection
system.
The ESS requires a broader focus of providing a data exchange platform to support modernized
production processes. The current architecture presents the following issues that should be tackled
in order to provide a common secure network infrastructure for data exchange:
• The current design of the data exchange layer is based on a set of monolithic applications
and systems which does not provide easy means of interaction between them and does not
permit easy interaction with common services like validation services. In addition, it is highly
coupled to the physical layer and this makes it impossible to integrate EDAMIS with different
existing physical networks (like CCN1/CSI).
• EDAMIS is getting old and maintenance costs are very high. It comprises a set of processes
and inventory tasks to ensure that the data are securely transmitted to their destination, but
lacks a proper process management system and modular architecture. Consequently,
EDAMIS is costly and difficult to modify and to adapt to new needs.
• Confidential information can only be transmitted from ESS partners to Eurostat and only
making use of the PUSH mode (via the SEP). It is not possible to send confidential
information from Eurostat to the rest of ESS with automated encryption/decryption (only
manual encryption for outgoing datasets is possible now in EDAMIS).
• The SEP does not provide an end to end service to all users. For instance, the online data
collection IT system designed to deal with small data collections (up to 50 items) does not
satisfy all user requirements. In particular it does not enable to integrate collection solutions
which are based on proprietary tools (like Excel) and to fully automate data collection based
on standard formats. The online data collection tool cannot handle confidential information.
• The current physical layer is based on information exchange over the Internet and in some
cases using sTesta. This exchange is done via the creation of a secure channel and additional
security measures are provided to ensure that confidential data is rightly protected (double
encryption). However, this is not a private network and the security of a public network
cannot be compared with other private physical networks used for the exchange of
information like the CCN1/CSI provided by DG TAXUD. These aspects have led to complex
and heavy workflows for confidential data processing.
• The current network architecture does not provide mechanisms for researchers to access
and process the confidential statistical information stored in Eurostat other than through the
usage of the secured data rooms in Eurostat. Such a safe access is for example requested in
the framework of the DARA project in order to enable researchers to have access to
confidential statistical data in Eurostat from secured data rooms in NSIs in order to process
this information in the framework of their research projects. This processing has to be
executed in a secured IT environment under the control of Eurostat and ESDEN project
should assist in the connection to this environment.
Several projects of the ESS.VIP programme call for the development of a robust and secured network
architecture and related hardware and software infrastructure to provide the secured information
access and exchange functionalities.
This network architecture and associated IT environments will act as the ESS communication
backbone and provide service enabling better sharing/access of data and integration of processes at
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 7/24
stake in ESS.VIP projects and beyond. It will be a key element for the implementation of the Vision by
removing communication barriers between ESS stakeholders and pushing the security provision at
the frontier of the entire system.
The SEP function will continue to provide the required services for data exchange. The infrastructure
will be upgraded to enable the sharing of statistical services based on Service Oriented Architecture
(SOA).
Due to the needs expressed by the ESS.VIP projects and the above mentioned issues, the aim of this
project is to upgrade the current infrastructure based on the following principles:
• The revamped infrastructure for exchanging information should allow and foster the
coexistence of different physical networks. In particular, ESDEN should explore the
integration and reuse of already existing Commission infrastructure for data exchange like
the already mentioned CCN1/CSI of DG TAXUD.
• The data exchange layer should allow as much as possible decoupling from the other
network layers, so the information could be treated in the same way independently of the
network channels (physical network) used to receive the information (the information can be
transmitted via STATEL, CCN1/2 or other networks like sTESTA1/2).
• The network should allow the transmission of statistical confidential information between all
the parties (and not only from others partners to Eurostat) and also to enable the exchange
of confidential information not only via push mechanism but also via pull and the usage of
online data collection.
• The data exchange layer should provide means/services implemented as abstraction layer on
top of its stack to orchestrate and better interface with common services like validation and
format transformation of the data acting like the service bus for the data collection of the
ESS network.
• Secure access can be granted to researchers from NSI premises to access a secured IT
environment under the control of Eurostat in a secure way in order to process confidential
statistical data stored in Eurostat.
• As the current online data collection tool is integrated with EDAMIS, the revamping of the
system will demand the creation of a new and loosely coupled online data collection tool
that will work as another entry channel for the data collection.
The following picture shows the desired future status, instead of the current monolithic architecture,
a real split of the network in two different layers enabling different physical networks to coexist and
using the data exchange layer as a single and loosely coupled interface with the upper shared
services layer that will provide shared services to the production systems (ESS.VIP.CRC.SERV project):
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 8/24
Figure 1: Logical view of the future state, it does not intent to provide detail on the different IT environments of the
solution
2.2 Situation impact
2.2.1 Impact on Processes and the Organization
As it has been indicated in the previous point, the problem described is related to the physical layer
and the data exchange layer (EDAMIS) on top. Analysis of EDAMIS, in its current state, revealed that
after years of maintenance and enhancements, due to changes in the business needs, that it is not
only dealing with its original purpose of being the postman of the organisation, but that it also
incorporates "ad hoc" processes that are outside of its initial scope. The modifications done to offer
these "à la carte" services have led to a complex and heterogeneous closely coupled environment
which is difficult and costly to maintain.
Also, confidential data exchange has been identified as a key problem impacting the current
infrastructure. In order to send confidential data from Eurostat to the Member States the
information has to be manually encrypted by an official. This process is limiting either the amount of
the information that can be exchanged or compromising the work of the official that should do the
manual encryption (and for sure not allowing any kind of automation of this task and affecting all the
applications that would like to send confidential data to the rest of ESS partners as they cannot be
automated).
Transformation from the current network infrastructure to a services oriented and confidential one
addressing all the indicated problems of the current infrastructure layers will impact all business
processes enabling better integration as well as a smoother and streamlined approach to security.
This complete transformation will require the involvement of business users as some of the
functionalities implemented "ad hoc" in the SEP should go back to the production systems as they
are related to data processing. It will also involve business users in the definition of the requirements
of the online data collection tool.
2.2.1 Impact on Stakeholders and Users
The current infrastructure does not provide the base for sharing services among ESS partners and for
integrating business processes in the ESS. The pull mode which at this moment is limited to the
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 9/24
Census Hub data collection and dissemination can be considered as a path finder for a new type of
infrastructure.
The current data exchange layer (EDAMIS) serves its original purpose of a postman of Eurostat having
little interaction with the production and dissemination systems. It was designed to cover one of the
core business processes of Eurostat, the data collection, but it was designed as a stovepipe, isolated
system with a single communication mean and with a tight integration with the physical layer over
which it is installed.
Modern information systems architecture have now integrated key aspects like reusability, service
orientation and integration (plug & play) and the current data exchange network was not designed
according to these key aspects.
As a consequence of this stove pipe design, the current architecture does not allow for integration of
common services and does not ease up the redesign of ESS business processes as planned in the
ESS.VIP projects.
Users, both in Eurostat and in the NSIs are impacted as well by the current architecture when it
comes to the exchange of confidential statistical information, as there is only one restricted way to
send confidential statistical data to Eurostat (push mode) and there is no automatic way to send back
confidential statistical information from Eurostat to the rest of the partners of the ESS.
The problem is becoming urgent and critical for the development of the ESS.VIP flagships as both
cross cutting projects and business projects will rely on a network that should be robust, secure and
to provide a layered framework for service oriented communication. Also, due to the extra
complexity added by the "ad hoc" closely coupled functionalities implemented and not related to its
original "postman" duties EDAMIS is becoming more difficult to maintain with very high maintenance
costs.
2.3 Interrelations and interdependencies
The network infrastructure is a critical non-functional requirement for a significant number of
projects of the ESS.VIP program. The current infrastructure (no abstraction layering, no service
oriented architecture, no possibility of loosely coupled systems) significantly hinders the
development of ESS.VIP projects and the realisation of business outcomes and will increase
maintenance and legacy costs in the future.
The following ESS.VIP projects require the modernisation of the exchange network as planned in the
ESDEN project:
• ESS.VIP.BUS.SIMSTAT: more frequent and bidirectional flows of confidential micro data
needs to be enabled and a remote access from MS to the data Hub hosted in Eurostat.
Specific need of the project has been identified in order to make use of the CCN1/CSI
network to exchange the micro-data information with the countries.
• ESS.VIP.BUS.Validation : the possibility to validate data at the transmission step and offer MS
a service for controlling their data according to commonly agreed validation rules
• ESS.VIP.BUS.ESBRs : the possibility to exchange detailed register information on Enterprises
and the remote control and access to Eurogroup register.
• ESS.VIP.CRC.SERV : the possibility to integrate business processes at ESS level, to access to
shared services stored in repositories and exposed over the network.
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 10/24
• DARA: The ESSnet on “Decentralised and Remote Access to Confidential Data in the ESS”
(DARA) has finished in November 2013 and has provided the IT- and security requirements
for a remote access infrastructure to confidential micro-data from a safe centre within
National Statistical Institutes (NSIs). DARA basically requires a proper IT infrastructure to
access and process statistical confidential data stored in Eurostat. This access and processing
has to be executed in a secured IT environment under the control of Eurostat. A specific need
identified by DARA for ESDEN is to provide connectivity to the IT infrastructure that will be
created in the DARA project.
3 Expected outcomes The simplification and protection of confidential data and metadata exchange among ESS partners
and other key stakeholders and more efficiency and flexibility for the design, implementation and
execution of EU statistics production and dissemination.
The ESDEN project will contribute to the creation of an ESS communication network infrastructure
and services that will ensure adequate availability, integrity, confidentiality and scalability for the
data and metadata exchange.
This network will provide interoperability among the different statistical partners allowing
distributed processing of the data (e.g., centres of excellence), providing means to share services
distributed among the different partners of the ESS and ensuring fully security of the data exchanged
and providing a broader range of service for exchanging data in the ESS.
A revamped ESS/EUROSTAT network infrastructure building on and reusing existing secure networks
like CCN1 (or in the future CCN2), sTESTA or other secure physical network making use of standard
protocols and providing a set of generic and robust function for information exchange and service
integration will increase reliability, security and efficiency of ESS business processes.
In the framework of the ESS VISION 2020 ESDEN will contribute to the delivery of coherent, relevant
and reliable statistics by delivering a secure infrastructure that will provide the technical measures to
protect the statistical confidential data according to the existing legal framework. It will contribute to
the efficiency and productivity gains by providing a technical infrastructure that will enable the data
exchange based on well-defined standards and that will provide a flexible framework for data
exchange between the ESS members. It will contribute to the usage of new data sources in the
production of statistics by providing a flexible architecture that could be connected to different
physical networks to get access to the available data sources and that should be suitable to deal with
high volume of data (big data or micro-data exchange).
Indirectly the project could contribute to meet new users' demands (especially on the field of access
to statistical confidential data and micro-data exchange, not possible with the current architecture).
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 11/24
4 Possible alternatives
4.1 Alternative A: Do nothing
Continue using the current network, same physical layer and already in place data exchange layer.
The current infrastructure is able to deal with the current data collection offering push and some pull
mode for the exchange of information and allowing transmission of confidential data from the ESS
partners to Eurostat. Business projects may need to review their scope as this architecture will not
provide solutions for all the requirements.
Strengths Weaknesses
No additional development costs
No integration needed with external networks
(like CCN)
Well known system already used by all Member
States
Cannot cope with all the requirements of the
ESS.VIPs ;
Scope redefinition to fit in the current
architecture.
ESS will not meet the increasing demand for
more complex and high quality statistics
If confidential information is to be sent from
Eurostat it has to be encrypted/decrypted
manually
Eurostat unable to meet the goals of the
ESS.VIP program
High maintenance costs
Opportunities Threats
No opportunity identified ESS relevance shrinks.
Eurostat being unable to provide solutions to
process confidential information due to the
limited capabilities offered by the current
infrastructure.
Eurostat being unable to share or reuse
services provided by other partners of the
ESS.
Some of the projects of the ESS.VIP program
may decide to follow their path for a
network solution (going for CCN for example)
and doing nothing will imply that this
solution cannot be reused in the future.
4.2 Alternative B: Evolution of the EDAMIS platform The current implementation of EDAMIS must be adapted and iteratively redesigned in order to both
guarantee business continuity and to be able to deal with new needs for data exchange. The
approach will be to start with the modernisation activities in the current EDAMIS implementation
based on gradual redesign of the application to prepare the system to integrate the communication
mechanisms implemented for SIMSTAT.
Integration of SIMSTAT will imply the integration of CCN/CSI platform as part of the communication
protocols by the creation of a new abstraction layer on top of the different network layers being able
to deal with both CCN1/CSI and standard protocols over the Internet or sTESTA.
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 12/24
Part of this solution will be to find the best technical implementation for the evolution of the
platform in order to migrate from the legacy technology and architecture to a modern SOA oriented
architecture. One of the existing possibilities will be to use the technical platform used for SIMSTAT
and to integrate the new version of the already existing functionalities in EDAMIS. This will be
carefully analysed in the next stages of the project, once the SIMSTAT pilot solution is implemented.
Roughly, the following modifications will be needed:
• Redesign of the current EDAMIS inventory extending the information with process metadata
in order to create a metadata driven process to collect the data.
• Improvement of the monitoring database to store all the information related to the
transmitted information and also related to the different alerts and notifications that can be
linked to a specific data collection. Improve or provide new tools (new implementations) to
facilitate the end-to-end monitoring to the business units.
• Redesign of the EDAMIS portal into two different modules, one for monitoring of the data
exchange and alert/reminders management and a different one for the configuration of the
needed metadata for the data exchange.
• Simplification of the whole communication infrastructure in terms of review of unused
functionalities, simplification of the delivery mechanisms and adoption of standard
protocols.
• Implementation of additional pulling mechanism and integration with the already existing
pushing mechanisms.
• The network layers should provide means/services implemented as abstraction layer on top
of its stack to orchestrate and better interface with common services like validation and
format transformation of data. The abstraction layer should act like service bus for the data
collection of the ESS network.
• Implementation of an abstraction layer on top of the current network layers stack to allow
working with a different network layers stack (like CCN1/CSI from DG TAXUD or STATEL). This
will be basically a mechanism that could fetch the files either from CCN1/CSI or from the
standard protocol channel over the Internet in order to process them in the same way
independently from the input channel. Inclusion of standard protocols like FTPS or SFTP in
this communication layer.
• Redesign of web forms in order to have an online collection tool that keeping the existing
functionalities will cope with new requirements and will be loosely coupled to the integration
layer (the current web forms is highly integrated with EDAMIS, so redesign of EDAMIS implies
redesign of web forms).
Strengths Weaknesses
Does not require a disruptive development.
Gradual improvement of the system will
facilitate the adoption of the new platform.
No major migration needed of the current data
model
Simplification of the current EDAMIS should
be carefully done
Modernization of the platform should be
carefully analyzed and planned in order to
maintain the current system operational
Migration from the current system to a new
one based on new technologies may probe
very difficult
Opportunities Threats
Integration of CCN1/CSI can enable in the
future a full migration of the old infrastructure
As the solution will be based on the current
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 13/24
to this kind of secured network, aligned with
the commission policy on IT rationalisation.
Cost reduction
With a new design of EDAMIS we should be
able to provide more agile response to new
requirements.
legacy and monolithic network layers it may
be not flexible enough to adapt to new
needs in the future.
In order that the solution can be considered
as a base for the enterprise architecture,
EDAMIS must be substantially modernized.
This will require time and support from all
the different stakeholders.
Integration of the CCN1/CSI network with
the traceability systems of EDAMIS may not
be simple due to the complexity of the
infrastructure of the different environments
containing confidential and not confidential
data.
4.3 Alternative C: Replacement of EDAMIS by another system available in the
Commission
The solution aims for keeping the existing services provided by EDAMIS by replacing the product by
an already existing solution provided by the European Commission.
There are some potential initiatives to be analysed, like the usage of e-TrustEx or ECIDES in the
European Commission.
Both solutions provide a service for data exchange based on a modern SOA platform and are already
in use in different domains.
This kind of products cannot be considered alone. On top Eurostat will have to implement features to
deal with the specific needs of the ESS. However, the transport layer (the pure transport mechanism)
could be outsourced to an existing product.
The product to be used should be designed in a layered way, providing means to create extensions
for transport protocols like CCN1/CSI.
The following functionalities should be implemented on top of the pure transport mechanism:
• Manual and online data sending: It should include upload and download files functionalities
and WebForms like application to continue providing the same level of service to the users.
• Reporting: It should provide reporting functionalities like the current EDAMIS.
• Inventory management: Provide means to create and maintain Eurostat dataset inventory
and to link it to the exchange mechanism used
• Compliance monitoring: It should provide means to notify users when dataset have not been
received on time by Eurostat.
• Integration with external applications to provide feedback to the users: It should be
integrated with Eurostat systems to provide feedback to senders on the data received.
Strengths Weaknesses
Modern architecture and based on off the shelf
tools of the market.
Solution already exists and it is already in used
elsewhere.
It does not cover all the functionalities of
EDAMIS. The non-existing ones should be
implemented on top of the solution.
Rely on a third party as a provider of the
solution.
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 14/24
Fully confidential data exchange is possible. Migration of the already existing data in
EDAMIS could be very difficult
Based on different protocols for
communication, it may require adaptations
in the Member States
It should be extended to allow
communication via CCN1/CSI
Opportunities Threats
Cost reduction.
IT rationalization.
Agile response to requirements not linked to
the data transmission.
Migration to SOA architecture.
Reduction of the complexity of the tools by
making use of a third party service for data
exchange.
Insufficient support from the involved
stakeholders.
Migration to the new infrastructure could be
costly and delayed by the different domains.
4.4 Alternative D: Initial planning phase to deeply evaluate alternatives B and C with a
parallel improvement of the EDAMIS platform
This approach proposes to develop the communication infrastructure for SIMSTAT while at the same
time options B and C are further analysed in a broader context.
For the moment, the development of the communication infrastructure for SIMSTAT needs its own
solution and this will be built according to the principle of a layered and modular architecture in
mind and a prerequisite for both B and C is to be able to accommodate this solution. While the
solution is being implemented for SIMSTAT it will become more clear whether it is feasible to evolve
the current EDAMIS towards a SOA like approach integrating the SIMSTAT communication
developments (alternative B) or whether this alternative is more risky and costly than moving
gradually from EDAMIS to an already existing system in the Commission (alternative C).
The feasibility study should provide at least a limited time where both approaches B and C should be
evaluated and should indicate the actions to be done in order to modernise the infrastructure for
data exchange and to streamline the exchange of confidential and non-confidential data.
Strengths Weaknesses
Phased approach based on decision gates
Decision based in evidences and on the
experiences implementing SIMSTAT
communication component
More time consuming as it will require an
initial analysis phase to decide for an
alternative
Both alternatives should be carefully
analysed and checked against the
requirements for data exchange in order to
come up with an efficient solution
Opportunities Threats
Cost reduction foreseen due to the better
analysis of the options
Less complex than previous alternatives as it is
Insufficient support from the stakeholders
Due to the analysis phase needed,
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 15/24
based in a phase of detailed analysis improvements may take longer than
expected
4.5 Conclusion
Alternative A should be discarded as it does not solve the current problem.
The SWOT analysis supports alternative D as the most suitable one as it will further analyse the
feasibility of options B and C and will continue with the most suitable way forward once both options
will have been carefully analysed.
5 Solution description The ESDEN project will focus on the redesign of the Eurostat network architecture, its layering and
the derived infrastructure in order to move from monolithic "stove pipe like" network layering to
horizontal network layering in order to adapt to different networks (like Internet, CCN1/CSI (CCN2)
and possibly others) providing a transparent exchange of confidential and non-confidential data
between the different members of the ESS network based in well-defined access rights and providing
a layer of common services on top of the network services itself.
The project will start from the concrete needs of the ESS.VIPs (SIMSTAT) and the DARA project to
develop a solution that can be reusable in the future for other statistical domains and will
progressively integrate within the single exchange point.
Three high level phases are foreseen for this project:
• Phase 1: Integration of CCN1/CSI network in Eurostat's infrastructure, ensuring secure
exchange of confidential information between ESS partners and production applications like
SIMSTAT ensuring proper level of traceability of the information exchanged and integration
with common services like validation. Modernization of the online data collection tool to
adjust to new user needs and creation of an environment for the remote access of the
researchers to confidential information. Feasibility study and further analysis on the best way
of modernising the current data exchange infrastructure. This feasibility study and detailed
analysis will act as a decision gate to move to a complete new data exchange platform based
on the requirements on the ESS.VIP projects to be gradually used by the rest of the domains
or to go ahead with the modernisation and evolution of the current data exchange platform
to integrate the needs of the ESS.VIP projects.
• Phase 2: Extension of the developments of phase 1 to non-confidential information,
integrating this development with the exchange of non-confidential information creating a
single bus for the exchange of information. Extension of the infrastructure for confidential
information to PULL mode and feasibility study for the integration of the network with other
commission initiatives like sTESTA or CCN2.
• Phase 3: Integration of the data exchange platform with other physical networks like CCN2
(based on the previous feasibility study) and fine tuning of the infrastructure.
The developments on this project will be aligned with the IT development principles described in the
Eurostat's IT Strategy, aiming at corporate optimisation, reusability and generic solutions, focus on
the production environment and stepwise approach.
As part of the corporate optimisation, the project will make use of as many as possible services from
DG DIGIT (like ECAS or sTESTA).
As part of the reusability and generic solution, already existing services for validation and
transformation will be used when needed. What is more, already existing solutions like CCN1/CSI
network of DG TAXUD will be used for the communication (SIMSTAT).
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 16/24
Focus on the production environment is one of the key aspects of the project (especially in the first
phase), as it will start from the specific business case of SIMSTAT and will develop a solution to be
used in this domain.
The project will take a stepwise approach, starting with the specific needs of SIMSTAT and DARA and
trying to generalise the solutions applied to these domains later in order to be reused in other
domains.
5.1 Legal basis
Regulation (EC) No 223/2009 on European statistics
5.2 Benefits
The purpose of the communication network infrastructure is to provide value added services for
exchange of confidential and non-confidential statistical data among ESS partners at reasonable cost,
with high agility, high security and high reliability. This cross cutting project is considered as the
backbone for the future ESS common infrastructure and a key enabler for all of services proposed in
the different VIP projects involving the ESS.
The following high-level goals should be achieved after the realisation of the project:
• A new network infrastructure is available to enable the communication between the
different members of the ESS network. This network infrastructure is based on an enterprise
service bus, fostering reusability of common services and providing a service oriented
architecture that will serve as the base for the development of shared services among the
different ESS partners.
• The network infrastructure should allow different underlying physical networks, starting with
the integration with the CCN1/CSI network, the current internet based physical
infrastructure and in the long term with CCN2 (successor of CCN1/CSI).
• The network will assure secure exchange of confidential and non-confidential information
between the different partners of the ESS network.
• The network will assure traceability of the entire information exchanged providing a
centralised platform to monitor the traffic.
• An online data collection tool for the collection of limited amount of data and to create
questionnaires, allowing exporting them in a proprietary format but according to a set of
guidelines that will allow the automatic data extraction from these questionnaires.
• The network will host a platform to provide remote access to confidential data to the
researchers.
The project will be one of the pillars for the modernisation of the ESS statistical production chain,
providing a modern, reliable and secure network that will simplify the communications between the
different ESS partners.
The network will streamline the exchange of confidential and non-confidential data between the
different ESS partners in a secure way. For end users, the service oriented architecture will abstract
the services from their physical location (for example Member States being able to integrate the
validation service hosted in Eurostat in their own production process).
One of the estimated benefits will be its contribution as an enabler to the success of the other
ESS.VIP projects. For example, the service oriented architecture of the network proposed will be used
as a basis by other ESS.VIP projects like shared services or as a communication network for SIMSTAT.
The integration of a secure network like CCN1/CSI for the exchange of confidential information will
ensure a higher level of security, increasing the trust between the ESS members for the exchange of
sensitive information. On top of that, the intrinsic secure nature of this network should allow the
simplification of the exchange mechanisms used for the confidential information (no need of double
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 17/24
encryption if the data is transmitted using a secure channel which assures that the information will
arrive directly to Eurostat).
The extension of the functionalities provided by the current web forms application will allow wider
usage of this tool. Based in the experience with the current version, this will reduce the number of
Eurostat internal resources needed to deal with data collection activities. According to figures
provided by Directorate E, thanks to the usage of web forms 1 FTE can now process the same
number of data collections that in the past needed 3 FTE. In addition, the project will provide
automatic means to process questionnaires in excel (designed according to specific guidelines),
reducing the number of resources needed to deal with these questionnaires while their data
collection migrate to a more automatic and standard way of collecting the data.
The simplification of the complexity of the network to be developed compared with the current
EDAMIS and the higher level of traceability and security will reduce the operational costs of the
network. It is expected that starting in the second half of 2017 the resources needed to manage the
network should be reduced from the current 6.5 FTEs (3.5 officials plus 3 intramuros) to
approximately 4 FTE (2 officials + 2 intramuros). Also the budget needed for maintenance and
enhancement (currently around 1 million € per year), should be reduced by half, as we will have a
flexible infrastructure that will require less modernisation efforts.
In general terms, foreseen rationalisation in the IT environments and moving to a service oriented
paradigm for the data exchange based on existing standard protocols should simplify the
maintenance of the ESS network infrastructure and reduce the maintenance cost both for Eurostat
and the rest of the members of the ESS.
In the context of the ESS VISION 2020 it is difficult to make a quantitative cost-benefit assessment
beyond the concrete figures provided above. Infrastructure related projects are usually complex
projects involving many stakeholders and in some cases very expensive equipment and services.
Setting up the proper network infrastructure to contribute to the implementation of the vision 2020
will not be an exception.
However, cost estimation done in the business case was taking into account the extreme case
scenario for the case of the micro-data exchange for the ESS.VIP.BUS.SIMSTAT. The ongoing activities
are probing that the majority of countries were able to join the CCN network without major
investment though already existing networks. In this sense the cost of the project for SIMSTAT is
below what was estimated in the business case.
Apart from the financial costs of the projects there are other non-tangible costs linked to the
implementation of the ESS VISION 2020. Without a suitable infrastructure for the data and micro
data exchange, without a technical infrastructure that can host services the whole implementation of
the vision could be in danger.
5.3 Success Criteria
• The new network meets all the requirements of the different ESS.VIP projects that will make
use of it, ensuring reliable and secure transfer of confidential and non-confidential
information across the ESS network.
• The network will assure secure exposition of services to the different partners of the ESS
network allowing them to share confidential and non-confidential data over a secure service
oriented infrastructure.
• The network will make use of standard protocols and will allow the integration of different
physical networks (like CCN1/CSI or Internet) making this transparent for the users.
5.4 Scope
The scope of this project is mainly related to the Eurostat centralised architecture to exchange data
to redesign and extend the transport layer provided and also to enable the integration of different
physical networks in the underlying infrastructure in order to foster the interoperability between the
ESS members and contribute to the implementation of the ESS VISION 2020.
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 18/24
The scope is not only internally limited to Eurostat as it affects the way that Eurostat exchange data
with other members of the ESS and affects other external stakeholders like DG DIGIT and DG TAXUD
(we will integrate with CCN1/CSI which is managed by DG TAXUD and also we should collaborate
with DG DIGIT as part of the physical network is under their control). The goal of this project is not to
replace the Single Exchange Point of Eurostat, but to modernise the infrastructure that host the
services provided by the SEP.
5.5 Solution Impact
The impact of the project in the business processes of the ESS will be mainly focused on the data and
metadata exchange. ESDEN will enhance the exchange capacities providing end to end monitoring. It
will increase the security of data exchange and make the system more reliable. The future state of
the ESS network will include connections to different physical networks and thereby increase
flexibility making it easier for the partners to exchange data.
Another impacted dimension will be IT. ESDEN is will lead to modernisation of the network and data
exchange layer and will offer standard protocols for communication. It targets a more automated
and standardised exchange of the data that will reduce the resources needed for system
maintenance and a more open environment that will foster the collaboration between the ESS
members, moving from a Eurostat centric environment to a more interoperable one.
5.6 Deliverables
The following deliverables will be delivered as part of this project for the different phases:
• Phase 1 (2013-2015):
o Feasibility study for the integration of Eurostat systems with CCN1/CSI or other
secure Commission network like sTESTA: Gathering of all requirements coming from
the different projects (not limited to SIMSTAT needs), understanding what is needed
and studying the different options for the data exchange platform and what are the
implications taking into account the current EDAMIS architecture to simplify the
integration in phase 2 and taking into account the requirements for the integration
with the SOA platform provided by ESS.VIP.CRC.SERV, project.
o Configuration of CCN1/CSI access in Eurostat, making the network infrastructure
available for SIMSTAT and in the future for other potential projects. The
configuration of the CCN gateway DG TAXUD will take care of it, but it will be
Eurostat’s responsibility to decide which gateway to use in order to ensure that the
confidentiality of the data is assured and that the gateway is accessible by the
different applications (usage over Snet of the CCN1/CSI GW in the DG DIGIT TC DMZ).
o In parallel to the feasibility study, development of a routing and monitoring platform
based on an Enterprise Service Bus product to be installed in Eurostat acting as a
local gateway for the production systems connecting to CCN1/CSI in one side and
exposing the data via web service interface or file interface to the production
systems on the other side. This platform will provide inventory and monitory
interfaces and will be the core of the future data exchange layer..
o Configuration of a secured IT environment under the control of Eurostat to provide
remote access and processing for researchers from NSI’s secured data rooms based
on the needs of the DARA project.
At the end of this first phase a secured and connected IT environment to exchange microdata
should be put in place in the context of the SIMSTAT project, infrastructure for the secure
data exchange between researchers should be provided and there should be a decision point
based on the feasibility study and complementary analysis on the future of the data
exchange platform.
• Phase 2 (2015-2017):
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 19/24
o In depth analysis on how to simplify the communication infrastructure, by either
simplifying or modernising EDAMIS or by making use of an alternative corporate
solution for the data exchange. Analysis of all the components to be developed and
migration plan for the data collections. Feasibility study for the replacement of the
current network solution used over Internet (STATEL) by a standard secure solution
like FTPS and study of the integration of other secure networks available at ESS level
like STESTA network.
o Reference implementation of a client to transmit files via CCN1/CSI or sTESTA to be
provided to the Member States as a demo on how to implement a single client to
communicate with the infrastructure (API will be provided as well so ESS members
can develop their own implementation).
o ESSNet to support Member States with the implementation/validation and testing of
the new approach.
o Implementation of the integration of the data exchange layer with the network
infrastructure creating a single service bus for the exchange of the information and
replacing the current EDAMIS.
• Phase 3 (2017-2018):
o Feasibility study of the integration of CCN2 or sTESTA2 in the network infrastructure.
o Integration of CCN2 or sTESTA2 in Member States
o Implementation of the changes needed based on the previous feasibility study to
integrate CCN2.
5.7 Assumptions
The following assumptions will apply to this project:
• Human and financial resources are available for the duration of the project. .
• Secure infrastructure available in the European Commission to access confidential data from
ESS partners is up and running before project needs it. This is a potential candidate to host
CCN application platforms and should be ready as soon as possible.
• ESS VIP projects can provide clear requirements for the project in order to take them into
account and create a solution reusable for the rest of the domains.
• All tasks related to the installation and maintenance of the CCN gateways are managed by
DG TAXUD (funded by Eurostat) in an autonomous way following SLA between Eurostat and
DG TAXUD. Eurostat responsibility is limited to the communication between the gateways
and the rest of Eurostat infrastructure.
• Member States take care of the configuration and security of the communications of the
national networks in order to communicate with their national CCN gateways. Eurostat
assistance may be provided based on experience (and financially) but management of the
national networks is outside the scope of this project.
• The project will provide standard protocols and APIs for the exchange of information and
encryption within the ESS network. It will provide, if needed, a reference implementation
based on the APIs covering the minimum requirements for communication. This may serve
as a reference for the partners of the ESS to develop specific software covering their needs.
• The project aims to develop reusable communication software to serve common needs;
custom "ad-hoc" modifications to serve specific needs of a domain will be out of the scope.
• The project assumes that security may be assured by a secure communication channel as
long as the data is received in the secure infrastructure described before.
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 20/24
5.8 Constraints
The following constraints have been identified related to this project:
• The first phase of this project is devoted to analyse the needs of the ESS.VIP projects and
primarily to provide a solution for SIMSTAT. The SIMSTAT project’s strictly fixed schedule
constraints what can and cannot be included in this phase in order to deliver in time for their
project.
• Key resource needed for this project with network expertise may have limited knowledge of
Eurostat environment (and possible Commission) at the beginning of the project.
• The CCN1/CSI environment is completely new for the different stakeholders of the project.
• Regulations on the treatment of confidential data will constraint the architecture of the
network.
5.9 Risks
The following risks have been identified related to this project:
• The other ESS.VIP projects may not have staff capable to adequately describe in detail their
network requirements. In order to mitigate this risk a close cooperation with these projects
is needed in order to provide the adequate support on the definition of these requirements.
• The secure infrastructure to protect the confidential data is not ready when needed by the
project. In order to mitigate this risk, the secure infrastructure deployment should be aligned
with the developments. Continuous follow-up is required to assure the alignment.
• Different timing of the ESS.VIP projects can impact the architectural decisions of the
network. The SIMSTAT project is more advanced than other projects and at the time of the
definition of the architecture key requirements of other projects are still in definition phase
and may be unknown. To mitigate this risk the architecture proposed for SIMSTAT should be
flexible enough to accommodate the needs of new projects. A layered design based on
interface and loosely coupled components should be used for that matter.
• Key resources (network) needed by the project are not available on time. To mitigate this risk
close relationship with the ESS program management monitoring the assignment of the
resources is a key factor, on time reporting on the foreseen needs of staff will help to
mitigate this risk.
• Communication with external CCN1/CSI infrastructure relies on the installation provided by
DG TAXUD. During the first phase of this project a detailed plan for the installation of
Eurostat gateways will be prepared. Development of the first phase will rely on this plan, if
the committed date for the installation of the gateways is not respected the plan may be
affected. To mitigate this risk, continuous follow-up of the activities of the CCN installation
will be done. Contractual framework is in place in order to reinforce the commitment of both
organisations to collaborate on this matter.
• EDAMIS "ad hoc" developments for some domains may be difficult to migrate and fit into the
standard solution as part of the phase II of the project. To mitigate this risk, collaboration
with the EDAMIS team will be key in order to standardize as much as possible the situation
across domains before starting with the migration to the new infrastructure.
• Due to complexity of the current EDAMIS solution and the amount of "ad-hoc" components,
potential underestimation of the cost of migration to a new standard and data exchange
solution. Real estimation cannot be done until the execution of the integration feasibility
study at the beginning of the second phase of the project. To mitigate this risk, an
involvement of the EDAMIS team is needed in order to analyse and take measures to simplify
as much as possible the usage of "ad-hoc" components per domain to try to reduce the cost
of migration to the new infrastructure.
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 21/24
• Integration with CCN2 network as part of the third phase of the project is based on the
promise that it will be a natural modernisation of CCN but with the same principles, but as
the development of this network has not yet started is difficult to accurately estimate this. To
mitigate this risk, further collaboration with DG TAXUD in order to have up to date
information about the progress of the new CCN2 is foreseen.
• CCN2 is not available during 2017 as it was planned. In this case the third phase of the
project cannot start. Follow-up of the CCN2 activities with DG TAXUD are foreseen to try to
mitigate this risk.
• As the Eurostat network is highly dependent on Commission network, DG DIGIT involvement
will be required. Availability of the resources needed could affect the schedule of the project.
In order to mitigate this risk, close collaboration with DG DIGIT is foreseen, at different levels
to highlight the importance of the project for Eurostat and to ensure that the infrastructure
required is delivered on time for the project.
• Insufficient support from the Member States: The revamping of the network infrastructure
will require Member States to collaborate and to make use of the network infrastructure for
the data exchange. Support from the Member States will be required to move from the "as
is" to the "to be" scenario. Continuous information to the Member States and involvement of
them in all the stages of the project is required in order to mitigate this risk.
• Connection to DARA IT environment depends on the on time set up of this IT environment. If
the environment is not set up in the framework of the DARA project on time, the connection
will not be available according to the project's schedule.
5.10 Costs, Effort and Funding Source
The funding sources of the project will be:
• Eurostat operational budget will be used as main financial source of the project.
• Eurostat administrative budget will be used for missions and meetings in this project.
• ISA programme to be investigated as a potential source of funding for the project.
5.11 Roadmap
The estimated timing of the project, according to the activities and deliverables previously described
will be the following:
5.12 Synergies and Interdependencies
The project has interdependencies with the ESS.VIP.CRC.SERV project, as it will be provide the
infrastructure where the statistical services could be exposed to the ESS.
It also has interdependencies with the DARA project, as it will provide the connectivity to the secured
IT environment where the confidential data for researchers will be hosted.
Task Name Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Phase I
Feasibility study
Configuration of CCN environment
Development ESDEN
SIMSTAT start-up support
Connection to DARA IT infrastructure
Phase II
Feasibility study network integration
Network integration and data migration
Support
Phase III
Feasibility study network integration (CCN2 or sTESTA2)
Network integration
Support
2013 2014 2015 2016 2017 2018
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 22/24
The project has synergies with the SIMSTAT project as it will provide the connectivity layer to this
project but may also profit from the data exchange platform for micro data that will be set up in this
project.
5.13 Enablers
Enabler Yes/No Reference
ESS VISION
2020 �
https://myintracomm-
collab.ec.europa.eu/dg/ESTAT/DO.U.C.EUR/DOUCEUR/X_Cybernews/X_Cybernews/2-
Management/Policies/Vision/The%20ESS%20Vision%202020.pdf
PM² � http://www.cc.cec/wikis/display/PM2
BPM � http://www.cc.cec/wikis/display/bpmatec
IT Related
RUP@EC � http://www.cc.cec/RUPatEC
ESS EA
Reference
Framework �
6 Governance
6.1 Project owner (PO)
Mariana Kotzeva, ESTAT dir. B (Methodology, Corporate statistical and IT services).
6.2 Solution Provider (SP)
Christine Wirtz, ESTAT B.3 (IT for statistical production).
6.3 Approving authority
This business case will be submitted for consultation/approval to the following bodies:
DIME/ITDG
ESS Portfolio Management Office
Vision Implementation Group
ESS Committee
Signature of the approving authority …………………………… Date ………
ESS.VIP.CRC.ESDEN Business Case
Sensitivity: [Public, Limited, High] Date: 16/12/2014 Version: [0.7 – Draft] 23/24
APPENDIX 1: REFERENCES AND RELATED DOCUMENTS
<Use this section to reference (or append if needed in a separate annex) any relevant or additional information.
Specify each reference or related document by title, version (if applicable), date, and source (e.g. the location of
the document or the publishing organisation).>
ID Reference or Related Document Source or Link/Location
1 <Example of a related document>
<01.Project_Initiation_Request.XYZ.11-11-
2013.V.1.0.docx>
<Example of a location>
< U:\METHODS\PM²@EC\Documents\>
2 Project folder <Insert project folder location.>
3 <Example of a reference>
<"The Communication on Risk Management,
SEC(2005)1327">
<Example of a source>
<20/10/2005, European Commission>