Contributed as third-party specialist to both EU-SEC (European Security Certification Framework) and MEDINA (continuous audit-based cloud certification), making this their most consistent area of engagement.
FABASOFT INTERNATIONAL SERVICES GMBH
Austrian enterprise cloud software company with specialised expertise in continuous security certification and EU Cybersecurity Act compliance.
Their core work
Fabasoft International Services is the international arm of an established Austrian enterprise software group, specializing in cloud-based content management and digital business process platforms. In EU research, they contributed as a third-party technology specialist to security certification projects, lending operational cloud infrastructure experience to consortia designing theoretical compliance frameworks. Their H2020 involvement is tightly scoped: applying production-grade cloud deployment knowledge to the problem of automated, regulation-aligned security certification — particularly under the emerging EU Cybersecurity Act. They bridge the gap between academic certification models and the real demands of enterprise cloud environments.
What they specialise in
MEDINA project keywords explicitly include 'continuous auditing' and 'continuous certification', pointing to automated real-time compliance monitoring as a core capability.
MEDINA targets certification in compliance with the EU Cybersecurity Act, reflecting direct engagement with the regulatory certification requirements imposed on cloud providers.
MEDINA keywords include 'smart contracts' and 'certification language', indicating exploration of blockchain-enabled, code-driven automated compliance verification.
How they've shifted over time
In their first H2020 engagement (EU-SEC, 2017–2019), Fabasoft contributed to broad European security certification framework design — a foundational, standards-oriented phase from which no specific technical keywords were captured. By MEDINA (2020–2023), the focus had sharpened considerably: they were working on automated, continuous certification using smart contracts and a formal certification language, directly addressing Cybersecurity Act obligations for cloud services. The trajectory is clear — from general certification architecture toward automated, code-driven compliance tooling embedded in cloud infrastructure.
Fabasoft is moving toward automated, blockchain-assisted compliance verification — a direction directly aligned with growing EU regulatory pressure on cloud providers under the Cybersecurity Act and the forthcoming EUCS cloud certification scheme.
How they like to work
Fabasoft has participated exclusively as a third party rather than a full consortium member — contributing technology or platform resources without appearing directly in the grant agreement. Despite only two projects, they reached 19 distinct partners across 11 countries, indicating they joined large, multi-stakeholder research consortia. This pattern suggests they operate as a specialist technology contributor brought in for their commercial product expertise, rather than as a consortium driver or research lead.
Their two H2020 engagements connected them to 19 unique partners spanning 11 countries — a notably broad European footprint for just two projects. This points to participation in wide, pan-European security research consortia rather than small bilateral collaborations.
What sets them apart
As a commercially established cloud software vendor, Fabasoft brings enterprise-grade deployment experience to research consortia that are typically dominated by universities and public research institutes — a rare and valuable combination. Their specific focus on certification language design and smart contract-based compliance puts them at the intersection of legal engineering and software automation, a niche few commercial actors occupy in EU-funded research. For consortium builders targeting Cybersecurity Act compliance or cloud certification scheme research, Fabasoft offers a credible industry anchor with real, shipped cloud product heritage.
Highlights from their portfolio
- MEDINATheir most technically specific engagement — targeting continuous, automated cloud security certification compliant with the EU Cybersecurity Act using smart contracts and a formal certification language, a technically ambitious scope for a commercial third-party contributor.
- EU-SECTheir first H2020 engagement, contributing to the pan-European Security Certification Framework — a policy-foundational initiative that directly preceded and informed the EU Cybersecurity Act.