Organization

FABASOFT R&D GMBH

Austrian cloud software SME specialising in automated security certification and continuous compliance auditing for cloud services under EU cybersecurity regulation.

Technology SMEsecurityATSMENo active H2020 projectsThin data (2/5)

H2020 projects

As coordinator

Total EC funding

€630K

Unique partners

What they do

Their core work

Fabasoft R&D is the research division of Fabasoft, an Austrian enterprise software company with a commercial cloud document management platform. Their H2020 work focuses on security certification for cloud services — building the frameworks, formal languages, and automated tooling that allow cloud providers to demonstrate continuous compliance with EU cybersecurity requirements. They bring rare industrial credibility to certification research: they are not just studying the theory but operating actual cloud infrastructure that must meet these standards. In consortia they function as the industrial cloud platform partner who translates policy-level certification concepts into implementable technical specifications.

Core expertise

What they specialise in

Cloud security certification frameworksprimary

2 projects

Both EU-SEC (2017–2019) and MEDINA (2020–2023) address the design and implementation of security certification schemes for cloud services at the EU level.

Continuous compliance auditingprimary

1 project

MEDINA targets automated, audit-based certification that runs continuously rather than as point-in-time assessments, directly reflecting Fabasoft R&D's core contribution.

Formal certification languages and smart contractsemerging

1 project

MEDINA keywords include 'certification language' and 'smart contracts', indicating work on machine-readable compliance specifications and automated enforcement mechanisms.

EU Cybersecurity Act implementationsecondary

1 project

MEDINA is explicitly framed around compliance with the Cybersecurity Act, positioning Fabasoft R&D as a practitioner of the EU's evolving regulatory certification landscape.

Evolution & trajectory

How they've shifted over time

Early focus

European security certification framework

Recent focus

Automated continuous cloud compliance

Their first project, EU-SEC (2017–2019), addressed the broad structural challenge of building a European security certification framework — essentially the policy architecture and conceptual foundations. By the time MEDINA started in 2020, the focus had sharpened considerably: the keywords shift entirely toward implementation — continuous auditing, smart contracts, formal certification languages, and alignment with the newly enacted Cybersecurity Act. The direction is clear: from framework design toward automated, code-level enforcement of cloud compliance.

Fabasoft R&D is moving deeper into technical automation of cloud compliance — smart contracts and formal languages suggest they are building toward machine-executable certification, which is likely where EU cloud security regulation is heading next.

Collaboration profile

How they like to work

Role: specialist_contributorReach: European11 countries collaborated

Fabasoft R&D has participated in both projects as a partner, never as coordinator — consistent with an industrial SME that contributes platform expertise rather than leading academic research programmes. Despite only two projects, they have accumulated 19 distinct consortium partners across 11 countries, which is a wide network for an SME of this size and suggests they are well-connected in the EU cloud security research community. They appear to operate as a valued industrial anchor in academically-led consortia.

19 unique partners across 11 countries from just two projects — an unusually broad European footprint for a two-project SME, indicating active engagement in multi-partner EU consortia rather than bilateral or national research collaboration.

Why partner with them

What sets them apart

Most participants in cloud certification research are universities or national cybersecurity agencies — Fabasoft R&D is one of the few commercial cloud software vendors in this space, which gives them direct credibility when evaluating whether certification schemes are actually implementable in production environments. Their dual position — as both an R&D partner and an operator of a real cloud platform — means certification methods they help design have already been stress-tested against industrial constraints. For consortium builders, they fill the hard-to-find role of an SME that understands both the regulatory policy layer and the technical execution layer.

Notable projects

Highlights from their portfolio

MEDINA
Their largest funded project (EUR 454,875) and the most technically specific, introducing smart contract-based certification and formal compliance languages — the most forward-looking work in their portfolio.
EU-SEC
Their entry into H2020, contributing to the foundational European security certification framework that later informed the EU Cybersecurity Act's cloud certification provisions.

Cross-sector capabilities

Cloud and digital infrastructure complianceLegal-technical regulatory implementation (GDPR, NIS2, Cybersecurity Act)Enterprise document and process managementBlockchain and smart contract applications for governance

Analysis note: Only two projects in the dataset. The profile is internally consistent — both projects are thematically coherent and the keyword evolution is clear — but the small sample limits confidence in claims about collaboration patterns or long-term strategic direction. External knowledge of Fabasoft as a commercial cloud platform vendor is consistent with the project evidence but is not derivable from the H2020 data alone.