Skip to main content

AI that works

Sovereign Cloud for Critical Infrastructure Companies

How secure must a cloud be for critical infrastructure? A strategy for a transmission system operator.

#cloud #energy #strategy
Stadt bei Nacht

Our Impact

  • Exit strategy for critical infrastructure companies in just three months

  • Analytical assessment of 12 european cloud providers

  • Tailored recommendations for sovereign European cloud alternatives

The Challenge

  • Ensuring legal and data sovereignty
  • Assessment of potential risks posed by extraterritorial access, e.g., the U.S. Cloud Act
  • Transparency regarding existing technological dependencies and vendor lock-in effects
  • Consideration of a complex interface landscape
  • Ensuring uninterrupted operations
  • Comprehensive cost and risk analysis of potential migration paths

Transmission system operators are responsible for ensuring a reliable power supply to millions of people, as well as to industry and the economy. Accordingly, core IT systems must remain manageable over the long term. Digital sovereignty is therefore part of the corporate responsibility of critical infrastructure operators and a prerequisite for their long-term operational capability.

To operate cross-regional power grids and transport electricity over long distances, coordination and communication among all participating grid and facility operators is crucial. Regulatory requirements such as Redispatch 2.0 have significantly increased this need for coordination in recent years. To address this, our client operates a cloud-based platform that supports business-critical processes and plays a key role in managing grid congestion. Until now, this platform has been running in production on a US cloud provider. Technically stable, but with a strong dependency on an international hyperscaler.

Given regulatory requirements and geopolitical developments, potential migration scenarios and an exit strategy needed to be developed.

The Solution

Digital sovereignty is a highly discussed topic, but in practice it often remains abstract. Together with the transmission system operator, we therefore first defined digital sovereignty based on clear criteria to make it more measurable:

  • Data residency and legal access rights

  • Technological dependencies and interchangeability

  • Interoperability and portability

  • Regulatory compliance

We transformed the concept of digital sovereignty from a strategic discussion into a robust evaluation model. In doing so, we systematically captured legal, technological, and operational aspects, weighing them according to the criticality of individual workloads. This process revealed areas of critical dependency, identified gaps, and determined which parts of the platform could be migrated.

Systematic market analysis and vendor evaluation

Using clearly defined criteria as a framework, we conducted a targeted analysis of the European cloud market to assess its suitability for the requirements of a critical infrastructure company. The key consideration was not which providers existed, but which of them could deliver a robust architecture under real-world operating conditions.

We evaluated potential vendors based on regulatory compliance, functional equivalence, integrability, and long-term interchangeability. At the same time, we conducted a detailed analysis of the existing platform architecture, including the services used, integration, dependencies, and critical process chains.

From a conceptual scenario to a realistic transformation strategy

It's important to consider not only which cloud alternatives are available, but also how a potential switch can be implemented from both a technical and organizational standpoint.

With this in mind, we analyzed critical process chains, interfaces, and operational requirements, identified functional gaps, and systematically evaluated architectural decisions. The result was not an abstract target vision, but concrete solution scenarios for alternative cloud environments. Given our focus on cost-effectiveness and technical sustainability, we opted for a cloud-native replatforming approach.

What the experts say

  • »Digital sovereignty is becoming increasingly important in the critical infrastructure sector and is key to maintaining long-term operational flexibility. Our goal was to translate this strategic issue into concrete technical options and a realistic cloud strategy. Because that is the only way to achieve true freedom of choice.«

Get in Touch

Felix Trost

More good Stories