CEF EBSI public domain info


EBSI project management

EBSI service desk

EBSI V1 on CEF Digital wiki (eu login)

EBSI V2 on CEF Digital wiki (eu login)

EBSI V2 Functional aspects

High Level Scopes
EBSI V2 Architecture
EBSI V2 RFCs/transition
Functional documentation for all 4 UC (table of content provides a detailed breakdown)
Functional documentation per UC
eIDAS bridge/sealing

EBSI V2 Technical governance and security

EBSI V2 Technical governance

EBSI V2 Security

  • EBSI V2 security-related RFCs
    • EBSI V2 authentication, last seen at
    • EBSI V2 authorisation, last seen at
  • EBSI V2 risk and security
    • EBSI V2 Risk analysis, last seen at
    • EBSI V2 Security Requirements, last seen at also user journey pages)
    • EBSI V2 Security Guidelines, last seen at



  • JIRA - Tracker - System Dashboard, beyond EBSI
    • Select 'Boards' then 'EBSIINT-scrum'
    • On the left then select 'backlog', 'active sprints' or 'reports'
  • JIRA - EBSIINT tracker includes Kanban board, issues, tests, reports, ...
    • Two views: Activity and Statistics (from where you can drill down)

  • JIRA - EBSIINT tracker RapidBoard, Product Backlog

Issues - EBSI V1

Issues - EBSI ITSRM2

  • EBSIINT-635 creation of the EBSI ITSRM2 documentation processes for P1 (System Security Characterisation) and P2 (Primary Assets), and the creation of an initial first Security Plan.consists of subtasks (which are issues themselves):
    • -833 P1 System description, -834 P1 Roles and organisation, -835 P1 Constraints and measures
    • -836 P2 Primary assets, inventory, -837 Impact scenarios
    • -838 Security plan, risk acceptance criteria, -839 Security plan

Issues - EBSI V2

  • EBSIINT-1309- brief developers on security
  • EBSIINT-827- Tech Governance definition with EBP Tech Reps and EBSI Architecture, should produce:
    • EBSI Technical Governance Guiding Principles
    • EBSI TechGov Decision-making bodies
    • EBSI V2 Technical Governance Rules
    • EBSI V2 Technical Governance Operational Guidelines
    • EBSI V2 Technical Governance Node Operator Terms & Conditions Guidance

  • EBSIINT-1323 - approach 'from business to technology'
  • EBSIINT-592 - EBSI V2 mapping component to capabilities (+gap analysis).
    • Creates Functional and technical capability map
    • Creates Requirements and Capability maps - terminology:
      • Requirements are specified from Use Cases down to User Stories, made up of Steps (this is unsettled)
        • EBSI V1 has 4 Use Cases: ESSIF, Diploma, Notarisation and TDS
        • Use Cases are described in Journeys, providing an end-to-end description of the Use Case
        • Journeys are made up of User Stories (e.g. request diploma, issue diploma, receive diploma) - e.g. In order to start using ESBI services, as a Legal Entity, I can Setup My EBSI Enterprise Wallet
        • User Stories are made up of Steps, described in Gherkin:
          • Feature: Setup My EBSI Enterprise Wallet
          • Given I'm IT Administrator of the IT Infrastructure of the Legal Entity
          • And I have the required administrative right on the servers
          • And I have connection to Internet
          • When I start the setup of my Enterprise Wallet
          • And I download the EBSI Enterprise Wallet installation code on a specific URL
          • And I launch the installation of the Wallet on my server
          • And I define a new password to protect the access to the wallet
          • And I write a recovery passphrase in case I lose my password
          • And I receive setup successful message
          • Then my EBSI Enterprise Wallet is installed
      • Capabilities implement what is required. For this purpose, User Stories are mapped onto Capabilities of the EBSI platform

  • EBSIINT-1030- ticket for Sprint 4 security work as per KA
    • Oddly enought it's called 'DID-method / VC-Registries on Distributes Databases or Ledgers - security assessment', while it should be related to a user journey such as ESSIF onboarding of a natural/legal person
  • EBSIINT-1048- ticket for Sprint 4 security work as per KA
    • Oddly enought it's called 'As a user I can access the EBSI wallet (citizen) (configure ESSIF agent) - security assessment', while it should be related to a user journey ...

  • EBSIINT-1381 - assessment of eIDAS impact on EBSI architecture



DG FISMA - OTC trading

Demonstrator (2017-2018)

DG FISMA - European Financial Transparency Gateway (EFTG)

Proof of Concept (2019)

  • EFTG.EU - portal POC, based on Steem
    • uses witnesses, nodes that produce and seal 'blocks' and add them to the blockchain
    • witnesses are selected by approval voting
  • EFTG.EU - testsite

Demonstrator (2018)

Google Cloud Deployment (PwC) OAM DLT nodes EFTG portal OAM client application (Java simulator)

Sourcecode Public portal for for January 26, 2018 demonstration (AWS, managed by EC) Other info



  • FIDES - blockchain notary by PwC

Energy and utilities


  • DG TAXUD - customs on Hyperledger Fabric - Excise Movement Control System
  • DG TAXUD - Excise Movement Control System (accijns)