Abstract

Beyond classical Information and Communication Technologies (ICT), the European Telecommunications Standards Institute (ETSI) is developing standards in Artificial Intelligence (AI) and Data to support a broader ecosystem of Information Technology (IT) stakeholders. This work is primarily conducted through two Technical Committees: ETSI TC Securing Artificial Intelligence (TC SAI) and ETSI TC Data solutions (TC DATA). TC SAI focuses on ensuring that AI systems are safe, secure, and societally responsible, including developing baseline cybersecurity requirements grounded in structured design principles across the AI lifecycle. TC DATA complements this work by addressing distributed data solutions, including data in transit, data at rest, and data in process, with particular emphasis on supporting the implementation of the EU Data Act through interoperable data models and ontologies.

As a European Standards Organisation (ESO), ETSI contributes to both European policy priorities and globally applicable standards, including Harmonised Standards that support regulatory compliance within the European Union. ETSI provides an open and inclusive environment for industry, academia, and SMEs to participate in the standardisation process, enabling stakeholders to shape the future development and deployment of AI and data-driven technologies while fostering trust, interoperability, and global adoption.

Keywords: AI, Data, ESO, ETSI, EU, ICT, IT, SME, Standardisation.

Introduction

Beyond classical Information and Communication Technologies (ICT), ETSI is currently developing solutions in the fields of Artificial Intelligence (AI) and Data, which are much more broadly applicable, including the needs of more generic Information Technologies (IT) stakeholders. For this purpose, ETSI maintains two dedicated Technical Committees (TC) where all stakeholders can send experts to – ETSI Technical Committee Data solutions (TC DATA) [1] and ETSI Technical Committee Securing Artificial Intelligence (TC SAI) [2].

Both are deeply intertwined, with TC SAI developing standards and guidance to stakeholders that gives assurance that the AI that is deployed is safe, secure and societally responsible. ETSI is benefiting from its official designation as a European Standardisation Organisation (ESO) as per Regulation 1025/2012 [3]. Only three of such ESOs exist, namely ETSI, Comité Européen de Normalisation (CEN) [4] and Comité Européen de Normalisation Électrotechnique (CENELEC). Under this umbrella, the work is organised according to two main pillars: First, ETSI is developing deliverables in support of European Policy priorities, including so-called Harmonised Standards, which provide a presumption of conformity to the underlying legislation as soon as they are listed in the Official Journal of the European Union (OJEU) [5]. By contributing to the development of Harmonised Standards, stakeholders can thus shape the way market access is governed and implemented in Europe. Second, out of its strong basis in Europe, ETSI is developing deliverables for global usage and applicability.

A recent example is ETSI EN 304 223 V2.1.1 (2025–12) [6]: Securing Artificial Intelligence (SAI); Baseline Cyber Security Requirements for AI Models and Systems, together with ETSI TS 104 224 [7] under the same title. The deliverables include 13 core design principles embodying a total of total of 72 trackable principles, have been defined across 5 lifecycle phases. Compliance to those principles has a clear advantage to users of a service or product – instead of trusting a vaguely documented proprietary solution by a manufacturer, one can be sure that key design principles have been taken into account increasing overall trust.

ETSI TC DATA is complementing the work of ETSI TC SAI, specifically by developing deliverables to support the deployment and operation of distributed data solutions in terms of:

i. Connectivity: data in transit

ii. Storage: data at rest

iii. Compute: data in process. A key focus is currently on supporting the implementation of the EU Data Act through work on appropriate data models and ontologies.

References

[1] ETSI, “Technical Committee Data (TC Data),” European Telecommunications Standards Institute. [Online]. Available: https://www.etsi.org/committee/2519-data

[2] ETSI, “Technical Committee Securing Artificial Intelligence (TC SAI),” European Telecommunications Standards Institute. [Online]. Available: https://www.etsi.org/committee/technical-committee-tc-securing-artificial-intelligence-sai

[3] European Union, “Regulation (EU) No 1025/2012 on European standardisation,” Official Journal of the European Union, 2012. [Online]. Available: https://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2012:316:0012:0033:EN:PDF

[4] CEN-CENELEC, “CEN and CENELEC – European Standardization,” CEN-CENELEC. [Online]. Available: https://www.cencenelec.eu/

[5] European Union, “Official Journal of the European Union – Direct Access,” EUR-Lex. [Online]. Available: https://eur-lex.europa.eu/oj/direct-access.html

[6] ETSI, EN 304 223 V2.1.1: Securing Artificial Intelligence (SAI); Baseline Cyber Security Requirements for AI Models and Systems, 2025. [Online]. Available: https://www.etsi.org/deliver/etsi\_en/304200\_304299/304223/02.01.01\_60/en\_304223v020101p.pdf

[7] ETSI, “Work Item: Securing Artificial Intelligence – Baseline Cyber Security Requirements,” ETSI Portal. [Online]. Available: https://portal.etsi.org/webapp/WorkProgram/Report\_WorkItem.asp?WKI\_ID=69995

Biography

Markus Mueck received the Dipl.-Ing. and ing. dipl. degrees from the University of Stuttgart, Germany and the Ecole Nationale Supérieure des Télécommunications (ENST), Paris, France respectively in 1999. In 2006, he received the Doctorate degree of ENST in Communications. From 1999 to 2008, Dr. Mueck was Senior Staff member and Technical Manager at Motorola Labs, Paris, France. In this role, he contributed actively to various standardization bodies, namely Digital Radio Mondiale, IEEE 802.11n, etc. and lead the creation of the novel standardization group IEEE P1900.4 in the area of Cognitive Radio and Software Defined Radio (SDR). He contributed to numerous European Research projects, namely as Technical Manager of IST-E2R II (19 MEuros budget) and as overall technical leader for the definition of IST-E3 (20 MEuros budget). In 2008, Dr. Mueck joined Infineon Technologies, Munich, Germany where he was head of delegation for IEEE 802.16m and transitioned to Intel Mobile Communications in 2011 in the framework of an acquisition by Intel. Currently, Dr. Mueck is a Principal Engineer with Intel Deutschland GmbH, Munich, Germany and an Engineering Director; he acts as Chair of the ETSI Board, he is Chair of ETSI OCG AI coordinating the overall effort of the organization on AI and Adj. Professor of University of Technology, Sydney, Australia. He is deeply involved in coordinating the implementation of EU Policy priorities through standards activities in ETSI. Dr. Mueck was leading the effort on Artificial Intelligence and Machine Learning of the European funded research Flagship Project Hexa-X preparing the design of 6th Generation Mobile Networks (6G). Dr. Mueck has published over 100 peer-reviewed scientific conference and journal papers, acts as TPC member of numerous conferences and has been regularly involved as reviewer for the evaluation of European Research projects since the 7th Framework Programme of the European Commission.