Quantum Computing Standardization and Regulation: Status and Way Forward

Valerio Frascolla

Intel Deutschland GmbH, Dornacher Str. 1D, 85622, Feldkirchen, Germany
E-mail: valerio.frascolla@intel.com

Received 05 December 2025; Accepted 08 December 2025

Abstract

Quantum computing (QC) is an emerging technology with transformative potential that remains in development and that promises significant impacts across a broad spectrum of industrial sectors. Small and medium enterprises, large corporations, and academic institutions are investing substantial resources to make this promising technology a commercial reality. Given the fragmented nature of current QC initiatives and the diverse development pathways being pursued to commercialize them, establishing coordinated standardization efforts across different global regions is critical to accelerate progress and ensure interoperability between the various proposed hardware and software solutions. This paper reviews recent standardization efforts and the main standards developing organizations working on the definition of future QC products. Finally, it analyzes the current discussion on the European Commission planned Quantum Act and its potential effects on the QC community.

Keywords: Quantum computing, standardization, SDO, ETSI, CEN-CENELEC, IEEE, ISO, EIC, NIST, ITU-T, regulation.

1 Introduction and Background

When a new technology emerges with the promise of providing significant enhancements to the status quo and even breakthrough results, the progression from concept to commercial product by first the research and then by the industrial ecosystem typically follows a common pattern.

One of the most widely recognized descriptions of such pattern is the Gartner technology hype cycle [1]. Figure 1 shows a 2014 version of this chart, in which quantum computing (QC) is mapped in the Innovation Triggers sector, with an expected market availability of $>$ 10 years. While more recent forecasts are available, they show the same trend and comparable timelines to commercial market launch.

Figure 1 Gartner technology hype cycle [1].

It is worth noting that the term QC broadly encompasses a set of different technologies with varying maturity levels, ranging from technology readiness level (TRL) 1 to TRL4 or TRL5. Comprehensive recent overviews of QC focusing on open challenges and current status can be found in [2] and in [3], respectively.

As a matter of fact, in 2025 there are still no commercially available QC hardware (HW) products that can be purchased. The few commercial offerings that exist are provided as cloud-based services leveraging proprietary QC implementation, with limited availability to the general public and private users. For instance, IBM offers a quantum processing service with approximately 100 qbits [4].

To understand the maturity of QC technology, achieving so-called “quantum supremacy” (i.e., the point at which a quantum computer can solve specific problems significantly faster than any existing classical computer) requires quantum computers with several hundred qbits [5]. In some specific cases within narrow sectorial applications, promising results have been achieved. However, how to measure performance is a controversial matter among domain experts and it is indeed too early to conduct meaningful performance comparisons in a broader context.

Analysts and futurists, however, are convinced that QC is a technology expected to deeply change and disrupt the majority of business domains, from weather prediction and climate modelling to drug discovery, from cryptography to cybersecurity, and from materials science to chemistry. A recent forecast from McKinsey predicts that the QC market size is expected to grow from a projected $1.5 billion in 2025 to $15 billion by approximately 2035 [6], representing a compound annual growth rate (CAGR) of 22–25% over the next decade.

Due to the promise of such a high CAGR, many small and medium enterprises (SMEs) as well as large industries have embarked on designing and developing QC-related services and products in recent years. Substantial investment and ecosystem-building initiatives are taking place across all regions of the world. For instance, at the EU level, the European Commission (EC) has begun launching regulation-related initiatives such as the forthcoming European Quantum Act [7] and has announced a recent investment plan to “make Europe a global leader in quantum technology by 2030” [8]. Additionally, individual European Member States are supporting similar public-private partnerships; for instance, the Munich Quantum Valley [9] has been clustering a significant number of stakeholders seeking to enter the QC arena for many years. Similar initiatives have emerged in the Netherlands with the Quantum Delta NL [10] and in Italy with the Quantum Valley initiative [11], to name just a few recently announced programs.

In such an immature and fragmented QC landscape, interoperability of proposed solutions in both (HW) and software (SW) within the broader information and communication technology (ICT) domain is essential. This is where standardization plays a key role in transforming promising new technology into successful commercial products. Without assurance that individual components provided by single companies can integrate into the overall QC technology ecosystem, the already uncertain return-on-investment (ROI) becomes even less appealing, given the substantial investments required to implement such complex novel technology. Standards are crucial as they prevent costly market battles over competing technologies and can create optimal market access opportunities for SMEs.

Similar patterns can also be observed in how new technologies are standardized: these patterns repeat with each new generation of products and with the launch of each new technology in an increasingly interconnected global market [12]. The introduction of millimetre waves (mmWave) technology serves as a prime example of this pattern, as described in detail in [13–15].

Although that example dates back 10 years, the same sequence of actions can be observed today with the introduction of artificial intelligence (AI) in the work of several standards developing organizations (SDOs).

Regulation also is expected to play a pivotal role in determining how and when new technologies are launched into the European common market. The role of QC and how it will be regulated by the EC remains under discussion. Some technical divisions of the EC have already begun working on a forthcoming Quantum Act, which will establish the requirements for quantum technologies (QT)-based products to enter the European market.

This paper surveys the current status of major SDOs working on QC-related topics, highlighting key published recommendations and deliverables, and explaining the focus of each SDO within the overall QC landscape. It also briefly summarized the ongoing discussion on regulation at the EU level, providing insight into the forthcoming Quantum Act.

2 Overview of the Main Standard Bodies Related to Quantum Computing

As it happens with many technologies that span all layers of a system, from HW to upper SW layers, QC-related standardization activities are spread among a set of SDOs, each one taking a specific aspect of QC under its responsibilities. It is worth mentioning that some overlaps happen in such a scattered and not always aligned approach to standards. As a consequence, providing a comprehensive list of SDOs whose work is related to QC is an evolving and complex landscape. In this section we concentrate on five key SDOs among the several that deal in some way with QC-related work, providing the status of the art of the activities.

2.1 ETSI

The European Telecommunications Standards Institute (ETSI) is a “not-for-profit Institute with more than 900 member organizations worldwide”, which provides a pre-competitive and collaborative environment that “supports the timely development, ratification and testing of globally applicable standards for ICT-enabled systems, applications and services” [16].

2.1.1 Technical Committee (TC) on Quantum Technologies

In the second half of 2025, ETSI launched a new TC focusing on QT, addressing diverse aspects of QC including quantum communications and quantum networks spanning several market verticals. One of the declared aims of the TC is to support the ongoing European drafting of key regulations such as the Quantum Act and the Chips Act, in alignment with other SDOs, treaty organizations and the open Source communities like the ETSI Software Development Groups [17].

It is also important to mention the ongoing support provided by the TC QT to the definition and implementation of the European Quantum Communication Infrastructure (EuroQCI) [18], which aims at building a secure quantum communication infrastructure spanning the EU, including its overseas territories. The EuroQCI claims to be the first operational system in the world providing quantum key distribution (QKD) for the protection of government data and communications, telecommunications networks, data centers, and critical infrastructure. A list of running and EU-funded collaborative research projects under the EuroQCI program can be found in the Coordination and Supporting Action project called Petrus [19].

The areas of focus of the ETSI TC QT work are:

• Quantum communications: Secure data transmission using quantum principles like superposition and entanglement.

• Quantum networking: Connecting quantum systems for distributed computing and cryptography.

• Quantum sensing: Enabling ultra-precise measurements for quantum communication networks.

• Satellite quantum communications: Standardizing beacon signals, interfaces, and security for space-based quantum systems.

• Quantum random number generators (QRNGs): Generating true randomness for secure applications.

• Quantum security: Establishing methodologies to assess hardware vulnerabilities and side-channel attack risks.

2.1.2 Industry Specification Group (ISG) on QKD

ETSI has operated an ISG on QKD for more than 10 years, with the scope of specifying a QKD system and developing a set of ETSI Group Specifications (GSs) describing quantum cryptography for ICT networks.

QKD has long attracted attention as a quantum-based security mechanism that can integrate with already deployed networks, generating significant interest in both research and industry due to its ease of deployment compared to other QC technologies.

Among the most relevant GSs it is worth mentioning:

• GS QKD 002 “Quantum Key Distribution (QKD); Use Cases”: One of the first GSs to be defined, back in 2010, focusing on creating a blueprint or catalogue of security and other functional requirements for different user groups and application fields, to be used as basis for implementing QKD system specifications.

• GS QKD 003 “Quantum Key Distribution (QKD) – Components and Internal Interfaces”: Components and interfaces of the blueprint described in GS QKD 0002.

• GS QKD 004 “Quantum Key Distribution (QKD); Application Interface”: Specification of the application interface between QKD and cryptographic ICT systems. Existing ICT systems have to fulfil the compatibility aspects, especially for cryptographic keys handover and key distribution system management.

• GS QKD 005 “Quantum Key Distribution (QKD); Security Proofs”: Security definition, device models, implementation security and QKD protocols relevant to security mechanisms.

• GS QKD 008 “Quantum Key Distribution (QKD); QKD Module Security Specification”: QKD module requirements to increase the probability of detecting and responding precisely and promptly to attempts of direct physical access and use or modification of modules.

• GS QKD 010 “Quantum Key Distribution (QKD) Implementation security: protection against Trojan horse attacks”: Specification of protection of QKD modules against a set of Trojan horse attacks.

• GS QKD 011 “Quantum Key Distribution (QKD); Component characterization: characterizing optical components for QKD systems”: Characterization of optical components for use in QKD systems.

• GS QKD 012 “Quantum Key Distribution (QKD); Device and Communication Channel Parameters for QKD Deployment”: Description of the characteristics of QKD devices and the required communication channels in the context of QKD deployment on point-to-point links.

• GS QKD 013 “Quantum Key Distribution (QKD) Characterization of Optical Output of QKD transmitter modules”: Procedures for characterizing specific properties of complete QKD transmitter modules.

• GS QKD 014 “Quantum Key Distribution (QKD); Protocol and data format of REST-based key delivery API”: Representational state transfer application programming interface (REST API) specification that allows applications to request cryptographic keys from a QKD network.

• GS QKD 015 “Quantum Key Distribution (QKD); Control Interface for Software Defined Networks”: Management interfaces to integrate QKD with disaggregated network control plane architectures, in particular with software defined networks (SDNs). It defines abstraction models and workflows between an SDN-enabled QKD node and the SDN controller.

• GS QKD 016 “Quantum Key Distribution (QKD); Common Criteria Protection Profile – Pair of Prepare and Measure Quantum Key Distribution Modules”: Protection profile for QKD systems describing complete systems involving point-to-point devices from the physical implementation up to the output of final secret keys.

• GS QKD 017 “Quantum Key Distribution (QKD); Analysis of QKD Network architectures”: Description and review of the variety of architectures that have been proposed for QKD networking. The aim is to reveal the basic functionalities that the mentioned architectures implement as well as the commonalities between the architectures, and to identify architectural components, their purpose and their conceptual interfaces and assess the interoperability potential for networks based on distinct architectural designs.

• GS QKD 018 “Quantum Key Distribution (QKD); Orchestration Interface for Software Defined Networks”: Definition of orchestration interfaces between SDN orchestrator(s) and SDN controller(s) of QKD networks. It also defines abstraction models and workflows between SDN orchestrator(s) and SDN controller(s) of QKD networks, including resource management, system configuration management, performance management, alarm, service provisioning, and management of multi-domain QKD networks.

• GS QKD 020 “Quantum Key Distribution (QKD); Protocol and data format of REST-based Interoperable Key Management System API”: Description of how to allow keys to traverse quantum networks managed by different parties.

• GS QKD 021 “Quantum Key Distribution (QKD); Orchestration Interface of Software Defined Networks for Interoperable key management system”: Extensions to GS QKD 018 to allow for the operation and management of multi-domain end to end (E2E) key usage patterns. This is scheduled to be released early 2026.

• GS QKD 022 “Quantum Key Distribution (QKD); Network Architecture”: Specification of a QKD network architecture building on the analysis performed in GS QKD 017 and identifying network functionalities and interfaces aligned with modern communication networking paradigms, suitable for both stand-alone critical infrastructures and integration with general telecommunications networks.

• GS QKD 023 “Quantum Key Distribution (QKD); Monitoring Interface and Data Model”: Interface and data model definition for QKD monitoring, consistent with the existing approved interfaces, defining also monitoring and telemetry interactions with QKD modules, covering information about the modules and the links attached to them.

• GS QKD 024 “Quantum Key Distribution (QKD); Common Criteria Protection Profile – Key Processing Module”: Description of a common criteria protection profile for key processing modules (KPMs), which enable the secure key establishment of cryptographic keys with other certified KPMs, using QKD keys generated by QKD modules.

It is also worth mentioning that ETSI publishes White Papers and organizes (often together with the with the Institute for Quantum Computing (IQC) [20]) several events focusing on QC-related topics. Recent examples include the Preparing for a Quantum Secure Future [21], and periodic workshops and conference such as the annual Quantum Safe Cryptography Conference, with the next one planned for June 2026 in Canada [22].

2.2 ITU-T

The International Telecommunication Union – Telecommunication Standardization Sector (ITU-T) has the charter to “develop international standards known as ITU-T Recommendations which act as defining elements in the global infrastructure of ICT technologies” [23].

ITU-T splits its work into two main sets of actions, called Study Groups (SGs) and Focus Groups (FGs). SGs deliver standardization work in the form of recommendations (standards) documents in the various domains of international communications. FGs are usually short-lived, addressing industry needs as they emerge, and when they are not covered within an existing SG. The key difference between SGs and FGs is the freedom that the latter have to organize and finance themselves. Both organize their work into a set of Work Groups (WGs) with well-defined scopes and responsibilities.

Among the other forms of actovoties in ITU-T it is worth mentioning the Joint Coordination Activity (JCA), especially the JCA on Quantum Key Distribution Network (JCA-QKDN).

ITU recommendations are published following a categorization based on a starting letter; for instance documents starting with A.xyz focus on Organization of the work of ITU-T, those starting with W.xyz on Global information infrastructure and Internet protocol aspects, and those starting with Y.xyz on Languages and general software aspects for telecommunication systems. The latter are the ones relevant for QC, as discussed later.

2.2.1 ITU-T Focus Group on Quantum Information Technology for Networks (FG-QIT4N)

Among the several activities related to QC under the work of ITU-T, the FG dedicated to QC is called ITU-T Focus Group on Quantum Information Technology (QIT) for Networks (FG-QIT4N), which ran from 2019 to 2021. It split its activities between two WGs: WG1 Network aspects of QIT and WG2 QKD Networks (QKDN), and co-worked with other two ITU Groups: ITU-T Study Group 13 – Future networks, with focus on IMT-2020, cloud computing and trusted network infrastructures [24] and ITU-T Study Group 17 – Security [25].

Each WG of the ITU FG-QIT4N created its set of technical reports, also called deliverables, three from WG1 and five from WG2, as detailed below:

• D1.1 Quantum information technology for networks terminology: Network aspects of QITs: Survey on terminology on network aspects of quantum information technology, their overlap and divergence, also listing terms that are required but are yet to be standardized.

• D1.2 Quantum information technology for networks use cases: Network aspects of QITs: Analysis of QIT for network use cases gathered during the lifetime of the ITU-T FG-QIT4N. Use cases are analysed by bottlenecks, application scenarios, technical requirements and solutions, providing analyses and suggestions for future applications and potential standardization requirements.

• D1.4: Standardization outlook and technology maturity: Network aspects of QITs: Snapshot of the standardization landscape of QIT for networks, listing prospects and barriers to the development and adoption of related standards, and reviewing methodologies for assessing technology maturity and standardization readiness of QIT for networks.

• D2.1: Quantum information technology for networks terminology: QKDN: Survey of terminology relevant to QKDNs published or under development by other SDOs including ETSI ISG QKD, ISO/IEC JTC1 SC27 WG3 and ITU-T SG13/17.QKDN.

• D2.2: Quantum information technology for networks use cases: QKDN: Consolidation of the QKDN use cases gathered during the lifetime of the ITU-T FG QIT4N, classifying them into six classes, highlighting the competitive advantage of the use cases brought by QKDN, and providing suggestions for future standardization efforts.

• D2.3: Quantum key distribution network protocols: Quantum layer: A discussion on the potential of integration of QKD in future networks, providing considerations and suggestions for future work on QKDN protocols. It focuses on the quantum layer of a QKDN, describing different types of QKD protocols, their workflows, features, parameters, and commercialization status.

• D2.3: Quantum key distribution network protocols: Key management layer, QKDN control layer and QKDN management layer: Extension to the above deliverable focusing on other layers (key management layer, QKDN control layer and QKDN management layer).

• D2.4: Quantum key distribution network transport technologies: Survey of QKDN transport technologies such as transport system components, technical solutions, and the typical scenarios of the co-existence of quantum and classical signals in a common fibre (CEQC).

• D2.5: Standardization outlook and technology maturity: Overview of QKD technology, including frontier research, system experiment, field trial, and commercialized product. It summarizes QKD industry status, including market players such as system vendor, network provider, and end user, project and opinions from different country and region, including QKDN standardization landscape, conducts gap analysis, and provides future standardization suggestions.

It is worth noting that the above deliverables are informative ITU-T publications, whereas mandatory provisions, such as those found in ITU-T recommendations, are outside the scope of these publications.

2.2.2 Study Group 13: Future networks and emerging network technologies

ITU SG13, among other targets, “develops standards for quantum networks and their related technologies including networking aspects of QKDN”, including the study on the integration of computing and networking from the viewpoint of future networks. It further “studies concepts and mechanisms to enable trusted ICT, including framework, requirements, capabilities, architectures and implementation scenarios of trusted network infrastructures and trusted cloud solutions”. The work is conducted in alignment with other ITU Groups, e.g., the JCA-QKDN [26].

Among the 31 Work Items proposed or currently running related to QC technologies, the ones that have been approved and are going to create recommendations (identified by the starting “Y”) are:

• Y.3833: Quantum key distribution networks – Dependability assessment: Discussion on QKDN robustness aspects, specifying QKDN dependability assessment conceptual model, indicators, and dependability assessment processes.

• Y.3834: Quantum key distribution networks – Functional architecture enhancement for autonomic quality of service assurance: Specification of a functional architecture enhancement for autonomic quality of service assurance (QoS) in QKDNs, providing functional architecture enhancement, reference points, and example operational procedures of autonomic QoS assurance for QKDN.

• Y.3810 (2025) Corr.1: Quantum key distribution network interworking – Framework: Description of the interworking among QKDNs, the reference models, and the functional models of gateway functions (GWFs) and interworking functions (IWFs).

• Y.3818 (2025) Corr.1: Quantum key distribution network interworking – Architecture: Description of a functional architecture models for QDKN interworking (QKDNi), i.e., functional architectures with gateway and interworking nodes.

• Y.3831: Integration of quantum key distribution network and user network supporting end-to-end modern cryptography services functional architecture: Discussion of solutions to integrate the QKDN and user networks supporting modern cryptography services, specifying several architectural models, requirements, and a framework architecture for such integration.

• Y.3832: Quantum key distribution networks – framework for orchestration: Orchestration framework to enhance resource efficiency of QKDNs describing QKDN orchestration together with requirements, reference models, and overall operational procedures.

Among the long list of ITU-T recommendations under the responsibility of SG13 that are already in force, some key ones are:

• Y.3800 Overview on networks supporting quantum key distribution: Published in 2019, it gives an overview on networks supporting QKD.

• Y.3801 Functional requirements for quantum key distribution networks: Published in 2020, it specifies the functional requirements for the quantum layer, the key management layer, the QKDN control layer and the QKDN management layer.

• Y.3802 Quantum key distribution networks – Functional architecture: Published in 2020, it defines a functional architecture model of QKDNs, specifying detailed functional elements and reference points, architectural configurations and basic operational procedures of QKDNs.

• Y.3803 Quantum key distribution – Key management: Published in 2020, it provides help for the design, deployment, and operation of key management of a QKDN.

• Y.3804 Quantum key distribution networks – Control and management: Published in 2020 and slightly updated in 2025, it specifies functions and procedures for QKDN control and management based on the requirements specified in Recommendation ITU-T Y.3801.

• X.1710 Security framework for quantum key distribution networks: Published in 2020, it specifies a framework including requirements and measures to combat security threats for QKDNs, specifying a simplified QKDN structure for analysis of the relevant security threats.

2.2.3 Joint Coordination Activity on Quantum Key Distribution Network (JCA-QKDN)

Another interesting stream of activities on QC is driven by the JCA-QKDN. It started in 2022 with the charter to coordinate standardization work on QKDNs within ITU-T and acts as the point of contact within ITU-T and other SDOs, consortia and forums working on QKD-related standardization.

To illustrate the kind of tasks that JCA-QKDN performs, it is worth sharing a comprehensive overview of QKDN standardization work performed in ITU-T SG 13, as found in Figure 2, taken from the document JCA-QKDN-079 “QKDN standard roadmap update and discussion”, presented in December 2025 in the JCA-QKDN meeting [26].

Figure 2 QKDN standard roadmap update and discussion [26].

2.3 CEN-CENELEC

The European Committee for Standardization (CEN) and the European Committee for Electrotechnical Standardization (CENELEC) are two private international non-profit organizations, providing “voluntary European Standards and related products and services for the benefit of businesses, consumers and other standard users in Europe” [27]. They often issue standards together and such documents are referred to CEN-CENELEC standards and are issued as the work of the CEN-CENELEC Joint Technical Committee (CEN-CLC/JTC) [28].

CEN-CENELEC have a well-established way of interacting with the European Commission (EC) when a request of developing European standards is issued, as detailed in [27] and [29].

2.3.1 CEN-CLC/JTC 22 on Quantum Technologies

In particular, when it comes to QC technologies, CEN-CENELEC started the work with the CEN and CENELEC Focus Group on Quantum Technologies (FGQT) that ran from 2020–2023 and edited the following documents:

• FGQT Q01: Term of reference [30].

• FGQT Q02: Work programme [31].

• FGQT Q03: Towards standardization for quantum technologies [32].

• FGQT Q04: Standardization roadmap on quantum technologies [33].

• FGQT Q05: Quantum technologies use cases [34].

The FGQT was taken as the basis for the work of the currently ongoing CEN-CLC/JTC 22, which started in 2022 and has the target to develop standards for quantum technologies in a set of diverse domains, such as:

• Quantum enabling technologies.

• Quantum sub-systems.

• Quantum platforms and systems.

• Quantum composite systems and applications.

CEN-CLC/JTC 22 organizes the work in four WGs, all following an agreed-upon common work programme, and in alignment with other SDOs such as ETSI and IEC/ISO JTC3, ensuring at the same time that its standardization efforts support European market needs, legislative frameworks, and key EU policies and principles.

A very recent (published in June 2025) and interesting document produced by CEN-CLC/JTC 22 is JTC22 Q06 – Standardization Roadmap on Quantum Technologies [35].

2.4 ISO and IEC

The International Organization for Standardization (ISO) started in 1946 to create standardization documents to help trade and cooperation all over the world, having published since then more than 26,000 international standards and other deliverables [36].

The International Electrotechnical Commission (IEC) was founded in 1906 and since then has published “around 10000 IEC International Standards which together with conformity assessment provide the technical framework that allows governments to build national quality infrastructure and companies of all sizes to buy and sell consistently safe and reliable products in most countries of the world. IEC International Standards serve as the basis for risk and quality management and are used in testing and certification to verify that manufacturer promises are kept.” [37].

2.4.1 ISO/IEC Joint Technical Committee 3 on Quantum Technologies (JTC 3)

ISO has published several documents related to QC, and the most interesting ones are those jointly worked on by ISO and IEC, in the ISO/IEC Joint Technical Committee 3 on Quantum Technologies [38]. The scope includes “standardization in the field of quantum technologies, including quantum information technologies (quantum computing and quantum simulation), quantum metrology, quantum sources, quantum detectors, quantum communications, and fundamental quantum technologies”.

There are currently seven active documents in the IEC/ISO JTC 3 work programme, taken care of by different IEC WGs. The most interesting document is the IEC 63712 ED1 Quantum technologies – Quantum computing – Hardware benchmarking and a set of four publications on the vocabulary of QC-related technologies [39].

The work in EIC JTC 3 is driven also in synch with the ISO/IEC JTC 1/SC27 Information security, cybersecurity and privacy protection, offering “expertise in cybersecurity and privacy protection on emerging technological topics”, for instance in post quantum cryptography and QKD (ISO/IEC 23837-1:2023 “Information security – Security requirements, test and evaluation methods for quantum key distribution – Part 1: Requirements” and ISO/IEC 23837-2:2023 “Information security – Security requirements, test and evaluation methods for quantum key distribution – Part 2: Evaluation and testing methods”).

2.5 IEEE

The Institute of Electrical and Electronics Engineers Standards Association (IEEE SA) is very active in organizing events on the QC-related topics, such as the IEEE Quantum Week [40], the Quantum Educational Portal [41], the IEEE Quantum podcast series [42], or the activity on defining a commonly agreed-upon standardisation roadmap on quantum applications in the research and industry ecosystems [43].

In addition, it also drives a set of so-called project standards, indicated by the letter ’P’, focusing on delivering standards on several aspects of QC, as listed below:

• IEEE P1913^TM Software-defined Quantum Communication: The software-defined quantum communication (SDQC) protocol that enables configuration of quantum endpoints in a communication network in order to dynamically create, modify, or remove quantum protocols or applications.

• IEEE P1943^TM Standard for Post-quantum Network Security: Post-quantum optimized version of network security protocols.

• IEEE P2995^TM Trial-use Standard for a Quantum Algorithm Design and Development: Standardized method for the design of quantum algorithms.

• IEEE P3120^TM Standard for Quantum Computing Architecture: Technical architectures for quantum computers based on the technological type and one or more qubit modalities.

• IEEE P3172^TM Recommended Practice for Post-quantum Cryptography Migration: Multi-step processes that can be used to implement hybrid mechanisms, i.e., a combination of classical quantum-vulnerable and quantum-resistant public-key algorithms.

• IEEE P3185^TM Standard for Hybrid Quantum-Classical Computing: HW and SW architectures of hybrid quantum-classical computing environments.

• IEEE P3329^TM Standard for Quantum Computing and Simulation Energy Efficiency: Universal energy efficiency for QC and simulation.

• IEEE P7130^TM Standard for Quantum Technologies Definitions: Quantum technologies specific terminology and definitions necessary to facilitate clarity of understanding to enable compatibility and interoperability.

• IEEE P7131^TM Standard for Quantum Computing Performance Metrics & Performance Benchmarking: QC performance metrics for standardizing performance benchmarking of QC HW and SW.

2.6 NIST

The National Institute of Standards and Technology (NIST) “promotes U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology” [44]. NIST introduces the use of the quantum information science (QIS) term to better describe its activities in the QC field. QIS is the merger of quantum physics and information theory.

Among the several activities NIST drives, it “convened some of the earliest scientific meetings on quantum information theory and later launched the Quantum Economic Development Consortium to support the nascent industry”, being also among the main promoters of the U.S. National Quantum Initiative launched in 2018.

The most relevant action of NIST in the QC domain is driving a U.S.-wide initiative on post-quantum cryptography called the NIST Post-Quantum Cryptography (PQC) project. The PQC project “leads the national and global effort to secure electronic information against the future threat of quantum computers – machines that may be years or decades away but could eventually break many of today’s widely used cryptographic systems” [45]. After years of work, the first three Federal Information Processing Standards (FIPSs) on PQC and an additional standard on key-encapsulation mechanisms were released in 2024.

• FIPS 203: Module-lattice-based Key-encapsulation Mechanism Standard (ML-KEM): To be considered as “the primary standard for general encryption”, providing benefits like smaller encryption keys and speed of operation [46].

• FIPS 204: Module-lattice-based Digital Signature Standard (ML-DSA): To be considered the primary standard for protecting digital signatures, using the CRYSTALS-Dilithium algorithm, which has been renamed ML-DSA [47].

• FIPS 205: Stateless Hash-based Digital Signature Standard (SLH-DSA): Designed for digital signatures, it employs the Sphincs+ algorithm, which has been renamed SLH-DSA. The standard is based on a different math approach than ML-DSA, and it is intended as a backup method in case ML-DSA proves vulnerable [48].

• SP 800-227: Recommendations for Key-encapsulation Mechanisms: A key-encapsulation mechanism (KEM) is a set of algorithms that can be used by two parties under certain conditions to securely establish a shared secret key over a public channel. A shared secret key that is established using a KEM can then be used with symmetric-key cryptographic algorithms to perform essential tasks in secure communications, such as encryption and authentication. This document describes the basic definitions, properties, and applications of KEMs. It also provides recommendations for implementing and using KEMs in a secure manner [49].

These four post-quantum encryption standards secure a wide range of electronic information, from confidential email messages to e-commerce transactions that propel the modern economy. NIST is encouraging computer system administrators to begin transitioning to the new standards as soon as possible.

As next steps, since the ML-DSA and ML-KEM standards are expected to provide the foundation for most deployments of PQC, NIST continues working on innovative algorithms in order to identify additional candidates for standardization, such as https://csrc.nist.gov/news/2022/pqc-candidates-to-be-standardized-and-round-4 [50] and https://csrc.nist.gov/news/2025/hqc-announced-as-a-4th-round-selection [51].

3 Regulation

The European Union (EU) has been very active in the last ten years in designing, developing and implementing several pieces of legislations called Acts that regulate the use of technologies to be launched in the European market.

Even though QC is not yet a fully developed technology, and commercial services are just starting to appear, in the attempt to create a Quantum Valley in the EU, the EC has started drafting a new Quantum Act, to be published presumably in 2026.

Considering the huge concerns around the security of telecommunication networks and the disruptive expected impact of QC on security mechanisms, the timing for this new Act seems right.

Efforts to provide guidance on QC started already around 2018, when the Quantum Technology Flagship was launched [52] and the European High Performance Computing Joint Undertaking, now called Chips JU [53], was launched to steer European efforts around QC.

More recently the QuiC association was launched, to align and create synergies between start-ups, SMEs, industry and academia established in the EU, with the aim to counteract the overwhelming power of U.S.-based big technology companies [54].

Also, several Member States of the EU are launching national initiatives, as mentioned in a previous section.

To provide some guidance in such a complex and dynamic landscape, Digital Europe published in June 2025 the position paper “Making Europe a quantum industry powerhouse: a strategic EU roadmap for investment, talent and industrial scale” [55]. The paper fosters the need for an EU-aligned quantum strategy, encompassing the scattered landscape of grants, research programmes, projects, national and European initiatives. In a nutshell, Digital Europe recommends the following actions to help European-headquartered companies flourish and leverage the forthcoming QC revolution:

• Avoid regulating the quantum ecosystem until technologies have matured and regulatory gaps can be clearly identified.

• Scale up public and private funding to boost demand for innovative quantum solutions.

• Bridge the quantum skills gap to meet the growing demand for talent.

• Foster industrial capacity to stay globally competitive and bring innovations to market.

All those points are probably accepted by the majority of the European players in the QC field. The problem lies in how such high-level agreed-upon points are to be implemented and with which financial supporting mechanisms and schemes.

The first point of the list above stresses a concern shared by many players in the European QC ecosystem, and therefore it is worth reporting its content in full: “The EU should be cautious about creating specific rules for the quantum sector and instead rely on existing horizontal laws at least until commercial use cases stabilise. Any future legislative initiative, such as a potential Quantum Act, must be preceded by a rigorous impact assessment and a structured, in-depth dialogue between policymakers and industry, with a particular focus on quantum start-ups and scale-ups” [55].

Existing EU legislation are also involved in the QC-related discussion. For instance, the European Cybersecurity Certification Framework under the EU Cybersecurity Act, as set out in [56], is supposed to be updated to take into consideration PQC and new security-based algorithms that are expected to be enforced in the EU, following the same path that NIST drove in the U.S. (see Section 2.6).

In summary, we are on the verge of a new set of actions undertaken by the EC that will mandate in the coming years how products related to QC will have to be compliant with to European regulation if such products are to be launched in the European market.

4 Conclusion

QC is attracting a lot of attention as it is a very promising technology with perspective of breakthrough new performance in a diverse set of vertical market segments.

Due to its expected impact, several SDOs have started working on creating standards that can facilitate and promote the interactions among the several system components that make a QC system work.

The most active SDOs in QC-related standards are ETSI, ITU-T, CEN-CENELEC, ISO/IEC, IEEE and NIST. Each one of those SDOs focuses its attention on a subset of the elements of a QC system; some overlap, e.g., the documents on use cases, whilst some slightly diverge on message or details. Overall, it is reassuring that so many experts split into so many different entities are taking on the job to define together the future QC systems.

Finally, it is worth mentioning the activities about to start in the EU regarding the regulation of QC technologies. There are a lot of concerns regarding the capability of the EU to reach a comparable point with the U.S. and China on cutting-edge technologies like QC, and regulation is expected to help the ecosystem, rather than slow it down with additional non-technical requirements. The way such streams of activities will be implemented will inform us whether the EU has a chance against other geographical areas of the world in QC productisation and successful market launch. We have a few years ahead of us; let’s contribute together by participating in associations and SDOs work to make that happen.

References

[1] Gartner technology hype cycle. 2014. Available online at: www.gartner.com.

[2] I. K. Garewal, C. V. Mahamuni and S. Jha, ‘Emerging Applications and Challenges in Quantum Computing: A Literature Survey,’ 2024 International Conference on Artificial Intelligence, Big Data, Computing and Data Communication Systems (icABCD), Port Louis, Mauritius, 2024, pp. 1–12, doi: 10.1109/icABCD62167.2024.10645271.

[3] ‘New MIT report captures state of quantum computing’, August 2025. Available online at: https://mitsloan.mit.edu/ideas-made-to-matter/new-mit-report-captures-state-quantum-computing.

[4] IBM Quantum. 2025. Available online at: https://www.ibm.com/quantum.

[5] C.Q. Choi, ‘How Many Qubits Are Needed for Quantum Supremacy?’, IEEE Spectrum, 2020. Available online at https://spectrum.ieee.org/qubit-supremacy.

[6] H. Soller, ‘The Year of Quantum: From concept to reality in 2025’, McKinsey Digital, June 2025. Available online at: https://www.mckinsey.com/~/media/mckinsey/business\%20functions/mckinsey\%20digital/our\%20insights/the\%20year\%20of\%20quantum\%20from\%20concept\%20to\%20reality\%20in\%202025/the-year-of-quantum-from-concept-to-reality-in-2025.pdf?

[7] European Commission. 2025. European Quantum Act. Available online at: https://www.european-quantum-act.com/.

[8] European Commission. 2025. ‘The EU’s plan to become a global leader in quantum by 2030’. Available online at: https://commission.europa.eu/news-and-media/news/eus-plan-become-global-leader-quantum-2030-2025-07-02_en.

[9] Munich Quantum valley: https://www.munich-quantum-valley.de/.

[10] Quantum Delta NL: https://quantumdelta.nl/.

[11] Quantum Valley Campania: https://quantumvalley.it/.

[12] B. Raaf, M. Faerber, B. Badic, V. Frascolla, ‘Key technology advancements driving mobile communications from generation to generation’, Intel Technology Journal, 2014, Vol 18, Issue 1, p 12.

[13] V. Frascolla, M. Faerber, L. Dussopt, E. Calvanese-Strinati, R. Sauleau, V. Kotzsch, G. Romano, K. Ranta-aho, J. Putkonen, J. Valino, ‘Challenges and opportunities for millimeter-wave mobile access standardisation,’ 2014 IEEE Globecom Workshops (GC Wkshps), Austin, TX, USA, 2014, pp. 553–558, doi: 10.1109/GLOCOMW.2014.7063490.

[14] V. Frascolla, M. Faerber, E. Calvanese-Strinati, L. Dussopt, V. Kotzsch, E. Ohlmar, M. Shariat, J. Putkonen, G. Romano, ‘MmWave use cases and prototyping: A way towards 5G standardization,’ 2015 European Conference on Networks and Communications (EuCNC), Paris, France, 2015, pp. 128–132, doi: 10.1109/EuCNC.2015.7194054.

[15] M. Shariat, M. Dianati, K. Seppänen, T. Suihko, J. Putkonen and V. Frascolla, ‘Enabling wireless backhauling for next generation mmWave networks,’ 2015 European Conference on Networks and Communications (EuCNC), Paris, France, 2015, pp. 164–168, doi: 10.1109/EuCNC.2015.7194061.

[16] ETSI website. Available online at: http://www.etsi.com.

[17] ETSI Technical Committee on Quantum Technologies. Available online at: https://www.etsi.org/committee/2600-quantum-technologies.

[18] The European Quantum Communication Infrastructure – EuroQCI. Available online at: https://digital-strategy.ec.europa.eu/en/policies/european-quantum-communication-infrastructure-euroqci.

[19] Petrus EU-funded project. Available online at: https://petrus-euroqci.eu/.

[20] Institute for Quantum Computing. Available online at: https://uwaterloo.ca/institute-for-quantum-computing/.

[21] ETSI White Paper Preparing for a quantum secure future, April 2025. Available online at: https://www.etsi.org/e-brochure/ETSI-QSC-Report-2025/mobile/index.html\#p=1.

[22] The quantum Safe Cryptography Conference 2026. https://www.etsi.org/events/2592-etsi-iqc-qsc-conference-2026.

[23] ITU-T. Available online at: https://www.itu.int/en/ITU-T/Pages/Default.aspx.

[24] ITU-T Focus Group on Quantum Information Technology for Networks (FG-QIT4N). Available online at: https://www.itu.int/en/ITU-T/focusgroups/qit4n/Pages/default.aspx.

[25] Available online at: https://www.itu.int/en/ITU-T/about/groups/2025-2028/Pages/sg13.aspx.

[26] Document JCA-QKDN-079, to be discussed the ITU-T meeting in December 2025. Available online at: https://extranet.itu.int/sites/itu-t/jca/qkdn/meetingdocs/Forms/AllItems.aspx.

[27] CEN/CENELEC. Available online at: https://www.cencenelec.eu/european-standardization/cen-and-cenelec/.

[28] CEN-CENELEC JTC. Available online at: https://boss.cen.eu/TechnicalStructures/Pages/JointCENCLCTCs.

[29] European Commission Standardization requests. Available online at: https://single-market-economy.ec.europa.eu/single-market/goods/european-standards/standardisation-requests_en.

[30] CEN-CENELEC White Paper Terms of reference. Available online at: https://www.cencenelec.eu/media/CEN-CENELEC/AreasOfWork/CEN-CENELEC\_Topics/Quantum\%20technologies/Documentation\%20and\%20Materials/fgqt\_q01\_termsofreference.pdf.

[31] CEN-CENELEC White Paper Work programme. Available online at: https://www.cencenelec.eu/media/CEN-CENELEC/AreasOfWork/CEN-CENELEC\_Topics/Quantum\%20technologies/Documentation\%20and\%20Materials/fgqt\_q02\_fgqt\_wp\_call\_for\_participation.pdf.

[32] CEN-CENELEC White Paper Towards Standardization for Quantum Technologies. Available online at: https://www.cencenelec.eu/media/CEN-CENELEC/AreasOfWork/CEN-CENELEC\_Topics/Quantum\%20technologies/Documentation\%20and\%20Materials/fgqt\_q03\_towardsstandardizationforquantumtechnologies.pdf.

[33] CEN-CENELEC White Paper Quantum Technologies Use Cases. Available online at: https://www.cencenelec.eu/media/CEN-CENELEC/AreasOfWork/CEN-CENELEC\_Topics/Quantum\%20technologies/Documentation\%20and\%20Materials/fgqt\_q05\_quantumtechnologiesusecases\_release1.pdf.

[34] CEN-CENELEC White Paper Standardization Roadmap on Quantum Technologies. Available online at: https://www.cencenelec.eu/media/CEN-CENELEC/AreasOfWork/CEN-CENELEC_Topics/Quantum\%20technologies/Documentation\%20and\%20Materials/fgqt_q04_standardizationroadmapquantumtechnologies_release1.pdf.

[35] CEN-CLC/JTC 22 White Paper Standardization roadmap on quantum technologies. Available online at: https://www.cencenelec.eu/media/CEN-CENELEC/AreasOfWork/CEN-CENELEC_Topics/Quantum\%20technologies/Documentation\%20and\%20Materials/fgqt_q06_standardizationroadmapquantumtechnologies_release1-1.pdf.

[36] ISO homepage. Available online at: https://www.iso.org/about.

[37] EIC homepage. Available online at: https://www.iec.ch/homepage.

[38] JTC 3 on Quantum Technologies. Available online at: https://www.iec.ch/dyn/www/f?p=103:7:::::FSP_ORG_ID:49854.

[39] JTC 3 Programme. Available online at: https://www.iec.ch/dyn/www/f?p=103:23:314833267927291::::FSP_ORG_ID,FSP_LANG_ID:49854,25.

[40] IEEE Quantum Week homepage. Available online at: https://qce.quantum.ieee.org/2025/.

[41] IEEE Quantum Education. Available online at: https://ed.quantum.ieee.org/.

[42] IEEE Quantum Podcast series. Available online at: https://quantum.ieee.org/podcasts/.

[43] IEEE Standardization Roadmap. Available online at: https://standards.ieee.org/industry-connections/activities/standardization-roadmap-on-quantum-applications/.

[44] NIST Homepage. Available at: https://www.nist.gov/quantum-information-science.

[45] NIST Post-Quantum Cryptography project. Available online at: https://csrc.nist.gov/Projects/post-quantum-cryptography.

[46] FIPS 203 standard. Available online at: https://csrc.nist.gov/pubs/fips/203/final.

[47] FIPS 204 standard. Available online at: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf.

[48] FIPS 205 standard. Available online at: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.205.pdf.

[49] SP 800-227 standard. Available online at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-227.pdf.

[50] Falcon digital algorithm. Available online at: https://csrc.nist.gov/news/2022/pqc-candidates-to-be-standardized-and-round-4.

[51] HQC key encapsulation mechanism. Available online at: https://csrc.nist.gov/news/2025/hqc-announced-as-a-4th-round-selection.

[52] Quantum Technology flagship homepage. Avalalble online at: https://qt.eu/about-quantum-flagship/.

[53] Chips JU homepage. Available online at: https://www.chips-ju.europa.eu/.

[54] QuIC homepage. Available online at: https://www.euroquic.org/.

[55] Position Paper of DigitalEurope on a Quantum strategy. Available online at: https://cdn.digitaleurope.org/uploads/2025/06/1-DIGITALEUROPEs-recommendations-for-the-EU-Quantum-Strategy.pdf.

[56] Regulation (EU) 2019/881 “Cybersecurity Certification Act”. Available online at: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=OJ:JOL\_2013\_165\_R\_0041\_01\&qid=1397226946093\&from=EN.

Biography

Valerio Frascolla (M.Sc., Ph.D. in Electronic Engineering) works as Director of Research & Innovation at Intel and has covered diverse roles at Marconi Research Center, Ancona University, Comneon, and Infineon. He serves as expert evaluator for the EC, several national science foundations, and EU-funded project Open Calls. He has expertise in wireless systems, telecommunication protocols, standardization, and business aspects. He serves as advisory board member in 11 EU research programs and has contributed to 26 European projects. He has authored 120+ peer-reviewed publications and volunteers for the research community as technical program committee member for 230+ conferences and reviewer for 90+ journals, being Associate Editor of IET Quantum Communication and of River Publishers Quantum Information Technologies Journal, and representing Intel as Vice President in BDVA, in 6G-IA, NetworldEurope, AIOTI, CONASENSE, and Digital Europe.