UNTP alignment with AAS and data spaces
Created by: onthebreeze
Impacted sections
Specification pages - particularly DPP, DFR, DCC, DTE, and IDR
Issue Description
- The AAS standard is a digital twin interoperability standard initially developed by Platform Industrie 4.0 and is currently being implemented and rolled-out in Europe, most notably through the Catena-X platform that is used by the European automotive industry.
- A data space is a decentralized, trusted environment where participants—such as businesses, organizations, or individuals—can share, access, and utilize data under agreed-upon standards and rules. Dataspaces are a fundamental concept within the Gaia-x framework (a pan-european federated secure data archuitecture) and catena-x is an industry specific implementation of gaia-x
The question that this ticket seeks to discuss is
- what are the differences between UNTP and AAS / Gaia-x data spaces?
- How might UNTP implementations be interoperate with AAS centric data structures held in Gaia-x style dataspaces?
AAS vs UNTP credentials
The AAS defines a high level meta-model as the syntax representation for all data - see IEC 63278-1 . A simple example is shown in the snippet below (it's AI generated so might not be 100% right but serves to illustrate)
{
"id": "urn:uuid:tire-001",
"idShort": "EcoRubberTire001",
"assetInformation": {
"assetKind": "Instance",
"globalAssetId": "urn:epc:id:sgtin:1234567.089123.2"
},
"submodels": [
{
"id": "urn:uuid:submodel-product-001",
"idShort": "ProductDetails",
"semanticId": "https://admin-shell.io/aas/3/0/Nameplate",
"submodelElements": [
{
"idShort": "Name",
"value": "EcoRubber Tyre"
},
{
"idShort": "Description",
"value": "Passenger vehicle tire made from sustainable rubber"
}
]
},The same data, describing a tyre product in a UNTP DPP might look like this
"@context":"https://test.uncefact.org/vocabulary/untp/dpp/0.5.0/"
"credentialSubject": {
"product": {
"id": "urn:epc:id:sgtin:1234567.089123.2",
"name": "EcoRubber Tire",
"description": "Passenger vehicle tire made from sustainable rubber"So, a quick review yields the following conclusions
- It is relatively straightforward to transform a DPP between AAS and UNTP representations.
- The product in a DPP is an AAS "asset" and a UNTP "product"
- UNTP uses a fairly conventional class (eg "product") and property (eg "name") approach whilst AAS achieves much the same thing with "subModels" (aka class) and "subModelElements" (aka properties) that define properties as "idShort" and "value" pairs.
- UNTP uses JSON-LD
@contextto define the meaning of all properties using a standard linked-data approach. AAS provides mechanisms to indicate how "idShort" values can be understood by reference to a separate ontology using "semanticID" property of a submodel. - UNTP DPPs can be validated using JSON Schema and JSON-LD graph validators whilst AAS requires specific tooling (which appears to be freely available as open source modules).
- UNTP is extensible by adding new properties (eg "colour":"black") so long as they are defined by a linked vocabulary and do not redefine existing terms (which JSON-LD validation ensures). AAS is extended by adding more "subModel" structures and "idShort"/"value" pairs.
Data Spaces vs UNTP credential discovery and security.
How gaia-x and catena-x dataspace sand identifiers work
- A Gaia-x data space is a decentralized, trusted environment where participants—such as businesses, organizations, or individuals—can share, access, and utilize data under agreed-upon standards and rules. Businesses generally run their own instance of a dataspace and identifiers are issued by Identity and Trust Service Providers accredited under the Gaia-X Trust Framework.
- Catena-x is a vertical ecosystem within the Gaia-x framework. The Catena-X Association oversees identifier issuance, working through its operating environment (e.g., service providers like T-Systems, SAP). It builds on Gaia-X’s infrastructure but adds automotive-specific governance. Identifiers are issued during the certification process, where participants (e.g., OEMs, suppliers) must meet Catena-X standards, often extending Gaia-X’s DID system with industry-specific attributes (e.g., Asset Administration Shell IDs).
How data is exchanges between nodes in a gaia-x/catena-x dataspace.
- Each node is equipped with an "Eclipse Dataspace Connector (EDC)" which manages the exchange of data between nodes. Each exchange is governed by a contract defined in a machine readable format such as ODRL (Open Digital Rights Language). The protocol for exchange typically REST APIs or gRPC.
- Exchange within catena-x is straightforward because node identifiers and API endpoints are known to the catena-x register. Exchange across different IDS ecosystems (eg catena-x to another gaia-x space) is also supported by the Gaia-x protocol. Exchange between external non-IDS spaces requires dedicated connectors.
How UNTP identifiers schemes and credential sharing works
- UNTP has no concept of managed dataspaces. Each economic actor can host their own credentials or choose any service provider to issue and host discoverable credentials.
- UNTP assumes that each actor already has an identifier issued by an established scheme such as a national business or tax register. Rather than create new identifiers, UNTP defines mechanisms for existing identifier scheme operators to issue "digital identity anchor (DIA)" credentials that can be used to link credential issuers to an authoritative identity. The approach is the same for identifiers of land, trademarks, assets, or products - always linking to existing national or industry schemes.
- UNTP does not define exchange protocols, rather it assumes that data is discoverable given the identifier of an entity (such as an organisation ID, facility ID, or product ID). Furthermore UNTP requires that all credentials are both human and machine readable so that the issuers of credentials do not impose any technology dependencies on consumers / verifiers - which can be either machines or humans.
- UNTP uses a fairly coarse-grained security model called "Decentralised Access Control (DAC)" that allows each issuer of UNTP credentials to decide which data is public, which is private to trading partners or ultimate purchasers of items, and which is accessible only to authenticated actors.
Conclusion
Gaia-x / AAS and UNTP have similar goals but have taken different design choices. UNTP has sacrificed some tight control in order to maximise compatibility with existing standards and schemes whereas gaia-x systems achieve very high control but require registration and membership with vertical data space operators and use very specific exchange protocols.
Nevertheless, interoperability should be relatively straightforward. A plausible model would be:
- A gaia-x vertical such as catena-x is simply another identity scheme operator from UNTP perspective. By operating a UNTP Identity Resolver (IDR) service at the boundary of an ecosystem, external systems can discover URLs of credentials issued by registered catena-x members. These may be public or more confidential as per the UNTP DAC.
- AAS digital twins are relatively easily mapped to UNTP verifiable credentials and signed with the key of the dataspace member. Therefore dataspace members can easily make their data available (and potentially secured) to actors outside the dataspace ecosystem.
- Similarly, any dataspace member that discovers a product/facility/product identifier from outside the dataspace can easily resolve that identifier to access any relevant UNTP credentials and also verify them to ensure credential integrity and issuer identity. The UNTP credentials can be transformed to AAS representation for use within the AAS ecosystem - for example an automotive parts manufacturer accesses a UNTP credential from an offshore supplier, then maps the data into the AAS/dataspace ecosystems before making it accessible to their OEM customer
In short, UNTP provides a standard way to interface gaia-x ecosystems with the outside world.