Business sectors

CEN-CLC/JTC 21 on ‘Artificial Intelligence’ works to create standards that cover various aspects of AI systems, including their design, implementation, and use. These standards aim to ensure that AI technologies are safe, reliable, transparent, and trustworthy.

In July 2024, the European Union's Artificial Intelligence Act (AIA) was published in the Official Journal of the European Union, making it the first comprehensive horizontal legal framework in the world for the regulation of AI systems, aiming to harmonize rules on Artificial Intelligence.

The technical committee's work aligns with the EU AI Act. Under M/613, JTC 21 operationalizes the requirements set out by the AI Act by developing technical standards that ensure AI systems meet the regulatory expectations on safety, fairness, transparency, and accountability.

In 2026, CEN-CLC/JTC 21 will continue the development of European Standards in support of the EU AI Act (M/613) to be ready for enquiry in early 2026.

The CEN and CENELEC Joint Technical Committee CEN-CLC/JTC 22 on ‘Quantum Technologies’ supports the development and implementation of quantum technologies. These standards are crucial to accelerate the adoption of this emerging technology and ensure interoperability, safety, and performance. By establishing common standards and different types of deliverables for the European Single Market, this Joint Technical Committee aims to increase the reliability of quantum devices, protocols, and systems which can be integrated into broader ICT infrastructures. The TC focuses on standardization across different areas, which includes but is not limited to quantum computing, quantum communication, quantum sensing, and quantum cryptography.

CEN-CLC/JTC 22 has 15 new work items in its portfolio, expanding its Work Programme. Very promising deliverables are expected to enter into the development phase in 2026, including single-electron sources, hybridization, benchmarking, hardware abstraction layer, high level quantum programming language, and cryogenic solid-state quantum computing. The technical committee will start its first parallel development with IEC-ISO/JTC 3 (‘Terminology and quantities’) in 2026, representing the European interest.

JTC 22 WG 1 ‘Strategic Advisory Group’ is working on the new Standardization Roadmap 2.0 release (Release 1.1) in line with the Quantum Europe Strategy, involving a large number of European stakeholders, such as ETSI, QuIC, EURAMET EMN-Q, EuroHPC, and EuroQCI.

CEN and CENELEC also contribute to the High-Level Forum Workstream 16 (HLF WS 16), helping to ensure that the Quantum Europe Strategy’s scope is aligned with the upcoming Quantum Standardization Roadmap. The group aims to strengthen the cooperation among Member States, European Standardization Organizations (ESOs), Annex III organizations, trade and industry associations, and academy. The workstream will look for ways to support the promotion of the European standardization roadmap at the international level, increase the coordination of European activities, improve the integration of research activities in standardization initiatives, and help to set priorities.

In 2026, JTC 22 will also keep track of political negotiations on the expected Quantum Act  proposal (European Commission's Competitiveness Compass) which could trigger new mandated deliverables.

The relevance of information security extends beyond ‘digitally native’ businesses and is now critical across all sectors, including traditional industries. As ICT technologies create new opportunities, they also introduce threats to operational safety, robustness, and resilience. Standards play a key role in mitigating such risks by helping manufacturers and service providers strengthen the security features of products, services, and processes and reinforce consumer trust in the digital environment.

To ensure a horizontal application of cybersecurity requirements for products with digital elements, the European Commission introduced the Cyber Resilience Act (CRA). Its implementation relies on harmonized standards developed within CEN and CENELEC, including the technical committees CEN-CLC/JTC 13 ‘Cybersecurity and Data Protection’, CLC/TC 47X ‘Semiconductors and Trusted Chips Implementation’, CLC/TC 65X ‘Industrial-process measurement, control and automation’, and CEN/TC 224 ‘Personal identification and related personal devices with secure element, systems, operations and privacy in a multi sectorial environment’.

CEN-CLC/JTC 13 develops standards for cybersecurity and data protection across the information society. In 2026, it will advance deliverables supporting the CRA, preparing the drafts for publication, including standards on cybersecurity principles for products with digital elements and vulnerability handling, supporting manufacturers of products with digital elements in their compliance with the CRA.

Additionally, WG 6 ‘Product Security’ will continue the work on a harmonized European standard (hEN) to support the CRA ‘Cybersecurity requirements for products with digital elements – Smart Meter Gateway’ and two Technical Specifications (TSs): ‘Guidance for the application of EN 18037 in support of the CRA’ and ‘Proof-of-concept for the application of EN 18037 in support of the CRA’.

The technical committee will also address standardization needs for cybersecurity certification schemes and sectoral applications. CLC/TC 47X plays a key role in strengthening Europe’s technological and cybersecurity resilience. Semiconductors are critical for sectors such as the automotive industry, industrial automation, and connected devices, influencing hardware vulnerabilities and supply chain integrity. In cooperation with the European Commission’s Trusted Chips project (led by DKE), CLC/TC 47X will continue to address gaps in standards and certification for secure semiconductor technologies.

In 2026, CLC/TC 47X will focus on standardization deliverables supporting the CRA, including:

1. Microprocessors and microcontrollers with security functionalities
2. Tamper-resistant features
3. Smartcards and secure element platforms
4. Technical Security Standards for Application Specific Integrated Circuits (ASICs) and Field-Programmable Gate Arrays (FPGAs) with Security-related Functionalities

Through these coordinated activities, CEN and CENELEC aim to finalize the key standards that will underpin the implementation of the Cyber Resilience Act, enhancing Europe’s preparedness for a secure and trusted digital single market.

In 2026, CLC/TC 65X will continue advancing its key deliverables under the Cyber Resilience Act Standardization Request M/606, focusing on cybersecurity requirements for industrial automation and control systems (IACS) and other connected industrial products. The technical committee’s work supports the development of vertical profiles that translate CRA horizontal standards into practical, sector-specific requirements for industrial applications.

The six CRA-related deliverables assigned to CLC/TC 65X are:

• Vertical profile for products with digital elements with the function of virtual private network (VPN) (#20b)
• Vertical profile for network management systems (#21b)
• Vertical profile for security information and event management (SIEM) systems (#22b)
• Vertical profile for physical and virtual network interfaces (#25b)
• Vertical profile for routers, modems and switches intended for internet connection (#27b)
• Vertical profile for firewalls, intrusion detection and/or prevention systems (industrial use) (#36b)

Both the horizontal CRA standards and the sectoral vertical profiles are scheduled to be finalized by the end of 2026, ensuring a coherent and comprehensive framework for CRA harmonized standards across the European industrial landscape.

CEN/TC 224 ‘Personal identification and related personal devices with secure element, systems, operations and privacy in a multi sectorial environment’ will continue the development of three harmonized standards in support of the CRA:

• Smartcards, similar devices and Secure Elements – criteria to achieve conformity with essential requirements of Regulation (EU) 2024/2847
• Identity management systems and privileged access management software and hardware, including authentication and access control readers, including biometric readers
• Hardware Devices with Security Boxes incorporating a hardware physical envelope and designed to provide security functions such as secure storage and cryptographic operations in an open environment

With regards to the EUDI Wallet, the technical committee will continue working on multiple deliverables to support the initiative, by reviewing existing standards or by developing technical specifications and/or reports.

CEN-CLC/JTC 19 ‘Blockchain and Distributed Ledger Technologies’ (DLT) will focus on finalizing and aligning key technical deliverables that directly support the European Digital Identity (EUDI) Wallet Implementing Acts under eIDAS 2.0. The priority is the publication and integration of CEN/TS 18264 ‘Policy and security requirements on trust services on electronic ledgers’, which will provide the security baseline for qualified ledger trust services used within the Wallet ecosystem. Parallel work will continue on the sustainability classification of DLT consensus mechanisms, guidelines for processing personal data, and interoperability requirements for Decentralized Identifiers (DID), all critical for secure, privacy-preserving, and sustainable digital identity infrastructures.

A close liaison with ETSI TC DATA (Trusted Data and Decentralized Trust) ensures full coherence between CEN and ETSI standards on trust services, identity, and verifiable data. This collaboration supports the European Commission’s implementation of Wallet certification and conformity schemes, ensuring harmonized and interoperable standards for trusted, green, and privacy-compliant distributed technologies across the EU.

CEN-CLC/JTC 25 ‘Data management, Dataspaces, Cloud and Edge’ contributes to the European Commission’s Standardization Request on the European Trusted Data Framework (M/614), leading five of the seven related European standardization deliverables, including two that are candidates for citation in the Official Journal of the European Union (OJEU).

In 2026, CEN-CLC/JTC 25 will focus on delivering standardization documents that support the implementation of the EU Data Act, which became applicable on 12 September 2025. With all projects active and initiated, the technical committee will work to meet the deadlines set in mandate M/614, which foresees the publication of three deliverables (two European Standards and one Technical Specification) by the end of 2026.

CEN-CLC/JTC 25 will continue to progress on the two additional deliverables scheduled for completion in 2027, with the objective of reaching all key milestones in 2026 to stay aligned with the planned timeline.

CEN/TC 468 ‘Preservation of digital information’ is dedicated to working on the standardization of the functional and technical aspects of digital information preservation. In this field, the technical committee will work on a technical specification regarding the mapping of existing standardization deliverables on European digital archiving and preservation.

CEN/TC 428 ‘ICT Professionalism and Digital Competences’ is responsible for all aspects of standardization related to digital competences and maturing the ICT profession in all sectors, public and private.

This includes activity related to four major building blocks of ICT Professionalism incorporated into competences, education and certification, Code of Ethics, and Body of Knowledge (BoK).

The technical committee is focused on the creation of a strong set of standards that will address specific ICT sectors, such as Artificial Intelligence and Software.

In 2026, CEN/TC 428 will aim to maintain and revise the published standards, with specific attention to creating assessments and certifications and providing a strong interaction of standards with other frameworks (ESCO, EQF, SFIA, and so on).

CEN-CLC-ETSI/SAG 'Sustainable Data Centre'

In 2026, CEN-CLC-ETSI/SAG ‘Sustainable Data Centre’ will focus on exploring the need for European standardization on Sustainable Data Centres and recommending ways to address these needs. CEN-CLC-ETSI/SAG SDC will focus on energy efficiency and carbon footprint standardization, including relevant parameters, measurement methods, metrics, KPIs, and recommended practices for assessment or audit.

Digital Identity Wallet and Trust Service

Several CEN and CLC technical committees will develop standardization deliverables to support and be included in the implementing act related to Digital Identity Wallet and Trust Service: CEN/TC 224, CEN-CLC/JTC 19 and CEN/TC 468. In order to ensure the alignment of these TCs with the European Commission’s timeline and expectations, the coordination takes place in CEN-CLC Standardization Request Ad Hoc Group ‘SRAHG Digital Identity Wallet’, triggering the need for a revision or development of new deliverables.

Technologies for education and learning

CEN/TC 353 ‘Technologies supporting education and learning processes’ aims to bring together any form of educational technologies (such as classroom simulation, coaching, virtual reality or gamification) through the definition of standards that allows various ICT technologies to interact and work together to support the ‘business case’ of educational and training institutions.

The goal of this committee is to develop, support, and facilitate a more harmonized and standardized European EdTech ecosystem that gives value to all stakeholders, users, and beneficiaries and ensures that European learning, educational and training institutions remain competitive.