Europe’s drive for digital sovereignty accelerates
Digital sovereignty is becoming a key issue for both hardware and software. This drive to source more of the hardware and software supply chain from Europe is changing the landscape of the industry.
Tariffs on shipments between the US and Europe, and the trade war with China, are creating a drive for more secure, independent supply chains. In some areas such as semiconductors and printed circuit boards, that has been flagged, with moves such as the European Chips Act and its successor to address the issues.
That move to technological sovereignty accelerated in January 2026, when France officially mandated that all 2.5 million civil servants must stop using Zoom and Microsoft Teams by 2027. They are moving to Visio, a government-built platform.
This deliberately uses AI from French startup Pyannote for live transcriptions and is hosted on SecNumCloud, a highly secure French cloud provider, to ensure the US government cannot legally subpoena the data. There is also a push to use European AI suppliers such as Mistral AI for services.
France replaced WhatsApp and Slack for government use with Tchap. This is based on the Matrix protocol, an open-source decentralized communication standard. This ensures that even if one server is compromised, the rest of the network remains secure.
Nexperia
Another key example is chip maker Nexperia, where security concerns have accelerated in the last few months. The company, a spinout of Philips Semiconductor back in 2017 and bought by Chinese company Wingtech the following year, is headquartered in the Netherlands and has fabs in the UK at Hazel Grove, Manchester, and Hamburg, Germany. The company has emphasised its European base, but the Chinese ownership has raised a number of questions.
A failed attempt to buy Newport Wafer Fab (NWF) back in 2021 was blocked by the UK government on the same security grounds and the plant was last year bought by US semiconductor company Vishay.
In September 2025, the Dutch government took the unprecedented step of invoking the Goods Availability Act of 1952, a Cold War-era law designed for national emergencies, to take temporary control of Nexperia’s governance.
Intelligence suggested that Wingtech intended to move Nexperia’s intellectual property and advanced production equipment from Europe to China, a concern that had also been flagged as part of the acquisition of NWF.
The Chinese ownership meant Nexperia was also caught by US Export Controls, which hit the automotive industry in particular. The change in management was intended to exempt Nexperia from the US Affiliates Rule, which blacklists subsidiaries of Chinese companies on the US. Entity List.
The Amsterdam Court of Appeal (Enterprise Chamber) removed Zhang Xuezheng, Nexperia’s Chinese CEO and chair of Wingtech, citing “serious mismanagement” and conflicts of interest. The court appointed an independent Dutch director with a deciding vote and transferred the majority of the company’s shares to a state-appointed trustee to keep control in the region.
The dispute quickly escalated into a trade war. The Chinese government viewed the seizure as a geopolitically biased power grab and imposed targeted export restrictions on Nexperia chips packaged in its Chinese facilities (which account for roughly 70% of the company’s output). This caused immediate problems for European car makers Volkswagen, Volvo, and Stellantis which rely on Nexperia’s power chips.
By late 2025, the Dutch government compromised. Faced with a collapsing automotive sector and pressure from Beijing, they suspended the emergency oversight in exchange for Chinese promises to resume chip exports.
However, the dispute remains unresolved. While day-to-day operations have returned to the company, a court-ordered investigation continues, and the Dutch government maintains the right to re-intervene. This has been seen as a blueprint for how European nations may use emergency powers to protect legacy technology from foreign control and regain sovereignty over key technologies.
The Cyber Resilience Act (CRA) has also brought the issue of digital sovereignty into more focus, with the reporting requirements starting in September this year in Europe to ensure that embedded software is secure throughout the lifetime of a product and a focus on the software bill of materials.
This follows moves such as the Radio Equipment Directive (RED) in Europe and global standards such as the UN Regulation No. 155 (R155) that covers the uniform provisions for vehicle cybersecurity and cybersecurity management systems. UN Regulation No. 156 (R156) covers the uniform provisions for vehicle software updates and software update management systems, which are important for the automotive industry in Europe.
“In general we do see a trend where OEMs are starting to move to taking more direct ownership over their software and hardware supply chains,” Thomas Roberts, chief commercial officer at Kvaser in Sweden tells eeNews Europe.
“This is driven by a few factors as we see it,” he says. “Increasing cybersecurity risk and compliance obligations such as the CRA, RED directive, R155 etc as well as a new generation of engineers who are not just able to think about software but also able to program it themselves. This is aided and accelerated by AI assistance in SW development, especially in prototyping and test environments, and plenty of available open-source tools that greatly enhance the ability to spin up solutions that work well and quickly.”
“There is also a desire to be less locked to particular vendors and the associated ecosystem (e.g. if you buy this measurement tool you are also locked into an expensive yearly license for the relevant software required to use it) which gives cost savings and flexibility. In Europe people are aware that certain EV OEMs, notably in the US and China, are ahead on this front and there is a desire to catch up.”
The Kvaser Edge Linux-based development system
Kvaser has developed its own open, secure Linux‑based edge computing platform for automotive and industrial teams to collect, process, and act on data as part of this trend. Kvaser Edge is designed for harsh environments and real‑time performance, runs analytics directly where data is generated: on the vehicle, test bench, or machine.
The secure Linux-based system that processes data in real‑time, with optional cloud or desktop analysis layers for deeper processing and collaboration. This allows for real‑time and remote diagnostics, predictive maintenance and intelligent filtering and event‑based logging.
At its core is an ARM‑based Linux computer with an NXP SE051C2 Secure Element, designed to support CRA and RED cybersecurity requirements. Hardware based security protects collected data and intellectual property so that it can be used for both prototyping and large-scale deployments.
“In terms of software, Kvaser Edge OS has been a huge investment for us and again, we are not aware of any secure OS alternatives from European Rugged/Edge device manufacturers. The proper and full integration for the entire OS lifecycle with the secure element required close collaboration with NXP. It gives allows complete flexibility and we use standard Linux elements like LXC containers, or developers can keep the Edge platform and swap out the software whenever they like,” said Roberts.
This move to digital sovereignty has been driving investment decisions for several years. Billions of euros for the European Semiconductor Manufacturing Company (ESMC) is intended to provide chip making for automotive devices and microcontrollers in Dresden, Germany, but that will only be up and running until the end of 2027 with legacy 28nm technology.
Packaging
Packaging the chips is also an issue, as the vast majority of this capability is in Asia. Amkor and GlobalFoundries have expanded a chip packaging plant in Porto, Portugal, to provide local outsourced semiconductor assembly and test (OSAT) while Alter Technology in Spain has plants across Europe, including plastic packaging in the UK, and last November opened a packaging plant in the US in Minnesota as part of the move to make supply chains more secure.
“Digital technologies, semiconductors, AI, cyber and quantum security are increasingly converging and have become strategic foundations for economic growth and technological sovereignty,” said Stephen Duffy, who took over in January this year as CEO of the Digital & Semiconductor business unit of the TÜV NORD group that includes Alter.
“In a world increasingly shaped by geopolitical changes and rapidly evolving supply chains, customers can rely on our cybersecurity testing for hardware and software, OSAT services, high reliability semiconductor services and long term component conservation and high value electronic system design and test,” he said.
www.nexperia.com; www.kvaser.com; www.altertechnology-group.com/en/
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
