CISPE has cited several reasons why VCF doesn’t fit the bill, in particular highlighting its lack of portability. This means that it doesn’t qualify as resilient under CISPE’s Sovereign and Resilient Cloud Framework.
Earlier this month, the EU unveiled proposals for its Cloud and AI Development Act (CADA) to strengthen Europe’s digital economy. CADA will encourage investment in European research, lay down conditions for European data centers, and provide a single EU-wide assessment framework for cloud and AI sovereignty.
CISPE said that Broadcom is a long way short of fulfilling the conditions proposed for CADA. Broadcom would fail to meet anything but a Level 1 certification under the CADA sovereignty framework, CISPE said, adding that Broadcom’s terms and conditions offer limited maintenance commitments, no source-code escrow, no substitution plan and no Data Act certification, all likely to fall foul of CADA’s recommendations.
