In the EU-funded project ecosystem, open-source isn’t just a nice-to-have – it’s often a strategic necessity. Whether driven by digital sovereignty principles, collaboration requirements, or sustainability goals, many Horizon Europe projects now demand robust open-source strategies.
But what does “open-source” really mean in this context? And how can your consortium design a roadmap that’s legally compliant, technically secure, and community-driven from day one?
In this blog, we’ll explain what open-source entails, why it’s increasingly essential for EU projects, and how we applied it in the ENTRUST project – a Horizon Europe initiative focused on trust and cybersecurity in connected medical devices (CMDs).
What Is Open Source?
Open source software refers to software whose source code is freely available for anyone to inspect, use, modify, and redistribute. But in the EU funding world, open source is more than a technical choice – it’s a reflection of transparency, trust, and public value.
Projects adopting open source benefit from:
- Greater collaboration across countries and disciplines
- Enhanced transparency and reproducibility
- Easier alignment with EU values and legal frameworks
- Long-term sustainability beyond project funding
FAQ: Open Source in EU Projects
Why do EU projects require open source components?
EU funding calls increasingly value openness to support digital sovereignty, FAIR data principles, and public reusability. Open source enables broader uptake and scalability of results.
What licenses are acceptable?
Projects must choose licenses that are OSI-approved and ideally compatible with EU standards. Examples: Apache 2.0, MIT, Eclipse Public License (EPL).
How do we ensure security and compliance in open source?
Good governance, license auditing tools (e.g. FOSSA), and best practices in software development (like static analysis and CI/CD pipelines) are key.
What if multiple partners are contributing code?
Formal governance, contributor agreements, and due diligence ensure control and IP clarity. Foundations like Eclipse can host open source workspaces and legal structures.
Is open source the same as Open Science?
Not exactly. Open Science includes open data, publications, and processes. Open source is often a component of Open Science.
Case Study: ENTRUST’s Open Source Roadmap
In the Horizon Europe project ENTRUST, Future Needs helped shape a robust Open Source Development Roadmap tailored to the needs of highly regulated environments like Connected Medical Devices (CMDs).
The Challenge
CMD stakeholders – academia, industry, regulators – lack a shared, secure framework for building trusted medical devices. ENTRUST addressed this gap by creating a validated open reference architecture, accelerating adoption and reducing fragmentation across the EU ecosystem.
Why Open Source?
Open source was central to ENTRUST’s vision because it:
- Boosts adoption through transparency
- Encourages collaboration and avoids vendor lock-in
- Supports regulatory compliance via shared, auditable tools
- Aligns with the EU’s strategy for digital sovereignty and innovation
| Area | Highlights |
|---|---|
| Software Freedom | Apache 2.0, MIT, Eclipse Public License (EPL); auditing via FOSSA and OSS Review Toolkit; fully GPLv3 compatible and aligned with the EU Open Source Strategy. |
| Governance & IP Control | Contributor agreements (ICA, MCCA), hosted under the Eclipse Foundation to ensure neutrality, IP coordination, and long-term sustainability. |
| Development & Security | Security by design: Multi-Factor Authentication (MFA), CI/CD pipelines, CodeQL scanning, and compliance with CRA, MDR, and GDPR. |
| Collaboration Tools | Git-based platforms, clear onboarding, and tools tailored for developers, regulators, and SMEs. Linked to OpenContinuum and OSPO Alliance. |
| Community | FAIR-aligned ecosystem with inclusive co-development by researchers, manufacturers, startups, and policymakers. |
| Empowerment & Strengthening | Living documentation, mentoring, and contributor recognition. ENTRUST supports real-world uptake by SMEs and civil society through tools, trainings, and webinars. |
Ready to build your own Open Source Development Roadmap?
Download the same Future Needs template we used in the ENTRUST project—structured to help you plan your licenses, governance, security, compliance, and community strategy.
About the authors
Anna Palaiologk, the founder of Future Needs, is a Research & Innovation Consultant with 18 years of experience in proposal writing and project management. She has worked as a project Coordinator and Work Package leader in 30+ EU projects and has authored 50+ successful proposals. Her research background is in economics, business development and policy-making. Email Anna at anna@futureneeds.eu.
Thanos Arvanitidis is a Researcher & Innovation Project Manager, with a background in physics and biomedical engineering. He manages EU-funded research projects from initial conception through to implementation, working across key Horizon Europe clusters, including Cluster 1: Health; Cluster 4: Digital, Industry & Space. His expertise spans AI, healthcare, cybersecurity, and digital education. Email Thanos at thanos@futureneeds.eu.
