Burkhard Zimmermann
Leading IEC SC62 D JWG 36 and support IEC SC62A JWG 9 as an expert
Leading IEC SC62 D JWG 36 and support IEC SC62A JWG 9 as an expert
Co-founder of a circular economy startup developing infrastructure for DPP-enabled resale in the European textile sector, based in Berlin. Leading business development, regulatory strategy, and product design for a platform that enables verified resale through Digital Product Passports. The startup is incubated at ESCP Blue Factory.
French national with experience in business development and technology. Self-taught technical skills in product prototyping and data systems. Previous experience includes roles in consulting and business analysis.
Beyond this project: Active in the European circular economy ecosystem. Relocating to Paris in May 2026 to continue building at the intersection of sustainability regulation and commerce technology.
This fellowship supports my role as a convener of ISO TCC307 WG3. The priority is to organise the appropriate ballots and meetings to allow the experts to discuss and reach a consensus based on the comments received for the projects in ISO TC 307 WG3. Another priority is to complete the norms with the attendance list and verify that all experts in the meeting were duly registered in the portal and authorised to participate in the meetings.
One of the main challenges of this work has been overcoming the cultural barriers and language differences encountered during this period, particularly through various meetings and ad hoc meetings for the three projects, which are ongoing in preparation for the final stage to publication.
The fellowship addressed key limitations found in version 2.0 of the OASIS Collaborative Automated Course of Action Operations (CACAO) standard. While CACAO v2.0 introduced the first machine-readable format for cybersecurity playbooks, real-world use revealed gaps that limited interoperability and automation. The most critical issues included ambiguous schema elements, unclear execution semantics, and limited support for graphical and modular representations needed to visualize and exchange playbooks. From a European standpoint, these shortcomings directly affected operations. SOCs, CSIRTs, and critical infrastructure operators faced difficulties creating executable playbooks, hindering the coordinated responses envisioned by the NIS2 Directive, the Cyber Solidarity Act, and the EU Cyber Crisis Blueprint.
The fellowship, therefore, focused on three main goals:
1. Consolidating feedback from European and international stakeholders who implemented CACAO v2.0.
2. Designing and drafting CACAO v3.0 — a major revision introducing structural schema improvements, more precise execution semantics, and modular extensibility.
3. Aligning the work with EU cybersecurity policy and operational priorities so that standardized, machine-readable playbooks can support coordinated preparedness and response.
The effort resulted in the ongoing working CACAO v3.0 Draft Specification and accompanying validation outputs, now progressing toward formal adoption within OASIS. By resolving the main technical and semantic issues, the fellowship strengthened Europe’s role in cybersecurity standardization. It established a solid, vendor-neutral foundation for automated, collaborative cyber defense across the EU.
Local Digital Twins will be a fundamental building block for CitiVerse. It will also play a crucial role for anyone in the public sector who wants to fully utilize the usage of AI.
Today, cities, regions and countries all over the world are building Local Digital Twins using various tools and approaches. Game engines, CAD tools, GIS, AR/VR/XR tools, Urban Digital Platforms, CIM and other visualisation tools are used. Thus a wide spread of technologies and standards.
Interoperability for Local Digital Twins (LTD) is crucial. They need to fit horizontally and vertically. Horizontally is to put a LDT of one city next to a LDT of another city and make them align. Vertically, by example, a LDT produced by a city must fit LDT from public transportation and LDT by the energy company for the same geographical area, etc.
European CitiVerse will be built upon Local Digital Twins. If separate Local Digital Twins in Europe don't fit together it will be impossible to create a seamless CitiVerse. It will also be difficult with interoperability between LDT:s. The LDT also needs interoperability versus dataspaces and IoT. For a LDT:s to be useful for officials and others, LDT:s need interoperability with the business operating systems used by officials on a daily basis.
In this sense, in the framework of my fellowship, my JWG has sent a survey to many major LDT projects around the world, and we are now gathering the results and statistics. The result will be a gap analysis and a technical report, which will enable advice to all relevant major SDO:s on how to develop or change their standards to fit better together.
With this fellowship, I significantly contribute to the ICT Standards landscape by addressing the lack of standardised guidelines for processing Personal Identifiable Information (PII) in blockchain and Distributed Ledger Technology (DLT) systems. Approving the New Work Item Proposal (NWIP) for “Guidelines on processing PII using blockchain and DLT” establishes a crucial foundation for privacy-preserving, GDPR-compliant blockchain applications.
By leading the creation of CEN/CENELEC JTC19 WG3, I am ensuring the development of a harmonised European approach to blockchain privacy, reducing fragmentation and fostering interoperability. These efforts align blockchain implementations with European regulations, consumer protection laws, and data governance principles.
My fellowship focuses on standardizing Non-Fungible Tokens (NFTs) for sustainable asset management, addressing gaps in digital asset representation, regulatory clarity, and ESG alignment. It supports innovation, transparency, and interoperability in tokenized real-world assets (RWAs), in line with EU priorities.
Current NFT-based RWA systems lack harmonised frameworks, causing fragmentation in asset tracking, legal recognition, and compliance. This hinders adoption across supply chains, carbon markets, and IP management. My project proposes a cross-industry standard to ensure interoperability, regulatory alignment, and lifecycle transparency.
In this sense, the there are two major priorities for this action, including:
Standardized Multi-Asset Tokenization that enables NFT-based tracking of physical, environmental, and intangible assets. It also enhances lifecycle transparency, supports the circular economy, and ensures blockchain interoperability.
Digital Product Passport (DPP) to align NFTs with DPP for end-to-end traceability, compliance, and ESG reporting.This strengthens supply chain transparency and EU circular economy goals.
The key Challenges related to my activity are:
Regulatory Uncertainty: Lack of clear NFT standards impedes legal and policy alignment. This initiative ensures conformity with EU law and ISO.
Adoption Barriers: Fragmented governance limits integration. Standardisation enhances technical and regulatory trust.
Sustainability Concerns: Energy-intensive DLTs are problematic. This activity promotes efficient models aligned with the Green Deal.
Consequently, this project positions Europe as a leader in NFT standardisation, fostering secure, compliant, and sustainable digital ecosystems.
CEN/TC 442 is leading the publication of standards on digital construction, also referred as “building information modelling” BIM.
Chair of CEN/ TC 442 WG2 Project Group 1