EU law lacks a coherent legal framework that adequately defines, protects, and empowers cybersecurity researchers, particularly those operating outside formal institutions. This paper examines how cybersecurity research fits within the evolving EU regulatory landscape, with a particular focus on the Digital Services Act (DSA), the Cyber Resilience Act (CRA), and the NIS2 Directive. It explores the legal ambiguity surrounding researcher status, the conditions for data access and auditing under the DSA, and the challenges posed by current vetting requirements. Drawing on doctrinal legal analysis and interdisciplinary insights from cybersecurity and platform governance, the paper argues that while the DSA provides novel tools such as vetted researcher access and auditing obligations for Very Large Online Platforms (VLOPs) its structure is better suited for systemic risk research than for adversarial, exploratory cybersecurity testing. The paper concludes that a sustainable model for cybersecurity research governance in the EU must go beyond DSA-style vetting, incorporating flexible mechanisms like coordinated vulnerability disclosure and bug bounty programs, as reflected more directly in the CRA.

Healthcare systems are increasingly exploiting the advantages of Internet of Things technologies: cloud-connected devices with perceptive sensors can gather very accurate health data from people even if they do not get to the hospital or private clinics. For potential innovators of new medical IoT devices, the legal framework applicable was until now limited to the application of the General Data Protection Regulation and the Medical Devices Regulation.

This paper will investigate what will happen when medical IoT-generated data are shared to create new products or services according to the framework now depicted by the Data Act and the European Health Data Space.

Given that the EHDS and the Data Act are both aimed at facilitating the secondary use of (health) data, the contribution will compare the two processes set up to establish a roadmap to solve health-data sharing theoretical and practical queries.

The REDATAM (retrieval of data for small areas by microcomputer) statistical package and format, developed by ECLAC, has been a critical tool for disseminating census data across Latin America since the 1990s. However, significant limitations persist, including its proprietary nature, lack of documentation, and restricted flexibility for advanced data analysis. These challenges hinder the transformation of raw census data into actionable information for policymakers, researchers, and advocacy groups. To address these issues, we developed Open REDATAM, an open-source and multiplatform tool that converts REDATAM data into widely supported CSV files and native R and Python data structures. By providing integration with R and Python, Open REDATAM empowers users to work with the tools they already know and perform data analyses without leaving their R or Python window. Our work emphasizes the need for a REDATAM official format specification to further enable informed policy debates that can improve policy processes’ implementation and feedback.

Many documents are produced over the years of managing assets, particularly those with long lifespans. However, during this time, the assets may deviate from their original as-designed or as-built state. This presents a significant challenge for tasks that occur in later life phases but require precise knowledge of the asset, such as retrofit, where the assets are equipped with new components. For a third party who is neither the original manufacturer nor the operator, obtaining a comprehensive understanding of the asset can be a tedious process, as this requires going through all available but often fragmented information and documents. While common knowledge regarding the domain or general type of asset can be helpful, it is often based on the experiences of engineers and is, therefore, only implicitly available. This article presents a graph-based information management system that complements traditional PLM systems and helps connect fragments by utilizing generic information about assets. To achieve this, techniques from systems engineering and data science are used. The overarching management platform also includes geometric analyses and operations that can be performed with geometric and product information extracted from STEP files. While the management itself is first described generically, it is also later applied to cabin retrofit in aviation. A mock-up of an Airbus A320 is utilized as the case study to demonstrate further how the platform can provide benefits for retrofitting such long-living assets.