Mature standards, missing tools
OPC UA, AAS, MQTT, RAMI 4.0 — the standards are in place. What's missing are everyday-grade implementations that Mittelstand firms can adopt without an SAP-scale project.
Industry · Industry 4.0
Platform Software for Connected Production
Industry 4.0 is no longer a vision in 2026 — it's platform building. With the Asset Administration Shell (AAS) and a standardised digital-twin model, the toolkit for vendor-neutral interoperability is mature. Software built today for industrial platforms simultaneously plans against the EU Data Act, EU AI Act, and Cyber Resilience Act.
Industry context
The term "Industrie 4.0" was coined in 2011 by Henning Kagermann (acatech), Wolfgang Wahlster (DFKI), and Wolf-Dieter Lukas (BMBF) and publicly introduced at Hannover Messe 2011. The Plattform Industrie 4.0 has since been the national coordinating body, jointly led by the BMWK and BMBF.
The Asset Administration Shell (AAS) is the concrete implementation standard, maintained since 2023 by the Industrial Digital Twin Association (IDTA) as specifications (IDTA-01001 ff.). Current version: 3.1, with 3.2 in progress. This provides a standardised data model, API, and security model for vendor-neutral digital twins. The same stack underpins sectoral applications such as Catena-X (automotive) or Manufacturing-X.
Typical challenges
A stack of compliance instead of a strategy
Data Act, CRA, AI Act, NIS2, EU Machinery Regulation — each has its own deadlines and obligations. Without integrated architecture you build the same function five times.
Data sovereignty as a hard criterion
DACH Mittelstand customers increasingly require EU hosting, customer-managed keys, and no third-country transfers. Default hyperscaler setups rarely meet that bar.
Regulatory framework
EU Data Act
Glossary →Regulation (EU) 2023/2854 — end-user data access right for connected industrial products. Combined with the AAS, these obligations can be mapped as a standard digital-twin function.
Applicability: Applicable since 12 Sep 2025
EU AI Act
Glossary →Regulation (EU) 2024/1689. Industrial AI applications — e.g. predictive maintenance, computer-vision quality control — may classify as high-risk depending on intended use. Obligations start with risk management, data quality, and transparency.
Applicability: GPAI obligations from 2 Aug 2025 · High-risk obligations from 2 Aug 2026
Cyber Resilience Act
Cybersecurity-by-design for products with digital elements. Industry platforms, IoT gateways, connected machines — all fall in scope.
Applicability: Fully applicable from 11 Dec 2027
NIS2-Richtlinie
Directive (EU) 2022/2555 broadens EU cybersecurity requirements to additional sectors, including industrial manufacturers. Member states transpose into national law — in Germany via the NIS2UmsuCG.
Architecture pattern for B2B apps
Asset / digital twin
AAS (IDTA-01001 v3.1) · OPC UA · AAS repository
Every physical asset gets a digital twin per the AAS standard, stored in a central or decentralised repository. This is the "contract" between manufacturer, operator, and service.
Connectivity & data
MQTT 5 · OPC UA Pub/Sub · Apache Kafka · TimescaleDB
Multiple protocols in parallel — MQTT for edge devices, OPC UA Pub/Sub for machinery, Kafka for high-volume streams. Time-series database for telemetry.
Data & AI layer
PostgreSQL · append-only event log · data-space connectors (Eclipse Dataspace) · on-prem AI
Structured data plus auditable event logs for regulatory evidence. AI inference on-premise or in own infrastructure — not in third-party cloud.
Application & operations layer
Flutter (mobile) · Next.js (portal) · OIDC · Sentry · Grafana
Three frontends, one API layer. Platform-wide monitoring and logging as a prerequisite for traceable incident analysis.
Recommended stack
| Technology | Rationale |
|---|---|
| Asset Administration Shell (IDTA) | Standardised digital-twin data model with freely available specifications. Eclipse BaSyx and Eclipse AASX Server are mature open-source implementations. |
| OPC UA | Global standard for industrial machine communication. Vendor-neutral usable with umati Companion Specs. |
| NestJS auf Fastify | TypeScript-based platform architecture, performant pub/sub layer for high-volume data streams. |
| PostgreSQL + TimescaleDB | One database for relational master data and time-series telemetry — simplifies backup, recovery, and audit. |
| Self-hosted Kubernetes / Kamal | Own container infrastructure under own control, without hyperscaler lock-in. Data sovereignty as an architectural property. |
Sources
- What is Industrie 4.0? — Plattform Industrie 4.0
- AAS Specifications — Industrial Digital Twin Association
- NIS2 Directive (EU) 2022/2555 — EUR-Lex
- EU AI Act (Regulation (EU) 2024/1689) — EUR-Lex
As of: 2026-04-30
Read on
Other industries
IoT & Connected Products
B2B apps for connected devices — from BLE sensors to real-time telemetry platforms.
Automotive
Companion apps, diagnostics tools, and telemetry backends for connected vehicles and Tier-1 suppliers.
Mechanical Engineering
Service apps, MES integration, and OPC UA connectivity for DACH machinery builders.
Facility Management
Apps and platforms for CAFM, smart building, and EU energy-efficiency compliance.
Construction & Trades
Mobile-first apps for trade businesses and construction sites — from order workflow to BIM integration.
Concrete project in this industry?
We build software that fits the regulatory, technical, and organisational realities of your industry — without excess complexity.