Compute services

Name Description ELIXIR Node
ELIXIR Cyprus, ELIXIR Czech Republic, ELIXIR Denmark, ELIXIR Estonia, ELIXIR Finland, ELIXIR France, ELIXIR Germany, ELIXIR Greece, ELIXIR Hungary, ELIXIR Israel, ELIXIR Italy, ELIXIR Luxembourg, ELIXIR Netherlands, ELIXIR Norway, ELIXIR Portugal, ELIXIR Slovenia, ELIXIR Spain, ELIXIR Sweden, ELIXIR Switzerland, ELIXIR UK, EMBL-EBI

Our aim is to extend myFAIR Analysis into a cloud based service that can be executed using the advanced INDIGO PaaS services on-top of any ELIXIR Compute Platform cloud resource.  This approach will enable the advanced features provided by INDIGO to be made accessible to the whole of ELIXIR by porting them on the standard ECP cloud resource. The utility of this myFAIR cloud will be demonstrated using existing validated test case scenarios (e.g. Mothur-SOP and/or EGA), and building towards providing myFAIR Analysis as a research service CLOUD (myFAIR CLOUD Analysis) supporting single/multi-user and single/multi-center for FAIR data management and analysis.

Impact of the Study: 

  • Extend myFAIR Analysis into a cloud based service, executed using advanced INDIGO PaaS services on-top of any ECP cloud resource.
  • Enable INDIGO features to be accessible to the whole of ELIXIR by porting them on the standard ECP cloud resource. 
  • Demonstrate myFAIR cloud using existing validated test case scenarios (e.g. Mothur-SOP and/or EGA). 
  • Building towards providing myFAIR Analysis as a research service CLOUD (myFAIR CLOUD Analysis) supporting single/multi-user and single/multi-center for FAIR data management and analysis.
 ELIXIR Netherlands, ELIXIR Italy, EMBL-EBI

The AAI task proposes to diversify the ELIXIR Compute Platform task 1 and the AAI IS 2021-2023 as follows:

  • The AAI Infrastructure Service 2022-2023 continues the operation and development of the ELIXIR AAI and its migration to LS AAI, as per the Infrastructure Service project plan 2021-2023
  • The ELIXIR Compute Platform task 1 assumes a role that focuses on engaging and networking with other Nodes, in order to encourage them to make more use of ELIXIR/LS AAI as being supported by EOSC-Life. This could cover, for instance
    • Regular developer calls with ELIXIR Node representatives (e.g. on ELIXIR AAI success stories)
    • Promotion of AAI services to Nodes (e.g. benefits of using the AAI)
    • Training for the ELIXIR development community
    • Collection of links to recommended tools and libraries for ELIXIR/LS AAI integration and related instructions
    • Small projects to help integrating new/popular services/tools to the ELIXIR AAI which can be proposed for inclusion in the EOSC-Life AAI
    • Promote the adoption of new technologies like GA4GH Passports, different approaches to strong authentication, AAI use with clouds etc
  • In collaboration with EOSC-Life (esp. Task WP5.2) this task will strengthen the position of ELIXIR AAI as an introducer and verifier of new concepts and technologies to be eventually implemented in the LS AAI. To achieve this, the task will establish a small community advisory group from across the BMS RIs that are collaborating with the EOSC-Life project to drive the next phase of AAI in the life-sciences.

The task could remain to be hosted at CZ and FI Nodes - but not necessarily led by the same people as the IS. This enables widening the participation in the CZ and FI nodes and guarantees that the engagement activities do not risk the resources allocated to the AAI service operations (through the IS and EOSC-Life projects).

 ELIXIR Czech Republic, ELIXIR Finland

There are two direct AAI Implementation Studies and a number of others that are associated with the project (links at the bottom of this page).

2017 Implementation Study assessed the operation of the ELIXIR AAI, including

  • management of the production and development servers
  • security related to the hardware and services
  • customer service point
  • integration of new Relying Parties to the ELIXIR AAI

The study drew up a plan defining the responsibilities for the primary service provider as well as the transition to secondary service provider for maintenance, update or in case of unannounced downtime. The are also cost estimates, including an estimate of required human resources, for providing AAI services as ELIXIR emerging services in 2018.

This work was in alignment with EXCELERATE WP4.3.1, developing a stepup authentication service as part of the AAI Infrastructure Services Plan. The end report of this study is available here

The second Implementation Study started in January 2018, working with the Compute and Tools platforms, with goals to:

  1. Continue providing a sustainable service
  2. Develop a strategy to migrate to the Life Science AAI, with new features
  3. Increase the number of relying parties, liaising with the Global Alliance for Genomes and Health (GA4GH).

It is divided into four Workplans:

  • AAI operations, support and marketing
  • Migration to LifeScience AAI
  • Develop and deploy new features
  • GA4GH Access work stream (tbc. Discovery work stream?)

The results being an increase in the number of users, IDPs and relying serivces. There is an AAI implementation within EOSC-Life and engagement with BBMRI, Euro-Bioimaging, INFRAFRONTIER and Instruct. 

Access to sensitive Human data with AAI

(rec. May 2018) 

Use of AAI for the ELIXIR intranet and access to ELIXIR services

(rec. Jan 2017) 

Outlining the outcomes from the ELIXIR AAI Pilot launched in 2012

(rec. Mar 2015)

Integration with the de.NBI Cloud

(rec. Mar 2018) 

Links: 

Associated Implementation Studies:

Publications:

F100R Common ELIXIR Service for Researcher Authentication and Authorisation

 ELIXIR Czech Republic, ELIXIR Finland, ELIXIR Germany, ELIXIR Luxembourg, ELIXIR Spain

This implementation study aims to understand the existing infrastructure, resources and protocols for human genome variation annotation and curation. Work focuses on processes that can be automated to support interpretation of high-throughput genome sequencing results. The outcome will be a report that describes the current status within ELIXIR member states, identified requirements and potential solutions. The report will be part of the ELIXIR Human Genomics and Translational Data Services strategy and roadmap.

This project coordinates with ELIXIR Data Platform on surveys regarding data archives and other resources. It also consults with Compute and Tools Platforms on potential models for resourcing, scaling and providing portable tools based on the identified requirements for running data analysis workflows. The aim is also to work in close collaboration with the ELIXIR Interoperability Platform to understand the future requirements on managing variation annotation and their interpretation.

This implementation study will also aim to support the coordination between ELIXIR Human Genomics and Translational Data use case and the relevant GA4GH technical work streams. The expected outcome is a better alignment of ELIXIR activities with those in the GA4GH and direct communication with relevant resources outside of ELIXIR such as ClinVar.

 ELIXIR Finland, EMBL-EBI, ELIXIR Switzerland, ELIXIR UK, ELIXIR Norway, ELIXIR Italy

The aim of this implementation study is to provide a stable infrastructure for unifying software containers solutions within ELIXIR. This infrastructure will provide an access point for end-users to find, generate, store, monitor, and even benchmark software containers solutions. Hardware infrastructure will be provided by an ELIXIR Node from the ELIXIR Compute Platform for software containers deployment while ELIXIR-ES will provide the backup system using EUDAT protocols and infrastructures. In the long-term this registry could become a relying service to the ELIXIR AAI allowing infrastructures to manage users accounts.

The impact of this infrastructure will be demonstrated across ELIXIR Platforms and Use Cases. Software containers are a key technology which enables the rapid deployment of software resources including workflows across a variety of systems e.g. HPC, Cloud environments, and local computers; and the connection with existing database repositories. Additionally, this technology will be used to support training activities carried out by ELIXIR, where trainers will be able to focus on the training content rather than in the technological framework of the training, during face to face or remote sessions. Such a leading role on the development of this infrastructure will greatly increase ELIXIR's visibility across many domains of life sciences and even beyond. The coordinated effort to develop this infrastructure is similar to previous efforts carried out in ELIXIR, such as the Beacon Project and Bioschemas and will also link into work taking place in the ELIXIR Compute and Interoperability Platforms in coordination with the GA4GH.

 EMBL-EBI, ELIXIR Germany, ELIXIR Spain, ELIXIR Belgium, ELIXIR France, ELIXIR Denmark, ELIXIR Italy

This project will be led by the ELIXIR Proteomics Community in collaboration with members of the Metabolomics Community and three ELIXIR platforms. High-throughput proteomics has become a popular choice in biological, biomedical and clinical studies and led to the development of hundreds of bioinformatics tools and data analysis pipelines. Given their large diversity, there is a urgent need to compare and benchmark different software pipelines over a large data spectrum.

This study aims to create the framework to benchmark proteomics data analysis workflows, to be built upon and improve resources from ELIXIR Tool, Data and Compute platforms by creating an interface between them linked with public proteomics data and open source stand-alone software and pipelines.

The involved data will be annotated with at least EOSC minimum information according to ELIXIR metadata standards. Our benchmarking will identify robust workflows and therefore nurture the proteomics community with high quality standards required for reproducible research and clinical applications.

 ELIXIR Denmark, EMBL-EBI, ELIXIR Netherlands, ELIXIR Spain, ELIXIR France, ELIXIR Sweden, ELIXIR Italy, ELIXIR Czech Republic, ELIXIR Germany

We propose to reduce complexity for users by providing a Task Execution Platform (compatible with standards emerging from the GA4GH) that can encompass distributed sites in the ELIXIR Compute Platform with appropriate management interfaces that can abstract the user away from some of this complexity. Experience has shown that the acquisition and access of cloud resources can have a high overhead for end-users, e.g. finding the ‘right’ cloud service provider, negotiating or paying for access, porting your application to that cloud service provider etc.

This Implementation Study will contribute to the GA4GH Cloud WG specification discussions and ensure ELIXIR AAI is compatible with these GA4GH specifications and is integrated into the ‘Toil’ framework .The Study will deploy the GA4GH compatible ‘Toil’ framework centrally and TES endpoints at sites within the ECP, and operate analysis platform as a prototype service to a set of science use cases who are willing to provide CWL coordinated containerised task based workflows.

 ELIXIR Finland, EMBL-EBI

This study aims to coordinate the provision and operation of a standards-compliant container orchestration platform. This will allow execution of containerised software tools and workflow workloads supporting public and sensitive data across ELIXIR Nodes. The study will enable containers to be deployed and operated at scale and across cloud systems through the container orchestration platform in standardised formats which will:

  • Focus on developing a standards (e.g. GA4GH) compliant, interoperable container orchestration platform
  • Comprise scientific software and workflows from ELIXIR Tools platform ecosystem e.g. Bio.tools, Biocontainers, and OpenEBench
  • Connect with existing relevant ELIXIR communities e.g. HGTD, Proteomics, Marine, Galaxy
  • Provide an easy-to-use and transparent way of automating service deployment, orchestration, and configuration through the platform that can support the ELIXIR use cases and communities.

This Task coordinates ELIXIR Compute Platform’s (ECP) expertise and resources to leverage the technology development in other funded projects in order to provide high-level, community-driven orchestration of containers across ELIXIR Nodes. This will allow standardised, containerised and community-driven software applications to be hosted on ELIXIR Nodes and ELIXIR cloud infrastructures. The target is to provide a high-level abstraction layer to the underlying integrated technological components provided by Tasks 1, 2 and 3.

WP4.1: Coordinate an ELIXIR container platform to allow execution of containerised software workflow loads developed with the ELIXIR Tools platform ecosystem

Lead: Susheel Varma (EMBL-EBI)

This task will coordinate the provision of a standards compatible platform that can be offered to users to execute and manage the lifecycle of their containers on cloud platforms. These will be made available from ELIXIR Nodes and later on European e-Infrastructures. This platform will be offered to end-users (application developers in this example) through standards compliant APIs deployed in front of the individual cloud providers.

WP4.2: Access to sensitive datasets with containers

Lead: Shubham Kapoor (ELIXIR FI)

This task will provide analysis pipelines as a service using containers that are able to process sensitive data using the ELIXIR security guidelines.

 EMBL-EBI, ELIXIR Finland, ELIXIR Switzerland, ELIXIR Luxembourg, ELIXIR Czech Republic, ELIXIR Italy, ELIXIR UK, ELIXIR Sweden, ELIXIR Germany, ELIXIR Belgium, ELIXIR France, ELIXIR Denmark, ELIXIR Netherlands, ELIXIR Norway, ELIXIR Portugal, ELIXIR Slovenia

Coordinate the provision and operation of a standards-compliant container orchestration platform to allow execution of containerised software tools & workflow workloads supporting public and sensitive data across ELIXIR Nodes. To enable containers to be deployed and operated at scale and across cloud systems through the container orchestration platform in standardised formats which will:

  • Focus on developing a standards (e.g. GA4GH) compliant, interoperable container orchestration platform
  • Comprise scientific software and workflows from ELIXIR Tools platform ecosystem e.g. Bio.tools, Biocontainers, and OpenEBench
  • Connect with existing relevant ELIXIR communities e.g. HGTD, Proteomics, Marine, Galaxy
  • Provide an easy-to-use and transparent way of automating service deployment, orchestration, and configuration through the platform that can support the ELIXIR use
  • cases and communities.
 ELIXIR Switzerland, EMBL-EBI, ELIXIR Finland, ELIXIR Greece, ELIXIR Netherlands, ELIXIR Italy, ELIXIR Czech Republic, ELIXIR Germany
ELIXIR Belgium, ELIXIR Czech Republic, ELIXIR Finland, ELIXIR France, ELIXIR Germany, ELIXIR Greece, ELIXIR Netherlands, ELIXIR Spain, ELIXIR Switzerland, ELIXIR UK, EMBL-EBI

The goal of this study is to host and provide standardised compute access to important public reference and sensitive data sets in relevant (cloud) providers such that:

  • Datasets can be accessed locally via consistent, versatile interfaces (e.g. S3 or POSIX)
  • Local copies are updated as new versions are released
  • Users and cloud managers are able to manage their own data set subscriptions
  • There are secure but easy to use access control mechanisms
  • There are assured network connectivity (bandwidth and security) through software-defined networking

Many bioinformatics analysis activities are dependent on reference data sets to undertake their work. Transferring data sets on demand will delay the start of any analysis activity as moving large data sets does not happen instantly. Instead, pre-caching relevant data sets on popular cloud resources mean that they are already available when they are needed. This involves three tasks:

WP2.1: Provisioning of federated storage namespace

Lead: Christine Staiger (ELIXIR NL)

Provide a location-independent mechanism for identifying data that can then be resolved to the location(s) of the data in the physical infrastructure. This will allow a researcher to find where a specific data set is located and to decide if they are able to move their workload to this data location, or if a data transfer Site-2-Site is needed prior to starting computations.

WP2.2: Site-2-Site Data Transfers

Lead: Andrea Cristofori (EMBL-EBI)

The Reference Data Set Distribution Service (RDSDS) or other complementary methods, if needed (e.g. BioMaj) for site-to-site transfer will be used to allow sites to subscribe to specific public data sets that can be provisioned onto their cloud resources at the specified location, and when a new version of a given public data set is made available. Sensitive data sets will be made available through a secure cloud environment whereby the data set can be hosted securely in the remote cloud environment and remain encrypted in situ. The rights to access to the sensitive data is verified each time the data is accessed by the user. An ELIXIR webinar introduced the proposed technologies for secure data transfer between two ELIXIR nodes in May 2018.

WP2.3: Site-2-User Data Transfer

Lead: Giacinto Donvito (ELIXIR IT)

Provide a means for large data sets to be delivered asynchronously from their source to where a user needs them for their analysis.

 EMBL-EBI, ELIXIR Italy, ELIXIR Netherlands, ELIXIR Finland, ELIXIR Switzerland, ELIXIR France, ELIXIR Sweden, ELIXIR Germany, ELIXIR Belgium, ELIXIR Luxembourg, ELIXIR Norway, ELIXIR Portugal

The study will convene and establish a consensus on high-level community-driven standards:

  • Workflow / Task Orchestration Service: A minimal API specification that will support heterogenous containerised workflow (e.g. CWL, Galaxy, Nextflow, etc.) workloads for secured execution across the ELIXIR Federation of compute/cloud sites.
  • Tool / Workflow Registry Service: A minimal API specification that will provide access to curated heterogeneous container formats (e.g. Docker, Singularity) and workflow specifications (e.g. CWL, Galaxy, Nextflow, etc.) to be used as part of the workflow orchestration service.
  • Data Repository Service: A minimal API specification that will support the discovery and secured access to ELIXIR Core Data Resources and ELIXIR Node provided datasets as part of the workflow orchestration service.
  • Data and Workflow Security Protocols: Embedding security relying on ELIXIR AAI across all ELIXIR APIs to ensure secure access to data, tools and workflows to allow analysis to be performed on sensitive data.

This will be achieved by coordinating the expertise in the ELIXIR Platforms (Compute & Tools) and work taking place within the Nodes and related projects (e.g. EOSC-Life, EOSC-Hub), and will be broken down into three work packages: 

  1. Leveraging EOSC-Life workflows infrastructure
  2. ELIXIR Infrastructure for Orchestrating Containers and Workflows
  3. Coordinating ELIXIR Data Discovery and Transfer Services

and a number of Community Lead Use Cases: 

  1. Human data requiring security protocols provided by AAI, and data transfer services
  2. Single cell transcriptomics workflow that could be adapted for different organisms
  3. Metabolomics workflow adopted by the PhenoMeNal project
  4. Proteomics workflow aligning with the IS around benchmarking workflows to ensure reproducible research and potential clinical applications
 EMBL-EBI, ELIXIR Spain, ELIXIR Germany, ELIXIR Finland, ELIXIR France, ELIXIR Denmark, ELIXIR Belgium, ELIXIR Sweden, ELIXIR Italy, ELIXIR Switzerland, ELIXIR UK, ELIXIR Netherlands, ELIXIR Greece
ELIXIR Czech Republic, ELIXIR Finland, ELIXIR UK
ELIXIR Belgium, ELIXIR Cyprus, ELIXIR Czech Republic, ELIXIR Denmark, ELIXIR Estonia, ELIXIR Finland, ELIXIR France, ELIXIR Germany, ELIXIR Greece, ELIXIR Hungary, ELIXIR Ireland, ELIXIR Israel, ELIXIR Italy, ELIXIR Luxembourg, ELIXIR Netherlands, ELIXIR Norway, ELIXIR Portugal, ELIXIR Slovenia, ELIXIR Spain, ELIXIR Sweden, ELIXIR Switzerland, ELIXIR UK, EMBL-EBI
ELIXIR Czech Republic

ELIXIR AAI (Authentication and Authorisation Infrastructure) is the ELIXIR Infrastructure Service for authenticating researchers and enabling ELIXIR services to define user permissions for a given service (access rights). The ELIXIR AAI is coordinated by the ELIXIR Compute Platform and has received funding from ELIXIR-EXCELERATE WP4.3.1 and the AAI Implementation Studies in 2017 and 2018 [2, 3].

In June 2016, the ELIXIR Head of Nodes Committee agreed on the ELIXIR AAI strategy [1] that:

  • Defines the AAI as a service that falls under the responsibility of the ELIXIR Hub, enabling ELIXIR to commission AAI services from the Nodes or to obtain them from e-infrastructures.
  • Makes a statement that ELIXIR intends to rely on e-infrastructure partners in the operations of the AAI or some of its components.
  • Sets a goal of a common interoperable AAI for life science researchers, mentioning CORBEL WP5, AARC2 and the Global Alliance for Genomics and Health (GA4GH) as key related activities.

In 2017, the AAI Implementation Study [1] focused on preparing the AAI as an emerging service by providing a service definition, cost estimates, service desk and a redundant environment for key functionalities. During 2018, other research infrastructures have also started to evaluate and in some cases implement ELIXIR AAI, e.g. EuroBioImaging. In the preparations of the EOSC-Life project, key life science infrastructures have agreed on a convergence towards a Life Science (LS) AAI, to be built using ELIXIR AAI and coordinated by ELIXIR (with assignment as Work Package co-lead in the EOSC-Life proposal).

Aims

In 2019-2020, the AAI Implementation Study aims to:

  1. Continue providing a sustainable AAI service (the day-to-day operations and support),
  2. Ensure the service’s future sustainability according to the ELIXIR AAI strategy [2] and start a migration towards the Life Science (LS) AAI,
  3. Develop new features for the ELIXIR AAI in response to emerging community requirements,
  4. Increase the number of ELIXIR AAI relying (service provider) parties, e.g. cloud services suitable for workloads in life science computing.

The processes that continue to require decision-making by ELIXIR, e.g., related to membership, or specific access to compute services or data, will continue to be defined and operated through ELIXIR. However, it is envisaged that technical AAI components required to run these processes could be outsourced to trusted partners, where appropriate, as part of the evolution from ELIXIR AAI to LS AAI.

Relation to other projects

In the near future, several funding sources are assumed for different activities related to ELIXIR AAI. We note that at least some of these funding sources, related to the ELIXIR-specific requirements, are expected to continue beyond the point at which LS AAI is in full production. In the allocation of funding sources to different activities, the following principles have been assumed in this Implementation Study Project Plan:

Persistent funding to be used for recurring and permanent costs, project funding for one-off costs. This Implementation Study is proposed to cover annually recurring ELIXIR AAI and coordination costs, as these are distinct from wider implementations including the LS AAI. While for the next 4 years the core funding for LS AAI is expected to be covered through the ESOC-Life project, we assume continuing support of ELIXIR-specific AAI services and processes through permanent funding as an Infrastructure Service in the long term. This Infrastructure Service support will continue to be required after the end of EOSC-Life. We expect other external project funding, including EOSC-Life (excluding LS AAI operations), other H2020 projects, and further ELIXIR Implementation Studies will be deployed to resource the development of new features. Using project funding to cover recurring costs is not deemed sustainable.

After migration to Life Science AAI some ELIXIR-specific components and processes will remain. Although core features and functionality of the ELIXIR AAI are expected to migrate to the Life Science AAI during the project, it is foreseen that there will be some ELIXIR-specific parts and activities that will continue to be managed by ELIXIR directly, in common with other Research Infrastructures (RIs) with ongoing RI-specific requirements. 

 ELIXIR Czech Republic, ELIXIR Finland

Platform and has received funding from ELIXIR-EXCELERATE WP4.3.1 and the AAI Implementation Studies in 2017, 2018, 2019-2020 and Compute Platform 2019-2021 [2, 3, 4, 5].

In June 2016, theELIXIR AAI (Authentication and Authorisation Infrastructure) is the ELIXIR Infrastructure Service for authenticating researchers and enabling ELIXIR services to define user permissions for a given service (access rights). The ELIXIR AAI is coordinated by the ELIXIR Compute  ELIXIR Head of Nodes Committee agreed on the ELIXIR AAI strategy [1] that:

  • Defines the AAI as a service that falls under the responsibility of the ELIXIR Hub, enabling ELIXIR to commission AAI services from the Nodes or to obtain them from e-infrastructures.
  • Makes a statement that ELIXIR intends to rely on e-infrastructure partners in the operations of the AAI or some of its components.
  • Sets a goal of a common interoperable AAI for life science researchers, mentioning CORBEL WP5, AARC2 and the Global Alliance for Genomics and Health (GA4GH) as key related activities.

The AAI implementation study 2019-2020 focused on providing a sustainable AAI service and preparing for the migration to the Life Science AAI that is currently under development in EOSC-Life WP5.

In 2021-2023, the AAI Implementation Study aims to:

  1. Continue providing a sustainable AAI service (the day-to-day operations and support).
  2. Migrate ELIXIR AAI to Life Science AAI when it has become a stable service.
  3. After migration to Life Science AAI, continue operating those ELIXIR specific components which are not relevant for other participating research infrastructure of Life Science AAI.
  4. Keep ELIXIR AAI as an environment for developing prototypes of new services and for subsequent integration to Life Science AAI. 

It is assumed that the relation of ELIXIR AAI and the emerging Life Science AAI will be further specified in the timeframe of the next phase of the ELIXIR Compute Platform programme (2022-23).

Relation to other projects

In the near future, several funding sources are assumed for different activities related to ELIXIR AAI. We note that at least some of these funding sources, related to the ELIXIR-specific requirements, are expected to continue beyond the point at which LS AAI is in full production. In the allocation of funding sources to different activities, the following principles have been assumed in this Implementation Study Project Plan:

Persistent funding to be used for recurring and permanent costs, project funding for one-off costs. This Implementation Study is proposed to cover annually recurring ELIXIR AAI and coordination costs, as these are distinct from wider implementations including the LS AAI. While for the next three years the core funding for LS AAI is expected to be covered through the ESOC-Life project, we assume continuing support of ELIXIR-specific AAI services and processes through permanent funding as an Infrastructure Service in the long term. This Infrastructure Service support will continue to be required after the end of EOSC-Life. We expect other external project funding, including EOSC-Life (excluding LS AAI operations), other H2020 projects, and further ELIXIR Implementation Studies will be deployed to resource the development of new features. Using project funding to cover recurring costs is not deemed sustainable.

After migration to Life Science AAI some ELIXIR-specific components and processes will remain. Although core features and functionality of the ELIXIR AAI are expected to migrate to the Life Science AAI during the project, it is foreseen that there will be some ELIXIR-specific parts and activities that will continue to be managed by ELIXIR directly, in common with other Research Infrastructures (RIs) with ongoing RI-specific requirements. 

 ELIXIR Czech Republic, ELIXIR Finland
ELIXIR Belgium, ELIXIR Finland, ELIXIR France, ELIXIR Netherlands, ELIXIR Spain, ELIXIR Sweden, ELIXIR Switzerland, EMBL-EBI

The ELIXIR Cloud is an emerging ELIXIR Compute-based cloud infrastructure that delivers federated analytics use cases based on Global Alliance for Genomics and Health (GA4GH) API standards.

We have recently demonstrated how researchers can leverage ELIXIR Cloud services to deliver computational workloads across heterogeneous compute infrastructures (HPC, native cloud) at different ELIXIR Nodes via the GA4GH Task Execution Service (TES) API specification and its TESK (maintained by ELIXIR Compute) and Funnel implementations.

Experimental GA4GH TES backends are implemented in various workflow engines, including cwl-tes, Nextflow, Snakemake, Cromwell and Galaxy. To distribute individual workflow tasks across a network of TES instances in an effort to “bring compute to the data”, the ELIXIR Cloud includes the proTES gateway service, which distributes incoming TES tasks across a network of TES instances. 

In this project, we will extend the capabilities of the ELIXIR Cloud such that ELIXIR researchers can run a wide range of workflows either entirely or partially on Microsoft Azure via its open-sourced native TES implementation (“hybrid cloud”).

Researchers at ELIXIR Nodes will thus be able to outscale workloads to a state-of-the-art public cloud environment, either to meet peak compute demands or to access hardware that is currently unavailable at a local or at an available ELIXIR Cloud node. Moreover, through the use of the TES, as well as the GA4GH Workflow Execution Service (WES) API, which abstracts across workflow engines such as the ones mentioned above, ELIXIR services can easily integrate with the ELIXIR Cloud to make use of the hybrid cloud capabilities. 

The project will also strengthen the ongoing collaboration on the development of the GA4GH Cloud standards between ELIXIR Compute and Microsoft by increasing interoperability between our respective implementations. A fruitful collaboration on the use of the GA4GH TES API is likely to lead to a long-term collaboration on co-developing related solutions across various dimensions, including access control, smart distribution of workloads and integration of workflow federation via the GA4GH WES API.

 ELIXIR Finland, ELIXIR Czech Republic, ELIXIR Greece

The ELIXIR Cloud is an emerging ELIXIR Compute-based cloud infrastructure that delivers federated analytics use cases based on Global Alliance for Genomics and Health (GA4GH) API standards.

We have recently demonstrated how researchers can leverage ELIXIR Cloud services to deliver computational workloads across heterogeneous compute infrastructures (HPC, native cloud) at different ELIXIR Nodes via the GA4GH Task Execution Service (TES) API specification and its TESK (maintained by ELIXIR Compute) and Funnel implementations.

Experimental GA4GH TES backends are implemented in various workflow engines, including cwl-tes, Nextflow, Snakemake, Cromwell and Galaxy. To distribute individual workflow tasks across a network of TES instances in an effort to “bring compute to the data”, the ELIXIR Cloud includes the proTES gateway service, which distributes incoming TES tasks across a network of TES instances. 

In this project, we will extend the capabilities of the ELIXIR Cloud such that ELIXIR researchers can run a wide range of workflows either entirely or partially on Microsoft Azure via its open-sourced native TES implementation (“hybrid cloud”).

Researchers at ELIXIR Nodes will thus be able to outscale workloads to a state-of-the-art public cloud environment, either to meet peak compute demands or to access hardware that is currently unavailable at a local or at an available ELIXIR Cloud node. Moreover, through the use of the TES, as well as the GA4GH Workflow Execution Service (WES) API, which abstracts across workflow engines such as the ones mentioned above, ELIXIR services can easily integrate with the ELIXIR Cloud to make use of the hybrid cloud capabilities. 

The project will also strengthen the ongoing collaboration on the development of the GA4GH Cloud standards between ELIXIR Compute and Microsoft by increasing interoperability between our respective implementations. A fruitful collaboration on the use of the GA4GH TES API is likely to lead to a long-term collaboration on co-developing related solutions across various dimensions, including access control, smart distribution of workloads and integration of workflow federation via the GA4GH WES API.

 ELIXIR Finland, ELIXIR Czech Republic, ELIXIR Greece
ELIXIR Belgium, ELIXIR Cyprus, ELIXIR Czech Republic, ELIXIR Denmark, ELIXIR Estonia, ELIXIR Finland, ELIXIR France, ELIXIR Germany, ELIXIR Greece, ELIXIR Hungary, ELIXIR Ireland, ELIXIR Israel, ELIXIR Italy, ELIXIR Luxembourg, ELIXIR Netherlands, ELIXIR Norway, ELIXIR Portugal, ELIXIR Slovenia, ELIXIR Spain, ELIXIR Sweden, ELIXIR Switzerland, ELIXIR UK, EMBL-EBI

The ELIXIR Compute Platform ensures that European cloud, compute, storage and access services fulfil the requirements and are available for the life-science research community. European regulation on health data processing is evolving, computing capacity in national clouds is increasing and international standards are improving interoperability between the compute environments.

Such capabilities are also increasingly important to service the growing volumes of biodiversity, food security and pathogen data which comprise complex data types and must be linked to climate data resources. Also, supercomputer investments - especially EuroHPC - provide completely new kinds of computing capacities for researchers across these domains.   

All this shapes the landscape of European compute resources. Especially, computing on sensitive data near the data resources is becoming obligatory but the same is true for non-sensitive data e.g. plant phenotyping data and associated imaging data.

In 2024-26, the Platform will build technological capability to enable compute in new European-wide federated and multi-cloud settings by building on existing development and utilising previous work, especially Life Science Login. Beyond this, the platform actively seeks sustainable ways to operate the developed services for European researchers.    

The Platform will deliver the services to support federated data management and analytics in life science through five complementary WPs:

Lead partners: CSC (Finland), University of Masaryk (Czech Republic), Berlin Institute of Health at Charité (Germany)

The purpose of this work package is to provide the overall project management and coordination of the activities of ELIXIR Compute Platform. This work package ensures that Platform work progresses as planned. 

The work package will also ensure that the platform work plan is aligned with ELIXIR’s strategic vision and key EC funded projects where ELIXIR leads or participates including GDI, ENTRUST, STEERS and EVERSE which are relevant for the overall development of European research infrastructures, data spaces and regulation.

The work package facilitates active dialog with life-science research communities in order to understand the real needs of researchers. This is done especially by collaborating with ELIXIR Communities that represent researchers’ use cases. 

Besides technology development, delivering impact on research requires that the  technology can be sustained and provided for researchers. This work package seeks ways how the developed technology can be sustained as part of operational services. This can be done both by integrating technology into existing services and by establishing new services when applicable. 

The landscape of European research infrastructures, data spaces and related initiatives, such as EOSC, EuroHPC and GAIA-X, are evolving and the work package is actively participating in this development.

Establishing services in cross-infrastructure fashion and providing them in wider collaboration is seen as a favourable option, especially partnering with other research infrastructures and providing services as part of EOSC service offering supports the objective of long term service sustainability. Also, the work package ensures that the platform activities are well connected and communicated to the research community. 

The work package will also bridge the platform activities to GA4GH and participate in the steering of GA4GH by utilising the ELIXIR and GA4GH strategic partnership.

Activity 1: Project management and coordination

The ExCo will set up and facilitate regular Platform-wide meetings, both online and face-to-face. It will also establish proper communication channels for the work and monitor and report the progress regularly.

Activity 2: Sustainability and dissemination

The ExCo will prioritize sustainability planning for platform development activities to ensure long-term viability. They will establish effective bi-directional communication channels to engage research communities, leveraging platforms like ELIXIR Communities, the ELIXIR Training Platform, and existing channels such as ELIXIR webinars.

Additionally, the ExCo will promote knowledge sharing with other ELIXIR platforms and active participation in joint-platform activities to maximize collaborative efforts. It will also serve as the platform's representative in the strategic partnership between ELIXIR and GA4GH. Furthermore, the ExCo will oversee dissemination initiatives aimed at promoting the Compute Platform's advancements and benefits to relevant stakeholders.

Lead partners: CSC (Finland), University of Masaryk (Czech Republic)

An increasing number of services are moving towards working with sensitive data. Such services need to perform authentication of the person working with data and enforce authorization rules with a high level of assurance.

ELIXIR has built and operated the Authentication and Authorization Infrastructure (AAI) service for such tasks, which formed the basis for the joint effort  to create a common Life Science AAI (LS AAI) in the EOSC-Life project. The idea of a common AAI service is the ability to provide unified authentication mechanisms, a central place to execute authorization decisions and provide the ability for the relying services to outsource such tasks on the operated infrastructure.

For authentication purposes, ELIXIR AAI and LS AAI are relying on the eduGAIN interfederation to enable researchers access to the services using their home organisations. The service is now a mature production service with over 13,000 users who login per month and increasing adoption by other Research Infrastrures in the EOSC-Life Science Cluster including BBMRI-ERIC and Instruct-ERIC (https://doi.org/10.5281/zenodo.8144216). 

In the next phase, the authentication needs to move towards improving the assurance of the authentication process by adopting various mechanisms providing additional security for user accounts. As for the authorization part, ELIXIR has been piloting the GA4GH Passports and Visa standard, as well as defining its own mechanisms for enabling distributed authorization. In the following development, distributed authorization will focus more on effectively defining authorization rules in different contexts and places, efficiently collecting them and applying them in a broad spectrum of places.

This will boost real world capabilities for LS-AAI usage in critical projects such as GDI, where it is to be implemented as the first line of user access and control for accessing and processing sensitive genomic data across participating 1M+G European member states. New solutions will be tested in an even broader cross domain context across the science clusters through the EOSC AAI common framework. Last but not least, identity governance will be another point of interest for this task.

Activity 1: Advanced authentication mechanisms

The goal of this work package is to explore new areas of authentication mechanisms by extending the basis built in the previous work packages. This WP will concentrate on exploring new approaches to working with digital identity like Self-Sovereign Identity, e-wallets, and similar technologies and rising alternatives to the traditional Identity Federations approach, while it will also try to integrate these solutions as alternatives to the authentication mechanisms in place.

The federated approach will be iterated on to reach out to entities not participating in the eduGAIN federation, like commercial entities from the pharmaceutical industry, who are not able to join such a federation. Thus,  a focus will be  building standardised solutions and procedures for integrating with such entities. The aim is also to extend the security aspects of the authentication process by exploring Multi-Factor Authentication (MFA) in the widely distributed EOSC AAI environment. 

This WP will additionally try to explore the possibility of providing passwordless authentication as an accompanying authentication mechanism in a federated login environment. By shifting towards this authentication mechanism we expect to achieve a more streamlined authentication process and expect the federative authentication to move towards the support role in the area of identity vetting and backup authentication solutions.

From the perspective of managing the identity for authentication purposes, we want to investigate the ability to correctly de-provision identity data, especially in distributed environments and improve the identity governance aspects by defining strict lifecycle policies of the identity and relevant data which are  conformant with auditing and accounting needs.

Activity 2: Authorization in distributed infrastructures

The traditional role of the Authentication and Authorization Infrastructures lies in basic authorization execution and mostly in providing authorization data to the relying parties, which can then perform local authorization based on this data. In the years of operating ELIXIR AAI and participation in Life Science AAI, we have learned about a lot of use cases shared across various relying parties.

This work package should focus on extracting as many repetitive authorization scenarios as possible and integrating them directly into the AAI environment, to remove the burden of designing and implementing such authorization scenarios from the relying parties, enabling them to focus more on the provided functionality.

Iterating on this approach, the goal is to provide Relying Parties, organisations, or managers within the AAI with a framework, where they can define authorization rules in the AAI itself and AAI will evaluate the conditions defined at the time of performing other authorization tasks, resulting in a simple AUTHORISED/UNAUTHORISED information provided to the service with a possible reasoning why the decision has been carried out.

Such an approach could be even escalated into environments similar to EOSC AAI to explore these possibilities in a multi-federated and multi-infrastructure environment with an emphasis on efficient definition, sharing, execution and communication of these rules and their results. 

We are also expecting continuous work on the existing standards like entitlements or GA4GH Passports and Visas with the possibility of extending their applicability into areas outside of the genomics data, and extending authorization into finer granularity level, file in a data set or sections of the fileLast but not least, with the increased emphasis on compliance with policies like GDPR and the need to manage approvals of policies like AUP, Privacy Notice, and Terms of Use, this work package will explore possibilities to record such things and re-use these records as another authorization data inputs.

Activity 3: User Experience, community engagement, training and outreach

One of the main two ideas of Authentication and Authorization Infrastructures is to provide users accessing integrated services via a unified familiar process and to enable performing authorization for the whole infrastructure in a single place.

Looking at the regular user process, the service access workflow might get fairly complicated, especially in the federated model, where users use their Home Organizations as authentication providers or can fall back to social logins or other authentication means if they cannot or do not want to use their institute, university, or similar Identity Provider.

The situation might get even more complicated when users hop between services or use multiple external accounts to access them. To mitigate the risks of leaving the user confused, this task will focus on continuous improvements of the AAI user-facing interfaces to improve the user experience and achieve streamlining of the user workflows. These activities will involve developing methodologies for KPIs collection and user evaluation, user testing, as well as applying the user-centric design from the start.

We expect to cooperate with Tasks 1 and 2 of WP1 as well as with WPs 3-5, especially on their deliverables that overlap with authentication and authorization. We envision this cooperation mainly in providing feedback and inputs into the design aspects of the activities executed in different tasks. 

To support the goal of providing the best possible user experience, this task will explore the areas of evaluating Authentication and Authorization Infrastructure as a service not just from the end-user perspective, but also from the point of view of people representing management roles utilising AAI primarily for the second A - authorization. We would like to approach this in an Agile approach by applying Continuous Discovery meaning periodical small-incremental improvements proposed to the most critical parts of the infrastructure.

From the integration perspective, we would like to explore the activity of building an AAI-centric SDK. We envision not to directly develop a set of tools, but rather to pick and evaluate existing Software components and provide in-depth guidance on their usage with the AAI

To spread the utilisation of the Authentication and Authorization Infrastructure, this Task will also focus on building the community. The primary focus will be on organising events based primarily on the inputs from Relying Party integrators, but not omitting end-users and Identity providers to discuss the AAI-relevant topics, or just discuss various integrations or share recent developments in the AAI area. Last but not least, this Task will also focus on the outreach and education spread towards AAI-related customers.

Lead partners: CSC (Finland), University of Masaryk (Czech Republic), Berlin Institute of Health at Charité (Germany)

Sensitive data is a critical asset for the ability to carry out essential research in even potentially critical situations, e.g. as proven during the COVID-19 pandemic. Providing easy access to such data speeds up the research process, resulting in faster development of new disease cures, or exploring and further understanding of rare diseases.

However, by nature, input data for such research tasks contain sensitive information and thus needs to be correctly handled and protected. In the previous ELIXIR programme, the Compute Platform has been working in this area already, and we would like to continue this effort. 

We expect to deliver to researchers a framework of products for secure access to sensitive data for use in a wide range of research settings. Our aim is to build a complex solution covering the process from the start (data discovery) through the analysis/processing up to the very end (research publication finalisation). It involves building and evolving a framework of tools for the secure discovery of sensitive data, enabling research groups to then implement and adapt to their needs using standard components in the framework.

Moving further in the process, tools for possible access negotiation, secure transfer of the data to a computing environment, executing the computing workflow, and last but not least, delivery or interpretation of the result in a secure way must be considered. The work will be supported by new external funding in the Horion Europe INFRA-EOSC and INFRA-DEV Programmes as well as the ongoing development in the GDI project. 

The whole process needs to be accompanied by also focusing on Authentication, Authorization, Auditing, and optional accounting, and aiming to be in coherence with the regulations in a transnational, federated environment. Hereby we will closely align the activities of WP3 with WP2, WP4 and WP5. We will identify, build and gather technical solutions on top of the outcomes of previously carried out work in the ELIXIR programme, such as leveraging on and further development of the AAI and cloud infrastructures, sensitive data management platforms (REMS), federated EGA repositories, and similar.

In order to understand how such environments can be utilised by researchers the aim is to provide guidance documentation on both the technical and organisational measures to secure the data as well as outreach to researchers through workshops in order to get feedback on how such services can be utilised.

Activity 1: Sensitive data access as a process

Researchers may require access to sensitive data in different scenarios, which we here describe as use cases. The aim of this task is to collect and document potential use cases for accessing sensitive data in detail. These use cases will be refined, revised and extended over the course of the project. Currently, the different use cases include:

  1. Direct access to data in a repository: Here, data is archived in a single database. Either directly by the user or indirectly via a platform, the user requests access to the data. The user is then authorised to use a specific set of data. To do this, the user logs on to a database or platform and transfers the data in encrypted form to their own secure environment. In the secure environment, the user can decrypt the data and analyse it further. For example, a Trusted Research Environment (TRE) or  can be used here by the user.
  2. Federated database: The data of interest is stored in a federated form on different data nodes. The data nodes provide metadata via APIs, which can be browsed in a central portal. Through the central portal, a user can request access to selected data at the respective data nodes. The nodes then grant the user access to individual datasets. The data is then collected from the nodes, combined and being made available to the user either for data transfer or for processing within a TRE.
  3. Centralised platform: The platform contains centralised sensitive data. Users can request access to a subset of the data. If authorised, users can then log into the platform and work directly with the data. This is done, for example, by running workflows or interactive analysis using scripts. The platform provides users with a secure VRE for this purpose.
  4. Federated processing: Here, sensitive data resides on different nodes that are not directly connected and the transfer of data to other environments is restricted. The nodes provide APIs through which analysis can be performed on the data, which together forms a secure processing environment (SPE). The user can perform an analysis that combines data from different sources (nodes) by executing an analysis on a platform, which then distributes individual tasks to different nodes based on where the data is available. The results are then combined and being made available to a user. A special case of this is federated learning, where models are trained in several iterations and updated on different data sets. Application of technologies such as Confidential Containers (https://github.com/confidential-containers) will also be in the scope of this use-case.

Activity 2: Sensitive Processing Environment Services

In WP3.2 we will support the technical implementation of secure platforms by, among other things, linking the use cases from WP3.1 with the framework components provided by WP2 and WP4. On the basis of a catalogue of services, we will enable the development of secure environments that meet the requirements of at least one of the use cases defined in WP3.1.

These environments will combine authentication and authorisation features from WP2 with the solutions and services from WP4. For demonstration purposes, the platform will be implemented, tested and documented in cloud environments. Experiences, gaps and issues from the use case implementations will be fed back to WP2 and WP4.

Activity 3: Guidance and outreach

General direction of the subpackage WP3.3 is towards landscaping and availability of documentation/policy, alignment and mutual exchange on standards, guidelines, SOPs and in practice handling of sensitive data access. 

These Sensitive Data Processing environments will be implemented, tested and documented as part of WP 3.2, yet the providers of such environments need to be able to reach out with researchers how such environments are run and under what conditions they can be made use of. For these reasons WP 3.3 will seek to bring providers of SPE as well as consult with Legal and Ethics Officers in order to list:

  • User policies for SPEs on working with sensitive data (out of scope is compliance with legislation and frameworks)
  • Service policies
  • Infrastructure policies
  • This will result in a guidance document on technical and organisational security measures for protection and working of sensitive data.

At the same time during this work package we will investigate through workshops:

  • Involvement of patient organisations / other stakeholder organisations / representatives as guests / participants of the workshop(s)
  • Connection to national medical informatics infrastructures (e.g. NUM & MII in Germany)
  • EU Cross border data sharing or International (US, Asia) working with /sharing sensitive data

Lead Partners: CSC (Finland), University of Masaryk (Czech Republic), Berlin Institute of Health at Charité (Germany)

With use cases such as outscaling peak performance needs and bringing compute to where the data resides, rather than fetching the data first and computing on it on premise, data analytics in the Life Sciences is increasingly shifting towards the cloud. Previously, ELIXIR Compute addressed these developments by exploring hybrid cloud and containerization techniques and developing services based on widely adopted community standards, including Cloud APIs defined by the Global Alliance for Genomics and Health (GA4GH), for which ELIXIR Compute is leading a Driver Project.

In the next phase, the various previous efforts will be bundled, hardened and - with the help of ELIXIR-internal Driver Projects including GDI - further matured. In particular, this task will coordinate the development of an ELIXIR-wide federated hybrid- and multicloud-ready set of packages consisting of various GA4GH-compatible backend microservices deployed across the ELIXIR Nodes, and a micro-frontend-based web portal to enable end users to operationalise the platform.

Through it, users will be able to discover, fetch and execute a range of workflow types (e.g., CWL, Nextflow, Snakemake, Galaxy) on HPC clusters, native cloud clusters and commercial clouds, accessing data on commonly used storage solutions (e.g., s3). Access control management, the handling of sensitive data and compute-related provenance will be addressed together with WPs 2, 3 and 5, respectively. 

In addition to the ELIXIR::GA4GH cloud platform, the task will further coordinate the bundling of backend and frontend components into a "ELIXIR Cloud SDK", which will allow (1) systems administrators to easily deploy on premise, hybrid and multicloud solutions, and (2) service developers to quickly adopt the necessary APIs and guidelines to interoperate with the ELIXIR cloud platform.

Finally, the WP will coordinate the engagement of use cases, Nodes and service developers, provide documentation, training and support mechanisms, and liaise and align with developments in relevant organisations beyond ELIXIR, such as GA4GH and EOSC.

Activity 1: Harden and expand ELIXIR Cloud SDK use case portfolio

Acivity will harden existing service components by improving resilience, scalability, and service security and by integrating work provided by other WPs with respect to access control, data security, and provenance/accounting/reproducibility (e.g,. via RO-Crates).

It will expand existing use case portfolio with regard to compute federation, e.g.,by providing  support for different workflow engines/languages, compute backends and storage solutions, including integration with commercial/public cloud providers (“hybrid cloud”) and specialised workload distribution logics.

Finally, it will support use cases requiring service-to-service communication (e.g., distributed computing, federated learning, federated imputation), as well as additional use cases as requested by user base.

Activity 2: Harden and expand ELIXIR Cloud SDK use case portfolio

Activity will deploy centralised and federated ELIXIR Cloud SDK service components across different ELIXIR Nodes, deploy and maintain service registry and system to automatically upgrade service instances in the network. It will further develop and deploy web portal and CLI entry points that operationalise the supported ELIXIR Cloud use cases to end users.

Activity 3: Policies, documentation and outreach

Activity will promote ELIXIR Cloud & ELIXIR Cloud SDK within ELIXIR and global community, including industry partners and provide extensive documentation for various audiences (end users, devs and admins), including tutorials and interactive examples.

Lead partners: Forschungszentrum Jülich (Germany), Athena Research Center (Greece), VIB (Belgium)

To address the increasing complexity of life science analytics, bioinformaticians need access to advanced and large scale compute capacities, often in an international context. They need to be able to do so using sustainable compute resources which follow appropriate regulatory compliance, accounting, and provenance.

While aspects of this have and are being addressed by the e-infrastructures in Europe, life scientists have additional demands for computing sensitive data which only increases the importance of appropriate audit trails which will fit with the relevant information governance and security requirements.

In this Task ELIXIR will identify best practices in our communities, Nodes and projects in the reporting of resources (facilities, services) used to lay the groundwork for billing or other financial accounting of services (within or between institutions, and eventually across borders). The Platform will identify automated, lightweight solutions which are FAIR in practice in order to track provenance. In turn this will improve the reproducibility of scientific analysis and the recognition of relevant service providers as well as researchers at the individual and organisational level.

The Compute Platform is directly involved in relevant technical developments in secure and distributed computing in the Nodes and can help address the integration of non automated systems such as electronic notebooks.

Activity 1: Dashboard of ELIXIR Computing Providers

This activity will create a centralised place to publish data around what compute resources are available across ELIXIR; along with compute resource reporting summaries. Output will be in both machine-readable and human-friendly forms (i.e. visualisations that can be understood by non-specialists). It will be a living (continuously updated) successor to the one-off snapshots from EOSC-Life WP7 “Cloud Observatory Report”, ELIXIR EXCELERATE - D4.3, CONVERGE. It will link to WP3.1 ELIXIR Cloud Service Registry, based on GA4GH Service Registry API. Implementation under development, currently deployed at the CH Node. There is also a matching GUI client under development, implemented as a reusable Web Component. Both could be used to power (part of) a dashboard. May also include a “living map” of ELIXIR compute.

Activity 2: Provenance consumption and production by infrastructure

It is important for platforms executing computational research experiments to utilise RO-Crates aiming for reproducibility and reusability. Using this packaging format can allow bundling together all the components and dependencies of a research experiment, ensuring that it can be reproduced,re-executed, and reused in the future.

More specifically, reusability can be enhanced with the use of WorkflowRun profile RO-Crates that capture and encapsulate the entire research experiment, including data, code, parameters, and workflows. This enables that the experiment can be accurately reused, allowing other researchers to validate and build upon the results. Moreover, by packaging all the necessary components, including data sources, software versions, and configurations, RO-Crates preserve the context in which the experiment was conducted. This enhances transparency and enables others to understand the experimental setup and potentially identify any issues or improvements. 

Additionally the use of RO-Crates can facilitate collaboration and sharing of research experiments. They provide a standardised format that can be easily shared among researchers, enabling them to reproduce, validate, and build upon each other's work. This promotes open science practices and fosters scientific advancements. 

Use cases will come from MGnify; WP5.1; and the ELIXIR Communities.

Activity 3: Reporting of resource usage (accounting)

Systems that provide compute resources to researchers need to implement mechanisms for tracking the resource usage of each researcher and enforcing limits to that usage.  In addition, the usage data kept (including consumed resources, user numbers, geolocation, or carbon footprint) can be a valuable resource  to steer user behaviour towards greening, and needs to be reported to funders and inform long-term policy-making. At the same time, they can also be useful when they are shared with the research community at large and the society for transparency.

This work package will investigate the needs of the ELIXIR communities, Nodes, and projects regarding resource tracking and accounting/reporting and will explore existing mechanisms that have been implemented in various ELIXIR Nodes. Moreover, the work package will collect (where possible) feedback on the related challenges and expectations of the relevant stakeholders. Finally, the WP will develop a reference framework that can provide a standardised method for monitoring and reporting resource usage in research compute systems. 

 ELIXIR Belgium, ELIXIR Czech Republic, EMBL-EBI, ELIXIR Estonia, ELIXIR Finland, ELIXIR France, ELIXIR Germany, ELIXIR Greece, ELIXIR Italy, ELIXIR Luxembourg, ELIXIR Netherlands, ELIXIR Switzerland, ELIXIR UK

This study aims to coordinate technical, operational and funding aspects of cloud, data and compute services across Europe for the ELIXIR and larger Life Science community within a seamless hybrid cloud ecosystem. It will implement a hybrid cloud ecosystem interoperable with key resources that is accessible to researchers spanning:

  • Local, private clouds (e.g. EMBL-EBI Embassy)
  • National community clouds (e.g. cPouta, MetaCentrum cloud, de.NBI)
  • European research and innovation oriented clouds (e.g. EOSC)
  • Public/commercial compliant clouds (e.g. Google, Azure, AWS)

e-Infrastructures are becoming more flexible via virtualisation. This allows contemporary biological research projects with large processing and storage requirements to leverage their capacities. The technical challenges of large scale cloud development for research will be addressed within the EOSC umbrella, whereas the ELIXIR Compute Platform, while already involved, will be a participant only.

However, there are non-technical challenges of the cloud infrastructure that should be the primary focus of ELIXIR Compute Platform – what is actually needed by the ELIXIR community, how cloud provisioning, the resource access (and allocation) should be organised, who will provide the cloud resources and how the providers should be reimbursed/sustained. The acute problem of cloud resource allocation will be investigated, including the proposal to establish a Resource Allocation Committee (RAC) in the case of commissioned central ELIXIR resources within EOSC-Life.

This task, following current and future technology constraints, will organise ELIXIR cloud experts and focus them around the problem of defining the ELIXIR hybrid cloud ecosystem and how it should be coordinated. Initially concerned with ELIXIR’s own requirements, the task will gradually expand to cover the larger Life Science community, similar to the transition of ELIXIR AAI to LS AAI).

The task will also work on piloting the proposed approaches, as a part of the EOSC Life program in collaboration with the EOSC Hub and similar future projects; and as a standalone ELIXIR activity, using resources and resource providers of individual ELIXIR Nodes.

WP3.1: Definition and evolution of ELIXIR hybrid cloud ecosystem

Lead: Miroslav Ruda (ELIXIR CZ)

This task will determine and establish the strategic principles and sustainability for the ELIXIR hybrid cloud ecosystem, including resourcing, service levels and sustainability.

Pilot development will focus on:

  • Shifting from resource control to resource orchestration
  • Focussing on enabling user interactions (user needs)
  • Shifting to greater openness
  • Development of accretive strategies to engage producers and consumers within the platform ecosystem
  • Development of user-centric and ecosystem-centric metrics

The proposal must deal with the different funding strategies while implementing the EOSC governance work on cloud provisioning. In the second iteration, the specific requirements of work with sensitive data must be also included i.e. enhanced information governance, higher cost base, specific technologies deployed etc.

WP3.2: Piloting the proposal

Lead: Chris Lawerenz (DE)

This task will run several user-centric and inter-platform pilots using the resources provided by the involved ELIXIR Nodes and also by external EOSC-related resources if provided. The pilots will demonstrate the usability of the proposal to setup the cloud ecosystem for ELIXIR (using the hybrid cloud environment to support (semi)production operation of use cases that are defined in the other parts of the work program). Feedback from these pilots will be used to improve the ELIXIR hybrid cloud ecosystem definition. The selected pilots will serve each year as a Technical demonstrator of the feasibility of the proposed ELIXIR/LS Hybrid cloud ecosystem (resp. Its gradual evolution).

 ELIXIR Germany, ELIXIR Czech Republic, ELIXIR Netherlands, ELIXIR Spain, ELIXIR Italy, ELIXIR Finland, EMBL-EBI, ELIXIR UK, ELIXIR Luxembourg, ELIXIR Slovenia

Coordinate technical, operational and funding aspects of cloud, data and compute services across
Europe for the ELIXIR and larger Life Science community within a seamless hybrid cloud ecosystem.
Implement a hybrid cloud ecosystem interoperable with key resources that is accessible to
researchers spanning:

  • Local, private clouds (e.g. EMBL-EBI Embassy)
  • National community clouds (e.g. cPouta, MetaCentrum cloud, de.NBI)
  • European research and innovation oriented clouds (e.g. EOSC)
  • Public/commercial compliant clouds (e.g. Google, Azure, AWS)
 ELIXIR Czech Republic, EMBL-EBI, ELIXIR Germany, ELIXIR Italy, ELIXIR Netherlands, ELIXIR UK

Part of the EOSC-Hub project proposal it to establish an ELIXIR Competency Centre (ECC).  The EOSC-Hub proposal is currently under review by the EC and a funding decision is expected around late summer 2017 with a tentative project start date of January 2018. The focus of the ECC is to look at the distribution of reference data sets within the EOSC environment and it is proposed by the Compute Platform ExCo to kick-start the work within the ECC through a proof of concept study (funded by the ELIXIR-Hub) on making big data sets available on remote compute infrastructures.

Therefore the overall purpose of this Proof of Concept Study is to bring together funded work already taking place within ELIXIR-Excelerate, EUDAT2020 and the ELIXIR nodes into an integrated activity:

  • Deployment and integration of FTS3 by CESNET for use by ELIXIR and integrated into the ELIXIR AAI for use by RDSDS and other activities.
  • Deploy and test in a wide area testbed the first pre-releases from EMBL-EBI of the Reference Data Set Distribution Service (RDSDS) currently being developed by EMBL-EBI within the EUDAT 2020 project.
  • The expansion and performance of the current data transfer testbed to explore FTS3 and RDSDS by identifying ELIXIR nodes (and others) capable of hosting large reference data sets and the reference data sets that will be transferred to test the system

This study is now completed, the work is described in the end report. The outcome of this study is summarised in a webinar:

This study is associated with: The use of Cloud & VM for training.

 ELIXIR Sweden, ELIXIR Germany, ELIXIR Czech Republic, EMBL-EBI, ELIXIR Finland

Part of the EOSC-Hub project proposal it to establish an ELIXIR Competency Centre (ECC).  The EOSC-Hub proposal is currently under review by the EC and a funding decision is expected around late summer 2017 with a tentative project start date of January 2018. The focus of the ECC is to look at the distribution of reference data sets within the EOSC environment and it is proposed by the Compute Platform ExCo to kick-start the work within the ECC through a proof of concept study (funded by the ELIXIR-Hub) on making big data sets available on remote compute infrastructures.

Therefore the overall purpose of this Proof of Concept Study is to bring together funded work already taking place within ELIXIR-Excelerate, EUDAT2020 and the ELIXIR nodes into an integrated activity:

  • Deployment and integration of FTS3 by CESNET for use by ELIXIR and integrated into the ELIXIR AAI for use by RDSDS and other activities.
  • Deploy and test in a wide area testbed the first pre-releases from EMBL-EBI of the Reference Data Set Distribution Service (RDSDS) currently being developed by EMBL-EBI within the EUDAT 2020 project.
  • The expansion and performance of the current data transfer testbed to explore FTS3 and RDSDS by identifying ELIXIR nodes (and others) capable of hosting large reference data sets and the reference data sets that will be transferred to test the system

This study is now completed, the work is described in the end report. The outcome of this study is summarised in a webinar:

This study is associated with: The use of Cloud & VM for training.

 ELIXIR Sweden, ELIXIR Germany, ELIXIR Czech Republic, EMBL-EBI, ELIXIR Finland
ELIXIR Denmark
ELIXIR Germany, ELIXIR Spain
ELIXIR Finland

The Marine Metagenomics Community has adopted the use of the Common Workflow Language (CWL) as an interoperable way to describe their analysis pipelines. One of the most complex and fully developed CWL workflows implements the EBI metagenomics analysis pipeline.

In coordination with MG-RAST, a US based metagenomics analysis pipeline, there are now two different large-scale metagenomics CWL workflows. Each uses a different CWL execution framework (namely Toil and AWE) and are run on different compute infrastructures. During the course of the coming year, the Marine Use Case expects META-pipe (the ELIXIR-NO, marine specific metagenomics pipeline) and other metagenomics related tools (e.g. ITS1 analysis from ELIXIR-IT) to adopt CWL. These additional tools can be used as alternatives for pre­existing tools or extend the functionality of the current workflows.

This Implementation Study aims to:

  1. demonstrate the benefits of using CWL by combining different workflows components to make new workflows;
  2. extend the current CWL workflows to enable greater reuse;
  3. enhance the execution frameworks to improve both deployment and scalability;
  4. deploy a single CWL workflow on different ELIXIR cloud environments to enable parallel processing and reproducibility.

To provide an exemplar to both the ELIXIR and the broader scientific communities, we will work through a community case study and ensure that the data, analysis and results conform to a bona fide Research Object (RO), ensuring that they comply with FAIR principles. We will develop appropriate training materials for two key target audiences - producers of (workflows and ROs) and consumers.

This study is closely linked with the work of the Bioschemas Community.

 ELIXIR France, ELIXIR UK, EMBL-EBI, ELIXIR Finland
ELIXIR Belgium, ELIXIR Germany, ELIXIR Norway

An ELIXIR implementation study started in February 2017, as a collaboration between EMBL-EBI and ELIXIR-DE. Its main objective is to develop open, robust, scalable and reproducible proteomics data analysis workflows based on OpenMS, directly connected to the PRIDE database (an ELIXIR core data resource) and to deploy these pipelines in the EMBL-EBI "Embassy Cloud" as a proof of concept.

Building on this work, we here propose a follow-up project that has three objectives: 

  1. The inclusion of additional open tools developed by other ELIXIR nodes
  2. The improvement of the overall infrastructure supporting the implementation of proteomics data analysis pipelines
  3. The inclusion of quality control pipelines.

The overarching goal is that these tools can be deployed in other cloud infrastructures, and can be easily reused by anyone in the community, thus bringing the users closer to the tools, and the tools closer to the data.

Impact of the study

The outcome will be that an increased range of open proteomics tools will be included in an extended range of cloud infrastructures, including new quality control features based on OpenMS. Impact – increased facility for proteomics analysis across multiple cloud platforms – all with increased degree of quality control.

 ELIXIR Belgium, EMBL-EBI, ELIXIR Germany, ELIXIR France, ELIXIR Spain

This study aims to develop, refine and deploy ELIXIR-wide Identity and access management through the ELIXIR AAI Service that will underpin the LifeScience AAI (to be deployed across European research infrastructures and beyond). It will do this by:

  • Defining and continuously upgrading the access and user management system for the life science community (the LS AAI)
  • Implementing AAI services compatible with the EOSC and interoperable with standards supported by the e-infrastructures
  • Providing access control to sensitive resources (data, compute, tools)
  • Operating the LifeScience AAI
  • Coordinating training for users, service and resource providers

It will design KPIs and monitor impact across the tasks to measure success, to include: service usage, number of deployments, community engagement metrics, citations, use of cloud and compute specific metrics including HelpDesk and responsiveness, updates to services.

There are three Work Packages (WPs) within the study:

WP1.1: Define, operate and continuously upgrade the access and user management system to meet the requirements as described

Lead: Michal Prochazka (ELIXIR CZ)

This WP will determine the appropriate point when the move (upgrade) from the current ELIXIR AAI can be decided, and moved into the wider Life Science AAI, such that the required components can be operated by the e-infrastructures. When the decision to upgrade is made, the transition will be carried out based on the outcome of the current LS AAI pilot run within the AARC2 project. The selection of involved e-infrastructures is planned as a part of the EOSC Life project.

WP1.2: Access to sensitive data

Lead: Mikael Linden (ELIXIR FI)

This WP will add and strengthen features and components that are needed to provide strong authentication and trusted authorization and access control needed to control access to sensitive data. It will implement the resultant services for a range of Human Data requirements and use cases.

WP1.3: Training in AAI

Lead: Dominik František Bučík (ELIXIR CZ)

A set of training events dedicated to different target groups (primary researchers, developers and resource owners/providers/implementers) will be organized through the timeframe of the work program.

 ELIXIR Norway, ELIXIR Czech Republic, ELIXIR Italy, ELIXIR Finland, ELIXIR Netherlands, ELIXIR Luxembourg, ELIXIR Germany

The ELIXIR Luxembourg Node focuses on the development of a European repository of integrated molecular and clinical/translational data, and providing high-performance oriented data access, computing services and long-term sustainability.

In this Implementation Study, we will take part in ELIXIR Beacon, Local EGA, ELIXIR AAI and RD-Connect topics under ELIXIR Use Cases -  ‘Human Genomics and Translational Data’,  ‘Rare Disease’ and the ‘Compute Platform’ .

ELIXIR Luxembourg will provide Beacon data-discovery services for genomics data deposited in the Node and ensure a balance between efficient data sharing and data protection. The local EGA facilitates federated data environment, while the ELIXIR AAI provides flexible yet secure authentication and authorisation layer, so that the users from Luxembourg and all ELIXIR Nodes can access all the services in the Luxembourg Node through a single sign-on.

ELIXIR Luxembourg also has good working experience with tranSMART, thus this knowledge will be brough to RD-Connect and other similar projects in EXCELERATE and ELIXIR.

This study is associated with a number of ELIXIR Platforms, Communities and Projects: 

 ELIXIR Luxembourg

The aim of this new strategic implementation study is to build on the current progress made through the on-going implementation study to enable adoption and deployment of protocols and services by the broader ELIXIR community at scale. This Strategic Implementation Study (SIS) aims to coordinate existing efforts across ELIXIR, identify opportunities, contribute in a targeted and limited way with specific developments to connect relevant components and propose mechanisms for sustaining this effort over time.

 ELIXIR Belgium, ELIXIR Switzerland, ELIXIR Czech Republic, ELIXIR Germany, EMBL-EBI, ELIXIR Spain, ELIXIR Italy, ELIXIR Finland, ELIXIR France, ELIXIR Greece, ELIXIR Netherlands, ELIXIR UK
ELIXIR Finland
ELIXIR Finland

The ELIXIR Compute Platform Technical Strategy

Bioinformatics analysis typically involves a large number of software and reference data, making the installation process a time-consuming task. This problem is aggravated in a course setting, where every participant needs to have an identical installation, sufficient hardware to run it, and, ideally, access to an identical set-up after the course.

Ready-to-run virtual machine (VM) images containing an operating system and pre-installed analysis software, as well as containers, are gaining momentum in bioinformatics. These images and containers can be run on cloud platforms, which allows easy scaling for running tens or hundreds of simultaneous jobs in a course setting.

Several ELIXIR Nodes already provide cloud resources for national use. In order to enable also other Nodes to use cloud for training, it is necessary to investigate which of these cloud providers would be willing to provide cloud resources for international use in a sustainable manner.

As cloud, VMs and containers are new topics to many bioinformatics trainers, it is important that technical help is available. ELIXIR needs to have a streamlined process for requesting cloud resources and technical help, so that a suitable cloud is found promptly for a course and there is a clear mechanism for reimbursing the technical personnel and computing resource costs for the provider.

This study is now complete, the final report and other documents will be added as they are available. 

 ELIXIR Finland, ELIXIR Netherlands, ELIXIR Switzerland, ELIXIR France, ELIXIR UK, ELIXIR Belgium, ELIXIR Spain, ELIXIR Slovenia, ELIXIR Germany

Bioinformatics analysis typically involves a large number of software and reference data, making the installation process a time-consuming task. This problem is aggravated in a course setting, where every participant needs to have an identical installation, sufficient hardware to run it, and, ideally, access to an identical set-up after the course.

Ready-to-run virtual machine (VM) images containing an operating system and pre-installed analysis software, as well as containers, are gaining momentum in bioinformatics. These images and containers can be run on cloud platforms, which allows easy scaling for running tens or hundreds of simultaneous jobs in a course setting.

Several ELIXIR Nodes already provide cloud resources for national use. In order to enable also other Nodes to use cloud for training, it is necessary to investigate which of these cloud providers would be willing to provide cloud resources for international use in a sustainable manner.

As cloud, VMs and containers are new topics to many bioinformatics trainers, it is important that technical help is available. ELIXIR needs to have a streamlined process for requesting cloud resources and technical help, so that a suitable cloud is found promptly for a course and there is a clear mechanism for reimbursing the technical personnel and computing resource costs for the provider.

This study is now complete, the final report and other documents will be added as they are available. 

 ELIXIR Finland, ELIXIR Netherlands, ELIXIR Switzerland, ELIXIR France, ELIXIR UK, ELIXIR Belgium, ELIXIR Spain, ELIXIR Slovenia, ELIXIR Germany