Can defence contractors use frontier-AI support under CADA?

Summary Yes, defence contractors can access frontier-AI support under the proposed Cloud and AI Development Act (CADA), provided their projects align with the EU's strategic objectives for technological sovereignty and security. As proposed, Article 8 allows the Commission to recognise pioneering projects as "frontier AI priority projects" if they support the development of frontier AI technologies, including in cybersecurity and other strategic sectors. Furthermore, Article 9 ensures that the Union and Member States allocate sufficient computing resources to these designated projects. However, this support is not automatic; it requires meeting strict criteria, such as broad participation from at least three Member States and involvement through a European digital infrastructure consortium. Crucially, Recital 19 explicitly highlights the need for "secure and verifiable compute approaches" to enable the use of AI in sensitive contexts like defence, while Recital 20 calls for highly secured infrastructures for training and deploying defence-related models.

Detail

The Cloud and AI Development Act (CADA) introduces a structured framework to boost the EU's capabilities in frontier artificial intelligence, explicitly acknowledging the strategic importance of sectors like defence. For defence contractors, CADA offers a pathway to secure both recognition as a priority project and access to high-performance computing resources, which are currently scarce in the European market. This framework is designed to reduce dependencies on non-European providers while fostering innovation in critical domains.

Frontier AI Priority Projects (Article 8)

Under CADA, the European Commission has the power to designate specific initiatives as "frontier AI priority projects." According to Article 8, this recognition is reserved for projects selected through open calls for expressions of interest that support "grand challenge 3" set out in Annex I of the Regulation. To qualify, a project must meet three cumulative criteria:

1. Pioneering Nature: It must be a pioneering project focused on the support and scaling-up of frontier AI technologies.
2. Consortium Structure: It must be undertaken by a European digital infrastructure consortium (EDIC) established pursuant to Decision (EU) 2022/2481 or another legal entity eligible for funding under Union law, and it must involve the participation of at least three Member States.
3. Resource Pooling: The participating Member States must pool computing time and other relevant resources to support the implementation of the designated project.

This structure encourages cross-border collaboration and prevents fragmentation, ensuring that frontier AI development is a collective European effort rather than a series of isolated national initiatives. For defence contractors, this means that standalone national projects may not qualify unless they are part of a broader, multi-member state consortium. The requirement for an EDIC or similar Union-eligible entity ensures that the project is embedded within the EU's digital infrastructure strategy.

Computing Support for AI Projects (Article 9)

Once a project is recognised as a frontier AI priority project under Article 8, it becomes eligible for significant computational support. Article 9 mandates that the Union and Member States ensure sufficient AI computing resources are allocated to support the development of these projects, within the limits of available capacity. Specifically, the Union shall at least match the AI computing resources contributed by Member States to these priority projects, to the extent that sufficient AI computing capacity is available within the Union's share of European high-performance computing (EuroHPC) access time.

Beyond frontier AI, Article 9 also states that the Union and Member States shall endeavour to provide sufficient computing resources for AI industrial innovation, physical AI, and public sector AI projects. This broader provision ensures that defence-related industrial AI, which may not strictly qualify as "frontier" in the algorithmic sense but is critical for strategic autonomy, still has a pathway to access compute resources. The provision explicitly mentions "physical AI" and "industrial AI," which are highly relevant to defence applications such as autonomous systems and robotics.

Defence as a Strategic Sector and Secure Compute

The CADA proposal explicitly positions defence as a key area for AI development. Recital 19 notes that AI has emerged as a disruptive technology with significant impact on security and defence. It states that the Cloud and AI Leadership Initiatives could support the development of advanced capabilities in full complementarity with, and without prejudice to, dedicated Union instruments such as the European Defence Fund (EDF) and the European Defence Industry Programme (EDIP).

Furthermore, Recital 19 highlights the need for "secure and verifiable compute approaches" to enable the use of AI in sensitive contexts. This is particularly relevant for defence contractors, who often handle classified or highly sensitive data. The proposal recognises that the deployment of AI in industrial and defence contexts requires rigorous validation in real-world environments and access to highly secured computing infrastructures. Recital 20 reinforces this by stating that the Union should foster the availability of highly secured computing infrastructures for the training, testing, and deployment of defence-related AI models and systems.

This emphasis on "secure and verifiable compute" aligns with the broader sovereignty framework in Title IV of CADA. For defence applications, this likely translates to a requirement for Union assurance levels 3 or 4, which mandate strict data localisation, personnel screening (Union citizenship), and the absence of third-country control. The proposal ensures that the infrastructure supporting defence AI is resilient against external interference and compliant with EU security standards.

Integration with Existing Frameworks

It is crucial to note that CADA does not replace existing defence funding mechanisms. Instead, it complements them. The proposal is designed to work alongside the EDF and EDIP, providing the necessary computational backbone and sovereignty framework that these funds may not directly address. By leveraging CADA, defence contractors can access the EuroHPC infrastructure and benefit from the harmonised sovereignty framework, which helps mitigate risks associated with third-country dependencies in cloud and AI services.

The "grand challenges" outlined in Annex I further contextualise this support. Grand Challenge 1 focuses on environmental sustainability and security of data centres, while Grand Challenge 5 targets industrial AI across strategic sectors, explicitly mentioning defence. Grand Challenge 6 addresses cooperative European industrial models, which could facilitate secure collaboration between defence entities without exposing commercially sensitive data.

What this means for you

For CTOs and architects in the defence sector, CADA presents both an opportunity and a set of new compliance considerations.

1. Consortium Building is Key: If you aim to access frontier-AI support under Article 8, you cannot act alone. You must collaborate with partners in at least two other Member States and ideally operate through a European digital infrastructure consortium. Start building these cross-border alliances now to meet the "three Member States" threshold.
2. Leverage EuroHPC: Recognised projects get matched compute resources from the Union. Ensure your project proposals clearly demonstrate how they will utilise EuroHPC capacity and how they contribute to the EU's strategic autonomy. The matching mechanism in Article 9 is a powerful lever for securing high-performance compute.
3. Focus on Sovereignty: The CADA sovereignty framework (Title IV) will increasingly influence procurement. Defence contractors should ensure their AI models and cloud services meet the highest Union assurance levels (likely Level 3 or 4 for sensitive defence applications). This includes strict data localisation, personnel screening, and absence of third-country control.
4. Secure Compute: Invest in or partner with providers offering "secure and verifiable compute" solutions. As Recital 19 suggests, this is essential for sensitive contexts like defence. Demonstrating robust security and sovereignty features will make your proposals more competitive for both CADA recognition and public procurement.
5. Complement, Don't Replace: Use CADA to secure compute and sovereignty compliance, but continue to apply for traditional defence funding (EDF, EDIP) for R&D costs. The two frameworks are designed to work together, with CADA addressing the infrastructure gap.

Common misconceptions

• Myth: CADA replaces the European Defence Fund (EDF).
  • Fact: CADA complements the EDF and EDIP. It focuses on compute capacity, sovereignty, and ecosystem building, while the EDF focuses on direct R&D funding for defence projects. They are mutually reinforcing, as noted in Recital 19.
• Myth: Any defence AI project can automatically access EuroHPC.
  • Fact: Access is prioritised for projects recognised as "frontier AI priority projects" under Article 8 or those supporting grand challenges. General access remains competitive and limited by available capacity. The matching mechanism in Article 9 is conditional on project designation.
• Myth: Defence AI is excluded from CADA because it is sensitive.
  • Fact: On the contrary, defence is explicitly highlighted as a strategic sector. CADA provides the sovereign framework and secure compute infrastructure necessary for defence AI, ensuring it can be developed and deployed within the EU without reliance on third-country providers. Recital 20 specifically calls for highly secured infrastructures for defence-related models.
• Myth: Only large incumbents can benefit.
  • Fact: While consortia are required, SMEs can participate as partners in these multi-member state projects. The proposal aims to create opportunities for smaller EU-based providers through common procurement and innovation support.

Official sources

• Digital Decade Policy Programme (Decision (EU) 2022/2481)

Related

• Can AI startups get CADA computing support? Frontier AI rules explained
• Which CADA assurance level should defence workloads use?
• When can AI startups start benefiting from CADA support?
• How can researchers access AI computing support under CADA?
• How can a startup qualify as a CADA frontier-AI project?

This is general information about a draft EU regulation, not legal advice.