Legislative Observatory
European Parliament
Please fill in this field to find a procedure

Schengen: second generation information system SIS II, development. Initiative Belgium and Sweden

2001/0818(CNS)

This report concerns the development of the Second Generation Schengen Information System (SIS II) -Progress Report (July‑December 2008).

This progress report describes the work carried out by the Commission in the second semester of 2008 on the development of the second generation Schengen Information System (SIS II). It constitutes a test status report as foreseen by Council Regulation (EC) No 189/2008 and Council Decision 2008/173/EC on the tests of the second generation Schengen Information System (SIS II).

The SIS II Project is divided into three phases:

(i)                 phase 1 is concerned with system design and was completed prior to this reporting period;

(ii)               phase 2 deals with development and testing of the central system which has been problematic during this reporting period;

(iii)             phase 3 addresses final test and migration activities from the currently used SIS 1+ to SIS II.

In the early months of 2008 the Commission focussed on revising the SIS II schedule. Unfortunately, despite all preventative measures taken by the Commission to ensure that the tests should be conducted as planned (with an end date of September 2009), the main development contractor for SIS II encountered significant problems in the central system. The immediate consequence was the suspension of the Operational Systems Test (OST) - which verifies that the central system can operate with a set of connected national systems - on 4 September 2008. The main problems were as follows:

  • certain tests verifying data consistency between the data stored in the central system and the national systems were inconclusive;
  • problems arose in the transmission of messages between the central system and the national systems (some messages went missing whilst others were duplicated);
  • the generation and loading, within the central systems or within the national systems, of the large amounts of data necessary for performance tests proved impossible within the timescale which had been anticipated.

The Commission immediately escalated these matters to the highest level with the company leading the main development contract. The OST was resumed on 5 November and ended on 17 December. A preliminary analysis indicates that despite the significant improvements achieved during the autumn, the exit criteria for the OST (i.e. zero blocking issues and zero major bugs) have not been reached.

The necessity to discontinue the OST in September, the subsequent delays related to the remediation period of 20 days and the additional testing period, have led to the exhaustion of all existing margins in the project plan, thereby implying that a rescheduling of the project is necessary. Such re-scheduling should, however, be deferred until the completion of the analysis of OST results.

The Operational System Test demonstrates that the number of bugs in the central SIS II reduced between November and December 2008 and that the SIS II functionalities work. However, during this phase, a number of problems have persisted, and need to be resolved in the area of data consistency (a mechanism to ensure the equivalence of data between the national systems and the central system), performance and robustness of the system. The facts that some of the bugs are still present and that more time is needed for their resolution show that the date for migration from SIS 1+ to SIS II, set for September 2009, is no longer realistic.

In this situation, it is appropriate to implement immediately a working method that ensures a global approach to the project, including the concepts of thorough analysis, effective test methodology management and monitoring. These elements are covered in the repair plan, comprehensive project management and global testing approach initiatives implemented by the Commission with the support of the Council.

Priorities for the next reporting period:

  • Setting up and implementing an analysis and repair plan to address the failure of the OST: in order to accurately identify the underlying causes of remaining problems affecting the system, the Commission will complete an in-depth analysis of SIS II (root cause analysis), building on the work already carried out in the final months of 2008 on contingency and mitigation options;
  • Global programme management approach: in order to ensure the necessary consistency between the development of the central system and national systems, the Commission will implement a global programme management structure encompassing central and national developments, bringing together Member States and users and Commission project managers as well as the contractors;
  • Testing: the tests run since April 2008 have highlighted some shortcomings in the current test plan. To address this problem, the Commission will design, together with Member States' and users' experts, a new test plan based on a global approach to testing, which would guarantee a full involvement of Member States and users;
  • Migration Development: the development of the converter for migration will continue during the next reporting period;
  • Operational Management: Negotiations on the second contract with Austria, dealing with training and other services before go-live, and the completion of the job profile for the Backup Central Unit Administrator in Salzburg by France, will be discussed between the Commission, France and Austria;
  • Security and Data Protection: Bilateral meetings between European Data Protection Supervisor staff and the Commission services take place on a regular basis to discuss issues related to SIS II. In the EDPS document "Inventory 2009", it is reported that preparations are taking place for the entry into force of SIS II, which includes the supervisory role of the EDPS.