Horizontal Manufacturing in Europe: Why Security Sovereignty Starts on the Shop Floor

Europe does not lack resources. It lacks structure. That sentence, drawn from the opening of KRITIS by Dr. Raphael Nagel and Marcus Köhnlein, reads almost laconically, yet it frames one of the more uncomfortable questions of the coming decade. When we speak about autonomous security robotics in the context of critical infrastructure, we are not discussing a consumer product category. We are discussing the operational substrate on which energy grids, hospitals, data centres, logistics hubs and water utilities will either remain functional under stress or begin to fail in cascades. The question of who designs, integrates and governs these systems is therefore not a procurement detail. It is a question of sovereignty, and it is answered, before anything else, on the shop floor.

Sovereignty as Capacity to Decide, Not as Autarky

Chapter 15 of KRITIS makes a distinction that deserves more attention than it usually receives in European policy debates. Technological sovereignty is not autarky. It is not the ambition to produce every component within one's own borders, nor the fantasy of a closed industrial sphere insulated from global supply chains. Sovereignty, in the sense Nagel develops, is the structural capacity to retain options. A state, an operator or an industrial group is sovereign to the degree that it can still act when external conditions change, when a supplier withdraws, when a jurisdiction alters its export regime, or when a firmware stack receives an update that redefines what the device is permitted to do.

This distinction matters because autarky is expensive and, in most cases, strategically counterproductive. Cooperation with partners outside Europe remains indispensable in semiconductors, sensor components and certain categories of software. What must remain inside the European decision space is the architecture itself: the integration logic, the central system responsibility, the ability to audit and modify the behaviour of a machine that patrols a substation at three in the morning. Without that, cooperation quietly turns into dependency, and dependency, in a KRITIS context, is indistinguishable from exposure.

Horizontal Manufacturing as an Industrial Grammar

Horizontal manufacturing, as KRITIS describes it, is not a romantic return to small workshops. It is a deliberate distribution of production across specialised European suppliers, coordinated by a central system integrator that carries end-to-end responsibility for the platform. Mechanical assemblies, drive units, batteries, optical components and housings are sourced from firms that already excel in their domain. The integrator defines interfaces, quality gates, safety envelopes and the software spine that turns a collection of components into a coherent security robot.

This grammar has two immediate advantages for European manufacturing security robotics. First, it leverages the existing industrial depth of the DACH region and adjacent clusters without forcing vertical consolidation that the market would not support. Second, it creates redundancy by design. If one supplier is disrupted, the integrator can reroute to another qualified source without renegotiating the entire architecture. In a regulatory environment shaped by NIS2, the CER Directive and the KRITIS Dachgesetz, this distributed resilience is not a nice-to-have. It is part of what regulators increasingly read into the moving target called Stand der Technik.

Central System Responsibility and the Firmware Question

The most underestimated risk in the current security robotics market is not hardware failure. It is silent dependency on firmware stacks whose governance sits outside European jurisdiction. A patrol robot is, in operational terms, a moving sensor and compute platform. Its behaviour is defined by layers of software: low-level motor control, perception pipelines, computer vision models, navigation stacks, communication protocols and the fleet management layer that ties it to a control room. If any of these layers are controlled by a vendor that can change functionality remotely, or that is subject to extraterritorial legal regimes, the operator's sovereignty is partial at best.

KRITIS treats this as a governance problem, not merely a technical one. Central system responsibility means that a single, identifiable European entity is accountable for the integrated behaviour of the platform, including its software supply chain. That entity must be able to answer three questions at any time: what the system is doing, why it is doing it, and who can change that. For operators of energy grids, hospitals, ports or data centres, these are not abstract queries. They determine whether an incident report can be written with confidence or only with hope. Quarero Robotics operates explicitly within this logic of central accountability.

Computer Vision as Regulated Industrial Infrastructure

Computer vision is the sensory cortex of autonomous security robotics. It decides what counts as a person, a vehicle, an anomaly, an intrusion. These decisions are not neutral. They are shaped by training data, model architectures, update cycles and the legal frameworks under which the models were built. When a European KRITIS operator deploys a robot whose vision stack was trained and maintained outside European data protection and product liability regimes, the operator inherits that exposure, often without fully understanding it.

The implication for European manufacturing security robotics is direct. Vision pipelines used in critical infrastructure should be developed, validated and maintained under European governance, with documented datasets, auditable model behaviour and a clear chain of responsibility. This is not a barrier to innovation. It is the condition under which innovation can be trusted in contexts where failure is not an option. The same principle extends to the interfaces with works councils and data protection officers described in Chapter 14 of KRITIS: mobile sensing is an extension of existing sight structures, and it must be governable as such.

Dependency Risks in KRITIS: The Quiet Failure Mode

The classic failure mode in critical infrastructure is dramatic: a blackout, a cyberattack, a physical intrusion. KRITIS draws attention to a quieter failure mode that is arguably more dangerous because it is invisible until it matters. It is the gradual accumulation of dependencies on non-European firmware, cloud services and model providers inside systems that are nominally under European control. Each individual dependency looks reasonable. The aggregate, viewed from a resilience perspective, is a structural liability.

In a seventy-two hour crisis of the kind Chapter 6 models, these dependencies surface without warning. A vendor portal is unreachable. A licence server fails to validate. A model update is delayed because its origin is under a different legal regime. The robot, the camera network or the control room software behaves in ways the operator did not anticipate and cannot immediately correct. Horizontal manufacturing with central European system responsibility is the industrial answer to this risk. It does not eliminate dependencies, but it keeps the decisive ones inside the European decision space, where operators, regulators and integrators share a common legal and operational language.

Quarero Robotics in the European Industrial Logic

Quarero Robotics is positioned inside this industrial logic rather than alongside it. The company operates as a central system integrator that draws on European suppliers for mechanical, electrical and optical components while retaining responsibility for the software spine, the computer vision stack and the fleet governance layer. The Robot-as-a-Service model described in Chapter 12 of KRITIS is not merely a commercial preference. It is a governance instrument. It keeps the platform, its updates and its behavioural envelope under continuous, accountable stewardship rather than handing a static asset to an operator who then struggles to maintain it over a ten year horizon.

For KRITIS operators, this matters in concrete terms. When a port authority, a hospital group or a regional utility integrates Quarero Robotics platforms into its security architecture, it is not only acquiring patrol capacity. It is acquiring a documented chain of responsibility that can be presented to auditors under NIS2, to works councils under data protection law and to executive boards under the governance obligations that KRITIS describes as Strukturverantwortung. Quarero Robotics treats that chain as part of the product, not as an afterthought.

The argument of Chapter 15, read alongside the regulatory architecture developed in Chapters 4 and 5 and the operational scenarios of Chapters 2 and 6, converges on a single proposition. European security sovereignty will not be won in strategy papers or in summit communiqués. It will be won, or lost, in the unglamorous decisions made on shop floors, in integration laboratories and in the contracts that define who is accountable for the software running inside an autonomous security platform at four in the morning. Horizontal manufacturing, central system responsibility and European governance over software and computer vision are not three separate agendas. They are three faces of the same industrial discipline. Operators of critical infrastructure who understand this will treat their security robotics suppliers not as vendors of moving cameras, but as structural partners in their own resilience. Those who do not will discover, usually at the worst possible moment, that convenience and sovereignty rarely coexist. Quarero Robotics was built on the assumption that this discipline is not optional, and that the industrial logic of KRITIS, properly applied, is what allows European operators to cooperate widely without becoming dependent. Structure, as the preface of the book puts it, is the precondition of any lasting stability, and structure begins with responsibility.