EU Chips Act 2023: Semiconductor Sovereignty and Formal Verification
The EU Chips Act — Regulation (EU) 2023/1781 — entered into force on 21 September 2023. With €43 billion committed, it is the EU's most significant industrial policy intervention since the Single Market, targeting a doubling of EU semiconductor market share from 9% to 20% of global production by 2030.
The political narrative focuses on fab construction: TSMC's first European factory in Dresden (EU publicly funded at €5 billion), Intel's planned Magdeburg fab (scaled back in 2024 but still active). But for software developers working on embedded systems, FPGA design, or safety-critical ASIC development, the Chips Act has a different implication — one that intersects directly with formal verification, EU data sovereignty, and the infrastructure choices you make today.
What the EU Chips Act Actually Is
Regulation (EU) 2023/1781 has three operational pillars:
Pillar 1 — Chips for Europe Initiative: €3.3 billion for research, design, and piloting. Funds virtual design libraries, pilot lines for next-generation nodes, advanced packaging. Key institutions: IMEC (Belgium), Fraunhofer Institute (Germany), CEA-Leti (France), VTT (Finland). The goal is a European design ecosystem that does not depend on US EDA software for competitive silicon.
Pillar 2 — Supply and Resilience: Framework for "first-of-kind" European chip facilities with streamlined permits and public funding eligibility. This is how TSMC Dresden and Intel Magdeburg obtained public investment authorisation under EU state aid rules.
Pillar 3 — International Coordination: Semiconductors as geopolitical infrastructure. The EU Semiconductor Alliance coordinates with the US CHIPS Act (2022), Japan's Rapidus program, and South Korea's K-Chips Act — while maintaining strategic autonomy in critical supply chains.
The Formal Verification Imperative
The EU Chips Act does not mandate formal verification directly. But the safety standards that govern publicly funded chip applications — and the EU AI Act's requirements for high-risk AI hardware — create an effective mandate.
ISO 26262 ASIL D — Automotive
ISO 26262:2018 (Road Vehicles Functional Safety) requires formal verification at ASIL D, the highest automotive safety integrity level. This covers:
- Model checking: Exhaustive property checking over all possible states of the RTL design. UPPAAL (Aalborg University DK + Uppsala University SE) handles timed properties; Spin/Promela handles concurrent process verification.
- Formal equivalence checking: Proving that post-synthesis netlist is functionally equivalent to RTL. Cadence Conformal and Synopsys Formality are the US commercial tools. EU alternative: Yosys-based equivalence checking with SymbiYosys.
- Static assertion-based verification: SystemVerilog Assertions (SVA) or VHDL property specifications verified by bounded model checking.
EU automotive chip developers: Infineon Technologies (DE), NXP Semiconductors (NL), STMicroelectronics (IT/FR). All three are subject to ISO 26262 for their automotive product lines and explicitly require formal methods in their development processes.
IEC 61508 SIL 3/4 — Industrial and Safety-Critical
IEC 61508 (Functional Safety of E/E/PE Safety-Related Systems) applies to industrial control, process automation, and railway electronics. SIL 3 and SIL 4 require formal methods as a "highly recommended" technique. For SIL 4, formal proof of correctness is effectively required for complex programmable logic.
EU applications: Siemens rail control systems (DE), ABB industrial automation (CH/SE), Schneider Electric (FR), Phoenix Contact (DE).
EU AI Act — High-Risk AI Hardware
The EU AI Act (Regulation EU 2024/1689, applicable August 2026) classifies AI systems in safety-critical contexts as high-risk. Article 9 requires a risk management system throughout the lifecycle. For hardware accelerators (NPUs, AI ASICs) deployed in:
- Medical devices (EU MDR Class IIb/III)
- Automotive (SAE Level 3+ autonomy)
- Critical infrastructure control
...formal verification of the hardware is not explicitly mandated but represents the only credible path to compliance demonstration under Article 9's "all risks reduced to an acceptable minimum" requirement.
EU-Native EDA Tools — The CLOUD Act Problem
The electronic design automation (EDA) market is dominated by two US companies: Synopsys (Mountain View, CA) and Cadence Design Systems (San Jose, CA). A third significant player is Mentor, acquired by Siemens AG (DE) in 2017 and rebranded as Siemens EDA.
For EU chip developers working on classified defence contracts, safety-critical national infrastructure, or any system where CLOUD Act-compelled disclosure is a concern, the US EDA duopoly creates a structural problem. Synopsys and Cadence hold your RTL, netlist, timing data, and verification results in US-jurisdiction software with US-licensed tool servers — potentially subject to 18 U.S.C. § 2703 warrantless access requests.
Open-Source EU-Adjacent Formal Verification Stack
The open-source EDA ecosystem provides a full formal verification path that runs entirely on EU-jurisdiction infrastructure:
Yosys — Open synthesis framework by Clifford Wolf (AT, Vienna). Converts Verilog/SystemVerilog RTL to internal representation (RTLIL) that SymbiYosys operates on. MIT licensed, no export control restrictions.
# Synthesise design to RTLIL
yosys -p "synth -top my_module; write_rtlil design.il" design.v
SymbiYosys (sby) — Formal verification frontend for hardware, built on Yosys. Clifford Wolf (AT). Supports bounded model checking (BMC), k-induction, and cover properties via SMT solvers including Boolector (Johannes Kepler University Linz AT), Bitwuzla (RWTH Aachen DE/University of Freiburg DE), and Z3 (Microsoft Research, but runs locally).
# example.sby — formal verification configuration
[options]
mode bmc
depth 20
[engines]
smtbmc bitwuzla
[script]
read -formal my_module.v
prep -top my_module
[files]
my_module.v
GHDL — IEEE-compliant VHDL simulator and synthesis tool. Tristan Gingold (FR, CERN). GHDL + SymbiYosys enables formal verification of VHDL designs without proprietary tools.
mCRL2 — Process algebra toolset from TU Eindhoven (NL) + CWI Amsterdam (NL). Applied to communication protocol verification in chip designs, particularly useful for NoC (Network-on-Chip) topology analysis.
Siemens EDA — The EU Commercial Option
Mentor Graphics became Siemens EDA after its 2017 acquisition by Siemens AG (Munich, DE). Key tools:
- Questa Formal — Formal verification platform supporting SVA, PSL, and VHDL property specifications. Runs on EU infrastructure, EU company jurisdiction, no CLOUD Act pathway.
- ModelSim — Industry-standard VHDL/Verilog simulator, now part of Siemens EDA. ISO 26262 qualified.
- Tessent — Design-for-test and functional safety verification toolchain. IEC 61508 and ISO 26262 qualified.
Siemens EDA is headquartered in Munich (DE) with R&D in Wilsonville (OR, US) — the EU jurisdiction applies at the company level, but the US-origin development creates a grey area for classified work. For the highest-sensitivity applications, the open-source stack on EU-native infrastructure is the only path to full legal clarity.
The Fab Landscape: Where EU Silicon Is Made
TSMC Dresden — European Semiconductor Manufacturing Company (ESMC)
TSMC's first European fab, announced in 2022 and groundbroken in August 2024, targets production start in 2027. Structure:
- Entity: European Semiconductor Manufacturing Company (ESMC GmbH)
- Ownership: TSMC (70%), Infineon (DE, 10%), NXP (NL, 10%), Robert Bosch (DE, 10%)
- Technology node: 28nm and 22nm (mature nodes for automotive and industrial)
- Capacity: 40,000 wafer starts per month at full ramp
- Public funding: ~€5 billion from German federal and state governments under Chips Act Pillar 2
The 28nm/22nm node choice is deliberate: automotive and industrial applications do not require cutting-edge nodes. ASIL D microcontrollers and safety-critical actuator chips work on mature processes where reliability and qualification data are available. This is not trailing-edge — it is the correct node for the application.
Intel Magdeburg — Scaled Back but Active
Intel's planned Magdeburg "mega-fab" (2nm node, 34 billion investment) was scaled back in September 2024 following Intel's financial difficulties. The project is not cancelled — Intel retains the site and the €10 billion in German state aid commitments remain contingent on construction progress. Current status: planning phase extended to 2027 decision point.
Existing EU Fabs
| Fab | Company | Location | Node | Output |
|---|---|---|---|---|
| Crolles | STMicroelectronics + GlobalFoundries | Grenoble, FR | 28nm | RF, automotive |
| Dresden Fab 1/2 | GlobalFoundries | Dresden, DE | 22nm | AMD, automotive |
| Regensburg | Infineon | Regensburg, DE | 40nm | Power semiconductors |
| Nijmegen | NXP | Nijmegen, NL | 140nm | RF, automotive |
| Leuven | imec | Leuven, BE | Research | R&D pilot lines |
ASML: The EU's Existential Chip Infrastructure
No discussion of EU semiconductor sovereignty is complete without ASML Holding NV (Veldhoven, NL). ASML manufactures the extreme ultraviolet (EUV) lithography systems that are the only way to print sub-7nm chips. Without ASML equipment, TSMC cannot produce Apple's A18 chip, Samsung cannot produce Exynos, and AMD cannot produce its latest CPUs.
ASML is 100% EU-headquartered, listed on Euronext Amsterdam and NASDAQ. This is the single most strategically important technology company in the world for semiconductor production — and it is European.
The EU Chips Act explicitly includes advanced equipment manufacturers in its scope. ASML qualifies for Pillar 2 support for R&D investments and is a key stakeholder in the European Semiconductor Alliance.
Practical Implications for EU Developers
Running Formal Verification on EU-Native Infrastructure
Formal verification is computationally intensive. SymbiYosys with SMT solvers on a complex design can run for hours. The question of where this computation happens matters:
- AWS, Azure, GCP: US-jurisdiction cloud. Your RTL and verification results are on US-controlled infrastructure, accessible under the CLOUD Act.
- EU-native PaaS (Clever Cloud FR, Scalingo FR, sota.io DE): EU-jurisdiction compute, no CLOUD Act pathway, GDPR-compliant by default.
For automotive OEM supply chains working under ITAR or controlled under EAR export regulations, running formal verification on US-cloud infrastructure is not permitted for covered designs. EU-native compute is the only compliant option.
EU Chips Act Design Funding — What You Can Apply For
The Chips for Europe Initiative funds:
- Pilot line access — Access to advanced process nodes at IMEC, CEA-Leti, Fraunhofer for prototyping. Application via national contact points.
- Design centre support — Funding for EU startups building chip IP, design tools, or chiplet ecosystems.
- Skills and talent — Education programs for chip design engineers (EU has a significant talent shortage vs US and Asia).
Applications are processed through the European Chips Infrastructure Consortium (ECIC) — a public-private partnership coordinating the Chips Joint Undertaking under Horizon Europe rules.
The Developer Checklist
If you are building embedded firmware, FPGA designs, or ASIC IP in an EU context:
- Check your EDA tool jurisdiction — Is your formal verification running on Synopsys/Cadence (US CLOUD Act)? Or on Siemens EDA / open-source stack?
- Run compute on EU infrastructure — SymbiYosys jobs, simulation runs, and synthesis should happen on EU-jurisdiction servers for sensitive designs.
- Know your safety standard — ISO 26262 ASIL D? IEC 61508 SIL 4? EU AI Act high-risk? Each has different formal methods requirements.
- Check Chips Act funding eligibility — If you are an EU startup building chip design tools or IP, Pillar 1 funding may apply.
- Document your verification chain — The EU AI Act (August 2026) requires traceability for high-risk AI hardware. Formal verification results need to be part of your technical documentation.
sota.io and EU Chip Design Infrastructure
EU chip design involves more than EDA tools and fab access. The software infrastructure running CI/CD for RTL simulation, formal verification jobs, and hardware-in-the-loop testing needs the same sovereignty guarantees as the design itself.
sota.io is an EU-native PaaS (incorporated and operated in Germany, no US parent company) that provides the compute layer for exactly this use case: running SymbiYosys verification pipelines, GHDL simulation jobs, or mCRL2 model checking on EU-jurisdiction infrastructure without CLOUD Act exposure.
The EU Chips Act creates the chip manufacturing base. EU-native infrastructure provides the compute layer to develop and verify what runs on those chips.
Conclusion
The EU Chips Act is infrastructure policy in the oldest sense: building the physical and institutional substrate for long-term technological sovereignty. For developers working on embedded systems and safety-critical hardware, this creates both opportunity (fab access, design funding) and obligation (EU AI Act, ISO 26262, IEC 61508 all tightening their formal verification requirements).
The EDA tool question — Synopsys/Cadence (US) vs Siemens EDA / open-source stack (EU) — is the developer-level expression of the same sovereignty choice the EU Chips Act is making at the manufacturing level. Both choices point in the same direction: EU-native tools, EU-native compute, EU-jurisdiction verification.
Related posts: EU AI Act Article 9 Formal Verification · EU Cyber Resilience Act 2027 Developer Checklist · EU Data Act 2025 Cloud Switching Rights