Professional Documents
Culture Documents
Sppa t3000 r8 2 Cybersecurity Brochure en Se
Sppa t3000 r8 2 Cybersecurity Brochure en Se
Sppa t3000 r8 2 Cybersecurity Brochure en Se
power plant
with continuous
security
SPPA-T3000 R8.2
siemens-energy.com/sppa-t3000
SPPA-T3000 R8.2 | Continuous security
Minimum Risk
Extensive Experience
• SPPA-T3000 in use in over 3,000 units worldwide
Global experts
• Presence in 190 countries
• Comprehensive knowledge of particular markets and their special requirements
Investment Protection
Long Term Supported Release 8.2:
Every change you make could impact connected comp- • We understand that patching and upgrading OT compo-
onents, while vulnerabilities in one place may lead to nents is different than IT patches.
problems across the system. The optimal way to manage
security effectively is through integrated services: That • The risks are greater, the potential for operational
is exactly what SPPA-T3000 offers. impact is higher and the need for specialized knowledge
and skills is more urgent.
• System Hardening
Security processes
• Secure Remote Access
Security consciousness
Terminal
Server
Security
Server
Vulnerability Management
The operational technology (OT) environment and land- exposed. Typically, operational technologies are actively
scape is constantly evolving, so vulnerability management scanned for vulnerabilities, but only during shutdown.
is more important than ever before. Organizations need a Given the understandable reluctance to shut down a plant,
modern, comprehensive strategy to quickly and accurately this means fewer opportunities exist to scan for vulnerabili-
identify vulnerabilities and misconfigurations and reme- ties. Even on rare occasions when a system network is
diate them, tailored to your standard installed SPPA-T3000 analyzed, plant operators struggle to actively prioritize and
plant. Siemens SPPA-T3000 provides a comprehensive schedule remediation. The plant’s operational network
strategy to quickly and precisely identify vulnerabilities and remains unsecure.
operational risks so they can be mitigated and remediated
immediately, to avoid any potential for harm. This approach
is customized for your SPPA-T3000 plant.
Solution
Considering the importance of having a well defined
The Challenge strategy for vulnerability management, we have developed
a comprehensive srategy, which accurately identifies
Many software and hardware vulnerabilities may have vulnerabilities and misconfigurations and remediates them,
operational consequences. These vulnerabilities can range specifically for your standard installed SPPA-T3000 plant.
from affecting physical devices, to modifying underlying We frequently issue security advisories to communicate any
execution procedures, to leaving security information affected vulnerability, via our I&C Customer Portal.
Step 1 Step 4
• Active and continuous • Remote Service of regular
scanning of all stan- inspection to identify, inves-
dard HW / SW / Firmware tigate, prioritize and remedi-
release products Step Step ate vulnerabilities as well
• R&D notification of
01 04 as possible misconfiguration
in the entire environment
the vulnerabilities in of standard delivered
real time SPPA-T3000
• Improvement of communication security by extension of • Remote proactive services to detect potential issues
input validation before they escalate
• Two-factor authentification for cRSP • I & C Monitors & Advisors implement digitalization into
the traditional DCS service
• Full integration of Unidirectional Gateway (SPPA-UDG)
• Software or System Maintenance Agreement – we keep
your software “up to date” and secure
sppa-t3000.energy@siemens-energy.com
SP1
LTS R7 Maintenance
SPPA-T3000 is well positioned with a comprehensive security concept to meet the requirements of
common security standards. SPPA-T3000 is designed to be compliance ready for the applicable VGB-S-175,
NERC CIP Standard and IEC 62443-3-3 / IEC 62443-4-1.
From 2005 …
Minimum
system
complexity
Easy
operation
Data
transparency
SPPA-T3000
R8.2
Security
by design Flexible
connectivity
Clever
HMI No
subsystem