Protect your power plant with continuous security.SPPA-T3000 R8.2Because stability matters

siemens.com/sppa-t3000© Siemens Energy 2020. All rights reserved. Siemens Energy is a registered trademark of Siemens AG.

Value & Benefits

2

SPPA-T3000 R8.2

Global expertsPresence in 190 countriesComprehensive knowledge of particular markets and their special requirementsContinuous investments in R&DContinuously innovating to allow you to be ready, flexible, and resilient today and in thefuture

Siemens, Your Trusted Partner

Extensive ExperienceSPPA-T3000 in use in over 3,000 unitsworldwide

MINIMUM RISK

Tried and Tested TechnologyClear and intuitive operationFirst-rate alarm handling for quick reactionin critical situationsOne-click access to root cause analysisClear instructions and transparency of potentialupcoming issuesIntegrated workflows, integrated Alarm Management and AnalysisUser-friendly engineering

The SPPA-T3000 Operator-Centric Approach

RELIABLE DAY-TO-DAY OPERATION

Long-Term-Supported Release 8.2:Includes long-term support for min. 8 yearsof lifecycle protectionOnline installation of patches and updatesfor uninterrupted availabilityAdditional powerful security capabilitiesfor compliance with challenging requirementsInnovated hard- and software for flexibility in automation and communication performanceSmall size DCS for efficient and reliable operation of remote and distributed units and plant auxiliaries

Endless Continuity – Evolving the Proven DCS

INVESTMENT PROTECTION

3

SPPA-T3000 R8.2

Keeping Your System Secure

A secure system must always be kept up-to-date to reduce vulnerability

Every change you make could impact connected components, while vulnerabilities in one place may lead to problems across the system. The optimal way to manage security effectively is through integrated services:That is exactly what SPPA-T3000 offers.

• We understand the power generation OT landscape better than a pure IT company

• We are engineers, manufacturers and power generation asset managers, with profound OT know-how

• We understand that patching and upgrading OT components is different than IT patches

• The risks are greater, the potential for operational impact is higher, and the need for specialized knowledge and skills ismore urgent

• We also understand the balance between stringent IT security and the need for physical security within a power plant

4

SPPA-T3000 R8.2

Keeping Your System SecureContinuous development of cyber security features contributes to maintaining high plant security level for the entire lifecycle of your asset

Our holistic approach with the 5 levers of Cyber Security:

• Security features

• Security processes

• Handling of vulnerabilities

• Security consciousness

• Security Zone Architecture driven by – NERC CIP V5, VGB-S-175 and IEC62443-4-1

Cyber Security features ofSPPA-T3000, e.g.:

• Online Patch Deployment

• New Malware Protection Solution

• Centralized Security Patch Management

• Security Event Monitoring

• Configuration Change Monitoring

• Application Whitelisting

• Network Intrusion Detection System (NIDS)

• System Hardening

• Secure Remote Access

• Secure Data Gateway

Centralized Deployment for efficient secure patch implementation

Security Server deploys Security Patches and Virus Patterns from a central point

• User-friendly via central deployment• Flawless patch installation through control, monitoring and visibility from a

single device• Lower potential for security gaps resulting from un-patched components• Transparency of the software status of the relevant components

SPPA-T3000 R8.2

Simple, Secure Patch & Update Process

Security Server

5

File contains Patch

Patch Deployment

Terminal Server

Thin Clients

Application Server

Online patch and update capability of the application server based on system-integrated redundancy

6

SPPA-T3000 R8.2

Patch or update completedOnline installation with no downtime of the DCS System

Patch or update requires installation Install the Servers in sequence

Patch or update availableNew SPPA-T3000or 3rd party Security Patches, SPPA-T3000Patches or Service

Simple, Secure Patch & Update Process

Full operation during patch and update process

Only a continuously maintained installation can be optimally kept“up to date” and secured

• Efficient administration of the redundant Application Server

• Easy and fast recovery in case of hardware failures

• Patches and updates can be implemented online

• Reliable operation and availability with no downtime required during an update

SPPA-T3000 R8.2

Roadmap – Continuous InnovationSafeguard your plant’s operation for years to come with the stability ofproven technology, combined with long-term innovation and support.

Continuous enhancements and improvements of Cyber SecuritySPPA-T3000 is well-positioned with a comprehensive security concept to meet the requirements of common security standards . SPPA-T3000 is designed to be compliance ready for the applicable VGB-S-175, NERC CIP Standard and IEC62443-4-1

For additional informationPlease contact your local salesrepresentative or emailsppa-t3000.energy@siemens.com

What's Coming Next?The next Service Packs of R8.2 will introduce new security mechanisms to further enhance the communication security and operation of the system.

For example:

• Next generation SPPA-T3000 Hardening

• Improvement of communication security by extension of inputvalidation

• Restricting Authorized Use of Application Server Services to Predefined NetworkDevices

• Improved communication channel for the transfer of Virus Pattern updates

• Centralized User Management

• Enhancement of the centralized Patch Management for System Softwarepatches

Beyond SPPA-T3000 itself, we can also offer services to help protect your investment:

• Service Contract – 24/7 availability of system experts

• Remote Proactive Services – to detectpotentialissues before they escalate

• I&C Monitor & Advisor – implement Digitalization into the traditional DCS Service business

• Software or System Maintenance Agreement–we keep your software up-to-date” andsecure

7

Minimum system

complexity

Security by design

Data transparency

Clever HMI No

subsystems

Flexible connectivity

Easyoperation

2018SPPA-T3000

R8.2

From 2005…

…to 2035 and beyond…

The information provided in this brochure contains general descriptions or characteristics of performance which in case of actual use may not always be realized as described or which may change as a result of further development of the products. Nothing in this brochure should be considered as a warranty or guarantee as to any of the products or services described.

All product designations may be trademarks or product names of Siemens AG or supplier companies whose use by third parties for their own purposes could violate the rights of theowners.

Get more information:sppa-t3000.energy@siemens.com

www.siemens.com/sppa-t3000

2020 © Siemens EnergyArticle no. GPPG-B40001-00-7600