Protect your

power plant
with
continuous
security.
SPPA-T3000 R8.2
Because stability matters

© Siemens Energy 2020. All rights reserved. siemens.com/sppa-t3000

Siemens Energy is a registered trademark of Siemens AG.
SPPA-T3000 R8.2

Value & Benefits

Siemens, Your Trusted Partner
Extensive Experience
SPPA-T3000 in use in over 3,000 units worldwide
Global experts
Presence in 190 countries MINIMUM
Comprehensive knowledge of particular markets
and their special requirements
RISK
Continuous investments in R&D
Continuously innovating to allow you to be ready,
flexible, and resilient today and in the future

The SPPA-T3000 Operator-Centric Approach

Tried and Tested Technology

Clear and intuitive operation
First-rate alarm handling for quick reactionin
critical situations RELIABLE
One-click access to root cause analysis DAY-TO-DAY
Clear instructions and transparency of potential
upcoming issues OPERATION
Integrated workflows, integrated Alarm
Management and Analysis
User-friendly engineering

Endless Continuity – Evolving the Proven DCS

Long-Term-Supported Release 8.2:

Includes long-term support for min. 8 yearsof
lifecycle protection
Online installation of patches and updates
for uninterrupted availability INVESTMENT
Additional powerful security capabilitiesfor
compliance with challenging requirements PROTECTION
Innovated hard- and software for flexibility in
automation and communication performance
Small size DCS for efficient and reliable operation
of remote and distributed units and plant auxiliaries

2
SPPA-T3000 R8.2

Keeping Your System Secure

A secure system must

always be kept up-to-date
to reduce vulnerability

Every change you make could

impact connected components,
while vulnerabilities in one place
may lead to problems across the
system. The optimal way to
manage security effectively is
through integrated services:
That is exactly what
SPPA-T3000 offers.

• We understand the power generation OT

landscape better than a pure IT company

• We are engineers, manufacturers and power

generation asset managers, with profound OT
know-how

• We understand that patching and upgrading

OT components is different than IT patches

• The risks are greater, the potential for

operational impact is higher, and the need for
specialized knowledge and skills is
more urgent

• We also understand the balance between

stringent IT security and the need for physical
security within a power plant

3
SPPA-T3000 R8.2

Keeping Your System Secure

Continuous development of cyber security features contributes to
maintaining high plant security level for the entire lifecycle of
your asset

Cyber Security
features of
SPPA-T3000, e.g.:

• Online Patch Deployment

• New Malware
Protection Solution
• Centralized Security
Our holistic approach with Patch Management
the 5 levers of Cyber Security:
• Security Event Monitoring
• Security features • Configuration
Change Monitoring
• Security processes • Application Whitelisting
• Network Intrusion
• Handling of vulnerabilities
Detection System (NIDS)

• Security consciousness • System Hardening

• Secure Remote Access
• Security Zone Architecture
• Secure Data Gateway
driven by – NERC CIP V5,
VGB-S-175 and IEC62443-4-1

4
SPPA-T3000 R8.2

Simple, Secure Patch & Update Process

Centralized Deployment for efficient secure patch implementation

Security Server deploys Security Patches

and Virus Patterns from a central point

• User-friendly via central deployment

• Flawless patch installation through control, monitoring and visibility from a
single device
• Lower potential for security gaps resulting from un-patched components
• Transparency of the software status of the relevant components

File contains Patch

Patch Deployment

Terminal
Server

Security
Server

Application Thin
Server Clients

5
SPPA-T3000 R8.2

Simple, Secure Patch & Update Process

Only a continuously maintained installation can be optimally kept
“up to date” and secured

• Efficient administration
of the redundant
Application Server

• Easy and fast recovery in

case of hardware failures

• Patches and updates can be

implemented online

• Reliable operation and

availability with no
Online patch and update capability downtime required during
of the application server based on an update
system-integrated redundancy

Patch or Patch or
update update
available requires
New SPPA-T3000 installation
or 3rd party Install the Servers
Security Patches, in sequence
SPPA-T3000
Full operation during
Patches or Service patch and update process

Patch or update completed

Online installation with no downtime of the DCS System

6
SPPA-T3000 R8.2

Roadmap – Continuous Innovation

Safeguard your plant’s operation for years to come with the stability of
proven technology, combined with long-term innovation and support.

Continuous enhancements and improvements of Cyber Security

SPPA-T3000 is well-positioned with a comprehensive security concept to meet the requirements of
common security standards . SPPA-T3000 is designed to be compliance ready for the applicable
VGB-S-175, NERC CIP Standard and IEC62443-4-1

What's Coming Next?

The next Service Packs of R8.2 will
introduce new security mechanisms to
further enhance the communication
security and operation of the system.
For example:
• Next generation SPPA-T3000 Hardening
Beyond SPPA-T3000 itself, we can also offer
services to help protect your investment:
• Service Contract – 24/7 availability of
system experts
• Remote Proactive Services – to detect potential
issues before they escalate

• Improvement of communication • I&C Monitor & Advisor – implement Digitalization

security by extension of inputvalidation into the traditional DCS Service business

• Restricting Authorized Use of Application • Software or System Maintenance Agreement–

Server Services to Predefined Network Devices we keep your software up-to-date” andsecure

• Improved communication channel for the

transfer of Virus Pattern updates
• Centralized User Management
• Enhancement of the centralized Patch
Management for System Softwarepatches
For additional information
Please contact your local sales
representative or email
sppa-t3000.energy@siemens.com

7
From 2005…
Minimum
system
complexity

Easy
operation

Data
transparency

2018
SPPA-T3000
R8.2
Security
by design Flexible
connectivity

Clever
HMI No
subsystems

…to 2035 and beyond…

Get more information:
sppa-t3000.energy@siemens.com
www.siemens.com/sppa-t3000
2020 © Siemens Energy
Article no. GPPG-B40001-00-7600
The information provided in this brochure contains general descriptions or
characteristics of performance which in case of actual use may not always
be realized as described or which may change as a result of further
development of the products. Nothing in this brochure should be
considered as a warranty or guarantee as to any of the products or
services described.
All product designations may be trademarks or product names of Siemens
AG or supplier companies whose use by third parties for their own purposes
could violate the rights of the owners.