SPRECON-N Network Technology
[Translate to Englisch:]
SPRECON-NDM Network & Device Management

Network Technology for Power Grids

SPRECON-N

Network technology topology

Digitisation continues to advance in our modern world. This naturally also affects power grids. The new challenge in communication is therefore a highly available and structured design of the network technology. It forms the backbone of the entire system.

To ensure that communication at all levels is secure, fail-safe and easy to maintain, we as a system integrator also offer an overall concept for communication in your system. In addition to primary and secondary systems (possibly supplied by us), we offer selected components from specialists in the OT (Operational Technology) sector.

Individual technology with the best quality

The selection of devices is not limited to switches and firewalls. Complete packages with all necessary accessories allow convenient and individual adaptation to your project – in quality that meets all requirements.

The associated, Sprecher-hardened standard parameterisation not only offers maximum security. The result of the tried-and-tested settings is, naturally, less effort for project planning – and, if the worst comes to the worst, more effective support.

Standardisation also enables a clear and optimised range of models. Long researches and comparisons are no longer necessary – we have already taken care of that for you. Delivery times and warehousing effort are also efficiently minimised, offering you quick and uncomplicated
delivery or replacement.

Partnership

We are used to working in partnerships with our customers – after all, as a general contractor, we often accompany them from the idea to the finished system. Consulting & planning, project management, documentation and after-sales services included.

But we also rely on a proven principle with our suppliers: reliability and good cooperation with the highest quality. This clearly also applies to the procurement of the network components discussed.

This synergy enables us to maintain a high standard for the Hirschmann and Fortinet® devices we use. This allows us to provide you with the same excellent service as for our SPRECON devices (SPREcare).

 

  • System hardening
    Holistic approach for all components from the base to the control center.
  • User management
    Role-based Access Control (RBAC) & centraladministration (RADIUS, LDAP) for authentication, authorisation and accounting.
  • Segmentation
    Various measures to separate horizontal (process, station, central) and vertical (administration, process) levels – VLANs, ACLs, firewalls, routers etc.
  • Encryption
    Secure communication between the plants (site-to-site) or end-to-end via VPN tunnel with IPsec or OpenVPN or application-specific via TLS.
  • Availability
    Redundant components (Cluster), power supply and transmission paths. E. g. topologies as ring structure with RSTP, MRP, HSR or star structures with PRP.
  • Monitoring
    The basis for detecting and managing security incidents. Intrusion detection systems (IDS) and standard protocols such as Syslog and SNMP provide detailed information to central systems, e.g. SIEM.
  • Maintenance and operation
    Organisational measures for patch management, risk management or vulnerability analysis and classification (CVE) – SPREcare Service-Level Agreements.

The term “state of the art“ is used and interpreted in many different ways. For our definition, we implement relevant standards and laws on the topic of “IT security and system design for networks in the area of critical infrastructures (CRITIS)“. Thus, we examine possibilities, requirements, implementations and obligations in projects. Core topics are management, protection, defence & resilience of the CRITIS. SPRECON systems naturally comply with these requirements.

Standards Used

The three standards listed here are the basis for many guidelines, such as the BDEW white paper “Requirements for secure control and telecommunication systems“ or the NIS guideline (Network and Information Security).

  • ISO/IEC 27001: “Information Security Management Systems“ (ISMS)
  • IEC 62351: “Security in energy management systems and associated data exchange“ (End-to-end security for IEC 60870/IEC 61850/..., security architecture etc.)
  • IEC 62443: “Industrial communication networks – IT security for networks and systems“ (Risk-based roles for manufacturer, integrator/ service provider & operator)

Together with you, we develop a tailor-made concept for all project phases:

  • Consulting, implementation, training and service
  • Selected manufacturers and components
  • Overacll concept from SPRECON control and protection to central control station

So we realise compliant, future-proof systems.