MindSphere security model
10Pages

{{requestButtons}}

Catalog excerpts

MindSphere security model - 1

MindSphere security model Version 1.0 Enabling customers to confidently operate in a secure cloud environment Executive summary As an organization that leads in automation and connected devices, Siemens understands the importance of having in-depth, proactive cybersecurity policies. This knowledge is embedded in the foundation of the MindSphere security model. By working with cloud infrastructure providers and customers, Siemens can enforce consistent shared policies and practices for MindSphere. A multilayered security concept enables the guarding of sensitive data, applications, operating systems and infrastructures. As such, MindSphere approach integrates cybersecurity throughout the lifecycle of the Industrial Internet of Things (IIoT) platform. Siemens December 2018 | UNRESTRICTED

Open the catalog to page 1
MindSphere security model - 2

White paper | MindSphere security model Abstract Digitalization is at the forefront of the next industrial revolution, Industry 4.0, enabling the IIoT. This IIoT revolution has given companies the capability to not only interconnect assets, products, value chains and business models, but also to collect large volumes of data and aggregate it in a centralized location for analysis. Although the IIoT offers significant opportunities for generating additional value, it also poses a new set of questions and needed controls for data and system security. impact business-critical functions. This...

Open the catalog to page 2
MindSphere security model - 3

White paper | MindSphere security model Governance, principles and guidelines MindSphere architects implement security into the platform by design. The Siemens Information Security Policy establishes the basic principles for information security at Siemens, and by extension, MindSphere. It defines the mandatory high-level requirements and general rules for information security without being bound to specific technologies or platforms. This policy establishes blueprints for information system solutions to align with international standards. Security is embedded in the foundation of...

Open the catalog to page 3
MindSphere security model - 4

White paper | MindSphere security model Providing a secure environment Industry standards and certifications MindSphere follows industry standards for automation and control system environments designed to meet the highest level of security, such as the leading cybersecurity standard International Organization for Standardization (ISO) 27001 Information Security Management System Framework. This standard influences how MindSphere handles security at every level, from MindConnect device security to secure communications and throughout the data lifecycle. MindSphere is certified for...

Open the catalog to page 4
MindSphere security model - 5

White paper | MindSphere security model Figure 2: This diagram shows the MindSphere security architecture. All calls from users and devices go through the gateway. comes from MindSphere APIs to validate authorized calls depending on the context of the application and the user permissions. Secure communication All communication from the client to MindSphere through public endpoints are secured through TLS v. 1.2, per industry best practices for communications. Reliable x509 certificates are used from the Siemens Trust Center, which are trusted by the European Telecommunications Standards...

Open the catalog to page 5
MindSphere security model - 6

White paper | MindSphere security model MindConnect devices adhere to specific standards to protect automation networks. Standards include separation of external and automation networks, supporting only outbound TLS v1.2 communication by the external network, read-only access to automation protocols, proxy support and off boarding. Security patches and updates for potential software security vulnerabilities are made available for installation through online firmware updates. The device queries MindSphere regularly for a firmware update. MindConnect Integration and MindConnect IoT Extension...

Open the catalog to page 6
MindSphere security model - 7

White paper | MindSphere security model Protecting sensitive data Availability controls Data classification and encryption Data classification methodologies categorize organizational data based on levels of sensitivity. Proper classification maps the controls, level of access and protection appropriate to the data. Although it is the responsibility of the data controller, Siemens works with its MindSphere customers and partners to help properly classify information levels, types and access. Within this model for classification, encryption standards, cryptographic keys and distribution...

Open the catalog to page 7
MindSphere security model - 8

White paper | MindSphere security model Logging, monitoring and audit logs MindSphere monitors the security related events of cloud infrastructure configurations to maintain compliance with internal Siemens regulations. These are monitored with best practice checks based on the Siemens internal threat and risk analysis (TRA) process and the primary recognized industry standard for cybersecurity, the CIS Benchmark. If issues are found, notifications are sent to the appropriate MindSphere teams for correction. Keeping a detailed record of activity throughout a solution allows security teams...

Open the catalog to page 8
MindSphere security model - 9

White paper | MindSphere security model Summary Data privacy Compliance with data protection principles and laws is as important to Siemens as it is to our customers. An overview and summary of the MindSphere privacy architecture can be found in the “Siemens MindSphere Data Privacy White Paper.“ Conclusion Security is an important strategic pillar of MindSphere. Customer data must remain secure in the cloud. The Siemens MindSphere team is paving the way in IIoT security excellence, empowering its customers to confidently operate in a protected and secure environment. With the MindSphere...

Open the catalog to page 9
MindSphere security model - 10

Siemens Headquarters Granite Park One 5800 Granite Parkway Suite 600 Plano, TX 75024 USA +1 972 987 3000 Americas Granite Park One 5800 Granite Parkway Suite 600 Plano, TX 75024 USA +1 314 264 8499 Europe Stephenson House Sir William Siemens Square Frimley, Camberley Surrey, GU16 8QD +44 (0) 1276 413200 Asia-Pacific Unit 901-902, 9/F Tower B, Manulife Financial Centre 223-231 Wai Yip Street, Kwun Tong Kowloon, Hong Kong +852 2230 3333 General disclaimer This document is provided for informational purposes only and is subject to change without notice. It represents Siemens’ current products...

Open the catalog to page 10

All Siemens PLM Software catalogs and technical brochures