1

Fit for purposeHeiligendamm – March 21th , 2019

Offshoretage – NPE/N1 Presentation

2

Overview activities at Europe

Gemini

NordSee OneDeutsche Bucht

3

Overview Windfarm N1

Distance 45 km

Water depth 26 m – 29 m

Capacity 332 MW (54 x 6.15 MW)

Wind strength 9.8 m/s at (90 m)

Annual output 1.2 TWh

Operations base

and control centreNorddeich

Operation base

O&M route:

26 nm (48 km)

CTV 1.5 hrs

Nordsee One

4

Introduction

Definition of Terms

BDSG – “Bundesdatenschutzgesetz“ - Federal Data Protection Act

BNetzA – “Bundesnetzagentur“ - German Federal Network Agency

DGSVO – “Datenschutz-Grundverordnung“ – European Data Protection Act

DMS – Document Management System

EEG – “Erneuerbare-Energien-Gesetz” – German Renewable Energy Act

EnWG – “Energiewirtschaftsgesetz” - German Energy Act

FitSM – A free standard for lightweight ITSM

HGB – „Handelsgesetzbuch“- German Code of Commercial Law

ITSiG – “IT-Sicherheitsgesetz” - German IT Security Act

SGB – „Sozialgesetzbuch“ - German Social Code

WSV – “Wasser und Schifffahrtsverwaltung” - Federal Water and Shipping Administration

5

Governance

Legal IT/OT requirements within Germany and EU

Germany

Info

rmat

ion

sec

uri

tyD

ata

pro

tect

ion

EU

• Critical infrastructure

• DIRECTIVE (EU) 2016/1148

• Data protection

• DIRECTIVE (EU) 2016/680

Info

rmat

ion

sec

uri

tyD

ata

pro

tect

ion

• Critical infrastructure for utilities >420MW

• IT security law/Energy law (ITSiG, EnWG)

• Requirements from BNetzA and WSV

ITSiG, EnWG, ISO27001, ISO27019

• Data protection

• DGSVO, BDSGnew and SGB

• Requirements from WSV

DGSVO, BDSGnew, SGB, WSV

• Data storage requirement based on tax law

• Controllability required for curtailment invoicingA

rch

ivin

g

HGB

EEG, EnWG OT

6

Governance

Legal IT/OT requirements - Examples

Data storage requirement based on tax law (e.g. documents, emails)

• N1 uses a DMS to store all technical and commercial documents

• N1 uses an email archive to store all emails

– The setup of the system is compliant according to the Federal Data Protection Act

– Policies therefor are in place

According to EEG the windfarm must be controllable by TenneT and the direct marketer

• The windfarm owner has to provide the interface and the necessary logic (EEG)

• The windfarm owner has to make sure that the interface is working 24x7

– otherwise the compensation could be significantly reduced

7

Overall Management Structure by Function

N1 Integrated Management System

Policies, objectives and scope

Legal and regulatory requirements

Specifications and templates

Processes and procedures

Goals and key performance indicators

Organisational regulations

Preventive measures

Continuous improvement

Competence and expertise

Internal audits and management reviews

8

Governance

IT Processes

N1 uses the FitSM Service Management Framework to setup IT-Service Management processes

What’s FitSM?

• FitSM is a family of standards for lightweight IT service management

• FitSM is suitable for IT service providers of any type and scale

• FitSMs main design principle: Keep it simple!

• FitSM is aligned with ITIL and ISO/IEC 20000

• FitSM is freely available

FitSM includes the following processes:

1. Service portfolio management (SPM)2. Service level management (SLM)3. Service reporting management (SRM)4. Service availability & continuity

management (SACM)5. Capacity management (CAPM)6. Information security management (ISM)7. Customer relationship management (CRM)

8. Supplier relationship management (SUPPM)9. Incident & service request management (ISRM)10. Problem management (PM)11. Configuration management (CONFM)12. Change management (CHM)13. Release & deployment management (RDM)14. Continual service improvement management (CSI)

Part of N1 implementation project

9

N1 implemented an Integrated Management System (IMS) in 2014

The following policy statements and policies are in place:

• N1 Quality Policy Statement (according to DIN EN ISO 9001)

• N1 HS&E Policy Statement of Intent (according to DIN EN ISO 14001/ OHSAS 18000)

• N1 Information Security Policy Statement (according to ISO/IEC 27001)

Governance

Policies/Practices

10

Overall Management Structure by Function

OT/IT Convergence

Convergence between Information Technologies (IT) and Operational Technologies (OT) was an integral part of the N1 setup which started 2015. Since then N1 was focused on that topic with every new system implemented.

• Virtualized systems – as example ECO-sui (SCADA)

• Virtual LANs based on systems

• Use of standard protocols (TCP/IP based)

• Use of standard interfaces (XML, Json, SOAP..)

• Centralized network monitoring

• Responsibility for IT and OT within one department

11

External IT Supplier/Vendor Management

Support levels – Strategy and Examples

N1 IT strategy key principles

• N1 IT system setup has an n-1 redundancy

• Virtualization is used to have a very flexible and highly available setup

• Software defined storage which can be easily extended

• SLA’s with the experts for the related system (not necessarily the supplier)

Support levels for the operations phase

1st level by: N1 OCC (24/7)

2nd level by: N1 ICT & N1 SCADA (office time and on-call service)

3rd level by : N1 ICT & N1 SCADA plus third party / OEMs

• Long term subscription services with OEMs

• SLA‘s with suppliers to get support from their responsible experts

12

Contractors Contractors

OEM

Network & Communications

Communication Systems

TETRATerrestrial

Trunked Radio

N1 Service Teams

Crew Transfer Vessel

Senvion Site Manager

VoIP

External business calls

Contractors Vessel

Heli Contractors

Marine VHF radio Aircraft VHF radioProfessional mobile radio

Rescue Helicopter

Hoist Helicopter

Crew Transfer Vessel

VHF radio

TETRA BackupTETRA Backup

TETRA Backup

Internal calls offshore/OCC

N1

OEM

N1

Interface Interface

Contractors

OEM

N1

13

Application Management

N1 - IT Landscape

Control Center (ND) + Service Desk (HH)

User

Internet (HH/ND)

Data Center (on premise)Workplace (on premise)

Notebooks

MFDPrinterPlotter

Fixedphones

Mobiles

LAN

Desktops

SecurityAppliance

Storage

LAN

Data baseServer

BackUp

File/PrintServer

MailServer

DMS

AntiVirus

NMS

MS OfficeMail

archiveHyperV

MMSIP

Telephony

CMMS

WFMS

Docusnap

EncryptedBackup

MeteoSystem

DatevPrivate Cloud

Public Cloud

OEM

WAN (HH/ND/Offshore)

Tablet

SAN AD/DNS

HMI

Fileexchange

Radio link

DMS

GIS

14

Application Management

Control Systems/Reporting Tools

WEC Systems

OSS Systems

Metocean

Production dataError messagesCounter data Weather data

Event ticketsCounter data

InspectionsUnplannedmaintenance

Assets

CMMSComputerized Maintenance

Management System

HMIScada System

MMS/GISMarine Management

System

Metocean

Weather data,AIS data

Marine Systems

Monitoring

Grid operations

Supervision, CCTV

Sea surveillance

People trackingAllocation downtime

Park monitoring

Curtailment

Data analysis

Reporting

Asset management

Work order Management

Work permits

KPI reporting

Warehouse

Auxillarie Systems

WFMSWind Farm

ManagementSystem, Historian

Vessel tracking

Asset stock

OSS/Auxiliaries operations

Alarm screen

Scheduling

Work permits

Qualification

15

Security & Access Controls

Logical Security Architecture

N1 network is setup according to best practice recommendations (ISO, NIST). We believe that different

network zones are necessary to provide a secure landscape (defence in depth)

– Separation of SCADA zone and Office zone

– No direct connection to the internet from the SCADA zone

– Use of Virtual Local Area Networks, Access Control Lists, MAC-filtering, Certificates, Firewalls and Jump Hosts