Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
1
Fit for purposeHeiligendamm – March 21th , 2019
Offshoretage – NPE/N1 Presentation
2
Overview activities at Europe
Gemini
NordSee OneDeutsche Bucht
3
Overview Windfarm N1
Distance 45 km
Water depth 26 m – 29 m
Capacity 332 MW (54 x 6.15 MW)
Wind strength 9.8 m/s at (90 m)
Annual output 1.2 TWh
Operations base
and control centreNorddeich
Operation base
O&M route:
26 nm (48 km)
CTV 1.5 hrs
Nordsee One
4
Introduction
Definition of Terms
BDSG – “Bundesdatenschutzgesetz“ - Federal Data Protection Act
BNetzA – “Bundesnetzagentur“ - German Federal Network Agency
DGSVO – “Datenschutz-Grundverordnung“ – European Data Protection Act
DMS – Document Management System
EEG – “Erneuerbare-Energien-Gesetz” – German Renewable Energy Act
EnWG – “Energiewirtschaftsgesetz” - German Energy Act
FitSM – A free standard for lightweight ITSM
HGB – „Handelsgesetzbuch“- German Code of Commercial Law
ITSiG – “IT-Sicherheitsgesetz” - German IT Security Act
SGB – „Sozialgesetzbuch“ - German Social Code
WSV – “Wasser und Schifffahrtsverwaltung” - Federal Water and Shipping Administration
5
Governance
Legal IT/OT requirements within Germany and EU
Germany
Info
rmat
ion
sec
uri
tyD
ata
pro
tect
ion
EU
• Critical infrastructure
• DIRECTIVE (EU) 2016/1148
• Data protection
• DIRECTIVE (EU) 2016/680
Info
rmat
ion
sec
uri
tyD
ata
pro
tect
ion
• Critical infrastructure for utilities >420MW
• IT security law/Energy law (ITSiG, EnWG)
• Requirements from BNetzA and WSV
ITSiG, EnWG, ISO27001, ISO27019
• Data protection
• DGSVO, BDSGnew and SGB
• Requirements from WSV
DGSVO, BDSGnew, SGB, WSV
• Data storage requirement based on tax law
• Controllability required for curtailment invoicingA
rch
ivin
g
HGB
EEG, EnWG OT
6
Governance
Legal IT/OT requirements - Examples
Data storage requirement based on tax law (e.g. documents, emails)
• N1 uses a DMS to store all technical and commercial documents
• N1 uses an email archive to store all emails
– The setup of the system is compliant according to the Federal Data Protection Act
– Policies therefor are in place
According to EEG the windfarm must be controllable by TenneT and the direct marketer
• The windfarm owner has to provide the interface and the necessary logic (EEG)
• The windfarm owner has to make sure that the interface is working 24x7
– otherwise the compensation could be significantly reduced
7
Overall Management Structure by Function
N1 Integrated Management System
Policies, objectives and scope
Legal and regulatory requirements
Specifications and templates
Processes and procedures
Goals and key performance indicators
Organisational regulations
Preventive measures
Continuous improvement
Competence and expertise
Internal audits and management reviews
8
Governance
IT Processes
N1 uses the FitSM Service Management Framework to setup IT-Service Management processes
What’s FitSM?
• FitSM is a family of standards for lightweight IT service management
• FitSM is suitable for IT service providers of any type and scale
• FitSMs main design principle: Keep it simple!
• FitSM is aligned with ITIL and ISO/IEC 20000
• FitSM is freely available
FitSM includes the following processes:
1. Service portfolio management (SPM)2. Service level management (SLM)3. Service reporting management (SRM)4. Service availability & continuity
management (SACM)5. Capacity management (CAPM)6. Information security management (ISM)7. Customer relationship management (CRM)
8. Supplier relationship management (SUPPM)9. Incident & service request management (ISRM)10. Problem management (PM)11. Configuration management (CONFM)12. Change management (CHM)13. Release & deployment management (RDM)14. Continual service improvement management (CSI)
Part of N1 implementation project
9
N1 implemented an Integrated Management System (IMS) in 2014
The following policy statements and policies are in place:
• N1 Quality Policy Statement (according to DIN EN ISO 9001)
• N1 HS&E Policy Statement of Intent (according to DIN EN ISO 14001/ OHSAS 18000)
• N1 Information Security Policy Statement (according to ISO/IEC 27001)
Governance
Policies/Practices
10
Overall Management Structure by Function
OT/IT Convergence
Convergence between Information Technologies (IT) and Operational Technologies (OT) was an integral part of the N1 setup which started 2015. Since then N1 was focused on that topic with every new system implemented.
• Virtualized systems – as example ECO-sui (SCADA)
• Virtual LANs based on systems
• Use of standard protocols (TCP/IP based)
• Use of standard interfaces (XML, Json, SOAP..)
• Centralized network monitoring
• Responsibility for IT and OT within one department
11
External IT Supplier/Vendor Management
Support levels – Strategy and Examples
N1 IT strategy key principles
• N1 IT system setup has an n-1 redundancy
• Virtualization is used to have a very flexible and highly available setup
• Software defined storage which can be easily extended
• SLA’s with the experts for the related system (not necessarily the supplier)
Support levels for the operations phase
1st level by: N1 OCC (24/7)
2nd level by: N1 ICT & N1 SCADA (office time and on-call service)
3rd level by : N1 ICT & N1 SCADA plus third party / OEMs
• Long term subscription services with OEMs
• SLA‘s with suppliers to get support from their responsible experts
12
Contractors Contractors
OEM
Network & Communications
Communication Systems
TETRATerrestrial
Trunked Radio
N1 Service Teams
Crew Transfer Vessel
Senvion Site Manager
VoIP
External business calls
Contractors Vessel
Heli Contractors
Marine VHF radio Aircraft VHF radioProfessional mobile radio
Rescue Helicopter
Hoist Helicopter
Crew Transfer Vessel
VHF radio
TETRA BackupTETRA Backup
TETRA Backup
Internal calls offshore/OCC
N1
OEM
N1
Interface Interface
Contractors
OEM
N1
13
Application Management
N1 - IT Landscape
Control Center (ND) + Service Desk (HH)
User
Internet (HH/ND)
Data Center (on premise)Workplace (on premise)
Notebooks
MFDPrinterPlotter
Fixedphones
Mobiles
LAN
Desktops
SecurityAppliance
Storage
LAN
Data baseServer
BackUp
File/PrintServer
MailServer
DMS
AntiVirus
NMS
MS OfficeMail
archiveHyperV
MMSIP
Telephony
CMMS
WFMS
Docusnap
EncryptedBackup
MeteoSystem
DatevPrivate Cloud
Public Cloud
OEM
WAN (HH/ND/Offshore)
Tablet
SAN AD/DNS
HMI
Fileexchange
Radio link
DMS
GIS
14
Application Management
Control Systems/Reporting Tools
WEC Systems
OSS Systems
Metocean
Production dataError messagesCounter data Weather data
Event ticketsCounter data
InspectionsUnplannedmaintenance
Assets
CMMSComputerized Maintenance
Management System
HMIScada System
MMS/GISMarine Management
System
Metocean
Weather data,AIS data
Marine Systems
Monitoring
Grid operations
Supervision, CCTV
Sea surveillance
People trackingAllocation downtime
Park monitoring
Curtailment
Data analysis
Reporting
Asset management
Work order Management
Work permits
KPI reporting
Warehouse
Auxillarie Systems
WFMSWind Farm
ManagementSystem, Historian
Vessel tracking
Asset stock
OSS/Auxiliaries operations
Alarm screen
Scheduling
Work permits
Qualification
15
Security & Access Controls
Logical Security Architecture
N1 network is setup according to best practice recommendations (ISO, NIST). We believe that different
network zones are necessary to provide a secure landscape (defence in depth)
– Separation of SCADA zone and Office zone
– No direct connection to the internet from the SCADA zone
– Use of Virtual Local Area Networks, Access Control Lists, MAC-filtering, Certificates, Firewalls and Jump Hosts