Secure IT & OT network architecture

From smart meters to digital monitoring and control systems - the energy supply is becoming increasingly digitized. In the course of this connectivity, the worlds of information technology (IT) and operational technology (OT), which used to be physically separate, are merging at energy suppliers. New attack vectors for cyber attacks are emerging and it is necessary to adapt existing network and security concepts to these developments. Cybersecurity is becoming a key part of power security.

Against this background, Narrowin has developed a network architecture with Eniwa, the municipal utility of the city of Aarau, which offers a secure and stable basis for the digital transformation of the company. The aim of the architecture is not only security, but also efficiency and organizational manageability.

Analyzing the status quo – from office IT to the power plant
In a first step, the status quo (network, infrastructure, organization, etc.) and the needs for the future were recorded in department workshops. On this basis, the requirements of the overall organization could be discussed and specified.

Target architecture
In the next step, a target architecture for IT and OT was developed together. It optimizes security while taking organizational and technical circumstances into account. Central design aspects of this architecture are:
– Segmentation / zoning according to security levels
– Strong focus on endpoint security
– Use and build on the existing system landscape and tool chain
– Automation & Self-Service

Pragmatic road map
On the basis of the target architecture, work packages were finally defined and necessary decisions formulated. The work packages were prioritized according to the need for action and effort and, after comparison with other projects and internal resources, transferred to a concrete and realistic road map.