User Manual
Siemens takes its responsibility to provide cybersecurity
training and awareness to its employees and to grant access
to the right skill sets across the company very seriously.
Siveillance Suite has access to a global workforce with
an abundance of skills, from secure coding specialists
and penetration testers to other niche cybersecurity consul-
tants. This enhances the portfolio because it means that
as technology, the market, customer needs and cyber
challenges evolve, Siveillance Suite will be well equipped
to face the challenges that emerge, whatever the location.
As part of our holistic approach to security and to ensure
you as the customer are at the forefront of our security
view, our initial focus is on the intended operational
environment for deployment of a product or solution.
As a result, various stakeholder and security requirements
need to be identified and analyzed, and the intended
operational environment itself must be understood fully
and incorporated before specifying security requirements.
The resulting requirements specification serves as input
for the ‘Security Product Architecture and Design’ phase
as a basis for the design of security measures. The develop-
ment of security requirements is combined with regular
engineering activities, for instance, the identification
of potentially conflicting requirements.
We specify and decide on security features of each intended
operational environment at the beginning of a project,
by using a reference scenario, for example.
Any divergence from that scenario is checked for its impact
on the security landscape. The cybersecurity level of the
deployment also depends on the features of each type
of operational environment. For example, either a “basic” or
“advanced” installation of a solution may be recommended
to maintain security integrity, depending on its critical
cybersecurity requirements. Regulatory, legal, business
and technological factors are also taken into account
throughout the process.
Our goal is to continuously and methodically respond to
stakeholder security demands: from analyzing the various
product and solution stakeholders, defining stakeholder
needs and security requirements, prioritizing them,
and then assigning the results to the product or solution
release plan.
Figure – Siemens Building Technologies cybersecurity network
Europe
Middle East/
Asia
Germany
Americas
Global HQ
Predeploy-
ment
assessment
Predeploy-
ment
assessment
Deployment
and
maintenance
Deployment
and
maintenance
Security
testing
Security
testing
Incident and
vulnerability
management
Incident and
vulnerability
management
Secure
product
architecture
and design
Secure
product
architecture
and design
Customer
security
objectives and
requirements
Customer
security
objectives and
requirements
Employee
know how
Employee
know how
Siveillance Suite cybersecurity
landscape activities
Siveillance Suite™ | Cyberintelligent security solutions