User Manual

ManualsBrandsSiemens ManualsEquippedSinorix H2O Gas-200;Sinorix H2O Gas-300

Regarding emergency management, Siveillance Suite, like

all of our products and solutions, is subject to an incident

and vulnerability handling process in the event that any

vulnerability or threat is detected.

Incident handling process: We have a support mechanism

for customer-reported vulnerabilities or other detected

issues. Both vulnerabilities and incidents are submitted

to our technical support team and handled by the Siemens

ProductCERT team, which operates globally around

the clock.

Vulnerability management: This is our process for fine-

tuning our security. Continuous threat monitoring allows

us to detect and fix potential vulnerabilities in our products

and solutions, reducing your exposure to risk. Siveillance

Suite has all of its software components registered,

and so will be notified if and when security vulnerabilities

are found.

We’re committed to providing you with a high degree of

cybersecurity in order to provide you with adequate

protection from increasing cyber risk in our digitalized world.

Figure  – Siveillance Suite incident handling process



The customer can use either route to report a vulnerability or potential incident



https://www.siemens.com/cert/en/cert-security-advisories.htm

This stage ensures secure implementation and deployment

of Siveillance Suite. We publish cybersecurity hardening

guidelines for all Siveillance Suite products and make sure

that they are maintained throughout the product lifecycle.

Our engineers follow these guidelines rigorously

at the point of deployment. The secure (base) system

configuration and hardening defines how a system needs

to be configured for a secure operation in the intended

operating environment. Configuration options include

determining which applications to install, activating or

deactivating application settings, and setting up user

and system accounts and access rights.

A cybersecurity checklist is also completed at deployment

that includes performing operational measures like:

• Port whitelisting

• Using appropriate antivirus software

• Network protection (including network segregation,

firewall, demilitarized zone)

• Performing system updates/patches

• Correct user administration

• File system protection

• Physical protection of interfaces

• Log file monitoring

• Deactivation of extraneous services

Reporting

Inform

stakeholders

Develop

counter-

measures

Publish

security

advisory



Triage

Disclosure

Analysis Handling

Mitigation

External

researcher

Siemens

employee

Customer



ProductCERT

(/)

Siemens BT

cybersecurity

team

Customer

technical

support

Predeploy-

ment

assessment

Predeploy-

ment

assessment

Deployment

and

maintenance

Deployment

and

maintenance

Security

testing

Security

testing

Incident and

vulnerability

management

Incident and

vulnerability

management

Secure

product

architecture

and design

Secure

product

architecture

and design

Customer

security

objectives and

requirements

Customer

security

objectives and

requirements

Employee

know how

Employee

know how



Siveillance Suite™ | Cyberintelligent security solutions