Sogeti helped EDF Energy to secure its applications and through audits and compliance.
The client had a specification to secure the level 3 (SII N3) industrial information system of their new EPR nuclear unit (EPR FA3).
Sogeti defined the requirements for CyberSecurity for applications connected to the level 3 IIS (network connection type, data flows, supervision) and for the operators / users of the level 3 IIS (profiles, roles, privileges & rights). Sogeti audited the applications using the level 3 IIS to assess their compliance with industrial domain cyber security requirements.
Sogeti prepared a risk analysis report and a security audit report. A list of security recommendations were created for isolation between level 3 and levels 0 & 2 of the ICS architecture
EDF Energy is an integrated energy company in the United Kingdom, with operations spanning electricity generation and the sale of gas and electricity to homes and businesses throughout the United Kingdom.