This definition of a joint asset, which applies regardless of the physical distance between the respective assets, is a special rule of the BSI KRITIS Regulation that exclusively affects the information technology and telecommunications sector.
Connections between assets pursuant to Annex 4 Part 1 No. 6 Sent. 1 lit. a of the BSI KRITIS Regulation could be, for example:
The operator's own PBX connections
VPN connections
Joint load distributions
Joint control centres
Access to shared memory
Customer administration interfaces
Operator maintenance/administration interfaces
Other similar technical or administrative interfaces
Assets are still classed as interconnected if they would be able to continue operating autonomously without this connection.
This definition of a joint system, which is independent of the physical distance of the respective systems, is a special provision of the BSI KRITIS Regulation, which only affects the information technology and telecommunications sector.
Joint operating facilities within the meaning of Annex 4 part 1 No. 6 Sent. 1 lit. a BSI KRITIS Regulation are for example:
joint control of operational technology (such as access control, air conditioning, coordination)
joint monitoring
joint facility for fault/incident management
shared storage/computing power
It is irrelevant whether the joint operational facility could be substituted by other redundancy measures and to what extent the connected systems would be affected if the joint operational facility fails or is impaired. Systems are connected via a joint operating facility even if this is only used on an as-needed or irregular basis. For example, it is sufficient if
the control of the operating technology of several systems is transferred in the evening to a joint operating facility for night-time control,
several systems are connected by a joint operating facility that only acts on the operation in case of incidents and serves to support the data centres, and/or
several systems are connected by different redundant operating facilities that alternately control the operation of the data centres (e.g. covering different time zones).