The nervous system for secure-by-design OT networks.
Synapse lets power-systems engineers model a site, apply a defensible IEC 62443 zone-and-conduit architecture, and validate it against the standards — producing the diagram and audit-ready evidence in minutes, not weeks.
Easy to use. Easy to learn. Easy to adopt across the organisation.
See how it works ↓The studio — model to evidence, in one loop
Built for the engineers designing the grid's edge
Validation that keeps pace with design
Compliance shouldn't be a chore at the end of a project. With Synapse, evidence is produced as a side effect of designing.
Start from a working architecture
Not a blank canvas. A 20-asset wind farm — already zoned, conduited and security-levelled to IEC 62443 — opens in a single click.
Validated by design
Every zone, conduit and data flow is checked against IEC 62443-3-3 and NIST SP 800-82 automatically. Gaps surface inline, the moment you create them.
Audit-ready evidence
Generate the zone/conduit diagram, asset inventory and compliance gap report your asset owner needs to sign off — in one click.
From diagram to enforced design
The manual pain worth automating
Segmentation work breaks down in the gap between the architecture and its enforcement — where zones, addressing and rule bases are kept in sync by hand. That is exactly the gap Synapse closes.
Zoning & security levels
Hand-deciding which assets sit at which Purdue level, then arguing the target security level zone by zone — undocumented and inconsistent between reviewers.
Place assets on the canvas; zones, conduits and SL-T are first-class and template-seeded, checked against IEC 62443-3-3 the moment you assign them.
IP & VLAN addressing plan
An addressing plan living in a spreadsheet — overlapping subnets, accidental flat networks and wrong-VLAN assignments no one catches until commissioning.
The addressing plan is part of the model. Overlaps, flat segments and mismatched VLANs surface inline, the instant they are introduced.
Conduits → rule base
Translating every conduit — “SCADA ↔ DMZ permits OPC UA / 4840” — into the real firewall rule base, switch ACLs and trunk config by hand, then keeping it in sync as the design moves.
Each conduit is least-privilege by construction: one explicit rule per permitted flow, default-deny everything else — the bridge from zones & conduits to true micro-segmentation.
The core loop
Model → Zone → Check → Evidence
Model
Drag DER assets onto the canvas and annotate flows with protocol, port and direction.
Zone
Apply 62443 zones, conduits and target security levels — or start from a template that already has them.
Check
Run the engine. Cross-zone flows with no conduit, a missing DMZ, an unassigned SL-T — caught deterministically.
Evidence
Export an audit-ready PDF: zone diagram, asset inventory, and the prioritised gap list.
Network engineering. Validated. Secured.
What we engineer
Design resilient utility networks, validate their performance, and reduce risk — across the full communication stack of a modern power-system site.
A living model, not a picture
Explorable, structured, and always in sync.
Everything on the canvas is queryable data, not pixels. The same model powers the segmentation checks, the compliance report, and the export — so the “as-designed” record never drifts out of sync at handoff or audit.
- Assets, flows, zones and conduits as first-class entities
- IEC 61850 / 61400-25, DNP3, Modbus TCP and IEEE 2030.5 protocols
- Deterministic checks — re-run any time, identical results
The standards, encoded
Synapse models the requirement structure of the standards that govern secure power-system design — so your architecture is checkable, not just drawable.
Who it's for
One model, the whole 62443 delivery chain
Built around the Cyber Engineering Manager who owns the secure-network design — and the engineering, operations, audit and procurement roles who depend on it.
Cyber Engineering Manager
PrimaryYou own the secure-network design and you're accountable for proving it meets the standards. Synapse gives you speed, consistency, and evidence that holds up at audit — without ever leaving the canvas.
OT / Control Systems Engineer
Builds the model day to day — an intuitive canvas and reusable templates instead of Visio and spreadsheets.
Systems Integrator / EPC
Delivers DER projects against a defensible reference architecture, reused per site instead of rebuilt from scratch.
Asset Owner / Operator
Receives a clear, defensible zone-and-conduit diagram and gap report for sign-off — not the editing environment.
Compliance & Audit
Reads the 62443 coverage and gap analysis, with each control traceable to the asset, zone or conduit that satisfies it.
Procurement & Supply Chain
Acquires and validates security solutions against a clear cybersecurity requirements spec, aligned to the design.
Operations & Maintenance
Inherits an accurate as-designed record — asset inventory, addressing and conduits that don't drift out of sync.
Design together — across roles, sites and time zones
Synapse is a single shared model your whole organisation works from. Engineering, operations, audit and procurement collaborate on one source of truth — so nothing drifts, and everything is accountable.
One source of truth
The model, the checks, the report and the export all read from one structure — distributed teams never work off a stale drawing.
Roles & approvals
Editor, approver and auditor roles with a review-and-approval workflow and a recorded, timestamped sign-off.
Versioned & auditable
Every change is captured with author and timestamp — return to a safe version, compare configurations, and evidence the evolution.
Easy to use. Easy to learn. Easy to adopt across a global organisation.
Bring your next site online — secure by design.
Book a demo to see the model-to-evidence loop on your own architecture — or open the live studio and explore the wind-farm reference now.