Introduction
SAP HANA Platform 2.0 SPS 08 is a release that fundamentally changes how organisations can manage data, secure systems and develop business applications. In response to growing market requirements and evolving client needs, the new version introduces a range of innovative solutions in the areas of security, performance and platform flexibility. This comprehensive review sets out the most important changes and their practical significance for platform users, with particular attention to technical and business aspects.
The evolution of data security
A fundamental change in SAP HANA 2.0 SPS 08 is a comprehensive overhaul of the security architecture. Local Secure Store (LSS), previously available as an optional component, is now fully integrated with the SAP HANA server. This architectural change means LSS is automatically installed and activated during system installation, significantly simplifying the deployment process and security management.
The introduction of advanced encryption algorithms, such as AES-256-CBC/CTR and ARIA-256-CBC/CTR, responds to growing cybersecurity threats. These new algorithms not only increase the level of data protection but also optimise the performance of cryptographic operations. Of particular note is the ability to select the operating mode (CBC or CTR), which allows encryption mechanisms to be tailored to the specific requirements of applications and use cases.
Integrating secure store backups with database backups is a further improvement. It eliminates the need to manage backups of security elements separately, while ensuring security consistency during system restoration. The administrator now only needs the secure store backup password to carry out a full system restore.
Advanced access control mechanisms
The system introduces a revolutionary approach to access control by allowing precise definition of restrictions for user groups. Administrators can now specify permitted IP addresses and networks, applications and authentication methods for individual groups. This granular approach to access control significantly enhances the system’s protection against unauthorised access.
Extended support for X.509 certificates, with the addition of the ’?’ character as an additional wildcard, increases flexibility in configuring certificate authentication. When an attribute is matched using ’?’, its content is ignored, allowing more flexible definition of certificate-matching rules.
The implementation of TLS 1.3 for SQL connections is a significant step forward in securing communication. This protocol offers better performance and stronger cryptographic security compared to previous versions, while eliminating outdated and potentially unsafe mechanisms.
Innovations in performance management
Plan Decision Recorder is a tool in the area of performance analysis. It enables precise identification of the causes of performance fluctuations in recompiled SQL query execution plans. The system automatically generates detailed trace files documenting the reasons for skipping cached execution plans and the resulting recompilations. This functionality is invaluable in the process of performance optimisation and troubleshooting query performance issues.
Cache management has received significant improvements, introducing the ability to precisely control cache size and selectively remove specific entries. SQL Plan Cache has been extended to support caching plan variants for individual executions of parameterised queries, significantly increasing the likelihood of matching a query to a cached SQL plan for a given set of parameters.
Native Storage Extension - a new generation of memory management
Native Storage Extension (NSE) undergoes a significant evolution in SPS 08. The new monitoring view M_CS_COLUMNS_PERSISTENCE introduces a LOAD_UNIT column, which allows verification of the defined loading unit for a column (PAGE or COLUMN). This improvement allows for better control over how data is stored and loaded.
NSE Advisor has received substantial functional extensions. The new system table _SYS_ADVISOR.CS_NSE_ADVISOR_HISTORY stores all generated recommendation rules, enabling tracking of change and optimisation history. The introduction of AUTO_APPLY mode for recommendation rules allows generated recommendations to be applied automatically and the loading unit to be changed without administrator intervention.
Changes in application development
SAP Business Application Studio ushers in a new era in business application development. This modern development environment, integrated with SAP BTP, offers comprehensive tools and functionality that significantly accelerate the application development process. Of particular note is the new Migration Assistant, which automates the process of moving applications between different platforms.
XS Advanced 1.3.0 brings changes to runtime environments. The introduction of support for Node.js 22 (with Node.js 20 as the default version) and new Java versions (17 and 21) gives developers access to the latest features and improvements. The removal of support for SapMachine 11 signals the platform’s direction of development towards newer, more efficient technologies.
Changes in data integration
Smart Data Access significantly extends data integration capabilities by adding support for ABAP Cloud and On-Premise systems. These new data sources allow access to ABAP CDS view entities and parameterised ABAP CDS view entities in a remote ABAP system. Of particular note is the extension of support for SAP HANA Cloud Data Lake, which enables efficient integration with the cloud version of SAP IQ.
HANA Deployment Infrastructure (HDI) introduces the ability to export containers to popular cloud platforms (AWS/Azure). This functionality significantly simplifies the migration and backup process, while increasing flexibility in managing data in hybrid environments.
An innovative approach to data partitioning
A number of breakthrough features have been introduced in the area of partitioning. Support for NUMA NODE properties in HASH partitions and the ability to perform three-level partitioning significantly increase the possibilities for performance optimisation. Dynamic Aging automates the management of older partitions, automatically moving them to appropriate storage tiers depending on how frequently the data is accessed.
SNOK’s role in digital transformation
SNOK, as an SAP partner specialising in cybersecurity and SAP systems management, plays a key role in implementing and optimising new platform functionality. Our deep expertise in IT security and thorough knowledge of SAP architecture allow us not only to implement new solutions effectively, but also to advise clients on best practices and migration strategies.
The changes introduced in the area of Local Secure Store and the extended encryption capabilities are particularly significant from the perspective of our clients’ system security. As experts in SAP Basis, we also appreciate the significant improvements in memory management and the new administrative tools, which enable even more effective management of SAP HANA environments.
Summary and outlook
SAP HANA Platform 2.0 SPS 08 represents another important step in the platform’s development, introducing changes in key technological areas. Strengthened security mechanisms, increased performance and expanded integration capabilities form a solid foundation for the further development of SAP systems within organisations.
At SNOK, we will continue our detailed analysis of individual aspects of this version, focusing on the practical applications of new functionality and sharing our experience in implementing best practices in SAP security and systems management.