A challenge to securely transmit sensitive SCADA information
SCADA (Supervisory Control and Data Acquisition) is a term used for systems for monitoring and controlling processes in industry operations and in critical infrastructure. The processes that these systems control and monitor are often of very sensitive nature and must therefore be handled securely in order to avoid that someone without permission affects or alters its function. If that happens, critical functions can be turned off or manipulated, which can lead to major disruptions which affects many people.
For many years, companies using SCADA systems have been gradually automated. At the same time, the systems become increasingly complex and control more and more socially critical functions. This makes them more vulnerable, and the challenge will be to digitalise them further in a secure way. At the same time, the need to transfer the information to other networks to be able to work efficiently is growing, such as in the following situations:
- Process monitoring from a location outside the SCADA system’s perimeter.
- Optimisation of a production process – requires that you extract information from the process and then analyse/optimise it (number crunching) with mathematical tools.
- When repairing electricity grids, information must be distributed about the grid, e.g. which conductors that are live.
The solution is to allow export of SCADA information but block all traffic into the SCADA system
The transmission of sensitive information can be done by using a solution which offers secure and filtered unidirectional communication. One such solution is Advenica’s data diode DD1000i, a data diode that ensures unidirectional file transfer with built-in support for multiple file transfer protocols. Advenica’s data diode DD1000i guarantees with the highest level of security that information can only pass one-way from source to destination. This eliminates exposures and risks in the less secure network on the receiving side to the more sensitive network on the sending side. The one-way communication provided by the DD1000i is based on optical hardware and thus cannot be tampered with either by malware or misconfigurations.
Security is guaranteed
Advenica’s SecuriCDS DD1000i provides you with a secure file transfer solution that enables the flow of information from a sensitive zone to a less sensitive zone. The DD1000i supports several common file transfer protocols and seamlessly integrates with existing file servers. The solution involves a simple configuration of a full directory tree replication for which only changes to the file structure are transferred, minimising the amount of data copied and the bandwidth required.
Most importantly, the DD1000i guarantees with the highest level of security that information can only pass in one direction from the source network to the destination network. This eliminates exposures and risks in the less secure destination network from spreading to the more sensitive source network. The one-way separation provided by the DD1000i is based on optical hardware and cannot be tampered with either by malware or misconfigurations.
Do you want to know more about our data diodes? Read more here!
Do you have questions? Do not hesitate to contact us!
