More modern advice, such as the US NIST 800-82 Guide to Industrial Control Systems (ICS) Security, points out that data diode technology has evolved. The modern version of the data diode is the Unidirectional Gateway, which NIST defines as:
“Unidirectional gateways are a combination of hardware and software. The hardware permits data to flow from one network to another, but is physically unable to send any information at all back into the source network. The software replicates databases and emulates protocol servers and devices.”
Is short, Unidirectional Gateways contain one-way hardware like data diodes, coupled with software that transparently gathers industrial data, sends it through the one-way hardware and publishes the data to identical servers in external IT networks. Unidirectional Gateway software routinely makes copies of process historians, OPC-DA servers, relational databases and many other industrial data sources on enterprise networks, through truly unidirectional hardware. Enterprise users and applications use the replica servers and data sources normally and bi-directionally on IT networks. Unidirectional Gateways provide the security strength of data diode hardware, with the convenience of normal client/server interactions with (copies of) industrial data sources.