Securing Power Generation At New Brunswick Power

Partnering With Énergie NB Power To Secure Production And Assure Compliance
Securing Power Generation At New Brunswick Power
Customer/ Partner:

Énergie NB Power.

Customer Requirement:

Secure, safe and continuous operation of power production networks in all power plants,
while enabling real-time OT monitoring and compliance with NERC-CIP regulatory security requirements.

Waterfall’s Unidirectional Solution:

Waterfall Unidirectional Gateways were deployed to separate the OT and enterprise networks. All business and operational applications – especially ICCP / PI servers – continue to operate reliably to ensure smooth operation and maintenance of power stations.

Protecting Reliability And Ensuring Compliance At Power Generation Sites

Énergie NB Power supplies wholesale energy products in a competitive environment. Electricity is generated at 14 hydro, coal, oil, and diesel-powered stations, with an installed net capacity of 3,142 MW, comprised of 1,724 MW thermal, 893 MW hydro and 525 MW combustion turbines. Énergie NB Power’s industrial and corporate networks support power generation plants as well as business offices, all with different business needs. From these networks, the OSIsoft PI™ application and ICCP protocol are used for monitoring of the power stations.

The Challenge icon
The challenge

Énergie NB Power wanted to prevent cyber attacks that could result in power outages, loss of revenues and physical damage to equipment. The company was also challenged with the task of complying with NERC-CIP standards and cyber-security requirements. The business determined that using firewalls to allow real-time data flows from a control network to an enterprise network introduced unacceptable risks to safe, correct, continuous and efficient power generation operations.

Waterfall solution - icon
Waterfall solution

Waterfall Unidirectional Security Gateways were deployed at each power plant, along with Waterfall’s OSIsoft PI and ICCP server replications. The Waterfall Gateways replicated PI servers and ICCP servers unidirectionally from each plant’s OT network to the Énergie NB Power enterprise network. On this external network, users and applications continue to interact normally and bi-directionally with the replica servers.

Results and benefits - icon
Results & benefits

Security: Absolute protection from online attacks originating on the IT network, and from Internet-based attacks.

Visibility: Online access to real-time operations data, with no change in end-user or business application- integration procedures.

Compliance: Reduced NERC CIP compliance costs for Énergie NB Power.

Operational Costs: Reduced operating costs associated with training, administration, audit, testing, and monitoring costs when compared to a firewall-based solution.

vertical red line
Theory of Operation
Click to enlarge

“Waterfall’s Unidirectional Security Gateways have proven to be highly reliable and easily integrated into our existing networks. They are instrumental in helping us comply with the NERC-CIP standards and secure our critical assets against any type of external cyber-attack or hacking threats”

Waterfall Unidirectional Security Gateways replace firewalls in industrial network environments, providing absolute protection to control systems and industrial control networks from attacks emanating from external networks. Waterfall Gateways contain both hardware and software components. The hardware is physically able to send information in only one direction. The software replicates servers and emulates devices. The gateway software produces an accurate, timely replica of PI and ICCP servers for use by enterprise and external applications and users.

Unidirectional Gateways enable safe IT/OT integration, vendor monitoring, industrial cloud services, and visibility into operations for modern enterprises and customers. The gateways replicate servers, emulate industrial devices and translate industrial data to cloud formats. Unidirectional Gateway technology represents a plug-and-play replacement for firewalls, without the vulnerabilities and maintenance issues that always accompany firewall deployments. Replacing at least one layer of firewalls in a defense-in-depth architecture breaks the attack path from the Internet into critical systems

vertical red line
Unidirectional Security Gateways Benefits:

arrow red right Dramatically reduces NERC-CIP compliance costs.

arrow red right Eliminates any risks from external cyber attacks and human errors.

arrow red right Enables secure, high throughput and real-time access to ICCP and PI server information.

arrow red right Strong, physical protection for production processes and personnel safety.

vertical red line
Global Cybersecurity Standards Recommend Unidirectional Security Gateways

Waterfall Security is the market leader for Unidirectional Gateway technology with installations at critical infrastructure sites around the world. The level of protection provided by Waterfall’s Unidirectional Security Gateway technology is recognized as best practice by leading industry standards bodies and authorities such as NIST, ANSSI, NERC CIP, ISA / IEC 62443, the US DHS & CISA, ENISA, TS50701 and many others.


Stay up to date

Subscribe to our blog and receive insights straight to your inbox