Securing Power Generation At New Brunswick Power
Partnering With Énergie NB Power To Secure Production And Assure Compliance
Énergie NB Power.
Secure, safe and continuous operation of power production networks in all power plants,
while enabling real-time OT monitoring and compliance with NERC-CIP regulatory security requirements.
Waterfall’s Unidirectional Solution:
Waterfall Unidirectional Gateways were deployed to separate the OT and enterprise networks. All business and operational applications – especially ICCP / PI servers – continue to operate reliably to ensure smooth operation and maintenance of power stations.
Protecting Reliability And Ensuring Compliance At Power Generation Sites
Énergie NB Power supplies wholesale energy products in a competitive environment. Electricity is generated at 14 hydro, coal, oil, and diesel-powered stations, with an installed net capacity of 3,142 MW, comprised of 1,724 MW thermal, 893 MW hydro and 525 MW combustion turbines. Énergie NB Power’s industrial and corporate networks support power generation plants as well as business offices, all with different business needs. From these networks, the OSIsoft PI™ application and ICCP protocol are used for monitoring of the power stations.
Énergie NB Power wanted to prevent cyber attacks that could result in power outages, loss of revenues and physical damage to equipment. The company was also challenged with the task of complying with NERC-CIP standards and cyber-security requirements. The business determined that using firewalls to allow real-time data flows from a control network to an enterprise network introduced unacceptable risks to safe, correct, continuous and efficient power generation operations.
Waterfall Unidirectional Security Gateways were deployed at each power plant, along with Waterfall’s OSIsoft PI and ICCP server replications. The Waterfall Gateways replicated PI servers and ICCP servers unidirectionally from each plant’s OT network to the Énergie NB Power enterprise network. On this external network, users and applications continue to interact normally and bi-directionally with the replica servers.
Results & benefits
Security: Absolute protection from online attacks originating on the IT network, and from Internet-based attacks.
Visibility: Online access to real-time operations data, with no change in end-user or business application- integration procedures.
Compliance: Reduced NERC CIP compliance costs for Énergie NB Power.
Operational Costs: Reduced operating costs associated with training, administration, audit, testing, and monitoring costs when compared to a firewall-based solution.
Theory of Operation
Waterfall Unidirectional Security Gateways replace firewalls in industrial network environments, providing absolute protection to control systems and industrial control networks from attacks emanating from external networks. Waterfall Gateways contain both hardware and software components. The hardware is physically able to send information in only one direction. The software replicates servers and emulates devices. The gateway software produces an accurate, timely replica of PI and ICCP servers for use by enterprise and external applications and users.
Unidirectional Gateways enable safe IT/OT integration, vendor monitoring, industrial cloud services, and visibility into operations for modern enterprises and customers. The gateways replicate servers, emulate industrial devices and translate industrial data to cloud formats. Unidirectional Gateway technology represents a plug-and-play replacement for firewalls, without the vulnerabilities and maintenance issues that always accompany firewall deployments. Replacing at least one layer of firewalls in a defense-in-depth architecture breaks the attack path from the Internet into critical systems
Unidirectional Security Gateways Benefits:
Dramatically reduces NERC-CIP compliance costs.
Eliminates any risks from external cyber attacks and human errors.
Enables secure, high throughput and real-time access to ICCP and PI server information.
Strong, physical protection for production processes and personnel safety.
Global Cybersecurity Standards Recommend Unidirectional Security Gateways
Waterfall Security is the market leader for Unidirectional Gateway technology with installations at critical infrastructure sites around the world. The level of protection provided by Waterfall’s Unidirectional Security Gateway technology is recognized as best practice by leading industry standards bodies and authorities such as NIST, ANSSI, NERC CIP, ISA / IEC 62443, the US DHS & CISA, ENISA, TS50701 and many others.
Stay up to date
Subscribe to our blog and receive insights straight to your inbox