Cybersecurity threats represent unacceptable risks to the reliability of transmission systems and the bulk electric system as a whole.

Unidirectional Security Gateway products and technologies are deployed routinely at transmission system control centers to provide stronger-than-firewall SCADA security solutions for reliability-critical control systems. Unidirectional Security Gateways provide safe IT/OT integration by replicating SCADA system servers and devices from transmission control networks to business networks through a system of hardware modules that physically prevents any attack from reaching back into the reliability-critical SCADA system network.

Unidirectional Gateways replace firewalls. Firewalls have proven inadequate to the needs of reliability-critical and safety-critical networks. Every path through a firewall that permits data to leave a critical network for use by an enterprise, also allows attacks to pass back into that critical network. Unidirectional Security Gateways enable safe IT/OT integration, safe integration with partner control centers and with substation WANs, without the serious security risks that always accompany firewalls.

Waterfall Security Solutions is focused exclusively on the protection of industrial control system networks, and is the market leader for electric-sector Unidirectional Security Gateway technology. Unidirectional Security Gateways are deployed routinely at transmission control centers world-wide. Products used routinely include:

  • Secure historian database replication
  • Secure OPC server replication
  • Secure ICCP server replication
  • Secure DNP3 device emulation
  • Secure 60870-5-104 device emulation
  • Remote Screen View

The strong security of Unidirectional Security Gateways is recognized in NERC CIP V5 and V6 standards, French ANSSI control system security standards and many other control system security standards, regulations and best practice guidelines world-wide.

The North American NERC CIP V5 and V6 standards provide for significant reductions in CIP compliance costs and CIP complianceobligations at unidirectionally-protected sites, thus reflecting the reduced risk to electric system reliability from unidirectionally-protected sites.

Firewalls and IT-centric security programs provide inadequate protection to transmission utilities and SCADA systems.
The electric grid cannot wait while compromised equipment is “restored from backup.” Reliable operation of the electric grid demands that the most effective SCADA security protections be deployed in transmission control centers. Transmission management systems are not expendible. The time has come to deploy Unidirectional Security Gateways instead of porous firewalls.