In the case where information must be sent continuously into a SCADA network – for example, a power-grid control center monitoring the power output of a generator – the deployment of inbound/outbound Unidirectional Gateways is used. An outbound Unidirectional Gateway replicates servers from the power plant to the external control center, and a second, independent inbound gateway replicates servers from the external control center into the power plant.
Unidirectional Gateways configured “inbound” – from the external network to the industrial network – do not forward messages. In the example of grid control centers, the inbound/outbound gateways do not forward ICCP messages from control centers to the power plant, or forward responses back to the control center. Unidirectional Gateways always replicate servers or emulate devices.
The two inbound/outbound gateway systems are completely independent. In practice, they are most often set up on different network segments, so that software elements of the two gateway solutions cannot exchange messages with each other. In an inbound/outbound gateway configuration, the outbound gateway hardware is unable to send any attack, or any information at all, back into our protected power plant.
With the inbound/outbound Unidirectional Gateways deployed, devising an attack to reach deeper into the SCADA network is possible only with insider assistance at the targeted site. An attack through a firewall is generally a one-step exercise, with feedback immediately available as to whether the attack worked and what the rest of the SCADA system looks like. In contrast, an attack through an inbound gateway is therefore at least a multi-step exercise, requiring insider assistance.