Bi-directional data security for supervisor control and data acquisition networks

摘要

A cyber-security device provides secure communications bi-directionally between an external network and an internal network including a supervisor control and data acquisition (SCADA) device. The device includes a processor in data communication with the external and internal networks, the processor being programmed with a rule-set establishing validation criteria configured to validate data received from the external and internal networks. The processor is operable in an operational mode to pass between the external and internal networks only data that are compliant with the validation criteria. The processor is re-programmable with a new rule-set only in a programming mode. The device includes a switch that is manually operable to switch the processor from the operational mode to the programming mode.

主权项

1. A cyber-security device for providing secure communication of supervisor control and data acquisition (SCADA) or automation protocol data between an external network and an internal network, the cyber-security device comprising:
an external communication interface configured to send IP network data packets to, and receive IP network data packets from, the external network; an internal communication interface configured to send IP network data packets to, and receive IP network data packets from, the internal network; a processor in communication with the external communication interface and the internal communication interface, the processor being operable in a programming mode and in an operational mode, the processor being operable in the operational mode to process the IP network data packets in accordance with a processor-implemented rule-set configured for (a) qualifying, byte-by-byte, (i) the content of each of the IP network data packets received from the external network via the external communication interface as conforming to qualification criteria defined by the rule-set for external-to-internal communications, and (ii) the content of each of the IP network data packets received from the internal network via the internal communication interface as conforming to qualification criteria defined by the rule-set for internal-to-external communications, (b) validating, byte-by-byte, the content of each qualified IP network data packet to determine data message validity in accordance with the rule set, (c) passing to the internal communication interface qualified and validated IP network data packets received from the external communication interface, and (d) passing to the external communication interface qualified and validated IP network data packets received from the internal communication interface; wherein the processor is re-programmable with a new rule-set only in the programming mode, whereby, in the programming mode, the processor is configured to load a new rule-set, and, after loading the new rule-set, to cycle to the operational mode; and a physical switch operable to initiate the programming mode of the processor.