Data Diode for OT/IT Security with Globally Unique Encryption Technology Available.
Kirchheim, November 10, 2020. genua, German specialist for IT security and a company of the Bundesdruckerei Group, has, as one of the first suppliers worldwide, expanded its cyber-diode data diode for the Industry 4.0 protocol OPC UA. The proven security product thereby enables the highly secure export of data during the industrial monitoring of machines and plants. The cyber-diode thus protects OT and IT infrastructures against cyber attacks, tampering and production downtime even more comprehensively. This makes it an indispensable instrument for ensuring business continuity in the value chain.
"Security by Design" for Industry
Many machines and plants in industry are already today networked with one another via the Internet – for example, to detect and rectify faults and failures before they occur through the use of preventative maintenance and analytics. With the connection to the Internet, these Industry 4.0 networks become a target for sabotage and espionage by cyber criminals. The cyber-diode from genua protects against this danger: The data diode minimizes the risks associated with the digital networking of highly critical control systems in the automation, packaging and process industries.
The IT security solution allows only one-way data transfer – it completely blocks the flow of information in the opposite direction. The transport of malicious code or other cyber risks are thereby rendered impossible. This enables a non-reactive extraction of machine and plant data in non-secure networks, such as in the cloud for data analysis.
The special hardware separation on the microkernel level is based on BSI-certified products. This guarantees the integrity protection of highly secure industrial networks. A low level of complexity of the operating system ("Security by Design") ensures the functionality, protects against tampering and lowers the risk of machine failure.
Integration of OPC UA
For the first time, the cyber-diode now also supports OPC Unified Architecture (OPC UA). OPC UA is an open standard for the exchange of machine data. In plants in the manufacturing and process industry, for example, it is intended to ensure secure, reliable and manufacturer- and platform-independent communication.
"For the EU market, the standard represents an important milestone for the evolution of OT and IIOT* in the direction of networking and software integration," says Matthias Ochs, Managing Director of genua GmbH. "With the cyber-diode, we offer the appropriate and most technologically advanced security device for the industry."
The two most important advantages of the cyber-diode with OPC UA: first, the standard makes every type of information available at all times and at all locations for every authorized application and every authorized person. Second, the data is now unidirectional and, thus, cannot be tampered with and transmitted across security-critical network boundaries. With OPC UA, the cyber-diode further strengthens its security functions: the machine data that it collects, such as control variables, measurement values or parameters, is passed on to client applications in encrypted form.
Encrypted Transmission with IPSec VPN
The cyber-diode also makes possible encrypted transmission of the extracted data to client applications via Internet Protocol Security (IPSec) VPN encryption from the restricted data sector. This guarantees the protection of the integrity of the data more reliably than fiber optic diodes, more conveniently than air gaps and more securely than firewalls. If IPSec is activated, external clients can only communicate with the diode using encrypted communication. This is ensured by the diode-internal firewall.
As a result, protection is higher than with a strictly OPC UA encryption (UA Secure Conversion), since the security is not dependent on that of the used OPC UA stack on the application level. Furthermore, IPSec is based on a BSI-certified genuscreen technology.
The OPC UA cyber-diode is, thus, a significant IT security device for the process industry with its automated processing of substances and materials in which there is a high data volume with numerous security-relevant interfaces in the value chain.
genua GmbH is a German IT security specialist. Its business activities range from securing sensitive interfaces in public authorities and industry to connecting highly critical infrastructure, reliably encrypting data communication over the Internet and providing remote maintenance systems for industry and remote access solutions for mobile users and home offices. All genua products are developed and produced in Germany. Product quality is ensured by regular certification and approval by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik). genua was founded in 1992 and now has over 250 employees at its main site in Kirchheim near Munich and subsidiaries in Berlin, Cologne, Leipzig and Stuttgart. Over the years, numerous customers from industry and government have come to rely on the experience and solutions provided by the company. genua is part of the Bundesdruckerei group.