Air-Gaps for Communicating Systems

Every system is hackable, especially if it’s connected to the Internet. This is no surprise, of course, but it seems a wide swath of industry, especially in the manufacturing area, are being exposed to this reality for the first time.

All factory, utility, marine, and other industrial control systems should, of course, be 100% isolated, or air-gapped, from the Internet. However, in reality they are increasingly connected and usually poorly protected.

This is for many reasons, and I recall being at the forefront of this in the early 1990’s, connecting PLCs to LANs to share data, and with modems so we could connect remotely. The Internet is just a more modern, and dangerous, version of this.

It’s so nice to have all the data flowing in all directions, all the time. But also very dangerous.

This is especially true today with integrated manufacturing, ERP, order management, logistics, e-commerce, and all other systems totally connected. It’s so nice to have all the data flowing in all directions, all the time. But also very dangerous.

It’s doubly dangerous when there are life-safety and other connected systems whose malfunction can kill people and/or damage equipment, product faulty products or cause other real-world harm.

How can we protect these system, yet share some data at the same time?

I argue there is simple no way to actually protect them using normal technology. Firewalls, satellite links, cellular connections, etc. can all be overcome, especially in the reduced-security footing (and skills) often present in these industries.

The reality is banks and the military both struggle to protect themselves, so the chances of a factory or utility or ship doing it are zero. Simple as this.

Isolation

So one strategy and currently the only real one, is 100% isolation of these system. However, this has significant downsides, especially that we cannot get data out of them, including we can’t get alerts, metrics, logs, records, etc. out to larger, more connected systems. Let alone modern data analytics, machine learning, or even business or ERP platforms.

What we need is a way to communicate and send data.

By the way, this is exactly the same problems airlines face onboard modern aircraft, how to separate and isolate critical plane systems from the passenger entertainment, and now Internet, networks.

One-Way Communications

We can take a page from the airplane makers, and use their primary isolation method, that of the one-way communications bridge.

But all their hardware & software is custom-built and super expensive; we need something that can support normal protocols and tools, while remaining 100% secure.

So I propose we design and build simple one-way telemetry links for these industries, that support modern protocols and methods.

The simplest way is to have two small computers, such as Raspberry Pi’s, connected by a ONE-WAY link such a an Ethernet cable with only the transit pair in place (cut/remove the receive pair), a single fiber, or even a fast serial connection.

It’s very important the prohibition on return data flow be physical, i.e. no actual wire or path, making it impossible to override or bypass in any way. This is the only way to be safe.

In this model, a sending system uses TCP/IP or UDP to connect to the sending Pi and send data, such as by at REST API. The sending Pi handles that data and buffers it to send to the receiving side.

The sending Pi then transmits it over the one-way link, probably using a modified driver and methods as most standard systems won’t support zero return data very well.

The receiving Pi receives the data and sends it on, again probably using standard REST APIs or other protocols so it can communicate over its network to other systems.

The important feature here is the receiving machine can never, ever send data nor compromise the sending machine or system. It’s impossible.

Physically impossible is a good feature of a secure system.

Such as simple system would operate much like UDP, where the sender sends a data packet and hopes it gets received. There is no flow control, retransmission, or control of any kind.

This system would be ideal for telemetry or data-only feeds, such as on airplanes, utilities, ships, factories, trucks, etc. where the main public systems need data from the embedded ones.

It would not work for sending data to the local systems, such as ERP order details, product configuration, remote control, etc. That would have go traditional ways or under very strict security channels for limited specific users and needs.

But the number and classes of telemetry only systems is very large, and a system like this can help make them much safer. And it’s easy to build on commodity hardware.

--

--

--

CEO of ChinaNetCloud & Siglos.io — Global Entrepreneur in Shanghai & Silicon Valley

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Hoops AR BasketBall Hard Mode Hack Free Resources Generator

Multiple Protocol Winners for Creative Meme Contest🏆

How to Change or Disable the Proxy Server of Google Chrome on Windows 10

DarkCTF writeups

Frequently Asked Questions About DRIP Network

Trust Me: I’m From Security

id.am

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Steve Mushero

Steve Mushero

CEO of ChinaNetCloud & Siglos.io — Global Entrepreneur in Shanghai & Silicon Valley

More from Medium

Happiness Increasing Activities

Mirror Mirror…

How do you help him fall in love?