In the Electricity Utilities’ domain, these critical networks control and operate the very machinery which powers modern day civilization. Throughout North America, electricity utilities are challenged with the task of complying with the reliability standards mandated by NERC (North American Electric Reliability Corporation).

The NERC-CIP (Critical Infrastructure Protection) standards, recently revised in May 2009, provide a cyber security framework for the identification and protection of Critical Cyber Assets to support reliable operation of the Bulk Electric System. The following whitepaper introduces the reader to the Waterfall One-Way™ unidirectional cyber security solution, and explains its ideal fit for achieving both powerful cyber-security as well as NERC-CIP compliance.

Many of Waterfall Unidirectional Security Gateway™ installations are designed and aimed to assist in achieving compliance to NERC regulations and requirements. The Waterfall technology consists of features, capabilities and design parameters which are aligned with NERC regulations and guidelines. These features includes, for example: non routable protocols, detection of unauthorized traffic, and, of course, the ability to provide the highest security level for Critical Assets and their respective Electronic perimeters.

For detailed information, including white papers, regarding archiving NERC compliance using Waterfall’s gateways – please contact us at info@waterfall-security.com.

 The provisions in RG 5.71 require protection of all critical systems and networks and require of the licensee to implement controls that will defend these systems against any cyber attack that would adversely affect the availability, integrity and confidentiality of the critical system’s assets and data. The protection of critical assets and data is to be achieved through the, “implementation of state-of-the-art defense-in–depth protective strategies” RG 5.71 c (2), whose aim “to ensure   that the functions or tasks required to be performed by the critical assets … are maintained and carried out” RG 5.71 c (4) and “to prevent adverse effects from cyber attacks” (RG5.71 c (3)).

 The controls referred to in NIST 800.53 and the recommendations relevant to those controls found in NIST 800.82, are defined in terms of three distinct classes; management, operational and technical. Each class is further divided into families of controls as per the table below.

 The Waterfall One-Way™ Unidirectional Security Gateway provides specific responses to the control families mentioned in the following sections: Access Control, Audit and Accountability, Configuration Management, Media Protection, System and Information Integrity, System and Services Acquisition, Security Assessment and Authorization, Contingency Planning, Physical and Environmental Protection, System and Communications Protection. (AC, AU, CA, CM, CP, MP, PE, SA, SI and SC). Each of the relevant specific controls within these families as well as relevant recommendations made in NIST 800.82 will be discussed herein together with its corollary Waterfall One-Way™ response.

 Please note that the controls, can be either directly relevant to Waterfall One Way™ technology, or supported by the technology but not directly linked to it or totally irrelevant and relate to other aspects of security. The following will discuss only the directly relevant controls which Waterfall One Way™ technology directly provides an answer to.

For detailed information, including white papers, regarding archiving NRC compliance using Waterfall’s gateways – please contact us at info@waterfall-security.com.