Waterfall Security Solutions Passes INL Cyber Security Assessment
Waterfall Security Solutions, the leading provider of Unidirectional Security Gateways, announced the successful completion of a security assessment, undertaken by the Idaho National Laboratory (INL), of Waterfall's Unidirectional Security Gateway's technology and products. The assessment was conducted as part of the Department of Homeland Security (DHS) Control Systems Security Program (CSSP).
The whole process, originating in 2009, was successfully concluded in July 2010, when INL released the final assessment report.
The assessment verified that the Waterfall system provides one-way communications between two different security zones. The physics of the system prevent any data transmission from the low security enclave to the high security enclave. Waterfall's methodology of protecting an industrial network from an external connection in a lower security zone was verified by the assessment.
The assessment identified three software vulnerabilities, all associated with the software interfaces between the Waterfall gateway and third party applications. Obviously, as the security of the Waterfall product is built on a sound and verified physical basis, no vulnerability, including the three identified, can allow an attacker to move "upstream" from the Receive side to the Transmit side.
Waterfall's patented cyber security solutions enable Utilities and Critical Infrastructures to securely connect their critical industrial networks to external networks, thus securely fulfilling their business needs without exposing these networks to risks and threats of cyber-attacks, cyber terror and hacking from the external, less secure networks. Waterfall's cyber security solutions assists Utilities and Critical Infrastructures to achieve compliance with NERC-CIP, NRC, CFATS and other regulations and standards, as well as cyber-security policies and best-practices.
The final report also provided recommendations on measures that could further enhance the overall security of the product. Waterfall will shortly begin a second evaluation phase, where these recommendations and other enhancements are planned to be implemented.
"It was an honor being part of such a process, having our technology assessed by the cyber security experts at INL. This process is part with Waterfall's strategy of a wide and open cooperation with vendors, regulators, customers and other third parties. We welcome anyone wishing to evaluate our technology or assess our products," said Lior Frenkel, cofounder and CEO of Waterfall Security Solutions, "Our large and expanding installed based in North America, will appreciate the added confidence provided by an INL cyber security assessment."