Over the past few years data diodes have received a lot of attention for their ability to assist plants in defending against cyber security threats. A traditional diode allows current to flow in only one direction through an electrical circuit. Similarly a data diode ensures unidirectional communication from high to low security areas of a network. Unlike firewalls, which can be misconfigured due to human error or lack of experience, data diodes effectively eliminate all inbound threats to the system. But data diodes alone may not be enough to protect your network.
Due to increased pressure from the Federal Energy Regulatory Commission (FERC), the North American Electric Reliability Corporation’s Critical Infrastructure Protection (NERC CIP) Standards are becoming more stringent in regards to cyber security. The current standard is CIP Version 3, with Version 4 going into effect on October 1, 2014. Installing a data diode was sufficient for plants to achieve Compliance for both Versions 3 and 4. This will change for Version 5, which is currently in the process of being approved by the FERC.