DIY Data Diode for $1612
Is it viable to build a Data Diode for $1612?
This is a great sequence of blogs putting forward the benefits of Diodes, from Austin Scott of Synergist SCADA Inc, ending with the proposition and recipe of how you can build your own for $1612.
I had drafted a comment / reply to be added to their blog, but then recognised their blog does not allow comments.
Here is the response I drafted:
This is a great sequence of blogs putting forward the benefits of Diodes.
I also like the DIY data diode story, which may work well in some test lab environments. But are you really proposing such a solution for a productions control systems environments?
Most customers I talk to want a reliable solution, that they can install and forget about. Once you start custom building something, and to quote the blog “you will need to write some scripts in your database”, does that give you a supported & sustainable solution in the long term?
Also, a lot of the control systems environments I come across are in regulated environments. How will a system accreditor react to such a system?
I don’t disagree you could build such a thing, I just wonder how viable it is in a production environment.
Finally, why use two computers at $600 each – you could probably use a Rasberry PI at $25 and hand solder a few modifications to add the PCI card.
Darren Rodgers, a colleague from Nexor, who spends a lot of time working with customers helping them with their diode solutions also observed:
I suppose do you buy an Audi that is widely recognised, good build quality and has excellent support and reliability OR buy a kit car which may appear cheap to start off with but you’re on your own and it may cost you more in the long run and break down regularly!
Which is a perfect summary to end on (apart from the choice of an Audi).
In this blog, I have only focused on the component reliability aspects. There are two other key aspects. Trustability and communication reliability, I will return to these aspects in future blogs.
Comments on this blog are welcome…
- Data Diode Technology Can Help Solve Complex Cyber Security Issues
- Overcoming Air Gap Security Failures
- Linux needs proper installation and configuration to be fully secure
Author Bio – Colin Robbins
Colin Robbins is Nexor’s Managing Security Consultant. He is a Fellow of the IISP, and a NCSC certified Security and Information Risk Adviser (Lead CCP) and Security Auditor (Senior CCP). He has specific technical experience in Secure Information Exchange & Identity Systems and is credited as the co-inventor of LDAP. He also has a strong interest in security governance, being a qualified ISO 27001 auditor.
Be the first to know about developments in secure information exchange