Waterfall FLIP

Many industrial control systems require regular updates of anti-virus signatures, batch production orders and other items. Every path for such updates through a firewall though, introduces attack opportunities, since all firewalls are software and all software can be hacked or misconfigured. The Waterfall FLIP is a type of Unidirectional Gateway whose orientation can be reversed, enabling disciplined scheduled updates without the vulnerabilities firewalls always introduce. The FLIP is a combination of hardware and software. The hardware includes a TX Module, containing a fiberoptic transmitter/laser, and an RX Module, containing an optical receiver, but no laser. A short fiber-optic cable connects the two hardware Modules. The FLIP is therefore able to transmit information in only one direction at a time. While the FLIP hardware transmits information from a source network to a destination network, that hardware is physically incapable of transmitting any information back from the destination network into the source network. Hardware orientation reversals are triggered by dedicated hardware on a schedule, or by manual activation from the front panel of the FLIP Module. The FLIP software replicates servers and emulates devices. Clients and users on each network access the replicas as if they were the originals, making the FLIP a plug-and-play replacement for software firewalls. Unlike firewalls, the FLIP is not a router and is incapable of forwarding network traffic or network attacks.