Cyber protection for Tel Aviv Wastewater Treatment Plant

19 July, 2020

A single unidirectional optical fiber connects the operational network (OT) and the cloud, thus allowing data to move only outward - but not into the industrial network itself

Waterfall Security has deployed hardware and software cyber security suite at the Dan Region Wastewater Treatment Plant (SHAFDAN) in Rishon Letzion, approximately 10 km south of Tel Aviv. It allows the site administrators to use the analytics and remote management systems without endangering the industrial network, which connects the various pumps and purification systems. The Israeli government recently passed a resolution allowing the Ministry of Environmental Protection to condition the issuance of a Toxins Permit to factories engaged in the treatment of hazardous chemicals, on installing effective cyber protection measures.

The SHAFDAN is the largest wastewater treatment facility in Israel. The plant currently treats 370,000 m3/d of municipal wastewater from a population of over 2.0 million in the Greater Tel Aviv area, and is designed for the biological nitrogen and phosphorus removal. Its analytics software (designed by IOSight) monitors various operational parameters. The Waterfall solution will replicate on a separate cloud all the information collected by the IOSight’s platform, thus allowing its use without exposing the industrial network to cyber-attacks.

Every Firewall has its own Vulnerabilities

Waterfall’s Founder and CEO, Lior Frenkel
Waterfall’s CEO, Lior Frenkel

Waterfall’s Founder and CEO, Lior Frenkel, told Techtime that the protection suite is based on experience he had gained in his previous company, Gita Technologies, which dealt with offensive cyber warfare.

“There was not a single event when we were unable to carry out an intrusion. It made me realize the great weakness of the industrial facilities.” The major weakness is the reliance of industrial customers on software solutions such as firewalls, which are supposed to filter out unauthorized users.

“Every software has bugs and weaknesses. Firewalls, as well as various detection systems, cannot prevent attacks in an absolute manner. In the corporate world, the primary risk is theft of information, but in the industrial domain, cyber intrusion can completely disable the facility and sometimes endanger lives.”

A physical barrier between the network and the intruder

“We have developed an alternative technology that allows information to be shared outward from the industrial network but does not allow information to go in. This is a bulletproof solution.” The hardware component is installed between the operational network (OT) and the external network (IT). A single one direction optical fiber connects the two, thus creates a Unidirectional Security Gateway allowing data to move only outward but not into the industrial network itself.

“Our hardware creates a physical barrier that isolates the network. When a user examines the analytics systems, he does so in the replicated cloud.” Founded in 2007, Waterfall employs approximately 100 workers in Israel and the US. Its customers mainly belong to the Energy and Electricity, Gas and Oil, Water and Chemicals sectors. These days,  Watefall plans to establish a branch in Singapore to target the Smart Buildings market.

Share via Whatsapp

Posted in: Cyber , News

Posted in tags: IOSight , Lior Frenkel , Waterfall