Unidirectional network

[1] After years of development, data diodes have evolved from being only a network appliance or device allowing raw data to travel only in one direction, used in guaranteeing information security or protection of critical digital systems, such as industrial control systems, from inbound cyber attacks,[2][3] to combinations of hardware and software running in proxy computers in the source and destination networks.

The hardware enforces physical unidirectionality, and the software replicates databases and emulates protocol servers to handle bi-directional communication.

Data diodes are commonly found in high security military and government environments, and are now becoming widely spread in sectors like oil & gas, water/wastewater, airplanes (between flight control units and in-flight entertainment systems), manufacturing and cloud connectivity for industrial IoT.

[citation needed] In the United States, utilities and oil and gas companies have used data diodes for several years, and regulators have encouraged their use to protect equipment and processes in safety instrumented systems (SISs).

In both cases, the connection remains unidirectional even if both the low and the high network are compromised, as the security guarantees are physical in nature.

Some commercial products rely on this basic design, but add other software functionality that provides applications with an interface which helps them pass data across the link.

In 2019, Controlled Interfaces demonstrated its (now patented) one-way optical fiber link using 100G commercial off-the-shelf transceivers in a pair of Arista network switch platforms.

Other more sophisticated commercial offerings enable simultaneous one-way data transfer of multiple protocols that usually require bidirectional links.

Due to the software architecture these solutions offer higher speed than conventional hardware based data diodes.

[citation needed] ST Engineering, have developed its own Secure e-Application Gateway, consisting of multiple data diodes and other software components, to enable real-time bi-directional HTTP(S) web services transactions over the internet while protecting the secured networks from both malicious injects and data leakage.

[18] In 2022, Fend Incorporated released a data diode capable of acting as a Modbus Gateway with full optical isolation.

This diode is targeted at industrial markets and critical infrastructure serving to bridge old outdated technology with newer IT systems.

This technology allows more protocols to be used over the network, but introduces a potential covert channel if both the high- and low-side are compromised through artificially delaying the timing of the acknowledgment.