BruCON 0x09 - DYODE - Arnaud Soullié
DYODE (Do Your Own Dyode) is a low cost, DIY data diode aimed at securing Industrial Control Systems. While data diodes have been used for a long time on classified networks, the high cost and complexity of implementation have kept them away from a lot of valid use cases on industrial control systems. During our assignments, we encountered many situations in which time or availability constraints were not really high but the security risk was and a commercial data diode way too costly.
We developed a working data diode using standard components and open source libraries. We want to prove with this project that it is possible to produce a simple, working, ICS oriented data diode for less than $200. The principles of using COTS components to make a data diode are not brand new, but we aim at providing a package software solution to ease the creation process, with a specific focus on ICS.
Our diode can be used for file transfer, Modbus data transfer as well as screen sharing for remote debugging.
We will demo v2 of the DYODE, a diode based on serial connection and optocoupler, that only allows very low speed exchanges (sufficient for Modbus) for an even cheaper cost (around 50$).
