CIP-003-7 Supplemental Material
Reference Model 4 – Uni-directional Gateway The Responsible Entity may choose to utilize a uni-directional gateway as the electronic access control. The low impact BES Cyber System(s) is not accessible (data cannot flow into the low impact BES Cyber System) using the routable protocol entering the asset due to the implementation of a “one-way” (uni-directional) path for data to flow. The uni-directional gateway is configured to permit only the necessary outbound communications using the routable protocol communication leaving the asset.
Routable communications entering or leaving the asset containing low impact BES Cyber System(s)
Routable Protocol
Uni-directional Gateway
(Cyber Asset(s) performing electronic access controls
Low impact BES Cyber System
Asset containing low impact BES Cyber System(s)
Communication between a low impact BES Cyber System and a Cyber Asset outside the asset
Non-routable Protocol
Routable Protocol
Reference Model 4
Page 39 of 57
Made with FlippingBook - Online magazine maker