"This agreement will help us deliver cyber security in accordance with some of our industry associations' best practices and guidelines," said David Howell, senior vice president, Westinghouse Nuclear Automation.
The Westinghouse/McAfee approach uses Waterfall's unidirectional gateways to allow the transfer of security-related information from the highest security zone with no risk of malicious traffic flowing in the reverse direction.
One concern, according to Phil Craig of Pacific Northwest National Labs, is that control systems have not traditionally used secure architectures or coding techniques, and increased connectivity presents a challenge as these systems are now accessible to outside attackers.
Eric Knapp, McAfee's director of business development CIP, said whitelisting works well as a protective technology in tightly defined systems such as these. It might not be a silver bullet, but then not every threat is a werewolf, he observed.
Disclosure: The writer travelled to Las Vegas as the guest of McAfee.