The ministry of Defence uses data diodes for a high level of protection of highly classified data. These are valuable devices designed to allow data to flow in only one direction. The MoD and The Hague Security Delta (HSD) are working together on a low cost open source variant that provides security to lower classified data. “This makes our military operations safer and offers enormous opportunities to make the Netherlands safer,” says Commander Marcel Smits of innovation centre FRONT.
The current data diodes guarantee dataflow with a high level of security, but at a price of thousands of euros. Therefore, the application of these devices for lower classified or unclassified data traffic is not realistic. MoD endeavors to solve this problem through innovation. “We want to develop low cost data diodes in order to be able to secure our data traffic on a large scale,” says Smits.
“Open source software gives us the opportunity to make adjustments and to customise, without being bound to one company.”
Innovation centre FRONT searches for non-defence knowledge, technologies and innovations as solutions for internal defence issues. Smits: “Our organisation is struggling to embrace and implement these external developments. FRONT bridges the gap and takes solutions from the outside to the inside. We would like to collaborate with start-ups, corporates, knowledge- and innovation hubs.” Smits wants to establish open innovation via The Hague Security Delta to develop an open source data diode in cooperation with private companies. “That is new to us. The development of an open source product is also something that we have not done very often before. The advice and guidance of HSD Office is of great added value. That is why we jointly started the programme ‘Open Source Data Diode’ at the beginning of 2019". Goal of this programme is to develop a demonstrator to prove that the technology works, and to validate the cyber security impact. Use cases of governments and companies are used to evaluate the demonstrator. After that, it is up to private companies to pick up the challenge to manufacture a production quality device. HSD Office plays an important stimulating role in this respect. “It is not the intention of the MoD to produce this product ourselves,” according to Smits.
By using open source software and open standards, the price of a data diode is kept low, which allows for numerous different usages in the defence organisation. Advantage of this type of software is the publication of the source code on, for example, an open source platform such as GitHub. The open source community can further develop the software and check the source codes to eliminate errors. Smits is surprised about the critical questions he gets about this. “If you buy software from a manufacturer, you have no clue about its quality and vulnerabilities. Open source software does make this transparent and comprehensible.” Supported by the MoD, HSD is identifying an organisation that can act as the owner of the source code and that directs further development once the concept has been proven by the demonstrator. Ideally this is a governmental party, comparable to the open source programme OpenVPN-NL.
The Netherlands closed
“The best aspect of this programme is that the open source data diode is not being developed solely for Defence,” says Smits. “The interest outside of the defence organisation in a small, affordable data diode is so big, that it could lead to a disruption of contemporary digital security.” Smits points out that all sorts of computer- and network devices allow two-way data flows, despite this not being necessary. Smart City developments, legacy-issues in the industry and in time IOT devices for health care and home automation, could also be secured with a low entry, open source data diode.
“The impact of this device on the digital security of our country is enormous. It is a substantial improvement of the resilience of public, corporate- and private networks against external intrusions. It also provides economic opportunities for companies that put this product into the market nationally and internationally.”
Together with the program manager from HSD Office, he hopes to involve multiple authorities so the MoD can give the baton to a successor in due time. “It is not up to us to bring this spin-off to maturity. It is, however, of importance for the country that other governmental institutions expand on this work in cooperation with HSD Office and producers.”
Also read the HSD Data Diode report: 'Understanding the Strategic and Technical Significance of Technology for Security'