OPC Transfer Supported by Cogent DataHub

4secure’s cross-domain OPC transfer solution integrates with Cogent DataHub, establishing a method for transferring various types of OPC data across network boundaries to users on the IT networks.
The client-server nature of an OPC architecture usually demands bidirectional communication, creating a challenge when attempting to transfer OPC data in a unidirectional environment. However, there is often a desire to transfer OPC data from the OT (operational technology) environment to the IT (information technology) for enhanced visibility and capabilities. 4Secure has delivered successful integrations with Cogent DataHub enabling the unidirectional transfer of OPC data across networks.

The 5-Step approach to Cross-Domain OPC data transfer with Cogent DataHub and TrustedFilter™ Integration.

1. Connection to source system

Cogent DataHub is installed on the send-side of the TrustedFilter™ Appliance (or flanking system), and acts as an OPC Client, subscribing to OPS Servers on the source network to receive OPC Data.

2. DHTP tunnel over TCP to unidirectional flow control

Cogent DataHub sends the OPC data in a DHTP tunnel over a TCP stream to the unidirectional flow control device within the TrustedFilter™ appliance.

3. Hardware Enforced Protocol Break & Air Gap

The TrustedFilter™ unidirectional flow control device terminates TCP/IP and transforms data into non-routable cells of data in FPGA. The core data payload is transported via unidirectional optical fibre. The data payload is reassembled in FPGA into a TCP stream and sent to an instance of Cogent DataHub on the receive side.

4. Receive DHTP from unidirectional flow control

A second instance of Cogent DataHub is installed on the receive side of the TrustedFilter™ appliance (or flanking server), receiving OPC data through the DHTP tunnel.

5. Connection to destination system

At the receiving end, Cogent DataHub operates as an OPC Server. The OPC client on the destination network establishes a connection with this server to retrieve OPC data, which is subsequently delivered to its intended destination.

Enabling Components

Cogent DataHub

Cogent DataHub software instances establish connections between OPC Servers and Clients on the source and destination networks to efficiently transport data to and from the unidirectional appliance.

Data Diodes

Unidirectional flow control components (Data Diodes) are installed within the TrustedFilter™ Appliance to enforce the one-way flow of traffic and perform a protocol break.

The all-encompassing TrustedFilter™ Appliance

4Secure adopted their TrustedFilter™ Appliance to implement this solution. The all-encompassing extensible appliance consists of a unidirectional gateway, the full TrustedFilter™ software suite and boasts considerable computational power to effectively host the Cogent DataHub software. Bi-directional model is also available.

Contact Us

Want to know more about 4Secure's products, services and cross-domain solutions? Engage with 4Secure's specialists to find a tailored solution. The 4Secure team offer full support through 30-day proof of concept of any solution at cost to 4Secure.

Call for a Quick Consultation

Can't wait for a response? Call us now for a quick consultation with one of our cross domain solution specialists.