Treatment Plant and Distribution SCADA Path Control
Water treatment and distribution systems directly affect public health. When control systems are compromised, attackers can alter chemical dosing, disrupt supply, or contaminate drinking water for entire populations.
Water
When a water treatment control system is reachable from the corporate network, every phishing email becomes a potential path to altering the chemical composition of a city's drinking water.
100%
Treatment SCADA isolation from corporate IT
Zero
Persistent remote access to dosing systems
5
Operational zones with independent governance
Full
NIS2 and DWI compliance evidence
Water infrastructure faces direct public health threats.
Chemical Dosing Risks
Compromised control systems could alter chlorine dosing or pH levels in treatment processes, directly threatening public health on a massive scale.
Remote Pumping Stations
Hundreds of remote pumping stations and reservoirs rely on SCADA communications with limited local security, creating distributed entry points.
IT/OT Convergence
Smart water network modernisation creates network paths between corporate IT and operational technology that attackers can traverse.
The Scenario
Scenario: Water Treatment SCADA Compromise
Attackers compromise a water company's corporate network through a targeted phishing campaign against the finance department. They move laterally until they reach a historian server that bridges the IT and OT networks. From there, they access the treatment plant SCADA system and modify chemical dosing parameters for chlorine and fluoride. The changes are subtle enough to avoid immediate alarm triggers but sufficient to affect water quality across the distribution area. With Firevault Control, the treatment SCADA network is physically disconnected from corporate IT. The historian server operates in a controlled zone with authorised, time-limited data transfer to corporate systems. The attack path from finance workstations to dosing controls does not exist.
"The historian server was our biggest vulnerability. It sat on both the IT and OT networks because the business needed water quality data in their dashboards. It was the bridge that gave attackers a direct path from email to the chlorine dosing system."
Physical governance for water treatment and distribution.
Water companies gain physical control over every network path into treatment and distribution SCADA systems. Corporate IT cannot reach treatment controls. Remote access exists only during authorised windows. Recovery to safe operating parameters is guaranteed through air-gapped configuration archives.
- Physical separation between IT and treatment SCADA systems
- Multi-party authorisation for all treatment parameter changes
- Time-limited, governed access for remote maintenance
- Cellular failover for treatment system management
- Continuous DWI and NIS2 compliance evidence
- Air-gapped recovery to known-safe operating parameters
Fracture, Emergency Treatment Isolation
Module 1 of 4Physically disconnects treatment SCADA systems during active threats. When a compromise is detected, Fracture severs all network paths to treatment controls within seconds, forcing manual operation until the threat is contained.
Featured In
'%3e%3cpath%20fill='%23E40784'%20d='M141.363%2026.6a5.905%205.905%200%200%201-5.899-5.9%205.905%205.905%200%200%201%205.899-5.895%205.901%205.901%200%200%201%205.895%205.895%205.9%205.9%200%200%201-5.895%205.9Zm0-8.347a2.448%202.448%200%200%200%200%204.895%202.449%202.449%200%200%200%202.447-2.448%202.449%202.449%200%200%200-2.447-2.447ZM141.363%200c-.821%200-1.638.052-2.447.144v3.731a16.897%2016.897%200%200%201%202.447-.177c9.373%200%2017.002%207.626%2017.002%2017.002%200%20.825-.063%201.642-.177%202.448h3.732c.095-.81.143-1.627.143-2.448%200-11.411-9.285-20.7-20.7-20.7Z'/%3e%3cpath%20fill='%23E40784'%20d='M141.363%207.268c-.825%200-1.645.077-2.447.228v3.787a9.733%209.733%200%200%201%202.447-.313c5.369%200%209.734%204.368%209.734%209.734%200%20.832-.107%201.652-.313%202.447h3.783c.151-.802.228-1.623.228-2.447.004-7.412-6.024-13.436-13.432-13.436Z'/%3e%3cpath%20fill='%23fff'%20d='M71.382%207.537h-2.84a5.82%205.82%200%200%200-5.815%205.818v9.785h4.037v-9.789a1.78%201.78%200%200%201%201.777-1.777h2.841V7.537ZM80.539%2019.1a3.787%203.787%200%200%201-3.783-3.784%203.787%203.787%200%200%201%203.783-3.783%203.787%203.787%200%200%201%203.783%203.784%203.787%203.787%200%200%201-3.783%203.783Zm0-11.6c-4.313%200-7.82%203.507-7.82%207.82%200%204.313%203.507%207.82%207.82%207.82%201.372%200%202.66-.357%203.78-.982v.982h4.036V15.32c.004-4.313-3.503-7.82-7.816-7.82ZM41.806%2018.71a5.512%205.512%200%200%201-4.34%202.1%205.55%205.55%200%200%201-5.541-5.541%205.55%205.55%200%200%201%205.542-5.543c1.696%200%203.279.766%204.339%202.102l.088.114%201.656-1.656-.077-.092a7.865%207.865%200%200%200-6.01-2.797c-4.339%200-7.871%203.533-7.871%207.872s3.532%207.871%207.871%207.871a7.865%207.865%200%200%200%206.01-2.797l.077-.091-1.656-1.656-.088.113ZM19.479%207.397c-4.34%200-7.872%203.53-7.872%207.872%200%204.342%203.533%207.871%207.872%207.871a7.883%207.883%200%200%200%207.205-4.71l.081-.18H24.15l-.037.058a5.543%205.543%200%200%201-10.05-1.873h13.2l.015-.11c.048-.357.073-.714.073-1.053%200-4.346-3.529-7.875-7.871-7.875Zm-5.417%206.705a5.54%205.54%200%200%201%205.417-4.376%205.54%205.54%200%200%201%205.417%204.376H14.06ZM46.192%2023.14h2.33v-8.847a4.599%204.599%200%200%201%204.593-4.592%204.599%204.599%200%200%201%204.592%204.592v8.844h2.33v-9.149h-.008a6.887%206.887%200%200%200-2.082-4.648%206.89%206.89%200%200%200-4.832-1.972%206.863%206.863%200%200%200-4.593%201.751V.545h-2.33V23.14ZM2.686%207.393H0v2.33h2.686v8.471a4.944%204.944%200%200%200%204.94%204.939h2.435v-2.33H7.625a2.613%202.613%200%200%201-2.609-2.612V9.726h3.772v-2.33H5.016V1.84h-2.33v5.553ZM101.968%208.457a7.721%207.721%200%200%200-2.547-.858c-.088-.014-.177-.03-.265-.04-.1-.011-.199-.022-.302-.03a9.993%209.993%200%200%200-.574-.029c-.022%200-.04-.004-.062-.004h-.037c-4.313%200-7.82%203.507-7.82%207.82%200%204.313%203.507%207.82%207.82%207.82h.037c.25%200%20.496-.014.743-.04l.037-.003a7.742%207.742%200%200%200%203.003-.939v.979h4.037L106.005.537h-4.037v7.92Zm0%206.863a3.788%203.788%200%200%201-3.769%203.78%203.786%203.786%200%200%201-3.76-3.78c0-2.08%201.688-3.772%203.764-3.78a3.787%203.787%200%200%201%203.765%203.78ZM119.75%2023.11h4.037V15.299c-.011-4.302-3.515-7.798-7.82-7.798-4.313%200-7.821%203.507-7.821%207.82%200%204.313%203.508%207.82%207.821%207.82%201.372%200%202.66-.357%203.783-.982v.953Zm-3.783-4.01a3.786%203.786%200%200%201-3.783-3.784%203.786%203.786%200%200%201%203.783-3.783%203.79%203.79%200%200%201%203.783%203.78v.003a3.787%203.787%200%200%201-3.783%203.784ZM132.273%207.5a5.824%205.824%200%200%200-5.818%205.818v9.822h4.037v-9.822a1.78%201.78%200%200%201%201.777-1.777h2.841V7.5h-2.837ZM173.736%2020.807a5.534%205.534%200%200%201-5.527-5.527%205.534%205.534%200%200%201%205.527-5.528%205.535%205.535%200%200%201%205.528%205.528%205.535%205.535%200%200%201-5.528%205.527Zm0-13.399a7.852%207.852%200%200%200-5.527%202.274V7.393h-2.344V30h2.344v-9.127a7.836%207.836%200%200%200%205.527%202.275c4.339%200%207.872-3.533%207.872-7.872s-3.533-7.868-7.872-7.868ZM186.735%2023.14h-2.385v-9.81a5.84%205.84%200%200%201%205.833-5.834h2.848v2.385h-2.848a3.45%203.45%200%200%200-3.448%203.448v9.811ZM202.813%209.774a5.535%205.535%200%200%200-5.528%205.528%205.535%205.535%200%200%200%205.528%205.527%205.534%205.534%200%200%200%205.527-5.527%205.534%205.534%200%200%200-5.527-5.528Zm0%2013.4c-4.339%200-7.872-3.533-7.872-7.872%200-4.34%203.533-7.872%207.872-7.872s7.872%203.53%207.872%207.872c0%204.339-3.533%207.871-7.872%207.871Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h210.68v30H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Key Capabilities
Sovereign Water Data
All treatment and distribution control data remains within the agreed jurisdiction in secured Firevault Bunkers, meeting Ofwat and DWI requirements.
Multi-Party Process Control
Changes to treatment parameters require authorisation from both operations and water quality teams, preventing unilateral modifications.
DWI and NIS2 Evidence
Automated compliance logging maps directly to Drinking Water Inspectorate requirements and NIS2 Article 21 outcomes for water companies.
Cellular SCADA Failover
Out-of-band management via cellular connectivity ensures control over treatment systems independent of primary communications infrastructure.
Process Change Audit
Every dosing parameter change, valve operation, and access authorisation is recorded in tamper-proof logs for DWI and regulatory audit.
Safe State Recovery
Air-gapped copies of treatment configurations ensure rapid restoration to known-safe operating parameters during compromise scenarios.
Demo to Live
Adoption Guide
Water Network Assessment
Map all network paths between corporate IT, treatment SCADA, distribution SCADA, water quality systems, and remote pumping stations.
Treatment Zone Design
Design physically separated zones for treatment, distribution, quality monitoring, and corporate systems with Control modules at each boundary.
Single Works Pilot
Deploy at one treatment works with full SCADA isolation, multi-party process authorisation, and compliance logging to validate operational procedures.
Company-Wide Deployment
Phased deployment across all treatment works and pumping stations with air-gapped recovery, continuous compliance evidence, and cellular management.
Water Network Assessment
Map all network paths between corporate IT, treatment SCADA, distribution SCADA, water quality systems, and remote pumping stations.
Treatment Zone Design
Design physically separated zones for treatment, distribution, quality monitoring, and corporate systems with Control modules at each boundary.
Single Works Pilot
Deploy at one treatment works with full SCADA isolation, multi-party process authorisation, and compliance logging to validate operational procedures.
Company-Wide Deployment
Phased deployment across all treatment works and pumping stations with air-gapped recovery, continuous compliance evidence, and cellular management.
Win Business, Earn Trust, and Build Reputation with Butterfly
Butterfly is an operational model that helps organisations structure sensitive data to close deals faster, strengthen client relationships, and demonstrate the governance maturity that wins enterprise contracts.
Built on the VPPP framework (Vault, Policy, Permissions, Purpose), Butterfly maps your sensitive data and assigns dedicated Vaults by role, relationship, and purpose, turning data stewardship into a competitive advantage.
Deal Readiness
Governed materials ready to share with confidence
Client Trust
Demonstrate stewardship that earns loyalty
Board Confidence
Clear governance that inspires stakeholders
Enterprise Scale
Structure data governance across your organisation
Who Uses Butterfly?
-
Sales Teams
Secure client proposals, pricing, and commercial intelligence
-
Service Providers
Exchange sensitive documents with clients through governed Vaults
-
Businesses
Protect strategic plans, IP, and competitive intelligence
-
Family Offices
Structure data governance across principals, staff, and advisors
Explore More
Control for Utilities
Physical isolation for power grid and utility SCADA.
Learn more about Control for UtilitiesControl for Critical Infrastructure
National-grade security for essential services.
Learn more about Control for Critical InfrastructureIT/OT Convergence Threat
Physically separate IT from operational technology.
Learn more about IT/OT Convergence ThreatQuestions
Frequently Asked
Ready to take the next step?
See how Control can govern your data paths with physical enforcement no software exploit can bypass.
Speak to the team to organise a PoC
Walk through your blueprint with the Firevault team and scope a proof of concept on your estate. 30 minutes, no sales pitch.