Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Initial Public Draft Special Publication 800-82 Revision 2, Guide to Industrial Control Systems (ICS) Security
May 13, 2014

NIST announces the release of Special Publication 800-82, Revision 2Guide to Industrial Control System (ICS) Security. Special Publication 800-82 provides guidance on how to improve the security in Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing unique performance, reliability, and safety requirements. Special Publication 800-82: (i) provides an overview of ICS and typical system topologies; (ii) identifies typical threats to organizational missions and business functions supported by ICS; (iii) describes typical vulnerabilities in ICS; and (iv) provides recommended security controls (i.e., safeguards and countermeasures) to respond to the associated risks. 
 
This document is the second revision to NIST SP 800-82, Guide to Industrial Control Systems (ICS) Security. Updates in this revision include:

  • Updates to ICS threats and vulnerabilities.
  • Updates to ICS risk management, recommended practices and architectures;
  • Updates to current activities in ICS security.
  • Updates to security capabilities and tools for ICS.
  • Additional alignment with other ICS security standards and guidelines.
  • New tailoring guidance for NIST SP 800-53, Revision 4 security controls including the introduction of overlays.
  • An ICS overlay for NIST SP 800-53, Revision 4 security controls that provides tailored security control baselines for Low, Moderate, and High impact ICS.

Comment period CLOSED on: July 18, 2014. Questions? Send email to: nist800-82rev2comments@nist.gov

Created December 21, 2016, Updated August 29, 2017