Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection--NIST Releases Draft NISTIR 8219 for Comment
November 07, 2018

Many manufacturing organizations leverage industrial control systems (ICS) to monitor and control physical processes. As ICS continue to adopt standard commercial information technology (IT) solutions to promote corporate business systems connectivity and remote access capabilities, ICS become more vulnerable to cyberthreats. These attacks can occur through either accidental or deliberate introduction of anomalous data into a manufacturing process on an ICS device and can result in serious damage to manufacturing infrastructure and even physical harm to employees.

The National Cybersecurity Center of Excellence (NCCoE), in conjunction with the NIST Engineering Laboratory, has developed an example solution that demonstrates how a manufacturing company can improve the security of its ICS through behavioral anomaly detection. This can not only help companies detect and mitigate cyberattacks but also help manufacturers detect anomalous conditions related to a cyber attack.

This report—Draft NIST Internal Report (NISTIR) 8219, Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection—details one cybersecurity capability that will later be researched in tandem with other cybersecurity capabilities in a full practice guide. This guidance has been developed  by using standards-based, commercially available technologies and industry best practices.

The public comment period for this document is open until December 6, 2018. Comments may be submitted online, or via email to  

Created November 07, 2018, Updated June 22, 2020