SP 800-160 Vol. 2 (Draft)

Developing Cyber Resilient Systems: A Systems Security Engineering Approach

Date Published: September 2019
Comments Due: November 1, 2019 (public comment period is CLOSED)
Email Questions to: sec-cert@nist.gov

Planning Note (9/16/2019):

The PDFs have been fixed so that hyperlinks are now active. This is the Final Public Draft of NIST SP 800-160 Volume 2.


Ron Ross (NIST), Victoria Pillitteri (NIST), Richard Graubart (MITRE), Deborah Bodeau (MITRE), Rosalie McQuaid (MITRE)


Draft NIST SP 800-160, Volume 2 presents the cyber resiliency engineering framework (conceptual framework) for understanding and applying cyber resiliency, a concept of use for the conceptual framework, and specific engineering considerations for implementing cyber resiliency in the system life cycle.

We encourage you to use the comment template provided when submitting comments. Please submit comments to sec-cert@nist.gov by November 1, 2019.

NOTE: A call for patent claims is included on page vi of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications



advanced persistent threat; controls; cyber resiliency; cyber resiliency approaches; cyber resiliency design principles; cyber resiliency engineering framework; cyber resiliency goals; cyber resiliency objectives; cyber resiliency techniques; risk management strategy; system life cycle; systems security engineering; trustworthy
Control Families

None selected