Date Published: November 7, 2016
Comments Due:
Email Questions to:
Author(s)
Keith Stouffer (NIST), James McCarthy (NIST)
Announcement
[Updated 12/2: deadline extended from 12/7 to 12/22]
The National Cybersecurity Center of Excellence (NCCoE) has posted a draft Project Description on the topic of Capabilities Assessment for Securing Manufacturing Industrial Control Systems.
Industrial Control Systems (ICS) monitor and control physical processes in many different industries and sectors, especially in manufacturing. A cyber attack directed at a manufacturing organization's infrastructure could result in detrimental consequences to both human life and property. In collaboration with the NIST Engineering Laboratory (EL), the NCCoE will produce a series of reference designs demonstrating four cybersecurity capabilities for the manufacturing sector.
For this project, the NCCoE and EL will examine behavioral anomaly detection and prevention mechanisms, to support a multifaceted approach of counteracting cyber attacks against ICS devices that provide the functionality necessary to run manufacturing processes.
The goal is to provide industry with detailed information to establish an anomaly detection and prevention capability in their own environments. By implementing behavioral anomaly detection tools, manufacturers are provided with a key security component that will aid in sustaining business operations, particularly those based on ICS.
This project will result in a NIST Cybersecurity Practice Guide and will be part one of a four-part series. While the reference design will focus on cybersecurity, the NCCoE example solution may also produce residual benefits to manufacturers for detecting anomalous conditions that are not security related.
Industrial Control Systems (ICS) monitor and control physical processes in many different industries and sectors. Cyber-attacks against ICS devices present a real threat to organizations that employ ICS to monitor and control manufacturing processes. The NIST Engineering Laboratory, in conjunction with the National Cybersecurity Center of Excellence, will produce a series of reference designs demonstrating four cybersecurity capabilities for manufacturing organizations. Each reference design will highlight an individual capability: Behavioral Anomaly Detection, ICS Application Whitelisting, Malware Detection and Mitigation, and ICS Data Integrity. This document is part one of a four-part series and addresses only behavioral anomaly detection capabilities.
With these capabilities in place, manufacturers will find it easier to detect anomalous conditions, control what programs and applications are executed in their operating environments, mitigate or vanquish malware attacks, and ensure the integrity of critical operational data.
For each of the four capabilities listed above, the NCCoE will map the security characteristics to the NIST Cyber Security Framework, which will provide standards-based security controls for manufacturers. In addition, the NCCoE will implement each of the capabilities in two distinct but related lab settings: a robotics-based manufacturing enclave, and a process control enclave, similar to what is being used by chemical manufacturing industries.
This project will result in a publicly available NIST Cybersecurity Practice Guide, a detailed implementation guide of the practical steps needed to implement the cybersecurity reference design that addresses this challenge.
Industrial Control Systems (ICS) monitor and control physical processes in many different industries and sectors. Cyber-attacks against ICS devices present a real threat to organizations that employ ICS to monitor and control manufacturing processes. The NIST Engineering Laboratory, in conjunction...
See full abstract
Industrial Control Systems (ICS) monitor and control physical processes in many different industries and sectors. Cyber-attacks against ICS devices present a real threat to organizations that employ ICS to monitor and control manufacturing processes. The NIST Engineering Laboratory, in conjunction with the National Cybersecurity Center of Excellence, will produce a series of reference designs demonstrating four cybersecurity capabilities for manufacturing organizations. Each reference design will highlight an individual capability: Behavioral Anomaly Detection, ICS Application Whitelisting, Malware Detection and Mitigation, and ICS Data Integrity. This document is part one of a four-part series and addresses only behavioral anomaly detection capabilities.
With these capabilities in place, manufacturers will find it easier to detect anomalous conditions, control what programs and applications are executed in their operating environments, mitigate or vanquish malware attacks, and ensure the integrity of critical operational data.
For each of the four capabilities listed above, the NCCoE will map the security characteristics to the NIST Cyber Security Framework, which will provide standards-based security controls for manufacturers. In addition, the NCCoE will implement each of the capabilities in two distinct but related lab settings: a robotics-based manufacturing enclave, and a process control enclave, similar to what is being used by chemical manufacturing industries.
This project will result in a publicly available NIST Cybersecurity Practice Guide, a detailed implementation guide of the practical steps needed to implement the cybersecurity reference design that addresses this challenge.
Hide full abstract
Keywords
Cyber Security Framework; CSF; industrial control system(s); ICS; manufacturing; control processes; behavioral anomaly
Control Families
Access Control; Identification and Authentication
