Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST TN 2283 (Initial Public Draft)

Cybersecurity for the Water and Wastewater Sector: Build Architecture. Operational Technology Remote Access

Date Published: June 12, 2024
Comments Due: July 15, 2024
Email Comments to:


CheeYee Tang (NIST), Don Faatz (MITRE), Bob Stea (MITRE), John Wiltberger (MITRE), Chalessa White (MITRE)


The National Cybersecurity Center of Excellence (NCCoE) has undertaken a project to identify common cybersecurity challenges among Water and Wastewater Systems (WWS) sector participants, develop reference cybersecurity architectures, and propose the utilization of existing commercially available products to mitigate and manage risks. The reference cybersecurity architectures outlined in this report can be voluntarily leveraged by water and wastewater utilities to use commercially available technologies and existing standards and best practices to address their cybersecurity risks.

The publication is designed for use by those in the water and wastewater systems sector. The architectures presented in this report for water and wastewater utilities are categorized by system size; specifically, from very small to small (25-3,300 customers) and the medium to large (3,301 – 100,000 customer) size ranges. This categorization allows the use of appropriate technologies based on assumptions of system complexity, budgetary constraint, and operational requirements. This proposed guidance does not offer prescriptive solutions but rather showcases example approaches appropriate within each range of system sizes.



multi-factor authentication; remote access; secure communication
Control Families

None selected


Download URL

Supplemental Material:
Project homepage

Document History:
06/12/24: TN 2283 (Draft)