NIST’s National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Capabilities Assessment for Securing Manufacturing Industrial Control Systems.
It addresses businesses’ most pressing cybersecurity problems with practical, standards-based solutions using commercially available technologies
NIST is developing a series of reference designs demonstrating four cybersecurity capabilities for manufacturing organizations. Each reference design will highlight an individual capability: Behavioral Anomaly Detection, ICS Application Whitelisting, Malware Detection and Mitigation, and ICS Data Integrity.
This document is part one of a four-part series and addresses only behavioral anomaly detection capabilities.
For each of the four capabilities listed above, the NCCoE, in collaboration with the NIST Engineering Laboratory (EL), will map the security characteristics to the NIST Cyber Security Framework, which will provide standards-based security controls for manufacturers.
In addition, the NCCoE and EL will implement each of the capabilities in two distinct but related lab settings: a robotics-based manufacturing enclave, and a process control enclave, similar to what is being used by chemical manufacturing industries, according to NIST.
This project will result in a publicly available NIST Cybersecurity Practice Guide, a detailed implementation guide of the practical steps needed to implement the cybersecurity reference design that addresses this challenge, said NIST.
With these capabilities in place, manufacturers will find it easier to detect anomalous conditions, control what programs and applications are executed in their operating environments, mitigate or vanquish malware attacks, and ensure the integrity of critical operational data, said NIST.
NIST is seeking feedback is seeking comments on the project idea, technology, standards, and potential solution. The comment period closes Wednesday, December 7, 2016.
