Email this Article Email   

CHIPS Articles: Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection

Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection
By CHIPS Magazine - November 8, 2018
Industrial control systems (ICS) are used in many industries to monitor and control physical processes. As businesses continue to adopt commercially available information technology to promote system connectivity and remote access capabilities, ICS also become more vulnerable to cybersecurity threats.

Attacks can occur via accidental or deliberate introduction of anomalous data into a manufacturing process on an ICS device and can result in grave damage to manufacturing infrastructure as well as cause physical harm to employees.

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence (NCCoE), in conjunction with NIST’s Engineering Laboratory, demonstrated a suite of behavioral anomaly detection (BAD) capabilities to help ensure cybersecurity in manufacturing organizations, NIST said in a release.

By using these capabilities manufacturers will be able to detect anomalous conditions in their operating environments to mitigate malware attacks and other threats to the integrity of critical operational data. NIST’s NCCoE and the Engineering Lab mapped these demonstrated capabilities to the Cybersecurity Framework and have documented how this set of standards-based controls can support many of the security requirements of manufacturers. Based on the results of the demonstration, NIST issued draft Internal Report (NISTIR) 8219 “which documents the use of BAD capabilities in two distinct, but related, demonstration environments: a robotics-based manufacturing system and a process control system that resembles what is being used by chemical manufacturing industries,” NIST explained.

The NCCoE, in conjunction with the NIST Engineering Laboratory, has developed an example solution that demonstrates how a manufacturing company can improve the security of its ICS through behavioral anomaly detection. NISTIR 8219 details one cybersecurity capability that will later be researched in tandem with other cybersecurity capabilities in a full practice guide. The guidance has been developed by using standards-based, commercially available technologies and industry best practices.

NIST is asking for comments regarding the draft guide, Draft NISTIR 8219. Comments may be submitted online, or via email to Comments are due Dec. 6, 2018.

Draft NISTIR 8219 authors: James McCarthy (NIST), Michael Powell (NIST), Keith Stouffer (NIST), CheeYee Tang (NIST), Timothy Zimmerman (NIST), William Barker (Dakota Consulting), Titilayo Ogunyale (MITRE), Devin Wynne (MITRE), Johnathan Wiltberger (MITRE)

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer