Email this Article Email   

CHIPS Articles: NIST Offers Insight into Detecting and Protecting Against Cyber-attacks in Industrial Control Systems

NIST Offers Insight into Detecting and Protecting Against Cyber-attacks in Industrial Control Systems
By CHIPS Magazine - June 19, 2019
Many manufacturing companies that rely on industrial control systems (ICS) to monitor and control physical processes to produce goods for public consumption are facing an increasing number of cyber-attacks. The U.S. Department of Homeland Security reports that the manufacturing industry is the second most targeted industry, based on the number of reported cyber-attacks. Given how critical ICS are to operations, cyber-attacks against ICS devices present a real threat to safety and production of goods, which can result in damaging economic impact to the manufacturing industry, and ultimately, U.S. prosperity.

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technoloy, in conjunction with NIST's Engineering Laboratory (EL) and industry collaborators, will explore how an organization can take a comprehensive approach to securing ICS within the manufacturing sector by leveraging the following cybersecurity capabilities: behavioral anomaly detection; security incident and event monitoring; ICS application white-listing; malware detection and mitigation; change control management; user authentication and authorization; access control least privilege; and file integrity-checking mechanisms, NIST said in a release.

The goal of this project is to demonstrate an example solution that protects the integrity of data from destructive malware, insider threats, and unlicensed software within manufacturing environments that rely on ICS. The EL and the NCCoE will map the security characteristics to the NIST Cybersecurity Framework, the National Initiative for Cybersecurity Education Framework, and NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, and will provide standards-based security controls for manufacturers.

Additionally, NIST will implement each of the listed capabilities in two distinct but related existing lab settings: a robotics-based manufacturing work cell and a process control system that resembles what is being used by chemical manufacturing industries. This project will result in a freely available NIST Cybersecurity Practice Guide, NIST stated.

The public comment period for this document ends July 25, 2019. See the publication details for a copy of the document, instructions for submitting comments, and information about the project.

Publication details: https://csrc.nist.gov/publications/detail/white-paper/2019/06/12/detecting-and-protecting-against-data-integrity-attacks-in-ics/draft

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer