Blog Viewer

NIST Publishes final NIST SP 800-82, Revision 2, Guidance for Industrial Control Systems (ICS) Security

By Nadya Bartol posted 06-09-2015 14:53

  

National Institute of Standards and Technology (NIST) released the final version of guidance for Industrial Control System (ICS) Security.  This is the Revision 2 of the document that was preceded by a release of two drafts for public comment.  NIST Special Publication (SP) 800-82 is an almost 250-page document that provides a thorough overview of ICSs and how ICSs are different for IT systems, as well as a variety of considerations for ICS security.  The document defines ICS as including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC).  The document addresses typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks.  Appendix G provides an ICS overlay of NIST SP 800-53 controls, which, in laymen’s terms, includes which of NIST SP 800-53 controls apply, which do not apply, and which are augmented for use with ICSs.

 

The document is available for downloading at http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf.

0 comments
110 views

Permalink