Guides and best practices against cyber-attacks often provide only the illusion of security. In an attempt to turn that illusion into reality, the National Cybersecurity Center of Excellence at the National Institute of Standards and Technologies (NIST) intends to create a lab environment to simulate, test, and address cybersecurity problems for robotic-based and chemical manufacturing processes through standards-based solutions using commercially available software.
The intent is to produce a series of NIST Cybersecurity Practice Guides for four cybersecurity capabilities for manufacturers: Behavior Anomaly Detection, ICE Application Whitelisting, Malware Detection and Mitigation, and ICS Data Integrity. With these capabilities in place, manufacturers will be able to more easily detect anomalous conditions, control what programs and applications are executed in their operating environments, mitigate or vanquish malware attacks and ensure the integrity of critical operational data.
Two manufacturing lab infrastructures will be used: (1) a robotic-based manufacturing operation with two small, industrial grade robots and a supervisory Programmable Logic Controller with safety processing, and (2) a process control enclave using the Tennessee Eastman control problem as the continuous process model.
Interested parties may submit comments for this project through Dec. 7, 2016. NIST specifically seeks comments on:
- What potential technologies may be relevant to this project?
- If your organization has experienced behavioral anomaly detection challenges, how did you help resolve those concerns?
- Do you have guidance or thoughts on methods for improving behavioral anomaly detection within manufacturing ICS environments?
Comments may include suggestions of changes or additions that will improve the guide.
For more background information, we summarized the NIST Guide to Industrial Control Systems (ICS) Security, NIST SP 800-82, Revision 2, shortly after it was published in 2015 in the article Securing Industrial Control Systems from Cyber Attacks: Guidance for Manufacturers and Utilities.
Bill Wagner co-chairs Taft’s Privacy and Data Security Practice. He holds the CIPP/US and CIPP/G designations.