Protecting Information and System Integrity in Industrial Control System Environments

To stay competitive, manufacturers are increasingly connecting their operational technology (OT) systems to their information technology (IT) systems. Manufacturers are harnessing technology to expand enterprise-wide connectivity and to enable remote access resulting in enhanced, more innovative business processes and capabilities.

Cybersecurity guidance that empowers manufacturers to protect their operations from data integrity attacks in Industrial Control System environments

To keep a competitive edge, manufacturers are connecting their operational technology (OT) systems to their information technology (IT) systems. While integrating IT and OT networks has helped manufacturers boost productivity and gain efficiencies, it has also made them more vulnerable to cybersecurity threats posed by malicious actors.
Status: Finalized Practice Guide
NIST SP 1800-10: Complete Guide (PDF)Web Version NIST SP 1800-10: Complete Guide (PDF)
NIST SP 1800-10: Complete Guide (HTML)Web Version NIST SP 1800-10: Complete Guide (HTML)
NIST SP 1800-10A: Executive SummaryDocument Version NIST SP 1800-10A: Executive Summary
NIST SP 1800-10B: Approach, Architecture, and Security CharacteristicsDocument Version NIST SP 1800-10B: Approach, Architecture, and Security Characteristics

Project Abstract

Many manufacturing organizations rely on industrial control systems (ICS) to monitor and control their machinery, production lines, and other physical processes that produce goods. To stay competitive, manufacturers are connecting their operational technology (OT) systems to their information technology (IT) systems to enhance their business processes and capabilities.  

Although the integration of IT and OT networks are helping manufacturers boost productivity and gain efficiencies, it has also provided malicious actors, including nation states, common criminals, and insider threats, a fertile landscape where they can exploit cybersecurity vulnerabilities to compromise the integrity of ICS and ICS data. The motivations behind these attacks can range from degrading manufacturing capabilities and financial gain, to causing reputational harm.   

This project has produced example solutions that manufacturing organizations can use to mitigate ICS integrity risks, strengthen the cybersecurity of OT systems, and protect the data that these systems process. 

As manufacturers embrace technology to boost productivity and gain efficiencies, they must also use it to bolster their cyber defenses to protect their people, data, and operations.

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Join the Community of Interest

A Community of Interest (COI) is a group of professionals and advisors that share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Members typically meet monthly by teleconference. Share your expertise and consider becoming a member of this project's COI.

Request to join
Employee speaking on video call with colleagues on online briefing with laptop at home