The NCCoE has released the final NISTIR 8219, Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection.
Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection
ICS monitor and control physical processes in many industries and sectors, including manufacturing. A cyberattack directed at a manufacturer’s infrastructure and ICS could cause harm to human life and property. The NCCoE along with NIST’s Engineering Lab (EL) developed guidance that organizations can use to protect their ICS and infrastructure by establishing an anomaly detection and prevention capability.
Implementing behavioral anomaly detection to help secure manufacturing ICS
Project Abstract
Industrial Control Systems (ICS) are used in many industries to monitor and control physical processes. Increasingly, ICS are becoming more interconnected, mutually dependent systems. As ICS adopt commercially available information technology to enable connectivity and remote access capabilities of corporate business systems, it becomes more exposed to the outside world and vulnerable to cybersecurity threats that can disrupt operations.
The NCCoE and members of the NIST EL have demonstrated a set of behavioral anomaly detection capabilities to help manufacturers detect anomalous conditions in their ICS and operating environments. These capabilities are presented in a NIST Interagency Report (NISTIR) that provides practical approaches that organizations can use to strengthen the cybersecurity of their manufacturing processes. Implementing behavioral anomaly detection tools gives manufacturers a key security component that can sustain and protect their operations, particularly those based on ICS.
As manufacturers embrace technology to boost productivity and gain efficiencies, they must also use it to bolster their cyber defenses to protect their people, data, and operations.
Collaborating Vendors
Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.
Join the Community of Interest
A Community of Interest (COI) is a group of professionals and advisors that share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Members typically meet monthly by teleconference. Share your expertise and consider becoming a member of this project's COI.
