Asset Management

Current Status

This project is moving into the build phase. We have selected several technology collaborators for this project. Companies that have been selected to participate have signed a Cooperative Research and Development Agreement (CRADA; see an example) with NIST.

Download the Energy Sector Asset Management  project description for an overview of this project. 

Sign up for email alerts from the NCCoE to receive updates on our Energy Sector projects. If you have questions or would like to join our Community of Interest, please email the project team at energy_nccoe@nist.gov.

Summary

The National Cybersecurity Center of Excellence (NCCoE) at NIST is proposing a project to enhance the energy sector’s asset management capabilities for operational technology (OT). This project will include the development of a reference design and use commercially available technologies to develop an example solution that will help energy organizations address the security challenges of OT asset management.

Vulnerabilities in OT assets present opportunities for malicious actors to cause disruptions and power outages. To properly assess cybersecurity risk within the OT network, energy companies must be able to identify all their assets, especially the most critical.

This project will describe methods for managing, monitoring, and baselining assets and will also include information to help identify threats to these OT assets. It will result in a publicly available NIST Cybersecurity Practice Guide, a detailed implementation guide of the practical steps required to implement a cybersecurity reference design that addresses this challenge.

Collaborating Vendors

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

Dragos logo
ForeScout logo
Foxguard Solutions
KORE
Splunk logo
TDI Technologies logo
Tripwire logo
Veracity Industrial Networks