NIST SPECIAL PUBLICATION 1800-23
Energy Sector Asset Management
Energy Sector Asset Management¶
For Electric Utilities, Oil & Gas Industry
Includes Executive Summary (A); Approach, Architecture, and Security Characteristics (B); and How-To Guides (C)
James McCarthy
Lauren Acierto
Glen Joy
Jason Kuruvilla
Titilayo Ogunyale
Nikolas Urlaub
John Wiltberger
Devin Wynne
Final
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.1800-23
The first draft of this publication is available free of charge from: https://www.nccoe.nist.gov/library/energy-sector-asset-management-nist-sp-1800-23-practice-guide
NIST SPECIAL PUBLICATION 1800-23
Energy Sector Asset Management
Includes Executive Summary (A); Approach, Architecture, and Security Characteristics (B); and How-To Guides (C)
James McCarthy
Glen Joy
National Cybersecurity Center of Excellence
Information Technology Laboratory
Lauren Acierto
Jason Kuruvilla
Titilayo Ogunyale
Nikolas Urlaub
John Wiltberger
Devin Wynne
The MITRE Corporation
McLean, Virginia
Final
May 2020
U.S. Department of Commerce
Wilbur Ross, Secretary
National Institute of Standards and Technology
Walter G. Copan, Undersecretary of Commerce for Standards and Technology and Director
- 1 Summary
- 2 How to Use This Guide
- 3 Approach
- 4 Architecture
- 5 Functional Test Plan
- 6 Security Characteristic Analysis
- 6.1 Assumptions and Limitations
- 6.2 Analysis of the Reference Design’s Support for Cybersecurity Framework Subcategories
- 6.2.1 ID.AM-1: Physical Devices and Systems Within the Organization Are Inventoried
- 6.2.2 ID.RA-2: Threat and Vulnerability Information Is Received from Information-Sharing Forums and Sources
- 6.2.3 PR.DS-2: Data in Transit Is Protected
- 6.2.4 PR.MA-1: Maintenance and Repair of Organizational Assets Are Performed and Logged in a Timely Manner with Approved and Controlled Tools
- 6.2.5 PR.MA-2: Remote Maintenance of Organizational Assets Is Approved, Logged, and Performed in a Manner that Prevents Unauthorized Access
- 6.2.6 PR.PT-4: Communications and Control Networks Are Protected
- 6.2.7 DE.AE-1: A Baseline of Network Operations and Expected Data Flows for Users and Systems Is Established and Managed
- 6.2.8 DE.AE-2: Detected Events Are Analyzed to Understand Attack Targets and Methods
- 6.3 Lessons Learned
- 7 Future Build Considerations
- Appendix A List of Acronyms
- Appendix B References
- 1 Introduction
- 2 Product Installation Guides
- 2.1 ConsoleWorks
- 2.2 Forescout CounterACT
- 2.3 Dragos Platform
- 2.4 FoxGuard Patch and Update Management Program
- 2.5 Kore Wireless
- 2.6 pfSense VPN
- 2.7 Splunk
- 2.8 Tripwire Industrial Visibility
- Appendix A List of Acronyms