Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Keeping the Lights On

By: Ron Ross
Image of power lines after dark

The only thing worse than a pandemic would be a pandemic without power. If the lights dim due to a disruption in power generation or distribution, our productivity and quality of life do, too. In today’s cyber environment, diverse and highly skilled adversaries including nation-states, transnational groups, and criminal gangs, are seeking to subvert our critical systems such as the power grid. The National Security Agency (NSA) and the Department of Homeland Security (DHS) recently issued an alert recommending that all asset owners and operators of critical infrastructure take immediate steps to reduce exposure across their operational technologies and control systems. The alert warns that our most critical infrastructures (e.g., the energy, communications and manufacturing sectors) are vulnerable to cybersecurity attacks.

NIST has resources that can help our critical infrastructure sectors as they implement the recommendations from NSA and DHS. NIST provides Industrial Control Systems (ICS) security guidance and state-of-the-practice security controls to help organizations implement many of these recommendations along with practical example solutions.

Today’s complex systems in critical infrastructure applications need a multidimensional protection strategy that includes a high degree of penetration resistance, damage-limiting and open system architectures, and the implementation of techniques and approaches that achieve true cyber resiliency We should not presume a particular outcome or solution to this difficult and challenging problem, but rather begin to address both the immediate technical solutions while working on the longer-term solutions. 

Some organizations are looking to highly assured, trusted operating systems to be a foundational part of the defensive tool kit of developers and operators of critical systems, such as those described by NSA and DHS in their alert.

NIST’s systems security engineering guideline, SP 800-160, Vol. 1, states that “trustworthy components within Industrial Control Systems, including for example, highly assured, kernel-based operating systems in Programmable Logic Controllers, can help achieve a high degree of system integrity and availability through domain separation with control over cross-domain flows and use of shared resources.” Today’s trusted operating systems include a multitude of commercial vendors, albeit at differing levels of assurance. Several commercially built operating systems have met the most rigorous NSA specification (i.e., Trusted Computer System Evaluation Criteria Class A1) and some of these systems have been independently evaluated. In addition to trusted operating systems, NIST also has extensive guidance on developing cyber resilient systems, capable of addressing attacks from Advanced Persistent Threats.

To address the need for trustworthy systems and components, critical infrastructure owners and operators need to determine how much it would cost to transition current platforms to highly assured operating systems and how long it would take. These costs must be balanced against the costs of not implementing this type of high assurance solution or determining alternative risk mitigations. The goal should be to find the most efficient path for developing systems with a high degree of security.

But what about the long-term solution for protecting critical systems in an era of complex systems, hyper connectivity, and cyber-physical convergence? NIST, along with its agency partners and industry, is working on that. In addition to the resources listed above, the following references may also be useful to help ensure that critical systems have the appropriate levels of protection, assurance, and resiliency to facilitate trust in those systems.

About the author

Ron Ross

Ron Ross is a computer scientist and Fellow at the National Institute of Standards and Technology. He specializes in cybersecurity, risk management, and systems security engineering.  Ron is a retired Army officer who, when not defending cyberspace, follows his passion for NASCAR and takes care of his adopted rescue dog, Sophie.


great to know about cyber resiliency goals and cyber resiliency objectives at the time of persistent cyber security threats. Nice article

Awesome post ! thank you so much for sharing. keep sharing.

Add new comment

Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.