NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector

Published

Author(s)

Michael Powell, Michael Pease, Keith A. Stouffer, CheeYee Tang, Timothy Zimmerman, Chelsea Dean, Kangmin Zheng, John Hoyt, Mary Raguso, Joseph Brule, Aslam Sherule, Matthew Zopf

Abstract

Today's manufacturing organizations rely on industrial control systems (ICS) to conduct their operations. Increasingly, ICS are facing more frequent, sophisticated cyber attacks—making manufacturing the second-most-targeted industry. Cyber attacks against ICS threaten operations and worker safety, resulting in financial loss and harm to the organization's reputation. The architecture and solutions presented in this guide are built upon standards-based, commercially available products, and represent some of the possible solutions. The solutions implement standard cybersecurity capabilities such as behavioral anomaly detection (BAD), application allowlisting (AAL), file integrity-checking, change control management, and user authentication and authorization. The solution was tested in two distinct lab settings: a discrete manufacturing workcell, which represents an assembly line production, and a continuous process control system (PCS), which represents chemical manufacturing industries. An organization that is interested in protecting the integrity of a manufacturing system and information from destructive malware, insider threats, and unauthorized software should first conduct a risk assessment and determine the appropriate security capabilities required to mitigate those risks. Once the security capabilities are identified, the sample architecture and solution presented in this document may be used.
Citation
Special Publication (NIST SP) - 1800-10
Report Number
1800-10
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.SP.1800-10
Local Download

Keywords

Application allowlisting, behavioral anomaly detection, file integrity checking, firmware modification, industrial control systems, manufacturing, remote access, software modification, user authentication, user authorization.
Manufacturing

Citation

Powell, M. , Pease, M. , Stouffer, K. , Tang, C. , Zimmerman, T. , Dean, C. , Zheng, K. , Hoyt, J. , Raguso, M. , brule, J. , Sherule, A. and Zopf, M. (2022), Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.1800-10, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=934170 (Accessed October 10, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created March 16, 2022, Updated November 29, 2022
Was this page helpful?