Keith A. Stouffer

Keith Stouffer has been at the National Institute of Standards and Technology (NIST) since 1989, focusing on industrial control system security since 2000. Keith is the Group Leader of the Networked Control Systems Group, Smart Connected Systems in the Communications Technology Laboratory. Keith leads the Operational Technology Security Project, working jointly with the NIST Information Technology Laboratory, in cooperation with the public and private sector community, to develop specific guidance on the application of NIST security standards and guidelines to operational technology systems. Keith is the lead author of Special Publication 800-82 Guide to Industrial Control Systems Security, which provides guidance for the public and private sectors on how to secure industrial control systems while addressing their unique performance, reliability and safety requirements. Keith has also been active in the private sector standards community, providing input to the ISA99, IEC 62443 and NERC CIP security standards.

Awards

2021 Department of Commerce Bronze Medal for development and dissemination of the first detailed cybersecurity guidelines specifically for protecting small and medium-sized manufacturers.

2020 Department of Commerce Gold Medal for development of internationally adopted cybersecurity guidelines and tools that protect critical infrastructure and critical industrial processes.

2013 Gov30 Top Security Professionals Award

2007 Department of Commerce Bronze Medal

2006 Department of Commerce Gold Medal

News

NIST Releases Study on Blockchain and Related Technologies for Manufacturing Supply Chain Traceability

April 20, 2022

Manufacturing supply chains are increasingly susceptible to disruptions and are targets for bad actors seeking to steal proprietary information and/or sabotage

View All News

Publications

Guide to Operational Technology (OT) Security

September 28, 2023

Author(s)

Keith A. Stouffer, Michael Pease, CheeYee Tang, Timothy Zimmerman, Victoria Yan Pillitteri, Suzanne Lightman, Adam Hahn, Stephanie Saravia, Aslam Sherule, Michael Thompson

This document provides guidance on how to secure operational technology (OT) while addressing their unique performance, reliability, and safety requirements. OT

Blockchain and Related Technologies to Support Manufacturing Supply Chain Traceability

April 7, 2022

Author(s)

Keith A. Stouffer, Joshua Lubell, Michael Pease, Evan K. Wallace

As supply chains become more complex and the origins of products become harder to discern, efforts are emerging that improve traceability of goods by exchanging

Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector

March 16, 2022

Author(s)

Michael Powell, Michael Pease, Keith A. Stouffer, CheeYee Tang, Timothy Zimmerman, Chelsea Dean, Kangmin Zheng, John Hoyt, Mary Raguso, Joseph Brule, Aslam Sherule, Matthew Zopf

Today's manufacturing organizations rely on industrial control systems (ICS) to conduct their operations. Increasingly, ICS are facing more frequent

Model-Based Risk Analysis Approach for Network Vulnerability and Security of the Critical Railway Infrastructure

September 29, 2021

Author(s)

Himanshu Neema, Leqiang Wang, CheeYee Tang, Keith A. Stouffer, Xenofon Koutsoukos

This study focuses on threat modeling, vulnerability analysis, and risk management within the critical railway transportation infrastructure. The Railway

Cybersecurity Standards and Guidelines to Assist Small and Medium-Sized Manufacturers

March 21, 2021

Author(s)

Timothy Zimmerman, CheeYee Tang, Michael Pease, Keith A. Stouffer

Cybersecurity standards and guidelines produced by NIST can assist small and medium-sized manufacturers to protect their operational technology from

View more Publications

Keith A. Stouffer (Fed)

Awards

News

Publications