Guidance and Performance Impact Testing to Support the use of Antivirus Software on SCADA and Industrial Control Systems
Joseph Falco, M Lochner, D Teumim
End-users and vendors of control systems used in Supervisory Control and Data Acquisition (SCADA) and Industrial Control System(s) (ICS) have expressed concerns that the deployment of antivirus software may interfere with the operation of time-critical control processes. This paper describes an effort to establish a set of guidelines and a test methodology for industry to help minimize performance degradation when deploying commercial off-the-shelf antivirus products with ICS. The effort is being performed for industry through a collaborative effort between the National Institute of Standards and Technology, and the Department of Energy?s National SCADA Test Bed at Sandia National Laboratories. A survey was conducted of end-users and vendors who are currently using or recommending the use of antivirus software with their ICS. Information gathered from industry includes system configurations, needs and priorities for performance, as well as current practices and problems using antivirus software on control system workstations and servers. Antivirus software vendors are also providing input to this study. Parallel to the survey, NIST is conducting a series of performance impact tests using commercially available antivirus software packages and control software within its Industrial Control Security Testbed. The results of the survey and testbed work are being compiled into a documented set of guidelines and a test methodology for industry. The test methodology will be presented as a general set of test procedures to be used by industry as a starting point when developing control system specific performance impact tests. A set of laboratory-based tests that demonstrate use of the test methodology and provide example performance data is also being developed in support of this effort.
, Lochner, M.
and Teumim, D.
Guidance and Performance Impact Testing to Support the use of Antivirus Software on SCADA and Industrial Control Systems, Proceedings of the, Chicago , IL, USA, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=822688
(Accessed December 9, 2023)