Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guidance and Performance Impact Testing to Support the use of Antivirus Software on SCADA and Industrial Control Systems

Published

Author(s)

Joseph Falco, M Lochner, D Teumim

Abstract

End-users and vendors of control systems used in Supervisory Control and Data Acquisition (SCADA) and Industrial Control System(s) (ICS) have expressed concerns that the deployment of antivirus software may interfere with the operation of time-critical control processes. This paper describes an effort to establish a set of guidelines and a test methodology for industry to help minimize performance degradation when deploying commercial off-the-shelf antivirus products with ICS. The effort is being performed for industry through a collaborative effort between the National Institute of Standards and Technology, and the Department of Energy?s National SCADA Test Bed at Sandia National Laboratories. A survey was conducted of end-users and vendors who are currently using or recommending the use of antivirus software with their ICS. Information gathered from industry includes system configurations, needs and priorities for performance, as well as current practices and problems using antivirus software on control system workstations and servers. Antivirus software vendors are also providing input to this study. Parallel to the survey, NIST is conducting a series of performance impact tests using commercially available antivirus software packages and control software within its Industrial Control Security Testbed. The results of the survey and testbed work are being compiled into a documented set of guidelines and a test methodology for industry. The test methodology will be presented as a general set of test procedures to be used by industry as a starting point when developing control system specific performance impact tests. A set of laboratory-based tests that demonstrate use of the test methodology and provide example performance data is also being developed in support of this effort.
Proceedings Title
Proceedings of the
Conference Dates
October 25-27, 2005
Conference Location
Chicago , IL, USA
Conference Title
ISA Expo

Keywords

Antivirus Software, Control, Guidelines, Industrial Control Systems, Performance Metrics, SCADA, Security

Citation

Falco, J. , Lochner, M. and Teumim, D. (2006), Guidance and Performance Impact Testing to Support the use of Antivirus Software on SCADA and Industrial Control Systems, Proceedings of the, Chicago , IL, USA, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=822688 (Accessed May 19, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created June 25, 2006, Updated October 12, 2021