Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guide to Industrial Control Systems (ICS) Security

Published

Author(s)

Keith A. Stouffer, Victoria Y. Pillitteri, Suzanne Lightman, Marshall Abrams, Adam Hahn

Abstract

This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements. The document provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks. [Supersedes NIST SP 800-82 Rev. 1 (May 2013): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913905]
Citation
Special Publication (NIST SP) - 800-82 Rev 2
Report Number
800-82 Rev 2

Keywords

Computer security, distributed control systems (DCS), industrial control systems (ICS), information security, network security, programmable logic controllers (PLC), risk management, security controls, supervisory control and data acquisition (SCADA) systems

Citation

Stouffer, K. , Pillitteri, V. , Lightman, S. , Abrams, M. and Hahn, A. (2015), Guide to Industrial Control Systems (ICS) Security, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-82r2 (Accessed March 29, 2024)
Created June 3, 2015, Updated November 10, 2018