Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guide to Operational Technology (OT) Security

Published

Author(s)

Keith A. Stouffer, Michael Pease, CheeYee Tang, Timothy Zimmerman, Victoria Yan Pillitteri, Suzanne Lightman, Adam Hahn, Stephanie Saravia, Aslam Sherule, Michael Thompson

Abstract

This document provides guidance on how to secure operational technology (OT) while addressing their unique performance, reliability, and safety requirements. OT encompasses a broad range of programmable systems and devices that interact with the physical environment (or manage devices that interact with the physical environment). These systems and devices detect or cause a direct change through the monitoring and/or control of devices, processes, and events. Examples include industrial control systems, building automation systems, transportation systems, physical access control systems, physical environment monitoring systems, and physical environment measurement systems. The document provides an overview of OT and typical system topologies, identifies common threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks.
Citation
Special Publication (NIST SP) - 800-82r3
Report Number
800-82r3

Keywords

computer security, distributed control systems (DCS), industrial control systems (ICS), information security, network security, operational technology (OT), programmable logic controllers (PLC), risk management, security controls, supervisory control and data acquisition (SCADA) systems.

Citation

Stouffer, K. , Pease, M. , Tang, C. , Zimmerman, T. , Pillitteri, V. , Lightman, S. , Hahn, A. , Saravia, S. , Sherule, A. and Thompson, M. (2023), Guide to Operational Technology (OT) Security, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-82r3, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956505 (Accessed May 28, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created September 28, 2023