NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.
Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.
An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The NIST Process Control Security Requirements Forum (PCSRF) and the Future of Industrial Control System Security
Published
Author(s)
Keith A. Stouffer, Joseph Falco, Frederick M. Proctor
Abstract
This paper will provide an overview of the Process Control Security Requirements Forum (PCSRF) and the System Protection Profile for Industrial Control Systems (SPP-ICS) document. The SPP-ICS presents a cohesive, crossindustry, baseline set of security requirements for new industrial process control systems. It is based on the ISO/IEC 15408 Common Criteria, a widely used standard for defining traditional IT security requirements. The SPP-ICS can be combined with specific pulp/paper security requirements to produce a document that addresses future security requirements for the pulp/paper industry.
Common Criteria, Control, PCSRF, Process Control, Protection Profile, Security, Security, Standards
Citation
Stouffer, K.
, Falco, J.
and Proctor, F.
(2004),
The NIST Process Control Security Requirements Forum (PCSRF) and the Future of Industrial Control System Security, Proceedings of the 2004 TAPPI Paper Summit, Atlanta, GA, USA, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=822491
(Accessed October 11, 2025)