This bulletin summarizes the information presented in NIST Special Publication (SP) 800-82, Guide to Industrial Control Systems Security: Recommendations of the National Institute of Standards and Technology. The publication was written by Keith Stouffer and by Joe Falco of NIST, and by Karen Scarfone (formerly of NIST). The guide examines the vulnerabilities and threats to industrial control systems (ICS) and recommends a risk-based approach for establishing security countermeasures that will protect systems and meet an organizations specific business and operational requirements. The bulletin discusses the contents of the publication, including the types of industrial control systems, the vulnerabilities and risks to ICS, the implementation of security objectives, and the application of security controls to ICS. References are provided to NIST Web sites and publications that support the design, development and operation of secure ICS.
Citation: ITL Bulletin -
NIST Pub Series: ITL Bulletin
Pub Type: NIST Pubs
cyber security, distributed control systems (DCS), Federal Information Security Management Act (FISMA), Industrial Control Systems (ICS), information security, information technology (IT) security, programmable logic controllers (PLC), supervisory control and data acquisition (SCADA), security controls, security plans, security policies, threats, vulnerabilities