Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector



Michael Powell, Michael Pease, Keith A. Stouffer, CheeYee Tang, Timothy Zimmerman, Chelsea Dean, Kangmin Zheng, John Hoyt, Mary Raguso, Joseph Brule, Aslam Sherule, Matthew Zopf


Today's manufacturing organizations rely on industrial control systems (ICS) to conduct their operations. Increasingly, ICS are facing more frequent, sophisticated cyber attacks—making manufacturing the second-most-targeted industry. Cyber attacks against ICS threaten operations and worker safety, resulting in financial loss and harm to the organization's reputation. The architecture and solutions presented in this guide are built upon standards-based, commercially available products, and represent some of the possible solutions. The solutions implement standard cybersecurity capabilities such as behavioral anomaly detection (BAD), application allowlisting (AAL), file integrity-checking, change control management, and user authentication and authorization. The solution was tested in two distinct lab settings: a discrete manufacturing workcell, which represents an assembly line production, and a continuous process control system (PCS), which represents chemical manufacturing industries. An organization that is interested in protecting the integrity of a manufacturing system and information from destructive malware, insider threats, and unauthorized software should first conduct a risk assessment and determine the appropriate security capabilities required to mitigate those risks. Once the security capabilities are identified, the sample architecture and solution presented in this document may be used.
Special Publication (NIST SP) - 1800-10
Report Number


Application allowlisting, behavioral anomaly detection, file integrity checking, firmware modification, industrial control systems, manufacturing, remote access, software modification, user authentication, user authorization.


Powell, M. , Pease, M. , Stouffer, K. , Tang, C. , Zimmerman, T. , Dean, C. , Zheng, K. , Hoyt, J. , Raguso, M. , brule, J. , Sherule, A. and Zopf, M. (2022), Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed May 25, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created March 16, 2022, Updated November 29, 2022