Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Using Host-based Anti-virus Software on Industrial Control Systems: Integration Guidance and a Test Methodology for Assessing Performance Impacts

Published

Author(s)

Joseph A. Falco, S Hurd, D Teumim

Abstract

End-users and vendors of Industrial Control System(s) (ICS) have expressed concerns that the deployment of anti-virus software may interfere with the operation of time-critical control processes. A set of guidelines and a test methodology were developed to help minimize and measure performance impacts caused by the addition of anti-virus software on ICS. The guidelines are based on the expertise of ICS end-users and vendors who are using anti-virus software on their ICSs as well as anti-virus software vendors. The test methodology provides a general set of procedures for use by industry as a starting point when developing control system specific performance impact tests. A laboratory test bed was used in the development of the test methodology and to demonstrate some of the performance impacts caused by the addition of anti-virus software. Discussions of practices currently in use to contend with these issues are reflected in the guidelines. In many cases, performance impacts can be reduced by using configuration settings, scanning practices and maintenance scheduling that are different than those recommended for typical IT system application of anti-virus software. Also provided is a collection of background information on ICSs and anti-virus software for IT and control system professionals who are responsible for securing these systems. This work is the result of a collaborative effort between the National Institute of Standards and Technology, and Sandia National Laboratories, under the guidance and sponsorship of the Department of Energy s Office of Electricity Delivery and Energy Reliability and their National SCADA Test Bed program.
Citation
Special Publication (NIST SP) - 1058
Report Number
1058

Keywords

anti-virus, computer security, DCS, Industrial Control Systems, Malware, performance impacts, SCADA

Citation

Falco, J. , Hurd, S. and Teumim, D. (2006), Using Host-based Anti-virus Software on Industrial Control Systems: Integration Guidance and a Test Methodology for Assessing Performance Impacts, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/nist.sp.1058 (Accessed February 27, 2024)
Created September 29, 2006, Updated November 10, 2018