Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection

NIST
July 17, 2020

REPORT Details

Introduction

The goal of this National Institute of Standards and Technology (NIST) Interagency Report (NISTIR) is to show practical approaches that manufacturers can use to strengthen cybersecurity in their manufacturing processes. Behavioral anomaly detection (BAD) tools can provide a key security component for sustaining business operations, particularly those based on industrial control systems (ICS). Because introducing anomalous data into a manufacturing process can disrupt operations, whether deliberately or inadvertently, the examples provided in this NISTIR demonstrate how detecting anomalous conditions can improve the reliability of manufacturing and other ICS, in addition to providing the demonstrated cybersecurity benefits.

Background

As stated in NIST Special Publication (SP) 800-82 [3], ICS are vital to the operation of the United States’ critical infrastructures, which are often highly interconnected and mutually dependent systems. While federal agencies also operate many ICS, approximately 90 percent of the nation’s critical infrastructures are privately owned and operated. As ICS increasingly adopt information technology (IT) to promote corporate business systems’ connectivity and remote access capabilities by using industry-standard computers, operating systems (OSs), and network protocols, the accompanying integration provides significantly less isolation of ICS from the outside world. While security controls have been designed to deal with security issues in typical IT systems, special precautions must be taken when introducing these same approaches in ICS environments. In some cases, new security techniques tailored to the specific ICS environment are needed. NIST recognizes this concern and is working with industry to solve these challenges by developing reference designs and a practical application of cybersecurity technologies. BAD is one tool for improving ICS security.

NIST’s National Cybersecurity Center of Excellence (NCCoE), in conjunction with NIST’s Engineering Lab (EL) and NCCoE industry collaborators, has demonstrated a set of behavioral anomaly detection capabilities to support cybersecurity in manufacturing organizations. The use of these capabilities enables manufacturers to detect anomalous conditions in their operating environments to mitigate malware attacks and other threats to the integrity of critical operational data. NIST’s NCCoE and EL have mapped these demonstrated capabilities to the NIST Cybersecurity Framework [1] and have documented how this set of standards-based controls can support many of the security requirements of manufacturers. This NISTIR documents the use of BAD capabilities in two distinct but related demonstration environments: a collaborative robotics-based manufacturing system and a process control system (PCS) that resembles what is being used by chemical manufacturing industries.

Publisher's website.

DOWNLOAD

Price: FREE

DOWNLOAD COUNT: 1,230

SHARE:
Share on linkedin
Share on facebook
Share on twitter
Share on email

DOWNLOAD

Price: FREE

COVER

PROVIDER

NIST
The National Institute of Standards and Technology is a physical sciences laboratory and a non-regulatory agency of the United States Department of Commerce. Its mission is to promote innovation and industrial competitiveness.

TOPICS

more from this PUBLISHER

Workforce Framework for Cybersecurity (NICE Framework)
Tue, Nov 17
Free Direct Download
Workforce Framework for Cybersecurity (NICE Framework)
NIST
Risk Management Framework for Information Systems and Organizations
Fri, Oct 16
Free Direct Download
Risk Management Framework for Information Systems and Organizations
NIST
Cybersecurity Framework Version 1.1 Manufacturing Profile
Thu, Oct 08
Free Direct Download
Cybersecurity Framework Version 1.1 Manufacturing Profile
NIST
Security Guidance for First Responder Mobile and Wearable Devices
Tue, Sep 29
Free Direct Download
Security Guidance for First Responder Mobile and Wearable Devices
NIST

MORE FOR YOU

2020 Update to Australia’s Cyber Security Competitiveness Plan
Mon, Nov 30
Free Direct Download
2020 Update to Australia’s Cyber Security Competitiveness Plan
AustCyber
Hi-Tech Crime Trends 2020/2021
Fri, Nov 27
Free Direct Download
Hi-Tech Crime Trends 2020/2021
Group-IB
How Australians are Connecting: Connectivity Report 2020
Thu, Nov 26
Free Direct Download
How Australians are Connecting: Connectivity Report 2020
Zoom
The potential benefits of drone delivery for Australian construction and maintenance
Wed, Nov 25
Free Direct Download
The potential benefits of drone delivery for Australian construction and maintenance
AlphaBeta

TRENDING NOW IN THE MARKETPLACE

2020 Update to Australia’s Cyber Security Competitiveness Plan
Mon, Nov 30
Free Direct Download
2020 Update to Australia’s Cyber Security Competitiveness Plan
AustCyber
Hi-Tech Crime Trends 2020/2021
Fri, Nov 27
Free Direct Download
Hi-Tech Crime Trends 2020/2021
Group-IB
How Australians are Connecting: Connectivity Report 2020
Thu, Nov 26
Free Direct Download
How Australians are Connecting: Connectivity Report 2020
Zoom
The potential benefits of drone delivery for Australian construction and maintenance
Wed, Nov 25
Free Direct Download
The potential benefits of drone delivery for Australian construction and maintenance
AlphaBeta
Scroll to Top