NIST-led forum helps industrial networks protect against cyber attacks

October 14, 2004

A 500-member forum of industry, government and academic technical experts, led by the National Institute of Standards and Technology (NIST), has released a new draft set of cyber security requirements for industrial control systems.* These security requirements, developed by the Process Control Security Requirements Forum (PCSRF), are intended to be used in procurement documents for new industrial control systems or components. The implementation of these requirements will help protect the nation's critical industrial infrastructure from cyber attacks.

The new requirements also should protect against other criminal efforts to remotely access and control production and distribution processes. The proposed requirements should be of special interest to computer security and process control personnel in the electric power, oil, gas, water, chemicals, pharmaceuticals, metals and mining, pulp and paper, and durable goods manufacturing industries.

Currently, network connectivity is virtually a prerequisite for an efficient industrial enterprise. Many of today's systems were designed years ago to maximize performance, reliability and safety. Security was not a significant consideration since systems usually were confined to in-house use and were based on proprietary hardware and protocols. Today, however, process control systems often incorporate off-the-shelf products, use open protocols and connect to business networks--any of which could allow security to be compromised.

The forum's draft report addresses security requirements needed throughout an industrial control system's lifecycle including design, implementation, configuration, maintenance and decommissioning. The draft deals with industrial control systems such as Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and Programmable Logic Controllers (PLCs). Requirements for components of the control system such as industrial controller authentication and sensor authentication also are outlined.
-end-
*The PCSRF System Protection Profile for Industrial Control Systems (SPP-ICS) is available for download and review at http://www.isd.mel.nist.gov/projects/processcontrol/SPP-ICSv1.0.doc.

National Institute of Standards and Technology (NIST)

Related Security Articles from Brightsurf:

The development of climate security discourse in Japan
This research traced discourses related to climate security in Japan to determine why so little exists in Japan and whether or not such discourse could suggest new areas for consideration to more comprehensively respond to the climate change problem.

Data Security in Website Tracking
Tracking of our browsing behavior is part of the daily routine of Internet use.

High-security identification that cannot be counterfeited
Researchers from University of Tsukuba have used the principles that underpin the whispering-gallery effect to create an unbeatable anti-counterfeiting system.

New security system to revolutionise communications privacy
A new uncrackable security system created by researchers at King Abdullah University of Science and Technology (KAUST), the University of St Andrews and the Center for Unconventional Processes of Sciences (CUP Sciences) is set to revolutionize communications privacy.

Focus on food security and sustainability
The number of malnourished people is increasing worldwide. More than two billion people suffer from a lack of micronutrients.

Eliminating infamous security threats
Speculative memory side-channel attacks like Meltdown and Spectre are security vulnerabilities in computers.

Holographic color printing for optical security
Researchers from the Singapore University of Technology and Design (SUTD) have invented a new type of anti-counterfeiting device that can be useful for counterfeit deterrence of important documents such as identity cards, passports and banknotes.

UBC study: Publicizing a firm's security levels may strengthen security over time
New research from the UBC Sauder School of Business has quantified the security levels of more than 1,200 Pan-Asian companies in order to determine whether increased awareness of one's security levels leads to improved defense levels against cybercrime.

Peatland contributions to UK water security
Scientists from the University of Leeds have developed a new global index that identifies water supplied from peatlands as a significant source of drinking water for the UK and the Republic of Ireland.

Doctors exploring how to prescribe income security
Physicians at St. Michael's Hospital are studying how full-time income support workers hired by health-care clinics can help vulnerable patients or those living in poverty improve their finances and their health.

Read More: Security News and Security Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.