Published: October 06, 2014
Author(s)
Richard Candell (NIST), Dhananjay Anand (NIST), Keith Stouffer (NIST)
Conference
Name: Process Control and Safety Symposium 2014
Dates: October 6-9, 2014
Location: Houston, Texas, USA
Citation: ISA Process Control and Safety Symposium 2014, vol. 504, pp. 873-888
The National Institute of Standards and Technology (NIST) is developing a cybersecurity testbed for industrial control systems (ICS). The goal of this testbed is to measure the performance of an ICS when instrumented with cybersecurity protections in accordance with practices prescribed by prevailing standards and guidelines. This paper outlines the testbed design and lists research goals, use cases, and performance metrics currently being considered. The paper is also intended to initiate discussion between control and security practitioners – two groups that have had little interaction in the past. Research outcomes from the testbed will highlight specific cases where security technologies impact control performance, as well as motivate methods by which control engineers can leverage security engineering to design control algorithms that extend safety and fault tolerance to include advanced persistent threats.
The National Institute of Standards and Technology (NIST) is developing a cybersecurity testbed for industrial control systems (ICS). The goal of this testbed is to measure the performance of an ICS when instrumented with cybersecurity protections in accordance with practices prescribed by...
See full abstract
The National Institute of Standards and Technology (NIST) is developing a cybersecurity testbed for industrial control systems (ICS). The goal of this testbed is to measure the performance of an ICS when instrumented with cybersecurity protections in accordance with practices prescribed by prevailing standards and guidelines. This paper outlines the testbed design and lists research goals, use cases, and performance metrics currently being considered. The paper is also intended to initiate discussion between control and security practitioners – two groups that have had little interaction in the past. Research outcomes from the testbed will highlight specific cases where security technologies impact control performance, as well as motivate methods by which control engineers can leverage security engineering to design control algorithms that extend safety and fault tolerance to include advanced persistent threats.
Hide full abstract
Keywords
industrial control systems; robotics; chemical process control; cybersecurity; industrial security; process resilience; penetration testing; process performance; measurement science; testbed; robotics; robot control; safety; supervisory control and data acquisition (SCADA)
Control Families
None selected