Guide to Industrial Control Systems (ICS) Security

Stouffer, Keith; Falco, Joseph; Scarfone, Karen

doi:https://doi.org/10.6028/NIST.SP.800-82r1

NIST SP 800-82 Rev. 1

Withdrawn on May 29, 2015. Superseded by SP 800-82 Rev. 2

Guide to Industrial Control Systems (ICS) Security

Documentation

Date Published: May 2013

Supersedes: SP 800-82 (06/09/2011)

Author(s)

Keith Stouffer (NIST), Joseph Falco (NIST), Karen Scarfone (Scarfone Cybersecurity)

Abstract

This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements. The document provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks.

Keywords

computer security; distributed control systems (DCS); industrial control systems (ICS); information security; network security; programmable logic controllers (PLC); risk management; security controls; supervisory control and data acquisition (SCADA) systems

Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-82r1
Download URL

Supplemental Material:
None available

Document History:
05/14/13: SP 800-82 Rev. 1 (Final)