NIST out with draft cyber guide for manufacturing industry



Written by

Government scientists are seeking industry input on a project that will produce design blueprints to help manufacturers and chemical plants use special computerized production processes that are secure from online attacks.

In a release Monday, the National Cybersecurity Center of Excellence said they were seeking comment by Dec. 7 on their draft project description: Capabilities Assessment for Securing Manufacturing Industrial Control Systems.

Industrial control systems, or ICS, are specialized IT systems — with both software and hardware elements — that run industrial processes. Because ICS controls physical plant like factory assembly lines or chemical processing, hackers can have real world effects by attacking it.

“A cyberattack directed at a manufacturing organization’s infrastructure could result in detrimental consequences to both human life and property,” said NCCoE — part of the National Institute of Standards and Technology — in the release.

The draft assessment is the first of four that NCCoE plan to produce — each resulting in a practical guide called a design reference — to help manufacturers set up their systems in a secure fashion, using commercially available cybersecurity tools.

The four topics they’ll cover are:

  • Behavioral Anomaly Detection — monitoring a computer network looking for unusual traffic or other phenomena;
  • ICS Application Whitelisting — allowing only authorized apps to run on an ICS system;
  • Malware Detection and Mitigation — finding and stopping malicious programs; and
  • ICS Data Integrity — ensuring that the data produced by ICS equipment is an accurate reflection of what’s really going on inside the machinery.

“With these capabilities in place, manufacturers will find it easier to detect anomalous conditions, control what programs and applications are executed in their operating environments, mitigate or vanquish malware attacks, and ensure the integrity of critical operational data,” the draft assessment states.

The NCCoE will develop the guides by deploying commercially available behavioral anomaly detection tools in two test environments — small-scale lab replicas of real manufacturing systems. One is a robotic assembly line “in which industrial robots work cooperatively to move parts through a simulated manufacturing operation … according to a plan that changes dynamically based on process feedback,” the draft states. The second is a simulated chemical process enclave.

NCCoE and NIST engineers will map the security characteristics of behavioral anomaly detection to the NIST Cybersecurity Framework, enabling manufacturers to work out which security standards deploying those tools will help them meet.

The reference design document that will eventually result will “demonstrate how manufacturing companies can implement the capability in their own operational environments.”