The National Cybersecurity Center of Excellence (NCCoE) has released a draft Project Description for the manufacturing sector entitled: Capabilities Assessment for Securing Manufacturing Industrial Control Systems.
According to the NCCoE, “Industrial Control Systems (ICS) monitor and control physical processes in many different industries and sectors, especially in manufacturing. A cyber attack directed at a manufacturing organization’s infrastructure could result in detrimental consequences to both human life and property.” Therefore, in collaboration with the NIST Engineering Laboratory (EL), the NCCoE will produce a series of reference designs demonstrating four cybersecurity capabilities for the manufacturing sector. Those four capabilities include: Behavioral Anomaly Detection, ICS Application Whitelisting, Malware Detection and Mitigation, and ICS Data Integrity.
The goal of the guidance is “to provide industry with detailed information to establish an anomaly detection and prevention capability in their own environments. By implementing behavioral anomaly detection tools, manufacturers are provided with a key security component that will aid in sustaining business operations, particularly those based on ICS.”
This first document is the first of a four-part series and addresses only behavioral anomaly detection capabilities. NCCoE is seeking comment on the guidance until December 7, 2016.