NIST IR 8219
Securing Manufacturing
Industrial Control Systems:
Behavioral Anomaly Detection
James McCarthy
Michael Powell
Keith Stouffer
CheeYee Tang
Timothy Zimmerman
William Barker
Titilayo Ogunyale
Devin Wynne
Johnathan Wiltberger
This publication is available free of charge from:
https://doi.org/10.6028/ NIST.IR.8219
NISTIR 8219
Securing Manufacturing
Industrial Control Systems:
Behavioral Anomaly Detection
James McCarthy William Barker
Michael Powell Dakota Consulting
Applied Cybersecurity Division Silver Spring, MD
Information Technology Laboratory
Keith Stouffer Titilayo Ogunyale
CheeYee Tang Devin Wynne
Timothy Zimmerman Johnathan Wiltberger
Intelligent Systems Division The MITRE Corporation
Engineering Laboratory McLean, VA
This publication is available free of charge from:
https://doi.org/10.6028/ NIST.IR.8219
July 2020
U.S. Department of Commerce
Wilbur L. Ross, Jr., Secretary
National Institute of Standards and Technology
Walter Copan, NIST Director and Undersecretary of Commer ce for Standards and Technology
i National Institute of Standards and Technology Interagency or Internal Report 8219
93 pages ( July 2020)
This publication is available free of charge from:
https://doi.org/10.6028/ NIST.IR.8219
Certain commercial entities, equipment, or materials may be ide ntified in this document in order to describe an
experimental procedure or concept adequately. Such identification is not intended to imply recommendation or
endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are ne cessarily the best
available for the purpose.
There may be references in this publication to other publications currently under development by NIST in
accordance with its assigned statutory responsibilities. The information in this publication, including concepts
and methodologies, may be used by federal agencies even before the completion of such companion publications.
Thus, until each publication is completed, current requirements, guideline s, and procedures, where they exist,
remain operative. For plan ning and transition purposes, federal agencies may wish to closely follow the
development of these new publications by NIST.
Organizations are encouraged to review all draft publications during public comment periods and provide
feedback to NIST. Many NI ST cybersecurity publications , other than the ones noted above, are available at
https://csrc.nist.gov/publications .
Comments on this publication may be submitted to:
National Institute of Standards and Technology
Attn: National Cybersecurity Center of Excellence,
100 Bureau Drive (Mail Stop 2002) Gaithersburg, MD 20899 -2002
Email: manufacturing_nccoe@ni st.gov
All comments are subject to release under the Freedom of Information Act (FOIA).
NISTIR 8219 SECURING MANUFACTURING ICS:
BEHAVIORAL ANOMALY DETECTION
ii
This publication is available free of charge from: http s://doi.org/10.6028/ NIST.IR.8219
Abstract
Industrial c ontrol s ystems (ICS) are used in many industries to monitor and control physical
processes. As ICS continue to adopt commercial ly available information technology (IT) to
promote corporate business systems ’ connectivity and remote access capabilities, ICS
become more vulnerable to cyber security threats. The National Institute of Standards and
Technology’s (NIST ’s) National Cybersecur ity Center of Excellence (NCCoE), in
conjunction with NIST’s Engineering Laboratory (EL), has demonstrated a set of behavioral
anomaly detection capabilities to support cybersecurity in manufacturing organizations.
These capabilities enable manufacturers t o detect anomalous conditions in their operating
environments to mitigate malware attacks and other threats to the integrity of critical
operational data. NIST’s NCCoE and EL have mapped these demonstrated ca
NIST.IR.8219
安全标准 >
NIST >
文档预览
中文文档
93 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共93页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2022-12-05 09:17:22上传分享