What is Critical Infrastructure Security? Industrial Control Systems are Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC). These are automated computer systems that run power plants, water treatment facilities, nuclear plants and other foundational resource generating establishments that are needed for entire cities. So protection of these places is very important.
How does risk management tie into critical infrastructure systems?
According to he Industrial Control Systems (ICS) Platform IT (PIT) Risk Management Framework (RMF) Knowledge Service website is very close to being released. It will offer step-by-step guidance on how to load ICS PIT into Enterprise Mission Assurance Support Service (eMASS).
More information on ICS PIT will is being put into NIST SP 800-82 R2, Guide to Industrial Control System Security. As of March 2015 it is in Final Public Draft (expected to be release by May).
More information:
https://ics-cert.us-cert.gov/Industrial-Control-Systems-Joint-Working-Group-ICSJWG
http://csrc.nist.gov/publications/drafts/800-82r2/sp800_82_r2_second_draft.pdf
michael.t.chipley.ctr@mail.mil
Leave a Reply
You must be logged in to post a comment.