NIST puts new cyber security standard up for comment

Sept. 28, 2007
From Keith Stouffer at NIST: NIST is pleased to announce that the second public draft of Special Publication 800-82, Guideline to Industrial Control Systems (ICS) Security, is available for public comment. NIST SP 800-82 provides guidance on how to secure ICS, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliab...
From Keith Stouffer at NIST: NIST is pleased to announce that the second public draft of Special Publication 800-82, Guideline to Industrial Control Systems (ICS) Security, is available for public comment. NIST SP 800-82 provides guidance on how to secure ICS, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability and safety requirements.  The document provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks.  This publication is the update to the first public draft, which was released in 2006. NIST SP 800-82 is available at http://csrc.nist.gov/publications/PubsDrafts.html There are 2 versions of the document available: A clean version at http://csrc.nist.gov/publications/drafts/800-82/2nd-Draft-SP800-82-clean.pdf A markup version at http://csrc.nist.gov/publications/drafts/800-82/2nd-Draft-SP800-82-markup.pdf         that tracks the changes that were made to the initial public draft. NIST requests comments on NIST SP 800-82 by November 30, 2007. Please submit comments to [email protected] with "Comments SP 800-82" as the subject line.