Attacks and Vulnerabilities
Control device security
ICS Security Framework
Industry 4.0
IT/OT Collaboration
Manufacturing
News
NIST
Regulation, Standards and Compliance
System Design & Architecture

NIST’s NCCoE project focuses on responding, recovering from cyber attacks within manufacturing sector

March 02, 2022
NIST’s NCCoE project focuses on responding, recovering from cyber attacks within manufacturing sector

NIST’s National Cybersecurity Center of Excellence (NCCoE) unit has released a ‘project description’ to assist manufacturers in responding to and recovering from a cyber attack within the sector. The NCCoE project calls upon organizations to review the draft publications during public comment periods and provide feedback by Apr. 14.

“The NCCoE—in collaboration with members of the business community and vendors of cybersecurity solutions—will identify standards-based, commercially available and open-source hardware and software components to design a manufacturing lab environment to address the challenge of responding to and recovering from a cyber attack of an ICS environment,” the NCCoE said in the document. “The goal of this project is to demonstrate a means to recover equipment from cyber attacks and restore operations,” it added. 

The NCCoE project will result in a publicly available National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide that offers a detailed implementation guide of the practical steps needed to implement a cybersecurity reference design that addresses the challenge. In addition, the project will build upon NIST Special Publication 1800-10: ‘Protecting Information and System Integrity in Industrial Control System Environments’ by identifying and demonstrating capabilities to improve response to and recovery from cyber attacks in the industrial control systems (ICS) environment.

To address the cybersecurity challenges facing the manufacturing sector, the NCCoE, a wing of the NIST, was launched in alliance with NIST’s Engineering Laboratory (EL) and cybersecurity technology providers. The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions address businesses’ most pressing cybersecurity challenges.

The purpose behind the NCCoE project is to demonstrate how to operationalize the NIST framework for improving critical infrastructure cybersecurity (CSF) functions and categories in a scaled-down version of targeted manufacturing industrial environments, the NCCoE document said. “Multiple systems need to work together to recover when data integrity is compromised. This project explores methods to effectively restore data corruption in commodity components (applications and software configurations) as well as custom applications and data,” it added. 

The NCCoE project considers that manufacturing systems are often interconnected and mutually dependent systems and vital to the nation’s economic security. The ICS systems that run in manufacturing environments are vital to the operations of the nation’s critical infrastructures and essential to the nation’s economic security. Considering the current era of Industry 4.0, enterprises are connecting business systems and IT networks to ICS networks to improve business agility and operational efficiency.

“However, recent attacks on ICS have shown that the cyber criminals are pivoting into the ICS environment from the business systems and IT networks,” the NCCoE project document said. “Most ICS systems have been historically isolated from the business systems and IT networks, and therefore, were not designed to withstand cyber attacks.”

The cyber risk mitigation technologies used in the IT networks are often not suitable for ICS networks because of the real-time and deterministic nature of the ICS, the document said. “This project will provide guidance for manufacturing organizations to design environments incorporating cyber attack risk mitigation appropriate for ICS cybersecurity concerns,” the NCCoE project document added.

Acknowledging these concerns, the NCCoE seeks to work with industry through consortia under cooperative research and development agreements with technology partners from Fortune 500 market leaders to smaller companies specializing in ICS security, the document said. “The aim is to solve these challenges by demonstrating practical applications of cybersecurity technologies in a scaled-down version of a manufacturing environment,” it added.

Implementations that provide recovery solutions and procedures need to acknowledge that restoration procedures that involve the use of backups are designed to restore the system to some previous state, but the ‘last known good state’ may not necessarily be free of vulnerabilities, the NCCoE project document said. Vulnerabilities may exist in backup data, or the backup data may be compromised while in storage, or dormant or inactive malware may exist in backup data, it added.

Last October, the NCCoE released a draft cybersecurity guide to protect information and system integrity in ICS environments and offer cybersecurity for the manufacturing sector. The guide contained four different example solutions applicable to a range of manufacturing environments, focusing on discrete and continuous manufacturing processes.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Sygnia
Sygnia aligns with NVIDIA, revolutionizes OT security for energy and industrial sectors
Armexa adds John Cusimano as vice president to its leadership team
Armexa, ISA partner to offer standards-based OT cybersecurity training
House Committee emphasizes importance of CIRCIA implementation for cyber preparedness
House Committee emphasizes importance of CIRCIA implementation for cyber preparedness
Global cybersecurity agencies issue alert on threat to OT systems from pro-Russia hacktivist activity
Global cybersecurity agencies issue alert on threat to OT systems from pro-Russia hacktivist activity
Insane Cyber
Insane Cyber closes $4.2 million funding round to safeguard critical infrastructure installations
Building a Culture of Cyber Resilience in Manufacturing (WEF)
WEF playbook addresses cyber resilience in manufacturing and supply chains, provides three guiding principles
DOE, EPA support NSM-22 focused on critical infrastructure security and resilience
DOE, EPA support NSM-22 focused on critical infrastructure security and resilience
White House releases National Security Memorandum on critical infrastructure security and resilience
White House releases National Security Memorandum on critical infrastructure security and resilience
US DHS delivers safety and security guidelines to secure critical infrastructure from AI-related threats
US DHS delivers safety and security guidelines to secure critical infrastructure from AI-related threats
Xage’s Zero Trust Session Collaboration tool delivers remote access, collaboration across industrial frameworks
Xage announces AI-powered analytics and insight capabilities to boost zero trust access and protection