« NIST 2010 Computer Security Division Annual Report | Main | 内閣官房 パブコメ 「情報セキュリティ2011」(案) »

2011.06.10

NIST Special Publication 800-82, Guide to Industrial Control System (ICS) Security.

 こんにちは、丸山満彦です。NISTが Special Publication 800-82, Guide to Industrial Control System (ICS) Securityを公表していますね。。。

 
●NIST
・2011.06.09 Special Publication 800-82 Final Publication, Guide to Industrial Control Systems (ICS) Security

・・Guide to Industrial Control Systems (ICS) Security

=====
Executive Summary
1. Introduction
 1.1 Authority
 1.2 Purpose and Scope
 1.3 Audience
 1.4 Document Structure
2. Overview of Industrial Control Systems
 2.1 Overview of SCADA, DCS, and PLCs
 2.2 ICS Operation
 2.3 Key ICS Components
 2.4 SCADA Systems
 2.5 Distributed Control Systems
 2.6 Programmable Logic Controllers
 2.7 Industrial Sectors and Their Interdependencies
3. ICS Characteristics, Threats and Vulnerabilities
 3.1 Comparing ICS and IT Systems
 3.2 Threats
 3.3 Potential ICS Vulnerabilities
 3.4 Risk Factors
 3.5 Possible Incident Scenarios
 3.6 Sources of Incidents
 3.7 Documented Incidents
4. ICS Security Program Development and Deployment
 4.1 Business Case for Security
 4.2 Developing a Comprehensive Security Program
5. Network Architecture
 5.1 Firewalls
 5.2 Logically Separated Control Network
 5.3 Network Segregation
 5.4 Recommended Defense-in-Depth Architecture
 5.5 General Firewall Policies for ICS
 5.6 Recommended Firewall Rules for Specific Services
 5.7 Network Address Translation (NAT)
 5.8 Specific ICS Firewall Issues
 5.9 Single Points of Failure
 5.10 Redundancy and Fault Tolerance
 5.11 Preventing Man-in-the-Middle Attacks
6. ICS Security Controls
 6.1 Management Controls
 6.2 Operational Controls
 6.3 Technical Controls
=====

|

« NIST 2010 Computer Security Division Annual Report | Main | 内閣官房 パブコメ 「情報セキュリティ2011」(案) »

Comments

Post a comment



(Not displayed with comment.)




TrackBack

TrackBack URL for this entry:
http://app.cocolog-nifty.com/t/trackback/64462/51902140

Listed below are links to weblogs that reference NIST Special Publication 800-82, Guide to Industrial Control System (ICS) Security.:

« NIST 2010 Computer Security Division Annual Report | Main | 内閣官房 パブコメ 「情報セキュリティ2011」(案) »