« セキュリティー製品の脆弱性 | Main | SP 800-133 Rev. 2(Draft) Recommendation for Cryptographic Key Generation »

2020.03.05

NISTIR 8183 Rev. 1(Draft) Cybersecurity Framework Version 1.1 Manufacturing Profile

こんにちは丸山満彦です。

NISTが、NISTIR 8183 Rev. 1(Draft) Cybersecurity Framework Version 1.1 Manufacturing Profileを公開し、意見募集していますね。この文書は製造環境におけるCSFの実装を支援するため詳細に記述したものという感じですかね。

この製造プロファイルは、

•製造システムの現在のサイバーセキュリティ体制を改善する機会を特定する方法
•許容可能なリスクレベルで制御環境を運用する能力の評価
•製造システムのセキュリティを継続的に保証するためのサイバーセキュリティ計画を準備するための標準化されたアプローチ

を提供するものです。。。by Exective Summary

NIST ITL

・2020.03.04 NISTIR 8183 Rev. 1(Draft) Cybersecurity Framework Version 1.1 Manufacturing Profile

・[PDF] NISTIR 8183 Rev. 1 (Draft) (DOI)

 

Abstract
This document provides the Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The “Manufacturing Profile” of the CSF can be used as a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals and industry best practices. This Manufacturing Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to manufacturing systems. The Manufacturing Profile is meant to enhance but not replace current cybersecurity standards and industry guidelines that the manufacturer is embracing.

 

 

Executive Summary

1.Introduction

1.1 Purpose & Scope
1.2 Audience
1.3 Document Structure

2. Overview of Manufacturing Systems

3. Overview of the Cybersecurity Framework

3.1 Framework Core

4. Manufacturing Profile Development Approach

5. Manufacturing Business/Mission Objectives

5.1 Alignment of Subcategories to Meet Mission Objectives

6. Manufacturing System Categorization and Risk Management

6.1 Categorization Process
6.2 Profile’s Hierarchical Supporting Structure
6.3 Risk Management

7. Manufacturing Profile Subcategory Guidance

References

Appendix A - Acronyms and Abbreviations

Appendix B - Glossary

|

« セキュリティー製品の脆弱性 | Main | SP 800-133 Rev. 2(Draft) Recommendation for Cryptographic Key Generation »

Comments

Post a comment



(Not displayed with comment.)




« セキュリティー製品の脆弱性 | Main | SP 800-133 Rev. 2(Draft) Recommendation for Cryptographic Key Generation »