NIST test bed will probe industrial systems for cyber flaws

WHAT: The National Institute of Standards and Technology is planning a test bed to examine industrial control systems for cybersecurity vulnerabilities.

WHY: Industrial control or SCADA systems (for Supervisory Control and Data Acquisition) operate critical infrastructure, such as dams, gas plants, petroleum refineries and chemical manufacturing plants. Hackers can potentially wreak havoc with assaults on such systems. In late June, for example, a targeted malware attack on SCADA systems was identified by the Industrial Control Systems Cyber Emergency Response Team at the Department of Homeland Security, could have permitted intruders to take over Internet-connected systems.

NIST is trying to get ahead of attackers by developing a simulation system that emulates the operations of specific industrial situations. The simulation rack will provide NIST's researchers the opportunity to probe systems for flaws and examine the efficacy of certain network security approaches, including deep packet inspection of network traffic, encryption, user authentication, and security software like anti-virus protection. In a request for information released Aug. 7, NIST is soliciting feedback from vendors interested in designing and building simulation racks of SCADA systems for testing purposes.

Click here to read the full RFI.