Security Experts:

Connect with us

Hi, what are you looking for?


M&A Tracker

NIST Testbed to Measure Industrial Control Systems Under Cyberattack

NIST to Develop Cybersecurity Testbed for ICS

The National Institute of Standards and Technology (NIST) is seeking information to build a reconfigurable cybersecurity testbed for industrial control systems (ICS).

NIST to Develop Cybersecurity Testbed for ICS

The National Institute of Standards and Technology (NIST) is seeking information to build a reconfigurable cybersecurity testbed for industrial control systems (ICS).

The supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS) and programmable logic controllers (PLC) used in industrial sectors and critical infrastructure are increasingly targeted in cyberattacks. A perfect example are recent cyber espionage operations in which the Havex remote access Trojan (RAT) has been used to access networks and harvest data on ICS.

According to NIST, the main objective is to provide guidance on the best practices for implementing security strategies within ICS without negatively impacting process performance. The secondary goal of the testbed is to measure the performance of industrial systems during a cyberattack.

Industrial Facility“The testbed will support research for a period of at least five years. Penetration testing will be conducted during the latter years of the ICS security research project; however, that timeline can be accelerated depending on the level of industry demand for penetration research,” NIST said.

The testbed will include several industrial control simulation scenarios, one of which will involve a chemical process known as the Tennessee Eastman (TE) problem, which is considered ideal for cybersecurity investigations.

NIST has published a paper to outline research goals, performance metrics and use cases, and asks companies of all sizes, including foreign ones, to provide detailed information on how they would address the requirements.

“Research outcomes from the testbed will highlight specific cases where security technologies impact control performance as well as motivate methods by which control engineers can leverage security engineering to design control algorithms that extend safety and fault tolerance to include advanced persistent threats,” NIST said.

The organization has pointed out that traditional IT security policies focus on confidentiality rather than network availability, while for ICS, particularly systems used for critical infrastructure, a high level of system availability and operational resilience is crucial. And since in many cases it’s unacceptable to degrade performance to make a system more secure, NIST believes that protections must be implemented so that system integrity is maintained during both normal operations and a cyberattack.

“The ICS cybersecurity testbed will be designed to demonstrate application of security to a variety of processes such as control of a chemical plant, dynamic assembly using robots, and distributed supervision and control of large wide area networks such as gas pipelines, water distribution pipelines, and intelligent transportation systems,” NIST explained.

Additional details for interested organizations are available in the request for information (RFI) published on Saturday on the website of the U.S. government’s Federal Business Opportunities website.

Related: Attend the Upcoming ICS Cyber Security Conference in Atlanta

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

M&A Tracker

The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...