Resources, Tools, and Publications

This section is the collection of key NIST publications, resources related to control systems, and tools that can used in the Test and Development and Production Environments for Continuous Monitoring and Auditing.

Product List by Product and Date Posted
Product Date Posted
Aug 2019
Dec 2018

DoD Cloud Computing Strategy Final with Memo - July 5 2012

The attached DoD Cloud Computing Strategy lays the groundwork, consistent with the Federal Cloud Computing Strategy, for accelerating cloud adoption in the Department. The strategy includes steps to foster adoption of cloud computing, optimize data center consolidation, establish the DoD enterprise cloud infrastructure and continue to deliver cloud services. A robust and resilient multi-provider, Enterprise Cloud Environment will enable the Department to achieve the goals of the Joint Information Environment.

Dec 2018

CJCSM 6510.01B Cyber Incident Handling Program 2012

This manual describes the Department of Defense (DoD) Cyber Incident Handling Program and specifies its major processes, implementation requirements, and related U.S. government interactions.

Nov 2018
Apr 2019

Army Operational Technology Mission Assurance - Cyber (OTMA-C) Assessment Course

This course is intended for U.S. military and/or Department of Defense personnel assigned to conduct cyber vulnerability evaluations of DoD critical infrastructure. This intermediate to advanced-level course utilizes defense-in-depth concepts to provide an understanding of the methods for assessing industrial control system cybersecurity from the device level to the system level. Upon completion, students will be qualified with the technical skills to assess critical infrastructure and enumerate potential cyber findings and discuss these findings within the context of mission impact.

Aug 2019

Federal Virtual Training Environment (FedVTE)

Guidance

Cybersecurity Training: Federal Virtual Training Environment (FedVTE) is a free online, on-demand cybersecurity training system that is available at no charge for government personnel and veterans. Managed by DHS, FedVTE contains more than 800 hours of training on topics such as ethical hacking and surveillance, risk management, and malware analysis. Course proficiency ranges from beginner to advanced levels. Several courses align with a variety of IT certifications such as Network +, Security +, and Certified Information Systems Security Professional (CISSP).

Jan 2019

DoD Instruction 8010.01 Department of Defense Information Network (DoDIN) Transport

Guidance

The DODIN (i.e., transport) and the associated network services contain various dissemination elements required to operate, maintain, and secure required distribution capabilities. a.  The DODIN consists of all networks and information systems owned or leased by DOD.  The DODIN includes common enterprise service networks (classified and unclassified), intelligence networks operated by DoD Components within the IC, closed mission system and battlefield networks, and other special purpose networks. All DODIN transport reference and solution architectures follow the DoD Enterprise Architecture and Joint Information Environment (JIE) Enterprise Reference and Solution Architectures (e.g., Satellite Communications (SATCOM) Gateway Solution Architecture, wide area network Solution Architecture).

Nov 2018

Approval of Multi-Factor Authentication Alternatives RSA and Yubikey

Guidance

CIO signed memorandum authoring the use of RSA and Yubikeys for MFA that can be used when us of PKI is not feasible. Per DFARS, contractor/vendors must have MFA on their systems that contain CUI.

Nov 2018

Whole Building Design Guide Cybersecurity Resource Page

Guidance

Provides a Cyber 101 overview of Cybersecurity of Control Systems, links to the DoD publications and other key guidance (DHS, Private Sector, NIST, SANS, ISA, etc.)

Jun 2018

US Army NETCOM RMF Assess & Authorize Tactics, Techniques and Procedures (TTP) V2

Guidance

The NETCOM Cybersecurity Directorate, Risk Management Division has published version 2 of the RMF Assess & Authorize TTP on the RMF Knowledge Service. For any information technology that has completed step 1 of the RMF process, you may continue to use the previous version of the TTP until an authorization decision has been made by the Authorizing Official. Once an authorization decision has been made, version 2 of the Assess & Authorize TTP will become effective. For any information technology that has not completed step 1 of the RMF process, the TTP becomes effective immediately.

An Operations Order from US Army Cyber Command is forthcoming that identifies all RMF TTPs that are currently in effect. All TTPs are located on the RMF Knowledge Service in the US Army Component Workspace-Operations.

Jun 2017

Unified Facilities Guide Specifications (UFGS) 25 50 00.00 20 Cybersecurity of Facility-Related Control Systems

Guidance

This guide specification covers the requirements for a Construction Contractor version of the NAVFAC Cybersecurity Hygiene Checklist, required by the Joint CNIC/NAVFAC CYBERSECURITY TASKING FOR ASHORE CONTROL SYSTEMS (dated 06 October 2016), for facilities that are in various phases of design or construction (i.e., not yet in CNIC's existing inventory). These requirements are based on basic cybersecurity.

Jun 2018

Unified Facilities Guide Specifications (UFGS) 25 10 10 Utility Monitoring And Control System (UMCS) Front End And Integration

Guidance

Detailed step-by-step guidance on how the components and networks will connect and communicate.

Jun 2018

Unified Facilities Criteria (UFC) 4-010-06 Cybersecurity Of Facility-Related Control Systems

Guidance

Defines the FRCS, Platform Enclave, and high level design guidance.

Jun 2018

Platform Enclave Navy

Guidance

Figure D-1 shows which components of the 5-Level control system architecture are included in the Navy's Platform Enclave (PE) called the Control System Platform Enclave (CS-PE). The Navy's CS-PE is implemented at and has a presence today at Navy installations. The Navy is deploying an operational architecture (OA) called the Navy Utilities Monitoring and Control System (NUMCS), which is also shown in Figure D-1.All Control Systems must connect to the Platform Enclave, and must either be separately authorized or fall under the type accreditation of the CS-PE and NUMCS.

Jun 2018

Platform Enclave Marine Corps

Guidance

The USMC Platform Enclave follows the Navy's overall architecture, but utilizes a variation in terminology.

Jun 2018

Platform Enclave Air Force

Guidance

The installations' CS inventory enables thorough awareness of existing systems, their interconnections, and their link to the mission or function they serve. At a minimum, the inventory should capture both CS hardware (physical devices and systems) and software (communications platforms and applications) down to Level 2 of the CS Topology defined in UFC 4-010-06, Cybersecurity of Facility-Related Control Systems, Appendix E. These five CS Topology levels (represented in Figure 2-1) are a collection of components logically grouped together by function and information assurance approach. Furthermore, Figure 2-1 clarifies what components are under CE's purview.

Jun 2018

GAO Report 15-6 Federal Facility Cybersecurity, DHS and GSA Should Address Cyber Risk to Building and Access Control Systems

Guidance

The Department of Homeland Security (DHS) is responsible for protecting federal facilities, including thousands of office buildings, laboratories, and warehouses, which are part of the nation’s critical infrastructure. These facilities contain building and access control systems such as heating, ventilation, and air conditioning; electronic card readers; and closed-circuit camera systems that are increasingly being automated and connected to other information systems or networks and the Internet.1 As these systems are becoming more connected, their vulnerability to potential cyber attacks is also increasing.

Jun 2016

EPRI Smart Meter AMI Penetration Testing

Guidance

This security test plan template was created by the National Electric Sector Cybersecurity Organization Resource (NESCOR) to provide guidance to electric utilities on how to perform penetration tests on AMI systems.

Jun 2018

EPRI Smart Grid Penetration Testing Guide

Guidance

This security test plan template was created by the National Electric Sector Cybersecurity Organization Resource (NESCOR) to provide guidance to electric utilities on how to perform penetration tests on Smart Grid systems.

Jun 2018
Share