Control System Security Assessment
The assessment process is highly flexible and may be tailored to the mutual interests of the industry partner and the NSTB program. The typical process includes the following sequence:
- Establish agreement that defines the working relationship (scope, personnel, equipment, facilities, cost sharing) and ensures protection of sensitive information
- Obtain equipment and training from the industry partner
- Set up equipment with support from the industry partner
- Perform tests to identify cyber vulnerabilities
- Provide detailed test report to industry partner
- Issue report suitable for public release to Web Sites, conferences, users' groups
A key objective of the NSTB program is to share relevant information obtained through our assessments with potentially impacted industry representatives, with an emphasis on asset owners and users. However, it is recognized that much of the information obtained in assessments is business sensitive to the industry partner whose system or technology has been assessed. The Program works with the industry partner to determine what information obtained or derived from the assessment process is appropriate for disclosure outside the partnership and to identify an appropriate format and forum for disclosure. No information is released without the written concurrence of the industry partner.
- Contact:
- David Kuipers, (208) 526-4038, Send E-mail