Guidelines for Application Whitelisting Industrial Control Systems

Abstract: This document serves as an appendix to the “Seven Steps to Defend Industrial Control Systems” document, providing additional conceptual-level guidance on implementing application whitelisting.
Application Whitelisting (AWL) can detect and prevent attempted execution of malware uploaded by adversaries. The static nature of some industrial control system (ICS) components, such as database servers and human-machine interfaces, makes these ideal candidates to run AWL. Operators are thus encouraged to work with vendors to baseline and calibrate AWL deployments.

Date Published:

Last Reviewed: 31 March 2016

Identifier: MTR-U-OO-800792-16

Creator: Vulnerability Solutions

Dissemination Control: N/A

Length: 7 page(s)

Format: pdf

Type: Reference/Overview; Report

Tags: Application Whitelisting; Industrial Control System - ICS; Department of Homeland Security - DHS; Anti-Virus; National Security Agency - NSA