DRAFT Special Publication 800-82, Guide to Industrial Control Systems (ICS) Security
The final public draft of SP 800-82 is available for public comment. It provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements. SP 800-82 provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks. This publication is an update to the second public draft, which was released in 2007.
Special Publication 800-121, Guide to Bluetooth Security
It describes the security capabilities of technologies based on Bluetooth, which is an open standard for short-range radio frequency communication. The document gives recommendations to organizations employing Bluetooth technologies on securing them effectively. SP 800-121 supersedes the original SP 800-48, Wireless Network Security: 802.11, Bluetooth and Handheld Devices, which was released in 2002 and was replaced in July 2008 by SP 800-48 Revision 1, Guide to Securing Legacy IEEE 802.11 Wireless Networks.
Special Publication 800-115, Technical Guide to Information Security Testing and Assessment
It seeks to assist organizations in planning and conducting technical information security testing and assessments, analyzing findings, and developing mitigation strategies. The publication provides practical recommendations for designing, implementing, and maintaining technical information security assessment processes and procedures. SP 800-115 provides an overview of key elements of security testing, with an emphasis on technical testing techniques, the benefits and limitations of each technique, and recommendations for their use. SP 800-115 replaces SP 800-42, Guideline on Network Security Testing, which was released in 2003.
