Supporting Industrial Control System Cybersecurity Objectives Using SBOMs

A software bill of materials (SBOM) for industrial control system environments can reduce critical infrastructure risk and improve both cybersecurity and compliance with applicable standards, such as NERC CIP. The Finite State platform is shown to be effective in supporting these protection objectives.

INTRODUCTION

Modern industrial control system (ICS) environments typically include a variety of tools, systems and platforms to support their complex operational objectives. This assortment of technology tends to cover a span of new and legacy capabilities, often including complicated and proprietary tools that might have been in place for many years.