Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Timothy Zimmerman (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 15 of 15

Guide to Operational Technology (OT) Security

September 28, 2023
Author(s)
Keith A. Stouffer, Michael Pease, CheeYee Tang, Timothy Zimmerman, Victoria Yan Pillitteri, Suzanne Lightman, Adam Hahn, Stephanie Saravia, Aslam Sherule, Michael Thompson
This document provides guidance on how to secure operational technology (OT) while addressing their unique performance, reliability, and safety requirements. OT encompasses a broad range of programmable systems and devices that interact with the physical

Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector

March 16, 2022
Author(s)
Michael Powell, Michael Pease, Keith A. Stouffer, CheeYee Tang, Timothy Zimmerman, Chelsea Dean, Kangmin Zheng, John Hoyt, Mary Raguso, Joseph Brule, Aslam Sherule, Matthew Zopf
Today's manufacturing organizations rely on industrial control systems (ICS) to conduct their operations. Increasingly, ICS are facing more frequent, sophisticated cyber attacks—making manufacturing the second-most-targeted industry. Cyber attacks against

Cybersecurity Standards and Guidelines to Assist Small and Medium-Sized Manufacturers

March 21, 2021
Author(s)
Timothy Zimmerman, CheeYee Tang, Michael Pease, Keith A. Stouffer
Cybersecurity standards and guidelines produced by NIST can assist small and medium-sized manufacturers to protect their operational technology from cybersecurity threats. NIST cybersecurity standards, guidelines, and research underway at NIST is described

Cybersecurity Framework Version 1.1 Manufacturing Profile

October 7, 2020
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, John McCarthy
This document provides the Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The "Manufacturing Profile" of the CSF can be used as a roadmap for reducing cybersecurity risk for manufacturers that

Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection

July 16, 2020
Author(s)
Michael P. Powell, James J. McCarthy, CheeYee Tang, Keith Stouffer, Timothy Zimmerman, William C. Barker, Titilayo Ogunyale, Devin M. Wynne
Industrial control systems (ICS) are used in many industries to monitor and control physical processes. As ICS continue to adopt commercially available information technology (IT) to promote corporate business systems' connectivity and remote access

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 1 - General Implementation Guidance

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides general implementation guidance (Volume 1) and example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in manufacturing environments to satisfy the

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 2 - Process-based Manufacturing System Use Case

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in process-based manufacturing environments to satisfy the requirements in the Cybersecurity

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 3 - Discrete-based Manufacturing System Use Case

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in discrete-based manufacturing environments to satisfy the requirements in the Cybersecurity

Manufacturing Profile Implementation Methodology for a Robotic Workcell

May 22, 2019
Author(s)
Timothy A. Zimmerman
The National Institute of Standards and Technology has constructed a testbed to measure the performance impact of cybersecurity technologies on Industrial Control Systems (ICS). The testbed was chosen to support the implementation of the Cybersecurity

Cybersecurity Framework Manufacturing Profile

May 20, 2019
Author(s)
Keith A. Stouffer, Timothy A. Zimmerman, CheeYee Tang, Joshua Lubell, Jeffrey A. Cichonski, John McCarthy
This document provides the Cybersecurity Framework (CSF) implementation details developed for the manufacturing environment. The "Manufacturing Profile" of the Cybersecurity Framework can be used as a roadmap for reducing cybersecurity risk for

Cybersecurity Framework Manufacturing Profile

September 8, 2017
Author(s)
Keith A. Stouffer, Timothy A. Zimmerman, CheeYee Tang, Joshua Lubell, Jeffrey A. Cichonski, John McCarthy
[Superseded by NISTIR 8183 (September 2017, Includes updates as of May 20, 2019)]This document provides the Cybersecurity Framework (CSF) implementation details developed for the manufacturing environment. The "Manufacturing Profile" of the Cybersecurity

An Industrial Control System Cybersecurity Performance Testbed

December 10, 2015
Author(s)
Richard Candell, Timothy A. Zimmerman, Keith A. Stouffer
The National Institute of Standards and Technology (NIST) is developing a cybersecurity performance testbed for industrial control systems. The goal of the testbed is to measure the performance of industrial control systems (ICS) when instrumented with