SC-24: FAIL IN KNOWN STATE
TAILORED FOR INDUSTRIAL CONTROL SYSTEMS
ICS Control Baselines:
- Moderate (ADDED)
The information system fails to a [Assignment: organization-defined known-state] for [Assignment: organization-defined types of failures] preserving [Assignment: organization-defined system state information] in failure.
Failure in a known state addresses security concerns in accordance with the mission/business needs of organizations. Failure in a known secure state helps to prevent the loss of confidentiality, integrity, or availability of information in the event of failures of organizational information systems or system components. Failure in a known safe state helps to prevent systems from failing to a state that may cause injury to individuals or destruction to property. Preserving information system state information facilitates system restart and return to the operational mode of organizations with less disruption of mission/business processes.
ICS SUPPLEMENTAL GUIDANCE
The organization selects an appropriate failure state. Preserving ICS state information includes consistency among ICS state variables and the physical state which the ICS represents (e.g., whether valves are open or closed, communication permitted or blocked, continue operations).
Rationale for adding SC-24 to moderate baseline: As part of the architecture and design of the ICS, the organization selects an appropriate failure state of an ICS in accordance with the function performed by the ICS and the operational environment. The ability to choose the failure mode for the physical part of the ICS differentiates the ICS from other IT systems. This choice may be a significant influence in mitigating the impact of a failure, since it may be disruptive to ongoing physical processes (e.g., valves failing in closed position may adversely affect system cooling).
RELATED CONTROLS: SC-24
NO CONTROL ENHANCEMENTS
- NIST Special Publication 800-82 | GUIDE TO INDUSTRIAL CONTROL SYSTEMS (ICS) SECURITY