Operational Technology Test Methods

MxD is releasing a Request for Proposal to fund a project aiming to develop a public application guide covering a range of reliable security test methods for operational technology (OT) networks. The application guide will represent the major tactics and techniques of the MITRE ATT&CK® Framework for Industrial Control Systems (ICS) as well as demonstrate the identified test methods and outcomes at MxD’s factory floor.

Currently, there is an abundance of trustworthy test methods for Information Technology (IT) systems, however, these test methods such as penetration testing, posture evaluations, security audits, and others are matured for IT networks and their successful application on OT networks is still emerging. This is a result of the significant differences in the characteristics of the networks and in the profile of the attacks. Industry needs a thorough understanding of the application of existing test methods on OT networks to mitigate the various attack profiles. This knowledge will allow industry to use existing tools to better manage their cyber risk and to identify gaps in attack profiles that are not sufficiently addressed by existing tools.

Proposals must be submitted by teams, and MxD membership is not required for submission but will be required prior to project award. To facilitate project teaming, MxD will compile and disseminate contact information from parties interested in Team Formation during the first month of the proposal period.

If you are interested in submitting your contact info to this distribution list, please email projects@mxdusa.org.

MxD will host a Team Formation Opportunity to provide organizations and/or teams the opportunity to share a snapshot of their solution approach and allow them to identify synergies with other interested parties.