ISA/IEC 62443 recognizes that organizations may align their IACS cybersecurity programs with other authoritative guidance. Within the NIST Special Publications, SP 800-82 is the document specifically dedicated to Industrial Control Systems security.
Step 1: Scope of SP 800-82
SP 800-82 provides guidance tailored to ICS environments, including SCADA, DCS, and PLC-based systems. It addresses availability, safety, and real-time constraints similar to ISA/IEC 62443.
Step 2: Complementary relationship
ISA/IEC 62443 and SP 800-82 are often used together: ISA/IEC 62443 provides auditable requirements, while SP 800-82 provides practical implementation guidance.
Step 3: Why other options are incorrect
SP 800-30 focuses on risk assessment
SP 800-53 defines general security controls
SP 800-171 focuses on protecting CUI in non-federal systems
Therefore, the correct answer is SP 800-82.
