The Control Systems Tested Products List (CS TPL) was established as a Department of Defense (DoD) reform initiative in efforts to reduce overall cost for meeting acquisition and cybersecurity objectives for control systems throughout the DoD and US government. The purpose of this repository is to maintain a single list of the cybersecurity capabilities of controls products available for purchase by the DoD and all branches of the US Government. This will facilitate in the application of the Risk Management Framework (RMF) through single source testing and data re-use. Upon population, the repository will allow Government personnel to easily determine if a control system product meets their cybersecurity needs and influence their decision-making using standardized processes and RMF reciprocity.
The mission of CS TPL is to maintain a process and tools to conduct RMF based assessment of control systems components and subsystems. The process consists of vulnerability assessment, RMF related documentation and test result artifacts. These results will assist control system product manufacturers with identifying and resolving vulnerabilities, build a threat-based risk assessment and present control system inventory list available to the entire DoD and all branches of the US Government. Test artifacts for CS TPL will be recorded in eMass, stored within a single repository for the DoD and larger Federal Government to use, and shared with the manufacturer of the product tested to help improve the security posture of their products.
CS TPL is developed and operated by the U.S. Army Futures Command Combat Capabilities Development Command Aviation & Missile Center (CCDC AvMC) on behalf of the Office of the Secretary of Defense (OSD) who profoundly supports the program. The program is also supported by 108 stakeholders who represent almost every sector within the DoD, private industry, individual testing labs, and other government departments.
The mission of CS TPL is to maintain a process and tools to conduct RMF based assessment of control systems components and subsystems. The process consists of vulnerability assessment, RMF related documentation and test result artifacts. These results will assist control system product manufacturers with identifying and resolving vulnerabilities, build a threat-based risk assessment and present control system inventory list available to the entire DoD and all branches of the US Government. Test artifacts for CS TPL will be recorded in eMass, stored within a single repository for the DoD and larger Federal Government to use, and shared with the manufacturer of the product tested to help improve the security posture of their products.
CS TPL is developed and operated by the U.S. Army Futures Command Combat Capabilities Development Command Aviation & Missile Center (CCDC AvMC) on behalf of the Office of the Secretary of Defense (OSD) who profoundly supports the program. The program is also supported by 108 stakeholders who represent almost every sector within the DoD, private industry, individual testing labs, and other government departments.