For measuring, controlling and regulating processes, such as the automation of processes and the monitoring of large systems, so-called Industrial Control Systems (ICS) are often used in the manufacturing industry and in industries that are counted as critical infrastructures (KRITIS), e.g. energy, water, food or transport and transport.

Contrary to traditional IT, ICS have different requirements for the protection objectives availability, integrity and confidentiality. This is reflected, for example, in longer operating times and rare maintenance windows. In addition, in particular the real-time requirements, which are essential for the control frequency, should be mentioned. In addition, there are warranty claims. Established protective measures from the office environment are only partially transferable to ICS.

The Federal Office for Information Security (BSI) has therefore considered the topic of ICS separately and has published an ICS Security Compendium, among other things.