Recommended Practice

Operational Technology Cybersecurity Maturity Framework (OT-CMF) Overview

Abstract

This document covers recommended practices for developing and growing an operational technology (OT) cybersecurity maturity program.

Document History
Document Number Version Publication Date Publication Related Information
APTA SS-CSS-RP-006-23 Original 05/23/2023 Published Current

Keywords

building automation systems (BAS), bus depot, cybersecurity, industrial control systems (ICS), operational technology (OT), Operational Technology Cybersecurity Maturity Framework (OT-CMF), radio, signaling, supervisory control and data acquisition (SCADA) systems, communications-based train control (CBTC), transit vehicle.

Summary

This document presents an overview and guidance to assist transit agencies in maturing their OT cybersecurity programs. The guidance walks through the six levels of maturity starting with Level 0, which is an on-ramp to launch an OT cybersecurity program.

​Get Involved

Want to participate in the development of this document? Join a Working Group or Learn More

Related Documents

​ ​​