According to the ICS / SCADA expert, Ralph Langner, facilities who adopted NIST's proposal of new environment will not get an adequate level of protection. Langner is a German expert who has discovered how the malicious program Stuxnet targeted Siemens PLC controllers in Iran's nuclear reactors. Also he announced his own proposal for a new security framework for the ICS/SCADA systems.

The proposed framework is dubbed RIPE (Robust ICS Planning and Evaluation) and has a more process-oriented approach to ensuring plant security, while the official NIST framework is base on risk management. ICS environments often do not implemented security policies consistently. If they exist, policies are applied only to employees, while contractors are ignored. These and other failures are one of the factors that have enabled malicious programs like Stuxnet to gain influence on infected plants. More information can be found on the portal DarkReading.