Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Draft Interagency Report, NISTIR 8200, Summarizes International Efforts to Standardize Internet of Things Cybersecurity
February 14, 2018

The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council's Cyber Interagency Policy Committee. The purpose of the IICS WG is to coordinate on major issues in international cybersecurity standardization and thereby enhance U.S. federal agency participation in international cybersecurity standardization.  
 
The IICS WG has developed this report, Draft NIST Interagency Report (NISTIR) 8200Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT). The intended audience is both the government and the public. The purpose is to inform and enable policymakers, managers, and standards participants as they seek timely development of and use of cybersecurity standards in IoT components, systems, and services.
 
This draft report: 

  • provides a functional description for IoT (Section 4);
  • describes several IoT applications that are representative examples of IoT (Section 5);
  • summarizes the cybersecurity core areas and provides examples of relevant standards (Section 6); 
  • describes IoT cybersecurity objectives, risks, and threats (Section 7);
  • provides an analysis of the standards landscape for IoT cybersecurity (Sections 8 and 9); and
  • maps IoT relevant cybersecurity standards to cybersecurity core areas (Appendix D).

This draft report is based upon the information available to the participating agencies.  Comments are now being solicited to augment that information, especially on the information about the state of cybersecurity standardization for IoT that is found in Sections 8, 9, 10, and Annex D.  

Your feedback on this draft publication is important. It will help to shape the final publication so that it best meets the needs of the public and private sectors. The comment period closes April 18, 2018; comments should be submitted to NISTIR-8200@nist.gov, and submitters are encouraged to use a comment template available on the Draft NISTIR 8200 homepageComments will be posted online as they are received.
 

Topics

Security and Privacy: general security & privacy,

Applications: Internet of Things,

Activities and Products: standards development,

Created February 14, 2018