U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1 through 25 of 127 matching records.
Projects https://csrc.nist.gov/projects/nist-cybersecurity-iot-program

[Redirect to https://www.nist.gov/programs-projects/nist-cybersecurity-iot-program] NIST’s Cybersecurity for the Internet of Things (IoT) program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of connected devices and the environments in which they are deployed. By collaborating with stakeholders across government, industry, international bodies, and academia, the program aims to cultivate trust and foster an environment that enables innovation on a global scale.

Events October 19, 2017 - October 19, 2017
https://csrc.nist.gov/events/2017/iot-cybersecurity-colloquium

On October 19th, 2017, NIST is hosting the IoT Cybersecurity Colloquium to convene stakeholders from across government, industry, international bodies, and academia. Our goal is to better understand the concerns and threats associated with the rapidly broadening landscape of connected devices, known as the Internet of Things (IoT). Registration closes on October 12th! Join our Twitter Chat using #IoTSecurityNIST

Publications SP 1800-36 (2nd Preliminary Draft) October 31, 2023
https://csrc.nist.gov/pubs/sp/1800/36/2prd

Abstract: Providing devices with the credentials and policy needed to join a network is a process known as network-layer onboarding. Establishing trust between a network and an IoT device prior to such onboarding is crucial for mitigating the risk of potential attacks. There are two sides of this attack: one...

Publications IR 8431 (Final) September 20, 2022
https://csrc.nist.gov/pubs/ir/8431/final

Abstract: This report summarizes the feedback received on the work of the NIST Cybersecurity for the Internet of Things (IoT) program on IoT product cybersecurity criteria at a virtual workshop in June 2022. The purpose of this workshop was to obtain feedback on specific considerations—and techniques for addr...

Publications IR 8425 (Final) September 20, 2022
https://csrc.nist.gov/pubs/ir/8425/final

Abstract: This publication documents the consumer profile of NIST’s IoT core baseline and identifies cybersecurity capabilities commonly needed for the consumer IoT sector (i.e., IoT products for home or personal use). It can also be a starting point for small businesses to consider in the purchase of IoT pro...

Publications CSWP 24 (Final) February 4, 2022
https://csrc.nist.gov/pubs/cswp/24/criteria-for-cybersecurity-labeling-for-consumer-i/final

Abstract: Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity,” tasks the National Institute of Standards and Technology (NIST), in coordination with the Federal Trade Commission (FTC) and other agencies, to initiate pilot programs for cybersecurity labeling. NIST is, among other actions, direct...

Publications Project Description (Final) May 20, 2021
https://csrc.nist.gov/pubs/pd/2021/05/20/trusted-iot-device-networklayer-onboarding-and-lcm/final

Abstract: Network-layer onboarding of an Internet of Things (IoT) device is the provisioning of network credentials to that device. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to b...

Publications Conference Paper (Final) May 18, 2020
https://csrc.nist.gov/pubs/conference/2020/05/18/defining-actionable-rules-for-verifying-iot-securi/final

Conference: 41st IEEE Symposium on Security and Privacy Abstract: Internet of Things (IoT) is being widely adopted in recent years. Security, however, has lagged behind, as evidenced by the increasing number of attacks that use IoT devices (e.g., an arson that uses a smart oven, burglary via a smart lock). Therefore, the transparency and accountability of those de...

Publications IR 8267 (Initial Public Draft) October 1, 2019
https://csrc.nist.gov/pubs/ir/8267/ipd

Abstract: This report presents the results of a project that conducted a technical review of security features in different categories of consumer home Internet-of-Things (IoT) devices. The categories of IoT devices included smart light bulbs, security lights, security cameras, doorbells, plugs, thermostats,...

Publications Project Description (Initial Public Draft) February 1, 2019
https://csrc.nist.gov/pubs/pd/2019/02/01/security-for-iot-sensor-networks/ipd

Abstract: This document explores common components of sensor networks and the associated requirements for the secure functioning of the sensor network. For each component, the document lists exposed interfaces, applicable threats, and technologies that may be utilized to help ensure the security requirements....

Publications IR 8200 (Final) November 29, 2018
https://csrc.nist.gov/pubs/ir/8200/final

Abstract: The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council’s Cyber Interagency Policy Committee. Its purpose is to coordinate on major issues in international cybersecurity standardization and thereby enhance...

Publications Journal Article (Final) July 31, 2018
https://csrc.nist.gov/pubs/journal/2018/07/cybertrust-in-the-iot-age/final

Journal: Computer (IEEE Computer) Abstract: Will our smart devices betray us? Can we trust our smart beds, pet feeders, and watches to maintain the level of privacy we want and expect? As the numbers of devices coming online reach staggering levels, serious questions must be raised about the level of cybertrust we can reasonably expect to hav...

Publications Journal Article (Final) July 13, 2018
https://csrc.nist.gov/pubs/journal/2018/07/in-iot-we-trust/final

Journal: IEEE IoT Newsletter Abstract: In this short article, we review an abbreviated list of trust challenges that we foresee as increased adoption transforms the IoT into another ubiquitous technology just as the Internet is. These challenges are in no specific order, and are by no means a full set.

Publications Conference Paper (Final) March 26, 2018
https://csrc.nist.gov/pubs/conference/2018/03/26/testing-iot-systems/final

Conference: 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE) Abstract: This article presents challenges and solutions to testing systems based on the underlying products and services commonly referred to as the Internet of ‘things’ (IoT).

Publications Project Description (Final) December 14, 2017
https://csrc.nist.gov/pubs/pd/2017/12/14/mitigating-iotbased-ddos/final

Abstract: The building-block objective is to reduce the vulnerability of Internet of Things (IoT) devices to botnets and other automated distributed threats, while limiting the utility of compromised IoT devices to malicious actors. The primary technical elements of this building block include network gateway...

Updates March 16, 2021
https://csrc.nist.gov/news/2021/draft-trusted-iot-device-onboarding-lcm

The National Cybersecurity Center of Excellence has released a Draft Project Description on Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. The public comment period is open through April 21, 2021.

Updates June 1, 2020
https://csrc.nist.gov/news/2020/security-iot-device-manufacturers-8259-and-8259a

Two publications, NISTIRs 8259 and 8259A, are now available to provide cybersecurity best practices and guidance for IoT device manufacturers.

Updates September 17, 2018
https://csrc.nist.gov/news/2018/nist-releases-draft-nistir-8222-for-comment

[9/18/18--TEMPORARILY WITHDRAWN. TO BE RE-POSTED AT A LATER DATE] Draft NISTIR 8222 identifies 17 technical trust-related issues that may negatively impact the adoption of IoT products and services.

Updates November 29, 2021
https://csrc.nist.gov/news/2021/updates-to-iot-cybersecurity-guidance-and-catalog

NIST has released final IoT-specific guidance (NIST Special Publications 800-213 and 800-213A) to federal organizations to support extending their risk management process to the inclusion of IoT devices in federal systems.

Updates May 20, 2021
https://csrc.nist.gov/news/2021/trusted-iot-device-onboarding-lcm-project

The National Cybersecurity Center of Excellence has published a final Project Description on "Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. This project will result in a NIST Cybersecurity Practice Guide.

Updates May 14, 2021
https://csrc.nist.gov/news/2021/establishing-confidence-iot-device-security-draft

NIST Seeks Comments on a draft white paper, “Establishing Confidence in IoT Device Security: How do we get there?” The comment period is open through June 14, 2021.

Updates January 7, 2021
https://csrc.nist.gov/news/2021/nistir-8322-virtual-workshop-report

NIST publishes NISTIR 8322, Workshop Summary Report for “Building the Federal Profile for IoT Device Cybersecurity” Virtual Workshop.

Updates December 15, 2020
https://csrc.nist.gov/news/2020/draft-guidance-for-defining-iot-cyber-requirements

Four draft guidance documents on defining IoT cybersecurity requirements--for federal agencies and IoT device manufacturers--are now available for comment through February 26, 2021: Draft SP 800-213 and Draft NISTIRs 8259B/C/D.

Updates January 7, 2020
https://csrc.nist.gov/news/2020/nist-releases-second-draft-of-nistir-8259

NIST has released the second public draft of NISTIR 8259, "Recommendations for IoT Device Manufacturers: Foundational Activities and Core Device Cybersecurity Capability Baseline." The public comment period ends February 7, 2020.

Updates July 31, 2019
https://csrc.nist.gov/news/2019/draft-nistir-8259-available-for-comment

NIST has released Draft NISTIR 8259, "Core Cybersecurity Feature Baseline for Securable IoT Devices: A Starting Point for IoT Device Manufacturers," for public comment. The comment period closes on September 30, 2019.

1     2     3     4     5     6  next >  last >>