Abstract: This report presents the results of a project that conducted a technical review of security features in different categories of consumer home Internet-of-Things (IoT) devices. The categories of IoT devices included smart light bulbs, security lights, security cameras, doorbells, plugs, thermostats,...

Abstract: The goal of the Internet Engineering Task Force’s manufacturer usage description (MUD) architecture is for Internet of Things (IoT) devices to behave as intended by the manufacturers of the devices. This is done by providing a standard way for manufacturers to identify each device’s type and to indi...

Abstract: This document explores common components of sensor networks and the associated requirements for the secure functioning of the sensor network. For each component, the document lists exposed interfaces, applicable threats, and technologies that may be utilized to help ensure the security requirements....

Abstract: The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council’s Cyber Interagency Policy Committee. Its purpose is to coordinate on major issues in international cybersecurity standardization and thereby enhance...

Abstract: The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council’s Cyber Interagency Policy Committee (NSC Cyber IPC). Its purpose is to coordinate on major issues in international cybersecurity standardization and...

Abstract: This publication is intended to help Internet of Things (IoT) device manufacturers understand the cybersecurity risks their customers face so IoT devices can provide cybersecurity features that make them at least minimally securable by the individuals and organizations who acquire and use them. The...

Abstract: The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy r...

Abstract: The Internet of Things (IoT) refers to systems that involve computation, sensing, communication, and actuation (as presented in NIST Special Publication (SP) 800-183). IoT involves the connection between humans, non-human physical objects, and cyber objects, enabling monitoring, automation, and deci...

Abstract: The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy r...

Abstract: The Internet of Things (IoT) refers to systems that involve computation, sensing, communication, and actuation (as presented in NIST Special Publication (SP) 800-183). IoT involves the connection between humans, non-human physical objects, and cyber objects, enabling monitoring, automation, and deci...

Journal: IEEE IoT NewsletterAbstract: In this short article, we review an abbreviated list of trust challenges that we foresee as increased adoption transforms the IoT into another ubiquitous technology just as the Internet is. These challenges are in no specific order, and are by no means a full set.

Journal: IT ProfessionalAbstract: In the Internet of Things (IoT), what can we measure? The authors explore how the field of metrology might be applicable to the IoT.

Abstract: This report provides an overview of the topics discussed at the “Internet of Things (IoT) Cybersecurity Colloquium” hosted on NIST’s campus in Gaithersburg, Maryland on October 19, 2017. It summarizes key takeaways from the presentations and discussions. Further, it provides information on potential...

Abstract: System primitives allow formalisms, reasoning, simulations, and reliability and security risk tradeoffs to be formulated and argued. In this work, five core primitives belonging to most distributed systems are presented. These primitives apply well to systems with large amounts of data, scalability...

Journal: Computer (IEEE Computer)Abstract: Will our smart devices betray us? Can we trust our smart beds, pet feeders, and watches to maintain the level of privacy we want and expect? As the numbers of devices coming online reach staggering levels, serious questions must be raised about the level of cybertrust we can reasonably expect to hav...

Conference: 2018 IEEE Symposium on Service-Oriented System Engineering (SOSE)Abstract: This article presents challenges and solutions to testing systems based on the underlying products and services commonly referred to as the Internet of ‘things’ (IoT).

Abstract: The building-block objective is to reduce the vulnerability of Internet of Things (IoT) devices to botnets and other automated distributed threats, while limiting the utility of compromised IoT devices to malicious actors. The primary technical elements of this building block include network gateway...

Abstract: The building block objective is to reduce the vulnerability of Internet of Things (IoT) devices to botnets and other automated distributed threats, while limiting the utility of compromised IoT devices to malicious actors. The primary technical elements of this building block include network gateway...

Abstract: This bulletin summarizes the information presented in NIST SP 800-183, Networks of 'Things'. This publication offers an underlying and foundational science to IoT based on the realization that IoT involves sensing, computing, communication, and actuation.

Abstract: The following concept paper identifies potential project topics for the NCCoE to explore with stakeholders and technology collaborators. Through research and discussion, the NCCoE has identified several areas of interest within a broader cybersecurity subject; in this case, improved security for con...

Journal: IEEE Security & PrivacyAbstract: What can you glean from using inexpensive, off-the-shelf parts to create Internet of Things (IoT) use cases? As it turns out, a lot. The fast productization of IoT technologies is leaving users vulnerable to security and privacy risks.

Journal: IEEE Systems JournalAbstract: We describe the initial process of eliciting requirements for an Internet-of-things (IoT) application involving a hospital emergency room. First, we discuss the process of modeling IoT systems through rich pictures and use cases. Then, we demonstrate how these can be used to model emergency room sys...

Abstract: Managing the data generated by Internet of Things (IoT) sensors and actuators is one of the biggest challenges faced when deploying an IoT system.  Traditional cloud-based IoT systems are challenged by the large scale, heterogeneity, and high latency witnessed in some cloud ecosystems. One solution...

Journal: Online Journal of Nursing InformaticsAbstract: The Internet of Things (IoT) promises to create many opportunities for enhancing human lives, particularly, in healthcare. In this paper we illustrate how an IoT enabled tracking system can help in a special kind of healthcare setting, that is, in the case of a disaster. We briefly describe the disa...

Abstract: Managing the data generated by Internet of Things (IoT) sensors is one of the biggest challenges faced when deploying an IoT system.  Traditional cloud-based IoT systems are challenged by the large scale, heterogeneity, and high latency witnessed in some cloud ecosystems. One solution is to decentra...