This is a potential security issue, you are being redirected to https://csrc.nist.gov.
Date Published: December 2020
Comments Due: February 26, 2021 (public comment period is CLOSED)
Email Questions to: firstname.lastname@example.org
Planning Note (2/8/2021):
The comment period has been extended to February 26, 2021.
, , , , ,
This draft includes background and recommendations to help federal agencies consider how an IoT device they plan to acquire can integrate into a federal information system. IoT devices and their support for security controls are presented in the context of organizational and system risk management. SP 800-213 provides guidance on considering system security from the device perspective. This allows for the identification of IoT device cybersecurity requirements—the abilities and actions a federal agency will expect from an IoT device and its manufacturer and/or third parties, respectively.
Draft SP 800-213 is being released concurrently with these related IoT draft publications:
NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
IoT Device Cybersecurity Requirement Catalogs (web)
Related NIST Publications: