Date Published: February 2019
Comments Due: March 18, 2019 (public comment period is CLOSED)
Email Questions to: email@example.com
Jeffrey Cichonski (NIST), Jeffrey Marron (NIST), Nelson Hastings (NIST), Jason Ajmo (MITRE), Rahmira Rufus (MITRE)
The National Cybersecurity Center of Excellence (NCCoE) at NIST is proposing a project to protect building management systems’ IoT sensor networks. Our findings may be applicable to other industry sectors and are listed for consideration for inclusion as future NCCoE use cases. We will explore common components of sensor networks and the associated security requirements of those components for the secure functioning of the IoT sensor network. Detailed explorations of other considerations (e.g., physical security), while important, are outside the scope of this project.
These are the goals and objectives of the project:
- Serve as a building block for sensor networks in general, future IoT projects, or specific sensor network use cases.
- Establish a security architecture to protect a building management system sensor network by using standards and best practices, including the communications channel/network used to transmit sensor data to the back-end building control systems (hosts) for processing.
- Explore the cybersecurity controls to promote the reliability, integrity, and availability of building management system sensor networks.
- Exercise/test the cybersecurity controls of the building management system sensor network to verify that they mitigate the identified cybersecurity concerns/risks, and understand the performance implications of adding these controls to the building management system sensor network.
Please submit your feedback to help us shape and refine the scope of this project.
Keywords building management sensors; data integrity; device integrity; internet of things; IoT; networked sensors; sensors; sensor data; sensor security.
Security Assessment and Authorization;
Identification and Authentication;