Publications
IR 8267 (Initial Public Draft)
October 1, 2019
https://csrc.nist.gov/pubs/ir/8267/ipd
Abstract: This report presents the results of a project that conducted a technical review of security features in different categories of consumer home Internet-of-Things (IoT) devices. The categories of IoT devices included smart light bulbs, security lights, security cameras, doorbells, plugs, thermostats,...
Publications
IR 8183A Vol. 1 (Final)
September 30, 2019
https://csrc.nist.gov/pubs/ir/8183/a/v1/final
Abstract: This guide provides general implementation guidance (Volume 1) and example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in manufacturing environments to satisfy the requirements in the Cybersecurity Framework (CS...
Publications
IR 8183A Vol. 2 (Final)
September 30, 2019
https://csrc.nist.gov/pubs/ir/8183/a/v2/final
Abstract: This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in process-based manufacturing environments to satisfy the requirements in the Cybersecurity Framework (CSF) Manufacturing Profile Low Impa...
Publications
IR 8183A Vol. 3 (Final)
September 30, 2019
https://csrc.nist.gov/pubs/ir/8183/a/v3/final
Abstract: This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in discrete-based manufacturing environments to satisfy the requirements in the Cybersecurity Framework (CSF) Manufacturing Profile Low Sec...
Events
September 24, 2019 - September 24, 2019
https://csrc.nist.gov/events/2019/human-factors-in-smart-home-technologies
Human Factors in Smart Home Technologies Workshop September 24, 2019 National Institute of Standards and Technology, Gaithersburg, MD This workshop addressed human considerations for smart home devices, including usability, user perceptions, and end-user privacy and security considerations. Invited speakers from industry and academia provided their perspectives via presentations and a moderated panel. In addition to becoming more aware of human aspects of smart home technologies, the attendees from industry, government, and academia had the opportunity to influence NIST's future research...
Events
September 17, 2019 - September 18, 2019
https://csrc.nist.gov/events/2019/software-and-supply-chain-assurance-forum-fall-20
The Software and Supply Chain Assurance Forum (SSCA) provides a venue for government, industry, and academic participants from around the world to share their knowledge and expertise regarding software and supply chain risks, effective practices and mitigation strategies, tools and technologies, and any gaps related to the people, processes, or technologies involved. The effort is co-led by the National Institute of Standards and Technology (NIST), the Department of Homeland Security (DHS), the Department of Defense (DoD), and the General Services Administration (GSA). Participants represent a...
Events
September 10, 2019 - September 10, 2019
https://csrc.nist.gov/events/2019/c-scrm-validating-the-integrity-of-server-and-clie
On Tuesday, September 10, 2019, NIST’s National Cybersecurity Center of Excellence Supply Chain Assurance project team is having an Industry Day, starting at 8:30am. The purpose of this Industry Day is to identify the issues and challenges of Cyber Supply Chain Risk Management (C-SCRM) in enterprises as input to a potential NCCoE demonstration project. NIST starts the day by presenting its preliminary plans for this project. Then, there will be short presentations from a few stakeholders, sharing their views of the challenges enterprises face when verifying that their purchased computing...
Publications
SP 1800-12 (Final)
August 27, 2019
https://csrc.nist.gov/pubs/sp/1800/12/final
Abstract: Federal Information Processing Standards (FIPS) Publication 201-2, “Personal Identity Verification (PIV) of Federal Employees and Contractors,” establishes a standard for a PIV system based on secure and reliable forms of identity credentials issued by the federal government to its employees and con...
Publications
SP 1800-7 (Final)
August 7, 2019
https://csrc.nist.gov/pubs/sp/1800/7/final
Abstract: Through direct dialogue between NCCoE staff and members of the energy sector (composed mainly of electric power companies and those who provide equipment and/or services to them) it became clear that energy companies need to create and maintain a high level of visibility into their operating environ...
Publications
SP 800-162 (Final)
August 2, 2019
https://csrc.nist.gov/pubs/sp/800/162/upd2/final
Abstract: This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, i...
Publications
IR 8204 (Final) (Withdrawn)
August 1, 2019
Withdrawn on November 20, 2020.
https://csrc.nist.gov/pubs/ir/8204/upd2/final
Abstract: This document provides instructions and definitions for completing the Cybersecurity Framework (CSF) Online Informative References (OLIR) spreadsheet template available for download at https://www.nist.gov/cyberframework/informative-references. This document is intended to assist developers of...
Publications
SP 1800-17 (Final)
July 30, 2019
https://csrc.nist.gov/pubs/sp/1800/17/final
Abstract: As retailers in the United States have adopted chip-and-signature and chip-and-PIN (personal identification number) point-of-sale (POS) security measures, there have been increases in fraudulent online card-not-present electronic commerce (e-commerce) transactions. The risk of increased fraudulent o...
