U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Core Cybersecurity Feature Baseline for Securable IoT Devices: Draft NISTIR 8259 Available for Comment
July 31, 2019

As manufacturers create an incredible and ever-growing variety of Internet of Things (IoT) devices, they should also understand the cybersecurity risks associated with those devices in order to make them at least minimally securable. This approach can help reduce the need for customers to make their own cybersecurity-related efforts, prevent unauthorized access, and mitigate the potentially severe effects of attacks performed using compromised IoT devices.

NIST invites comments on Draft NIST Internal Report (NISTIR) 8259Core Cybersecurity Feature Baseline for Securable IoT Devices: A Starting Point for IoT Device Manufacturers. The publication defines a core baseline of cybersecurity features that manufacturers may voluntarily adopt for IoT devices they produce. The document builds upon NISTIR 8228, Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risk, and provides information on how manufacturers can identify and implement features most appropriate for their customers beyond the core baseline.

The public comment period for this document closes September 30, 2019. See the publication details for a copy of the document and instructions for submitting comments.

NOTE: A call for patent claims is included on page vi of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications

 

See the related NIST news article about this draft document.

Related Topics

Security and Privacy: risk management

Applications: cyber-physical systems, Internet of Things

Laws and Regulations: Executive Order 13800

Created July 31, 2019, Updated June 22, 2020