NISTIR 8259A
Status:
Final
Informative Reference Version:
1.0.0
Focal Document Version:
IoT Device Cybersecurity Capability Core Baseline
Summary:
A mapping between the C2 Consensus-derived CTA-2088 IoT device cybersecurity "baseline capabilities" standard, and NISTIR 8259A. The C2 Consensus is a multi-sector core baseline that 'wraps' 8259A, and CTA-2088 is a direct derivative of C2 in technical standard form (with "SHALL" requirements).
Target Audience:
IoT device manufacturers (brands and OEM/ODMs), retailers, large enterprises.
Comprehensive:
No
Comments:
CTA-2088's mapping to NISTIR 8259A is not fully "comprehensive" (logged as "no" in the Informative Reference record) due to three items that are not covered in either C2 or CTA-2088. NISTIR 8259A DI-2, physical label requirement, was considered out-of-scope for CTA-2088. SU-3, rollback requirement; and CSA-2, detection of degraded cybersecurity state, were not considered broadly baseline. NISTIR 8259A is guidance that is not intended to be 100% applied to all devices, as noted in the 8259A Introduction, "...implementation of all capabilities is not considered mandatory". CTA-2088 is intended to specify, in detail sufficient for developers or purchasers, the necessary baseline for a broad target market, in a way that is entirely compatible with the goals and execution of the NIST effort.
Point of Contact:
Michael Bergman mbergman@CTA.tech +1 703-907-4366
Category of Submitter:
Private Sector
Dependencies/Requirements:
Citations:
The C2 Consensus on IoT Device Security Baseline Capabilities (available at http://csde.tech/projects/c2-consensus/)
ce6a04b67dc37c9f72478f5dffab1a08960508244182b8e15238e73705444f01
Reference Document Author:
Reference Document:
CTA-2088 Baseline Cybersecurity Standard for Devices and Device Systems (November 2020)
Reference Document Date:
11/00/2020
Reference Document URL:
https://shop.cta.tech/collections/standards/products/baseline-cybersecurity-standard-for-devices-and-device-systems-cta-2088
Reference Developer:
Consumer Technology Association
Posted Date:
January 21, 2021