Date Published: June 29, 2022
Comments Due: August 12, 2022 (public comment period is CLOSED)
Email Questions to: pnt-eo@list.nist.gov
The national and economic security of the United States (US) is dependent upon the reliable functioning of the nation’s critical infrastructure. Positioning, Navigation, and Timing (PNT) services are widely deployed throughout this infrastructure. In a government-wide effort to mitigate the potential impacts of a PNT disruption or manipulation, Executive Order (EO) 13905, Strengthening National Resilience Through Responsible Use of Positioning, Navigation and Timing Services was issued on February 12, 2020.
NIST, as part of the Department of Commerce (DoC), produced this voluntary PNT Profile (as NIST IR 8323) in response to Sec.4 Implementation (a), as detailed in the EO. The PNT Profile was created by using the NIST Cybersecurity Framework and can be used as part of a risk management program to help organizations manage risks to systems, networks, and assets that use PNT services. The PNT Profile is intended to be broadly applicable and can serve as a foundation for the development of sector-specific guidance. This PNT Profile provides a flexible framework for users of PNT to manage risks when forming and using PNT signals and data, which are susceptible to disruptions and manipulations that can be natural, manufactured, intentional, or unintentional.
This Revision includes five (5) new cybersecurity framework (CSF) subcategories, and two (2) new appendices.
We encourage you to submit comments using the comment template provided.
NOTE: A call for patent claims is included on page vi of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
None selected
Publication:
NISTIR 8323 Rev. 1 (Draft) (DOI)
Local Download
Supplemental Material:
Comments received (web)
PNT homepage (web)
Document History:
06/29/22: NISTIR 8323 Rev. 1 (Draft)
01/31/23: NISTIR 8323 Rev. 1 (Final)
Security and Privacy
general security & privacy; risk management
Applications
cybersecurity framework; positioning navigation & timing
Laws and Regulations
Executive Order 13905