U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NISTIR 8323 Rev. 1 (Draft)

Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services

Date Published: June 29, 2022
Comments Due: August 12, 2022 (public comment period is CLOSED)
Email Questions to: pnt-eo@list.nist.gov

Author(s)

Michael Bartock (NIST), Suzanne Lightman (NIST), Ya-Shian Li-Baboud (NIST), James McCarthy (NIST), Karen Reczek (NIST), Joseph Brule (MITRE), Doug Northrip (MITRE), Arthur Scholz (MITRE), Theresa Suloway (MITRE)

Announcement

The national and economic security of the United States (US) is dependent upon the reliable functioning of the nation’s critical infrastructure. Positioning, Navigation, and Timing (PNT) services are widely deployed throughout this infrastructure. In a government-wide effort to mitigate the potential impacts of a PNT disruption or manipulation, Executive Order (EO) 13905, Strengthening National Resilience Through Responsible Use of Positioning, Navigation and Timing Services was issued on February 12, 2020.

NIST, as part of the Department of Commerce (DoC), produced this voluntary PNT Profile (as NIST IR 8323) in response to Sec.4 Implementation (a), as detailed in the EO. The PNT Profile was created by using the NIST Cybersecurity Framework and can be used as part of a risk management program to help organizations manage risks to systems, networks, and assets that use PNT services. The PNT Profile is intended to be broadly applicable and can serve as a foundation for the development of sector-specific guidance. This PNT Profile provides a flexible framework for users of PNT to manage risks when forming and using PNT signals and data, which are susceptible to disruptions and manipulations that can be natural, manufactured, intentional, or unintentional.

This Revision includes five (5) new cybersecurity framework (CSF) subcategories, and two (2) new appendices.

We encourage you to submit comments using the comment template provided.

NOTE: A call for patent claims is included on page vi of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Abstract

Keywords

critical infrastructure; Cybersecurity Framework; Executive Order; GPS; GNSS; navigation; PNT; positioning; risk management; timing
Control Families

None selected

Documentation

Publication:
NISTIR 8323 Rev. 1 (Draft) (DOI)
Local Download

Supplemental Material:
Comments received (web)
PNT homepage (web)

Document History:
06/29/22: NISTIR 8323 Rev. 1 (Draft)
01/31/23: NISTIR 8323 Rev. 1 (Final)