The NIST National Cybersecurity Center of Excellence (NCCoE) has released Draft NIST Special Publication (SP) 1800-36, Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management. The comment period is open until July 30, 2024.
About the Project
Provisioning network credentials to IoT devices in an untrusted manner leaves networks vulnerable to having unauthorized IoT devices connect to them. It also leaves IoT devices vulnerable to being taken over by unauthorized networks. Instead, trusted, scalable, and automatic mechanisms are needed to safely manage IoT devices throughout their lifecycles, beginning with secure ways to provision devices with their network credentials—a process known as trusted network-layer onboarding. Trusted network-layer onboarding, in combination with additional device security capabilities, such as device attestation, application-layer onboarding, secure lifecycle management, and device intent enforcement, could improve the security of networks and IoT devices.
To help organizations protect both their IoT devices and their networks, the NCCoE collaborated with 11 IoT product and service providers. This joint effort resulted in the development of five functional technology solutions for trusted network-layer onboarding, as well as two factory provisioning builds, detailed in the practice guide.
Submit Your Comments
The public comment period for the draft is open until 11:59 p.m. EST on July 30, 2024. Visit the NCCoE IoT Onboarding project page for the draft publication and comment form.
Contribute
If you have expertise in IoT and/or network security and would like to help shape this or future projects, please consider joining the IoT Onboarding Community of Interest (COI). You can become a COI member by completing the sign-up form on our project page here.