Comment Now on NIST CSWP 42, Towards Automating IoT Security: Implementing Trusted Network-Layer Onboarding
The NIST National Cybersecurity Center of Excellence (NCCoE) has released NIST Cybersecurity White Paper (CSWP) 42, Towards Automating IoT Security: Implementing Trusted Network-Layer Onboarding, for public comment. The comment period is open until 11:59 PM (EDT) on May 29, 2025.
IoT device network-layer onboarding is an automated mechanism for securely provisioning network credentials to devices, thereby enhancing network security and management. IoT devices can measure consumption, detect component faults, monitor water quality, measure toxins, and detect infrastructure breaches. Whether used in complex operational networks or simple home networks, the goal is to avoid exposing these networks to additional threats. Key capabilities of trusted IoT device network-layer onboarding include per-device network credentials, zero-touch onboarding, configurable trust policies, and continuous assurance. Organizations and individuals using IoT devices to collect data for quick identification of potential issues and rapid response management are encouraged to review this draft publication and provide comments.
The NIST NCCoE, in collaboration with 11 technology vendors, has developed several technical build implementations using commercially available technologies such as Wi-Fi Easy Connect, Bootstrapping Remote Key Infrastructure (BRSKI), and Thread. This CSWP outlines the security advantages of the implementations documented in NIST Special Publication (SP) 1800-36 as well as additional technologies such as Matter and FIDO Device Onboarding (FDO).
Please complete the comment template found on the NCCoE project page. You can also submit comments and questions to iot-onboarding@nist.gov.
NIST Cybersecurity and Privacy Program
Questions/Comments about this notice: iot-onboarding@nist.gov
NCCoE Website questions: nccoe@nist.gov
|
