Internet of Things (IoT)
The Internet of Things has unlimited possibilities for home and business use. Appliances from refrigerators to sensor networks are now available in models that interact with a wireless network, making them easier to control with a computer or smartphone. Estimates suggest that there will be more than 75 billion IoT devices in use by 2025, according to IHS Markit.
Along with this massive market adoption of IoT, though, comes a trove of security concerns that necessitate attention and action. The National Institute of Standards and Technology's (NIST) National Cybersecurity Center of Excellence (NCCoE) is striving to make IoT more secure.
Security Guidance
-
Mitigating Cybersecurity and Privacy Risks in Telehealth Smart Home Integration
Identifies and mitigates cybersecurity and privacy risks based on patient use of smart home devices interfacing with patient information systemsSoliciting Comments -
Cybersecurity for Smart Inverters: Guidelines for Residential and Light Commercial Solar Energy Systems
Practical cybersecurity guidelines for small-scale solar inverter implementations typically used in homes and small businesses.Reviewing Comments -
IoT Device Characterization
Demonstrates how to use device characterization techniques to describe the communication requirements of IoT devicesReviewing Comments -
Securing Water and Wastewater Utilities
Presenting a traditional on-premises remote access reference architecture and two example solutions.Reviewing Comments -
Trusted IoT Device Network-Layer Onboarding and Lifecycle Management
Demonstrates approaches for securely onboarding IoT devices with network credentialsReviewing Comments -
Cybersecurity Framework Profile for Electric Vehicle Extreme Fast Charging Infrastructure
Providing users with a national-level risk-based approach for managing cybersecurity activities for EV XFC systems.Finalized Guidance -
Protecting Information and System Integrity in Industrial Control System Environments
Demonstrated practice example solutions that manufacturers can use to protect their ICS from data integrity attacks and documented in NIST SP 1800-10, Protecting Information and System Integrity in Industrial Control System EnvironmentsFinalized Guidance -
Securing Distributed Energy Resources
An approach for securing data exchanges between and among distributed energy resource systems and electric power distribution facilitiesFinalized Guidance -
Securing Home IoT Devices Using MUD
Demonstrates using the Manufacturer Usage Description (MUD) standard to improve the security of home IoT devicesFinalized Guidance -
Securing Telehealth Remote Patient Monitoring Ecosystem
Ensuring that the infrastructure supporting remote patient monitoring capabilities can maintain the confidentiality of patient dataFinalized Guidance -
Securing Wireless Infusion Pumps
Helping healthcare delivery organizations secure wireless infusion pumps (WIP) on an enterprise networkFinalized Guidance
The NCCoE’s IoT work is done in conjunction with and informed by NIST’s Cybersecurity for the Internet of Things Program. This program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of connected devices and the environments in which they are deployed.
Join the Community of Interest
A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI.