NCCoE IoT Onboarding Team Releases New Practice Guidance (Preliminary Draft NIST SP 1800-36, Vols. B–E)


The National Cybersecurity Center of Excellence (NCCoE) has published Preliminary Draft Special Publication (SP) 1800-36, Vols. B–E, Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management. The comment period for the drafts is open now through June 20, 2023.

About the Project

Provisioning network credentials to IoT devices in an untrusted manner leaves networks vulnerable to having unauthorized IoT devices connect to them. It also leaves IoT devices vulnerable to being taken over by unauthorized networks. Instead, trusted, scalable, and automatic mechanisms are needed to safely manage IoT devices throughout their lifecycles, beginning with secure ways to provision devices with their network credentials—a process known as trusted network-layer onboarding. Trusted network-layer onboarding, in combination with additional device security capabilities such as device attestation, application-layer onboarding, secure lifecycle management, and device intent enforcement could improve the security of networks and IoT devices.

This draft practice guide aims to demonstrate how organizations can protect both their IoT devices and their networks. The NCCoE is collaborating with product and service providers to produce example implementations of trusted network-layer onboarding and capabilities that improve device and network security throughout the IoT-device lifecycle to achieve this.

Submit Your Comments

The public comment period is open now through June 20, 2023. Visit the project page for draft copies and access to our comments form.

Visit the Project Page

NIST is adopting an agile process to publish content. Each volume is being made available as soon as possible rather than delaying release until all volumes are complete. Work continues on implementing the example solutions and developing other parts of the content. We will publish at least one additional draft for public comment before it is finalized.


If you have expertise in IoT and/or network security and would like to help shape this project, please consider joining the IoT Onboarding Community of Interest (COI). Complete the COI sign-up form found on our project page or email us at declaring your interest.