The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary draft of National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide Special Publication (SP) 1800-15, Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD) for public comment. This practice guide is intended for IoT product developers and implementors. However, the guide also demonstrates to IoT device users the crucial role MUD can play in network security.
Following an experimental agile process for continuous delivery of special publication, the preliminary draft is stable but has some gaps in its content that we will address in the next draft. The NCCoE is requesting your feedback on the preliminary draft to help shape the next document which is scheduled for release in the fall of 2019. For ease of use, the guide is available in three volumes:
- SP 1800-15A: Executive Summary (pdf) (web page)
- SP 1800-15B: Approach, Architecture, and Security Characteristics (pdf) (web page)
- SP 1800-15C: How-To Guides (pdf) (web page)
The comment period is open until June 24, 2019. We appreciate your feedback, which we will use to shape the next version of this guide.
See the Mitigating IoT-Based DDoS project two-page fact sheet for an overview of this project.
If you have questions or suggestions, please email us at email@example.com. To receive announcements about additional milestones, or join our Community of Interest to receive email alerts.