The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-213A: IoT Device Cybersecurity Guidance for the Federal Government: IoT Device Cybersecurity Requirement Catalog.
The Special Publication (SP) 800-213A provides a catalog of internet of things (IoT) device cybersecurity capabilities (i.e., features and functions needed from a device to support security controls) and non-technical supporting capabilities (i.e., actions and support needed from device manufacturers and other supporting entities to support security controls), in support of SP 800-213.
The NIST IoT cybersecurity catalog consists of the following cybersecurity capabilities:
- Device Identification
- Device Configuration
- Data Protection
- Logical Access to Interfaces
- Software Update
- Cybersecurity State Awareness
- Device Security.
Readers can download the full PDF report here.