NIST Publishes Initial Public Draft (IPD) CSWP 42, Towards Automating IoT Security: Implementing Trusted Network -Layer Onboarding

The NIST National Cybersecurity Center of Excellence (NCCoE) has released NIST CSWP 42, Towards Automating IoT Security: Implementing Trusted Network Layer Onboarding, for public comment. The comment period is open until 11:59 PM (EDT) on May 29, 2025 .

IoT device network-layer onboarding is an automated mechanism for securely provisioning network credentials to devices, thereby enhancing network security and management. IoT devices can measure energy consumption, detect component faults, monitor water quality, measure toxins, and detect infrastructure breaches. Whether used in complex operational networks or simple home networks, the goal is to avoid exposing these networks to additional threats. Key capabilities of trusted IoT device network-layer onboarding include per-device network credentials, zero-touch onboarding, configurable trust policies, and continuous assurance. Organizations and individuals using IoT devices to collect data for quick identification of potential issues and rapid response management are encouraged to read the publication.

Please complete the comment template  found on the NCCoE project page. You can submit completed templates and all questions to iot-onboarding [at] nist.gov (iot-onboarding[at]nist[dot]gov).