AIM Comments on NIST Draft Guidance on Internet of Things Device Cybersecurity
03/18/2021

AIM is Dedicated to Developing Interoperable Technical Guidance and Standards

Online PR News – 18-March-2021 – Pittsburgh, PA – Pittsburgh, Pennsylvania | AIM [http://www.aimglobal.org] the premier alliance for the automated data capture technologies industry, including barcode, RFID, IoT, NFC, and RTLS, submitted comments on the National Institute of Standards and Technology (NIST) draft documents on guidance on Internet of Things device cybersecurity [https://www.nist.gov/news-events/news/2020/12/nist-releases-draft-guidance-internet-things-device-cybersecurity].

“Cybersecurity is an ever evolving challenge, and it is AIM’s view that to achieve true security for an IoT device, there needs to be specific chains of accountability, which the automated data carrier can provide for the IoT device,” stated AIM Chair Chuck Evanhoe, who is President and CEO of Evanhoe & Associates, Inc. and also serves as Chair of the INCITS IoT TAG, the U.S. mirror committee to ISO/IEC/JTC 1/ SC 41 – IoT Standards, and a member of the INCITS Artificial Intelligence (AI) TAG. “Given AIM has an uncompromised reputation as a global authority we take pride in submitting these comments to NIST as a proven unbiased resource and industry leader.”

The four publications from NIST tackle the challenges brought on by the recently signed IoT Cybersecurity Improvement Act of 2020 and look to provide the guidance that law establishes. The four documents — NIST Special Publication (SP) 800-213 and NIST Interagency Reports (NISTIRs) 8259B, 8259C and 8259D —are to help ensure the government and IoT device creators are in agreement on cybersecurity for IoT devices utilized by federal agencies.

This is excellent step on the part of NIST to implement harmonization between the government and IoT device creators.

AIM’s comments noted the following key points:
• To make this collaboration between IoT creators and government work, there needs to be chains of accountability, so one can trust the data carrier identity linked with the Thing. Note that the level of trust depends on the set of use-cases. We then highlight for review the AIM whitepaper Chains of Accountability Enables IoT.
• Another area in which AIDC technologies help secure is the blockchain. As blockchain solutions continue to grow they have become a critical part in IoT device cybersecurity. We then give more detail on AIDC’s role in the blockchain, and share AIM’s Blockchain Council technical report AIDC in the Blockchain Community.

“AIM and our members are committed to advancing security by utilizing automated data capture technologies,” shared Scott Austin, the AIM IoT industry group chair and Senior Executive Vice President, Americas at Everledger.

Read our final comments [https://www.aimglobal.org/nistcomments.html] and contact AIM [info@aimglobal.org] with any questions.