Providing Feedback

NIST encourages the use of GitHub mechanisms to provide feedback on our catalog contents. Interested parties can share feedback and ask questions about resources in the catalog repository using the Issues feature. Specific change proposals can be contributed using the Pull Request (PR) feature. We prefer PRs focused on individual issues, rather than broad PRs with unrelated changes. To help with creating focused PRs contributors are requested to create a distinct, meaningfully-named branch for the changes associated with an area of concern.

If you’d like to submit feedback the traditional way, please send us feedback to our mailbox at IoTsecurity@nist.gov.

Feedback Questions

The Cybersecurity for IoT program requests your feedback on the material in this catalog. Please consider the following questions:

• For any given technical capability and sub-capability, have we identified the most common, or expected, device cybersecurity capability or sub-capability that should be built within an IoT device?
• Are there any common IoT device technical cybersecurity capabilities or sub-capabilities that we have not included?
• Do you have any suggested updates or additions to elements of device cybersecurity capabilities and sub-capabilities, or suggestions for re-arranging the elements?
• Are there any common IoT device non-technical manufacturer supporting capabilities that we have not included?
• Do you have any suggested updates or additions to the non-technical supporting capabilities?
• Do you find it useful to have the technical capabilities catalog separate from the non-technical capabilities? Why or why not?
• Is this structure (i.e., capability->sub-capability->element) useful for defining device cybersecurity capabilities?
• Would mapping the catalog elements to NISTIR 8259A, NISTIR 8259B, NIST SP 800-53 rev 5, and/or the Cybersecurity Framework be helpful?

Operating Rules

These operating rules describe and govern NIST’s management of feedback on this GitHub page. NIST reserves the right to modify this policy at any time.

Criteria for Feedback

This is a moderated platform. NIST reserves the right to reject, remove, or edit any feedback, including anything that:

• states or implies NIST endorsement of any entities, services, or products;
• is inaccurate;
• contains abusive or vulgar content, spam, hate speech, personal attacks, or similar content;
• is clearly “off topic”;
• makes unsupported accusations;
• includes personally identifiable or business identifiable information according to Department of Commerce Office of Privacy and Open Government guidelines