Taking another step toward strengthening the nation’s critical infrastructure, the National Institute of Standards and Technology (NIST) has drafted guidelines for applying its Cybersecurity Framework to critical technologies such as the Global Positioning System (GPS) that use positioning, navigation and timing (PNT) data. Part of a larger NIST effort to implement a recent Executive Order to safeguard systems that rely on PNT data, these cybersecurity guidelines accompany recent NIST efforts to provide and test a resilient timekeeping signal that is independent of GPS.
Formally titled the Cybersecurity Profile for the Responsible Use of Positioning, Navigation and Timing (PNT) Services (NISTIR 8323), the new guidelines are designed to help mitigate cybersecurity risks that endanger systems important to national and economic security, including those that underpin modern finance, transportation, energy and additional economic sectors. The agency is requesting public comment on the draft by Nov. 23, 2020.
The draft profile is part of NIST’s response to the Feb. 12, 2020, Executive Order 13905, Strengthening National Resilience Through Responsible Use of Positioning, Navigation, and Timing Services. Earlier this year, NIST sought public input regarding the general use of PNT data.