Strengthening National Resilience Through Responsible Use of Positioning, Navigation, and Timing Services - Frequently Asked Questions

EXECUTIVE ORDER 13905
STRENGTHENING NATIONAL RESILIENCE THROUGH RESPONSIBLE USE OF POSITIONING, NAVIGATION, AND TIMING SERVICES

What is EO 13905?  

On February 12, 2020, President Donald Trump signed Executive Order 13905, Strengthening National Resilience Through Responsible Use of Positioning, Navigation, and Timing (PNT) Services. The Executive Order seeks to protect the national and economic security of the United States arising from disruptions to Positioning, Navigation and Timing (PNT) services that are vital to the functioning of technology and infrastructure, including the electrical power grid, communications infrastructure and mobile devices, all modes of transportation, precision agriculture, weather forecasting, and emergency services.

What is the role of the Department of Commerce according to the EO?

The Executive Order directs the Department of Commerce (DOC) to develop PNT profiles to identify systems, networks, and assets dependent on PNT services; identify appropriate PNT services; detect the disruption and manipulation of PNT services; and manage the associated risks to the systems, networks, and assets dependent on PNT services.  

What is NIST’s role?

The National Institute of Standards and Technology (NIST), as part of the DOC, will be responsible for the development of the PNT foundational profile. The profile will serve as a foundation for sector specific agencies (SSA), as described in the E.O., to identify systems, networks, and assets dependent on PNT services; identify appropriate PNT services; detect the disruption and manipulation of PNT services; and manage the associated risks to the systems, networks, and assets dependent on PNT services.  

In addition, NIST will work with the Departments of Defense, Transportation and Homeland Security, to provide recommendations based on the PNT profile.

How does the E.O. define PNT services?

"PNT services," as defined in the Executive Order, “means any system, network, or capability that provides a reference to calculate or augment the calculation of longitude, latitude, altitude, or transmission of time or frequency data, or any combination thereof.” 

Who are PNT service users, according to the E.O.?

PNT services are used by owner/operators of the electrical power grid, and communication infrastructure, as well as businesses in the transportation, agriculture, weather, and emergency response sectors, among others.

What is a PNT profile?

A "PNT profile" is a document describing the responsible uses of PNT -- aligned to standards, guidelines, and sector-specific requirements -- selected for a particular system to address the potential disruption or manipulation of PNT services.  

NIST will leverage the Cybersecurity Framework to develop and issue a foundational PNT profile to help organizations:

• Identify systems dependent on PNT 
• Identify appropriate PNT sources
• Detect disturbances and manipulation of PNT services
• Manage the risk to these systems 

What is “responsible use of PNT services”?

The Executive Order defines "responsible use of PNT services" as the “deliberate, risk-informed use of PNT services, including their acquisition, integration, and deployment, such that disruption or manipulation of PNT services minimally affects national security, the economy, public health, and the critical functions of the Federal Government.”

What process will NIST use to develop the PNT profile?

NIST will develop the PNT profile using open, transparent, and collaborative processes involving public and private sector stakeholders to inform the responsible use of PNT services and to support adoption, refinement, and implementation of the profiles. Similar to the process used to develop the Cybersecurity Framework, NIST may use formal and informal mechanisms to solicit community input, including Requests for Information, public workshops, and public review and comment periods.

Who are the stakeholders/audience?

The primary stakeholder and audience for the PNT profile are public and private sector entities who rely on PNT services. These can include owner/operators of the electrical power grid, and communication infrastructure, as well as businesses in the transportation, agriculture, weather, and emergency response sectors. 

By the end of this process, what will NIST produce?

Within one year from the date of the Executive Order, NIST will produce and issue a foundational PNT profile that can be used  by the Sector-Specific Agencies (SSA). In addition, NIST will provide a process by which SSA and others can customize the profile to meet their needs.

How does NIST envision the PNT profile being used?

NIST envisions that the PNT profile will be used by SSAs and the private sector to help identify systems, assets, and networks dependent on PNT services; identify appropriate PNT sources; detect the disruption or manipulation of PNT services; and manage the associated risks to these systems.