Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Summary

NIST works with industry partners to advance the research, standardization and adoption of technologies necessary to increase the security, privacy, resilience and performance of networked systems.  This includes resolving systemic vulnerabilities in existing and emerging critical network infrastructures and advancing the development of potentially disruptive technologies to improve the trustworthiness of future networks.  NIST innovates and applies the measurement science necessary to establish a technical basis for trustworthy networks.

Description

The need for Trustworthy Networking

Internet Society Report on the Future of the Internet

ISOC Paths to Our Digital Future

 

  • “Perhaps the most pressing danger to the future of the Internet is the rising scope and breadth of Cyber Threats.”
  • Addressing cyber threats should be the priority
  • “The scale of cyberattacks is steadily growing, and many   anticipate the likelihood of catastrophic cyberattacks in the future.”
  • “Inadequate management of cyber threats will put users increasingly at risk, undermine trust in the Internet and jeopardize its ability to act as a driver for economic and social innovation.”
Trustworthy Networking Challenges

 

Cultivating trust is not easy ...

  • Challenges are technical, economic, often dominated by prevailing business models, complicated by massive installed bases, and fears of governmental interference.

The Need for Test and Measurement:

NAS Network Science Cover Page
Credit: National Academy of Science

Understanding and Controlling Network Behavior

  • “[Despite] society’s profound dependence on networks, fundamental knowledge about them is primitive. Global communication networks have quite advanced technological implementations but their behavior under stress still cannot be predicted reliably.…There is no science today that offers the fundamental knowledge necessary to design large complex networks [so] that their behaviors can be predicted prior to building them.” Network Science, a report from the National Research Council.

 

 

The Need for NIST:

  • Advance Network Metrology – with emphasis on innovating and applying advanced measurement science to Internet-scale systems.
  • Foster Trustworthy Network Technology – work with industry to improve the quality and timeliness of emerging specifications and foster adoption of trustworthy network technologies.
  • Our efforts focus on Internet Scale problems, solutions and measurement techniques.

NIST Roles:

  • NIST is actively involved in numerous technical areas focused on improving the security, robustness and performance of core Internet infrastructures and services. 
    Trustworthy Networking - NIST Roles
  • Our work spans the entire technology life cycle: 
    • problem identification and characterization, 
    • pre-standards research and development to identify potential solutions, 
    • consensus standards development, 
    • development of test tools and prototypes to foster commercialization of emerging standards, 
    • development of guidance documents to foster adoption plans, 
    • promulgation (workshops, etc..) of emerging standards with industry and federal user groups,
    • development of measurement tools to monitor the state of adoption,
    • demonstrations and practice guides to demonstrate the viability of commercial solutions,
    • development of corresponding security controls to guide risk mitigation in Federal systems.
  • The NIST contributions from these activities range from research publications, standards specifications, software tools and prototypes, guidance documents, workshops and pilot demonstrations, practice guides and security controls and baselines.   See the follow project pages for details.

NIST Trustworthy Networks Projects:

  • Robust Inter-Domain Routing - NIST is working with industry to design, standardize, and foster deployment of technologies to improve the security and resilience of Internet Routing.
  • High Assurance Domains - NIST is working with the Internet industry to design, standardize and foster deployment of technologies to improve the security and robustness of enterprise networks and the core Internet technologies upon which they relay.  The High Assurance Domains (HAD) project is currently focused on (1) leveraging secure Domain Name System (DNS) technologies to address security challenges in other core protocols; (2) improving the security and privacy of enterprise electronic mail systems; and (3) developing concepts and guidance for Zero Trust Network Architectures.  
  • Trustworthy Intelligent Networks - NIST is working with industry and academia to improve the trustworthiness and applicability of artificial intelligence and machine learning technologies to future networks and distributed systems.  Our research focuses on applications of AI/ML to address security and robustness issues today's networks and developing means to test and measure the robustness of AI/ML techniques necessary for future autonomic networks.
  • Trustworthy Network of Things - NIST is working with industry to design, standardize, test and foster adoption of network-centric approaches to protect IoT devices from the Internet and to protect the Internet from IoT devices.  Our current efforts focus on the research and development manufacturer usage description (MUD) and secure device onboarding technologies.
  • Software Defined and Virtualized Networks - NIST is working to develop test and measurement techniques to advance the state of the art in network virtualization, network service function chaining, software defined networks, technologies and techniques to address robustness and security of virtualized network services.  Our work explores novel applications of NFV/SDN to domains such as network security and intrusion detection,  support of machine to machine communications, support of advanced mobility and cloud computing.  A key component of this research is the development of enabling programmable measurement techniques that can efficiently operate at the scale and speed of advanced networks.
  • Measurement Science for Complex Information Systems - This project aims to develop and evaluate a coherent set of methods to understand behavior in complex information systems, such as the Internet, computational grids and computing clouds. Such large distributed systems exhibit global behavior arising from independent decisions made by many simultaneous actors, which adapt their behavior based on local measurements of system state. Actor adaptations shift the global system state, influencing subsequent measurements, leading to further adaptations. This continuous cycle of measurement and adaptation drives a time-varying global behavior. For this reason, proposed changes in actor decision algorithms must be examined at large spatiotemporal scale in order to predict system behavior. 
  • USGv6 Program -  NIST is Working with other USG agencies and industry to develop and maintain the standards, test program, deployment guidance and test and measurement tools necessary to provide the technical basis for wide-scale adoption of IPv6 in the USG. 

 

 

Major Accomplishments

Select Recent Results:

High Assurance Domains

Robust Inter Domain Routing

Software Defined and Virtual Networks

Trustworthy Intelligent Networks

Trustworthy Networks of Things

USGv6 Program

  • Montgomery D., Johnson E., Newcombe M., Winters T., USGv6 Test Methods: General Description and Validation, NIST Special Publication (NIST SP) - 500-281Br1, November 2020.
    • Montgomery D., Johnson E., Newcombe M., Winters T., USGv6 Test Program Guide, NIST Special Publication, NIST SP-500-281Ar1, November 2020.
      • Montgomery D., Carson M., Winters T., Newcombe M., Carlin T., USGv6 Profile, NIST Special Publication, NIST SP-500-267Br1, November 2020.
        • Montgomery D., Carson M., Winters T., Newcombe M., Carlin T., NIST IPv6 Profile, NIST Special Publication, NIST SP-500-267Ar1, November 2020.

          Zero Trust Networks

          • Rose S., Borchert O., Mitchell S., Connelly S., Zero Trust Architecture, National Institute of Standards and Technology Special Publication (SP) 800-207, August 2020.
          Created September 3, 2020, Updated May 24, 2022