U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Jeffrey Cichonski (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 19 of 19

5G Network Security Design Principles: Applying 5G Cybersecurity and Privacy Capabilities

March 19, 2026
Author(s)
Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Karen Kent, Parisa Grayeli, Sanjeev Sharma
This white paper describes the network infrastructure design principles that commercial and private 5G network operators are encouraged to use to improve cybersecurity and privacy. Such a network infrastructure isolates types of 5G network traffic from

Applying 5G Cybersecurity and Privacy Capabilities: Introduction to the White Paper Series

March 19, 2026
Author(s)
Jeffrey Cichonski, Michael Bartock, Murugiah Souppaya, Karen Kent, Parisa Grayeli, Sanjeev Sharma, Thomas McCarthy, Muthukkumaran Ramalingam, Presanna Raman, Stefano Righi, Jitendra Patel, Bogdan Ungureanu, Tao Wan, Matt Hyatt, Kori Rongey, Dan Carroll, Steve Orrin, Corey Piggott, Simon Hwang, Gary Atkinson, Rajasekhar Bodanki, Robert Cranston, Jorge Escobar, Don McBride, Aarin Buskirk, Bryan Wenger, Todd Gibson
This document introduces the white paper series titled Applying 5G Cybersecurity and Privacy Capabilities. This series is being published by the National Cybersecurity Center of Excellence (NCCoE) 5G Cybersecurity project. Each paper in the series will

No SUPI-Based Paging Applying 5G Cybersecurity and Privacy Capabilities

March 19, 2026
Author(s)
Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Karen Kent, Parisa Greyeli, Sanjeev Sharma
This white paper provides an overview of "no Subscription Permanent Identifier (SUPI) based paging," a 5G capability for protecting users from being identified and located by an attacker. Unlike previous generations of cellular systems, new requirements in

Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) Applying 5G Cybersecurity and Privacy Capabilities

March 19, 2026
Author(s)
Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Karen Kent, Parisa Grayeli, Sanjeev Sharma, Charles Teague
This white paper describes enabling Subscription Concealed Identifier (SUCI) protection, an optional 5G capability which provides important security and privacy protections for subscriber identifiers. 5G network operators are encouraged to enable SUCI on

Reallocation of Temporary Identities: Applying 5G Cybersecurity and Privacy Capabilities

March 19, 2026
Author(s)
Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Karen Kent, Parisa Grayeli, Sanjeev Sharma
This white paper is part of a series called Applying 5G Cybersecurity and Privacy Capabilities, which covers 5G cybersecurity- and privacy-supporting capabilities that were implemented as part of the 5G Cybersecurity project at the National Cybersecurity

Using Hardware- Enabled Security to Ensure 5G System Platform Integrity Applying 5G Cybersecurity and Privacy Capabilities

March 19, 2026
Author(s)
Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Karen Kent, Parisa Grayeli, Sanjeev Sharma
This white paper provides an overview of employing hardware-enabled [1] security capabilities to provision, measure, attest to, and enforce the integrity of the compute platform to foster trust in a 5G system's server infrastructure. It discusses security

2019 Public Safety Broadband Stakeholder Presentations by NIST Authors

October 25, 2021
Author(s)
Richard A. Rouil, Tom Henderson, Marco Mezzavilla, Michele Polese, Jaden Pieper, Chunmei Liu, Silas Thompson, David W. Griffith, Christopher Walton, Christopher D. Dennis, Fabio C. da Silva, John S. Garofolo, James M. Horan, Samuel Hood, Julie Stroup, Christine Task, Terese Manley, Sam Ray, Alison Kahn, Maxwell Maurice, Hien V. Nguyen, Frederick R. Byers, Kristen K. Greene, Mary Theofanos, Yee-Yin Choong, Sandra Spickard Prettyman, Pamela J. Konkol, Jeffrey Cichonski, Bill Fisher, Gema Howell, Mike Dolan, Adam Lewis, Michael Ogata, John Beltz, Michael Bartock, Sarah Hughes, Santosh Rajvaidya, Craig Connelly, Scott Ledgerwood, Megan Waldock, Dereck R. Orr, Donald Bradshaw, Jeb Benson
2019 Public Safety Broadband Stakeholder Presentations by NIST Authors

PSCR 2021: A Standards Update | 5G, Mission Critical Services & Security

September 28, 2021
Author(s)
Jeffrey Cichonski, Dean Prochaska
This session provides a brief overview of the current state of the standards that specify the 5G system, the mission critical services and some of the new security protections they provide. FirstNet will provide some insight into their standards priorities

PSCR 2020_5G Security Evolution not Revolution

October 29, 2020
Author(s)
Jeffrey A. Cichonski
5G has promised to change the way we communicate with an ambitious slate of capabilities not yet available in the 5G networks deployed today, but rather are still being developed and specified by 3GPP. To understand the security posture of 5G networks

Cybersecurity Framework Version 1.1 Manufacturing Profile

October 7, 2020
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, John McCarthy
This document provides the Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The "Manufacturing Profile" of the CSF can be used as a roadmap for reducing cybersecurity risk for manufacturers that

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 1 - General Implementation Guidance

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides general implementation guidance (Volume 1) and example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in manufacturing environments to satisfy the

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 2 - Process-based Manufacturing System Use Case

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in process-based manufacturing environments to satisfy the requirements in the Cybersecurity

Cybersecurity Framework Manufacturing Profile Low Impact Level Example Implementations Guide: Volume 3 - Discrete-based Manufacturing System Use Case

September 30, 2019
Author(s)
Keith A. Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, Jeffrey Cichonski, Neeraj Shah, Wesley Downard
This guide provides example proof-of-concept solutions demonstrating how available open-source and commercial off-the-shelf (COTS) products could be implemented in discrete-based manufacturing environments to satisfy the requirements in the Cybersecurity

Cybersecurity Framework Manufacturing Profile

May 20, 2019
Author(s)
Keith A. Stouffer, Timothy A. Zimmerman, CheeYee Tang, Joshua Lubell, Jeffrey A. Cichonski, John McCarthy
This document provides the Cybersecurity Framework (CSF) implementation details developed for the manufacturing environment. The "Manufacturing Profile" of the Cybersecurity Framework can be used as a roadmap for reducing cybersecurity risk for

Guidance for Improving LTE-based Mobile Communications Security

January 30, 2018
Author(s)
Jeffrey Cichonski, Joshua M. Franklin, Michael Bartock, Larry Feldman, Greg Witte
This bulletin summarizes the information found in NIST SP 800-187: Guide to LTE Securtiy, which serves as a guide to the fundamentals of how LTE networks operate and explores the LTE security architecture.

Guide to LTE Security

December 21, 2017
Author(s)
Jeffrey A. Cichonski, Joshua M. Franklin, Michael J. Bartock
Cellular technology plays an increasingly large role in society as it has become the primary portal to the internet for a large segment of the population. One of the main drivers making this change possible is the deployment of 4th generation (4G) Long

Cybersecurity Framework Manufacturing Profile

September 8, 2017
Author(s)
Keith A. Stouffer, Timothy A. Zimmerman, CheeYee Tang, Joshua Lubell, Jeffrey A. Cichonski, John McCarthy
[Superseded by NISTIR 8183 (September 2017, Includes updates as of May 20, 2019)]This document provides the Cybersecurity Framework (CSF) implementation details developed for the manufacturing environment. The "Manufacturing Profile" of the Cybersecurity

Guide for Cybersecurity Event Recovery

December 22, 2016
Author(s)
Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Matthew C. Smith, Gregory Witte, Karen Scarfone
In light of an increasing number of cybersecurity events, organizations can improve resilience by ensuring that their risk management processes include comprehensive recovery planning. Identifying and prioritizing organization resources helps to guide

Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research

January 20, 2016
Author(s)
Michael J. Bartock, Jeffrey A. Cichonski, Murugiah P. Souppaya, Paul Fox, Mike Miller, Ryan Holley, Karen Scarfone
This report documents proof of concept research for Derived Personal Identity Verification (PIV) Credentials. Smart card-based PIV Cards cannot be readily used with most mobile devices, such as smartphones and tablets, but Derived PIV Credentials (DPCs)
Was this page helpful?