Mar. 14, 2016
SP 800-154
DRAFT Guide to Data-Centric System Threat Modeling
NIST requests public comments on draft Special Publication (SP) 800-154,
Guide to Data-Centric System Threat Modeling.
Data-centric system threat modeling is a form of risk assessment that
models aspects of the attack and defense sides for selected data within
a system. Draft SP 800-154 provides information on the basics of
data-centric system threat modeling so that organizations can use it as
part of their risk management processes instead of relying solely on
conventional "best practice" recommendations.
The public comment period for the publication
closes on April 15, 2016.
Send comments on Draft SP 800-154 to
800-154comments@nist.gov with
"Comments SP 800-154" in the subject line.