HEIDELBERG, GERMANY – The Industrial Internet Consortium (IIC), the global, public-private organization formed to accelerate adoption of the Industrial Internet of Things (IIoT), today published the Industrial Internet Security Framework (IISF), a common security framework that addresses security issues in IIoT systems. The IISF emphasizes the importance of five IIoT characteristics – safety, reliability, resilience, security and privacy – that help define “trustworthiness” in IIoT systems. The IISF also defines risk, assessments, threats, metrics and performance indicators to help business managers protect their organizations.
IIoT security cannot be considered in isolation. It comprises a complex set of industrial processes and applications as well as significant safety and reliability requirements. For example, although it is desirable to implement predictive maintenance capabilities in high-value electric power generation equipment, doing so may open the door to new threats. Adding security in this scenario can be challenging but without it, there could be serious consequences as a successful attack could cause injury, loss of life, or long-term damage to the environment.
The IISF delivers security from business, functional and implementation perspectives. It helps business managers within industrial organizations make informed decisions based on well-designed risk assessments.
From a functional perspective, the IISF separates security evaluation into endpoint, communications, monitoring and configuration building blocks with subdivisions for each one. Each perspective offers implementation best practices.
The IISF breaks the industrial space down into three roles – the component builders, the system builders, and the operational users. The component builders create hardware and software; the system builders combine hardware and software solutions to create systems; and the operational users are the owner/operators of the systems who manage the risk to their industrial processes posed by the systems. To ensure end-to-end security, industrial users must assess the level of trustworthiness of the complete system.
The IISF is the most in-depth industrial-focused security framework comprising expert vision, experience and security best practices from the IIC members. The IISF is available free of charge. For more information about the IISF, click here. IISF editors and other security experts will be presenting at the Security Forum on October 6, 2016 in Sunnyvale, CA.
For more information, visit http://www.iiconsortium.org