The Industrial Internet Consortium (IIC), a global, public-private organization formed to accelerate adoption of the Industrial Internet of Things (IIoT), announced Monday the publication of the Industrial Internet Security Framework (IISF), a common security framework that addresses security issues in IIoT systems.
The IISF emphasizes the importance of five IIoT characteristics – safety, reliability, resilience, security and privacy – that help define “trustworthiness” in IIoT systems, said IIC. The IISF also defines risk, assessments, threats, metrics and performance indicators to help business managers protect their organizations.
From a functional perspective, the IISF separates security evaluation into endpoint, communications, monitoring and configuration building blocks with subdivisions for each one. Each perspective offers implementation best practices, IIC said.
“Today, many industrial systems simply do not have adequate security in place,” said Dr. Richard Soley, Executive Director, IIC, in a prepared statement. “The level of security found in the consumer Internet just won’t do for the Industrial Internet. In order to add security to an industrial system, you must make sure it won’t interfere with safety and reliability requirements. The IISF explores solutions to industrial problems that have plagued the industry for years. The IIC is also putting the IISF vision into practice in our testbed program.”
“Every Industrial Internet of Things project must incorporate security throughout, but doing it properly in an industrial setting means dealing with many levels and dimensions of complexity,” said Greg Gorbach, Vice President, ARC Advisory Group. “The IISF security framework provides a comprehensive approach to ensure that all the bases are covered so risk is minimized.”