IIC Releases Industrial Internet Security Framework

The Industrial Internet Consortium has released their Industrial Internet Security Framework to address common security issues.

According to the September 19 announcement, the IISF focuses on five specific industrial IoT (IIoT) characteristics: safety, security, privacy, reliability and resilience. The characteristics help define trustworthiness, risk, threats, performance, metrics and assessments in IIoT systems.

“Today, many industrial systems simply do not have adequate security in place,” said Dr. Richard Soley, executive director of the Industrial Internet Consortium (IIC). “The level of security found in the consumer internet just won’t do for the industrial internet. In order to add security to an industrial system, you must make sure it won’t interfere with safety and reliability requirements. The IISF explores solutions to industrial problems that have plagued the industry for years. The IIC is also putting the IISF vision into practice in our testbed program.”

The IIC stated that industrial IoT security is critical and comprises both a complex set of processes and safety compliance requirements. It pointed out that implementing common IIoT solutions such as predictive maintenance can bring with it serious security threats and the risk of attacks that could cause serious environmental impact, grave injury, or even death.

The IISF separates security into four categories — endpoint, communications, monitoring and configuration — and offers best practices for each. It breaks down the industrial space into three main roles: component builders, system builders and end users. For compete end-to-end security, the complete system must be assessed for trustworthiness.

The framework is available free of charge. For more information click here. The IISF editors will be discussing the framework at the upcoming Security Forum in Sunnyvale, CA, on October 6.

Related:

IIC testbeds

How bad is IoT security? Very