Evaluating Security of IIoT Testbeds
although member companies sponsor and
own their testbeds, they also agree to share
certain deliverables and progress reports
with IIC members and the greater IIoT
ecosystem.
often be funded by institutions (agencies,
academia,
and
governments)
in
collaboration with industry.
The priorities and activities around testbeds
continue to evolve but the IIC is committed
to creating and developing testbeds that
support the IIC’s goals of innovation and
interoperability.
Each IIC IIoT testbed is a technology platform
that provides experience enabling IIC
members to better understand innovations
and to test new applications, processes,
products, services, and business models to
ascertain their usefulness and viability
before taking them to market. In this way, IIC
members can uncover the technologies,
techniques, and opportunities essential to
solving these and other important problems
that benefit businesses and society.
IISF & S ECURITY E VALUATION
The IISF provides guidance on performing
security evaluations on IIoT systems,
spanning
across
both
Information
Technologies
(IT)
and
Operational
Technologies (OT). The TSCG provides the
testbed with a list of questions (“the
questionnaire”) to help them document and
explain the security posture and decisions of
the testbed. The format of the questionnaire
evolved over a period of time from a free
flow of information – the testbeds created
documents and presentations – to a
questionnaire that can be completed at any
time through an online portal with some
multiple-choice answers. The questionnaire
is divided into two sections, mirroring the
structure of IISF, specifically, Part II, the
business viewpoint, and Part III, the
functional and implementation viewpoints.
The following is a summary of the
information solicited in the questionnaire.
Specifically, a testbed is a controlled
experimentation platform that has the
following properties:
•
•
•
•
•
Implements specific use cases and
scenarios;
Produces testable outcomes to
confirm that an implementation
conforms to expected results;
Expl