IIC Journal of Innovation 8th Edition | Page 55
Why Security Begins at the End
The Industrial Internet Security Framework
“Best Practices” Documents
The IIoT is being shaped by many participants from the energy, healthcare, manufacturing,
industrial transport systems and public sectors, each of which needs to consider security. To
avoid security hazards, especially as systems from different sectors interoperate and exploitation
attempts are made in the gaps between them, it is important and urgent to build early consensus
among the participants on IIoT security.
The Industrial Internet Security Framework (IISF) Technical Document guides systems designers,
integrators and security architects as they ensure security is a fundamental part of the new or
existing IIoT architectures, rather than “bolted on” to it.
IIC Best Practices Documents cover aspects of industrial internet security, based on the six
building blocks in the IISF. The IISF provides a secure design architecture for industrial internet
security so that system designers can understand overall security architecture and context. For
example, equipment manufacturers and integrators can define which security level their
products, systems and solutions are designed to meet. Insurers and policy makers may benefit
by having a common benchmark that can be used to analyze risk and encourage security
improvements. All can benefit by obtaining a clear description of what countermeasures and
controls are generally recommended for each level of security.
Return to beginning of this article
Return to Table of Contents
* Standards development organizations are most commonly known by their acronyms. These
include International Standards Organization (ISO), Institute of Electrical and Electronic Engineers
(IEEE), International Electrotechnical Commission (IEC), Internet Engineering Task Force (IETF) or
National Institute for Standards and Technology (NIST).
The views expressed in the IIC Journal of Innovation are the contributing authors’ views and do
not necessarily represent the views of their respective employers nor those of the Industrial
Internet Consortium.
© 2018 The Industrial Internet Consortium logo is a registered trademark of Object
Management Group®. Other logos, products and company names referenced in this publication
are property of their respective companies.
54
June 2018