Why Security Begins at the End
security: basic, enhanced and critical. These levels correspond to some of the most mature of the
industrial guidance and compliance frameworks (see Guidance and Compliance Frameworks
sidebar).
1. Security Level Basic (SLB) provides protection against “intentional violation using simple
means with low resources”, such as an ordinary virus.
2. Security Level Enhanced (SLE) steps up to defend against “sophisticated means with
moderate resources”, such as exploiting known vulnerabilities in Industrial Control
System (ICS) software or systems.
3. Security Level Critical (SLC) steps up further to defend against attackers with
“sophisticated means with extended resources”, such as the ability to develop custom
zero-day attacks.
There are full-stack architectures for
endpoint security offering increasing
security levels. These are based on
open standards and interoperability
between multi-vendor multi-platform
endpoints across architectural patterns
such as three-tier, gateway-mediated
edge or layered databus. Regardless of
the architectural pattern employed, the
endpoints must include resistance to
attacks commensurate with the level of
risk for those endpoints. Within the
Endpoint Security Best Practices white
paper,
key
elements
and
countermeasures selected for the
three security levels defined are
identified and discussed in detail .
ENDPOINT SECURITY BEST PRACTICES:
ELEMENTS DISCUSSED IN DETAIL
ROOT OF TRUST
SECURE BOOT
CRYPTOGRAPHIC SERVICES
ENDPOINT CONFIGURATION & MANAGEMENT
SECURE COMMUNICATIONS
CONTINUOUS MONITORING
POLICY ACTIVITY & DASHBOARD
SYSTEM INFORMATION & EVENT
MANAGEMENT
Protecting Industrial IoT System
By applying Endpoint Security Best Practices, owners and operators can specify which security
level they need. Insurers and policy makers may benefit from a common benchmark that can be
used to analyze risk and encourage security improvements. Equipment manufacturers can build
products that provide necessary security features efficiently. Governments can drive adoption of
best practices for industrial security.
Success begins with laying a foundation. Start by securing endpoints. The IIC’s Industrial Internet
Security Framework and Endpoint Security Best Practices white paper provide the guidance to
secure IIoT systems.
IIC Journal of Innovation
53