The Resilience Model Supporting IIoT System Trustworthiness
the IIoT system behavior is based on the scheme of typical ICS operation shown in Figure 3 12 . The IIoT system exists in two contexts , Operational Technology ( OT ) and Information Technology ( IT ). The control process exists in the ОТ context while the informational flows controlling how this process goes come from the IT context . Sensors and actuators tie these contexts together .
Let ’ s define the formal model for the IIoT system behavior by the subsequent definition of its following components :
- |
input |
data , |
output |
data |
and |
environment , |
- |
process definition , and |
- |
requirements to the IIoT system |
behavior . |
Input data , output data and environment
The set of input variables X = { x 1 , … x N } characterizes the input data for the control process ( OT ), or Process Input .
The set of output variables Y = { y 1 , … y M } characterizes the output data for the control process ( OT ), or Process Output .
The set of variables S IOT describes the system environment . These variables include the values describing the parameters of both the IT and OT context .
S IoT = { s i | i ∈ 1 … l } – environment variables set
∀s i type ( s i ) = { S OT
S IT
, S IoT = S OT + S IT
The set of variables Ad = { ad i | i ∈ 1 … k } represents the adversary . We consider only the adverse conditions that arise in the IT environment , At ⊆ S IT .
Process definition
As cyber resilience requires some actions on “ adverse conditions , stresses , attacks or compromises on systems that use or are enabled by cyber resources ,” there should be a possibility to recognize these conditions , stresses , attacks or compromises . In other words , we assume they are accountable . As they are accountable , the appropriate data describing them may be generated during the process . The data describing security and safety events are usually produced by sensors , for example , on the basis of a watchdog mechanism , detection of attack signatures or passive recognition of the new devices in a network .
Let ’ s define D as a set of sensors and actuators data . These data are obtained by applying the functions transforming the OT data to their IT representation :
δ X : X → D x , δ Y : Y → D y , δ IoT : S IoT → D SIoT , D = D x ∪ D y ∪ D SIoT
The control system makes a decision based on data D . In our representation , the sensors and actuators that are the part of the system
12
Source : Keith Stouffer , Suzanne Lightman , Victoria Pillitteri , Marshall Abrams , and Adam Hahn . NIST Special Publication 800- 82 Rev . 2 . Guide to Industrial Control Systems ( ICS ) Security . National Institute of Standards and Technology , U . S . Department of Commerce , 2015 . https :// doi . org / 10.6028 / NIST . SP . 800-82r2
- 121 - IIC Journal of Innovation