Key Safety Challenges for the IIoT – Executive Summary
they exist, increasing safety concerns. At the
same time, frequent software updates can
also introduce new security vulnerabilities
and reduce the effectiveness of safety
evaluations, also increasing the safety risks.
This suggests that new approaches beyond
reactive software patching may be required
to produce safe software for IIoT.
C ONCLUSION
Achieving safety and security will require
management and design efforts created to
avoid faults and build-in safety and security
in all phases of the system life cycle.
Verification and validation, the use of safety
compliant elements, adoption of security
best practices and a review of the overall
system and its components are all important
practices to achieve a system that meets
appropriate
safety
and
security
requirements. This all implies a safety and
security in-depth strategy with a view
toward the overall result.
If this were not enough, it is not exactly
obvious how to ensure the safety of
autonomous learning systems, especially if
they have unintended side effects. The
challenges of ensuring safety for
autonomous learning systems in a dynamic
and changing environment are not well
understood.
The Industrial Internet of Things raises new
conc erns that go beyond such approaches.
The number and broad distribution of
devices significantly raises the security
attack surface, especially when the potential
difficulty of managing updates is considered.
The increased security risks can impact
safety due to the ability of attackers to
misuse systems or cause denial of service
attacks. This can be harmful to the individual
health and life (e.g., in medical applications)
or to the community (e.g., in manufacturing
with potentially toxic or harmful materials).
Finally, the entire regulatory regime is
oriented toward analyzing and approving
the safety of pairs of devices for a specific
purpose. This is at odds with the need for
fast and dynamic business where new
applications may be created by combining
existing technologies in new and unexpected
ways. This will require a new approach
toward regulation based on new technical
and procedural approaches.
The IIC white paper reviews these concerns
in more detail and offers some possible
approaches. Given the importance of safety
to individuals and society it is essential that
work be devoted toward solutions. The
paper is a call-to-action and -cooperation to
find and implement solutions to enable
safety in the world of the Industrial Internet
of Things.
The convergence of IT/OT has many
implications due to the differing cultures and
business requirements, including issues
related to the difficulty to update software
frequently while maintaining confidence in
the safety of the system. This convergence
may increase the impact of security
vulnerabilities through increased time that
- 136 -
IIC Journal of Innovation