Extending the IIC IoT Security Maturity Model to Trustworthiness
errors, system faults and attacks.” 6 The
confidence that a system “performs as
expected” depends on an understanding of
the context and requirements of the system
with respect to the trustworthiness aspects
as well as assurance that the concerns
related to the various trustworthiness
aspects are addressed. Design and
implementation trade-offs and decisions will
be necessary since some approaches that
impact one trustworthiness aspect may
either support or diminish another aspect.
As an example, a locked door may enhance
security but may reduce safety, as has been
evidenced in fires with loss of life (e.g., the
New York City 1911 Triangle Shirtwaist
Factory fire 7 ). Each trustworthiness aspect
requires analysis to determine appropriate
investment in practices and technologies to
meet business requirements and this
analysis should consider the interactions of
the different aspects.
example, later in this article, we consider a
surgically implanted pacemaker where two
aspects of trustworthiness, safety and
security, need to be considered.
The process outlined in the IIC IoT Security
Maturity Model is directly applicable to
every trustworthiness aspect, since the
generic steps of creating a maturity target,
performing a maturity assessment, gap
analysis, and planning and executing
maturity enhancements are applicable to all
aspects of trustworthiness, repeated in a
Plan-Do-Check-Act cycle.
The model can be extended to
trustworthiness with the concepts of
comprehensiveness and scope applied to
trustworthiness, as well as extensions to the
model hierarchy for trustworthiness.
There are two approaches to extending the
IoT
Security
Maturity
Model
to
trustworthiness. One approach is to create
new profiles using the same principles as
industry and system specific profiles. Instead
of creating a profile to address an existing
Security Practice, a trustworthiness profile
may define a new practice including the four
levels of comprehensiveness, considerations
and success indicators for each. We presume
that initial trustworthiness profiles would
address the General scope, but as with
existing practices in the IoT Security Maturity
Model, this could also be extended by
industry groups to create industry or system
specific trustworthiness profiles. Another
approach would be to update the core IoT
There are many benefits of applying the IIC
IoT
Security
Maturity
Model
to
trustworthiness, including the benefits of
common training and understanding of the
maturity model and the possibility for
integrated gap analysis and presentation.
The model also helps with consistent tooling
and a unified and coherent approach
enabling consideration of maturity of
trustworthiness aspects, not just in isolation
but together. Collectively considering the full
scope of trustworthiness aspects can enable
better prioritization and investments than
when evaluated independently. For
6
The Industrial Internet of Things Volume G8: Vocabulary, IIC:PUB:G8:V2.1:PB:20180822, Version 2.1, August 2018, IIC.
https://www.iiconsortium.org/pdf/IIC_Vocab_Technical_Report_2.1.pdf
7
Triangle : the fire that changed America / by David Von Drehle. Atlantic Monthly Press, 2003.
- 106 -
IIC Journal of Innovation