Extending the IIC IoT Security Maturity Model to Trustworthiness
Security Maturity Model itself . This would make sense when changes are generally applicable . Both approaches could be followed simultaneously .
APPLYING COMPREHENSIVENESS AND SCOPE TO TRUSTWORTHINESS
Both comprehensiveness and scope are widely applicable maturity model concepts that can be applied to all aspects of trustworthiness . For example , privacy by design and default within an entire organization is a different level of maturity than privacy considered only within a department of an organization . An in-depth privacy program taking into account medical-specific concerns is different than a generic program .
�
� trustworthiness aspects either support or detract from each other . Level 3 , Consistent . Trustworthiness is addressed systematically at this level with the application of methods , best practices and standards . This facilitates a consistent approach toward the implementation of required trustworthiness aspects , taking into account the complexity of the interactions . Metrics are used as appropriate . Level 4 , Formalized . Trustworthiness is supported at this level with assurance cases to establish confidence in the system for organization needs . Support for trustworthiness is continuously evaluated , improved and harmonized among the aspects .
The IoT Security Maturity Model concept of comprehensiveness levels can be enhanced for trustworthiness as follows :
�
�
Level 1 , Minimum . Trustworthiness can be addressed at this level by noting that general concerns related to trustworthiness aspects beyond security are considered . These aspects represent general concerns such as “ we need this equipment to be reliable , safe and to provide enough security features ,” “ we need for this component to be safe and have system resilience in the case of security attacks ” and “ we have to make the service secure and take care to protect privacy .” Level 2 , Ad hoc . Trustworthiness can be considered at this level with separate cases demonstrating how
Understanding and managing the interactions of trustworthiness aspects can be difficult . Stakeholders can identify the interactions of trustworthiness aspects by examining use cases . For example , updating the anti-malware databases on a SCADA server affects the continuous control process execution at a production line with a probable negative impact on process safety .
Scope can also be useful to understanding and managing the interaction of trustworthiness aspects , since it is about the industry or system specifics needed to make tradeoffs among trustworthiness aspects . The following considerations may help in revealing the interactions of trustworthiness aspects , to anticipate and mitigate undesirable interactions , and to take advantage of the aspects supporting each other :
September 2018 - 107 -