IIC Journal of Innovation 9th Edition | Page 67

IoT Trustworthiness is a Journey and NOT a Project I NTRODUCTION Confidence that an IoT system will operate in conformance with requirements 1 results from assurance that several characteristics of the system are compliant with these requirements despite environmental disturbances, human errors, system faults and attacks. These characteristics – security, safety, reliability, resilience and privacy – have been identified by ISO/IEC (JTC SC41) 23 , National Institute of Standards and Technology (NIST) 4 and the Industrial Internet Consortium (IIC) (Industrial Internet Security Framework (IISF), Section 3) 5 as defining trustworthiness 6 of a system. These characteristics manifest themselves in operational, organizational, commercial, budgetary, architectural and security areas. Figure 1: IoT Trustworthiness - IIC Industrial Internet Security Framework - source IIC IISF An IoT system is trustworthy if it meets the minimum requirements for security, safety, reliability, resilience and privacy, as defined by laws, regulations, standards and industry best-practices. The OSHA 29 CFR 1910 is an example of such regulation 7 . In a sense, IoT Trustworthiness is a binary function. 1 2 3 4 5 6 7 Example business objectives, design objectives, risk management objectives, legal and regulatory requirements, standards, industry best practices, etc. www.iec.ch/dyn/www/f?p=103:30:31458742125318::::FSP_ORG_ID,FSP_LANG_ID:20486,25 www.itu.int/en/ITU-T/Workshops-and-Seminars/20180604/Documents/Francois_Coallier_P_V2.pdf www.nist.gov/news-events/events/2016/08/exploring-dimensions-trustworthiness-challenges-and-opportunities www.iiconsortium.org/IISF.htm www.iiconsortium.org/vocab/index.htm - definition of IoT Trustworthiness www.osha.gov/laws-regs/regulations/standardnumber/1910 - 62 - IIC Journal of Innovation