IoT Trustworthiness is a Journey and NOT a Project
Figure 6: IoT Trustworthiness Radar Diagram - source IIC Trustworthiness Task Group
The diagram in Figure 6 provides an example of the five IoT Trustworthiness characteristics (and
their states) for a particular system.
In this example, the Safety characteristic for this system already meets (in fact exceeds) the
Minimum requirements. Therefore, in principle, no efforts are required to improve safety, except
if necessary to meet the target state based on additional internally-defined and self-imposed
drivers and objectives (business and technical).
The remaining four characteristics (Security, Reliability, Resilience and Privacy) do not meet the
Minimum levels, and thus efforts are needed to make these system characteristics compliant
with the minimum requirements.
It is important to note that each of the trustworthiness characteristics will have its own set of
legal and regulatory requirements, standards, processes and best practices to comply with. Also
these requirements may be specific to vertical application and use cases.
Some interdependencies may exist between the five characteristics, which in turn may lead to
potential adverse effects; example, delaying Security updates in order to maintain Reliability
levels can be detrimental to Safety.
Another example is the recommendation by some standards such as IEC 61508 20 21 to separate
between Control and Safety systems. “The EUC (equipment under control) control system shall
20
21
www.iec.ch/functionalsafety/
https://www.iiconsortium.org/pdf/Industrial_Internet_of_Things_Volume_G2-Key_System_Concerns_2018_08_07.pdf
- IIC Industrial IoT - Key System Concerns G2 section 3
- 68 -
IIC Journal of Innovation