IoT Trustworthiness is a Journey and NOT a Project
with segment [1] - [2a], the ROI may not be the primary concern. However with appropriate
planning, the organization can ensure that point [3b] is reached in the most effective and cost-
efficient manner.
Cruise to End of Life (EoL)… [3b] - [3c]
In the example depicted in Figure 7, the organization should set trustworthiness level [3b] in such
a way to cater to the expected fluctuations and decay in trustworthiness levels over time. This is
represented in the diagram by the slow downwards slope of the red line. The organization should
also cater to future potential increases in trustworthiness requirements [2c]:
This would allow the journey to continue in cruise mode all the way to the EoL point
The organization must also monitor the level of decay in trustworthiness and position
itself to intervene tactically to mitigate and redress such decay
Depending on the nature of the system, the decommissioning of the system may require
specific requirements
The ROI and costs efficiency calculations must take into consideration the overall trustworthiness
efforts throughout the lifecycle and the agility with which the organization can intervene to
address unexpected hurdles along the journey path.
I O T T RUSTWORTHINESS P ROGRAMS
As stated earlier, IoT Trustworthiness is NOT a project. It is a journey that is piloted by a Program.
The IoT Trustworthiness Program is a framework for organizing, directing, implementing and
maintaining Trustworthiness of an IoT System throughout its lifecycle, and in accordance with
established Corporate Business Objectives. The domain and discipline of IoT Trustworthiness is
emerging and it can be characterized with the following:
Levels of awareness and maturity about trustworthiness are emerging
Discipline requires the involvement of multiple groups in the organization
Technical complexities are involved: IT, OT, Operation, Safety, Design, etc.
Underdeveloped execution strategy
Lack of effective executive sponsorship… who is in charge
Upon the initiation of such a program (point [1] in Figure 7), the organization must establish a
top-down view for the program as well as a bottom-up perspective, as depicted in Figure 8:
September 2018
- 71 -