Connectivity Framework
4 : Connectivity Framework Layer
• ensure data integrity and trustworthiness of the data delivery , so that received data is not tampered with while stored or in transit and
• selectively encrypt sensitive data flows .
This last point is important , since certain high volume data flows may not be sensitive enough to warrant the extra overhead of encrypting and decrypting the data . The decision to encrypt should be based on a risk-impact assessment .
The connectivity framework access-control-model should be sufficiently fine-grained to limit the permissions of each endpoint narrowly to the operations and services needed for performing their intended functions . This enables the application of the principle of least privilege that is essential to limit the consequence of security breaches and insider attacks .
The connectivity framework security mechanisms should provide secure logging and auditing capabilities to detect security attacks and assess their consequences .
For more details , please refer to the Industrial Internet Security Framework ( IISF ) 1 . 4.1.12 API
IIoT systems involve multiple software components , developed by multiple parties over time , with a variety of programming languages . Therefore , IIoT software development requires an Application-Programming Interface ( API ) to support the design and implementation of application-specific data exchanges .
Some connectivity frameworks provide standardized APIs in various programming languages ( e . g . C , C ++, C #, Java , Python , Lua , Javascript , and so on ), to ease the portability of application code from one implementation to another and to decouple the application from the framework implementation . Others define a protocol interface , and let the implementers define the programming API . This makes it harder to switch implementations , but allows the APIs to be customized to taste .
4.1.13 GOVERNANCE
A connectivity framework should provide a means to configure , administer , and monitor its operation . These include all aspects of the connectivity framework functions , including data types , data quality of service , data security policies , resource management , and timing .
Some connectivity framework standards define the mechanisms for configuration , and administration . Others do not standardize on the mechanisms and leave it up to the implementations . Mechanisms may be file based or API based or both .
Monitoring is useful for diagnostics and troubleshooting of an operational IIoT system . It should be configurable to the desired level of detail . Connectivity framework standards may define the mechanisms for monitoring or may leave them up to the implementations .
1
See [ IIC-IISF2016 ] IIC : PUB : G5 : V1.0 : PB : 20170228 - 32 -