Connectivity Framework
4: Connectivity Framework Layer
• ensure data integrity and trustworthiness of the data delivery, so that received data is not tampered with while stored or in transit and
• selectively encrypt sensitive data flows.
This last point is important, since certain high volume data flows may not be sensitive enough to warrant the extra overhead of encrypting and decrypting the data. The decision to encrypt should be based on a risk-impact assessment.
The connectivity framework access-control-model should be sufficiently fine-grained to limit the permissions of each endpoint narrowly to the operations and services needed for performing their intended functions. This enables the application of the principle of least privilege that is essential to limit the consequence of security breaches and insider attacks.
The connectivity framework security mechanisms should provide secure logging and auditing capabilities to detect security attacks and assess their consequences.
For more details, please refer to the Industrial Internet Security Framework( IISF) 1. 4.1.12 API
IIoT systems involve multiple software components, developed by multiple parties over time, with a variety of programming languages. Therefore, IIoT software development requires an Application-Programming Interface( API) to support the design and implementation of application-specific data exchanges.
Some connectivity frameworks provide standardized APIs in various programming languages( e. g. C, C ++, C #, Java, Python, Lua, Javascript, and so on), to ease the portability of application code from one implementation to another and to decouple the application from the framework implementation. Others define a protocol interface, and let the implementers define the programming API. This makes it harder to switch implementations, but allows the APIs to be customized to taste.
4.1.13 GOVERNANCE
A connectivity framework should provide a means to configure, administer, and monitor its operation. These include all aspects of the connectivity framework functions, including data types, data quality of service, data security policies, resource management, and timing.
Some connectivity framework standards define the mechanisms for configuration, and administration. Others do not standardize on the mechanisms and leave it up to the implementations. Mechanisms may be file based or API based or both.
Monitoring is useful for diagnostics and troubleshooting of an operational IIoT system. It should be configurable to the desired level of detail. Connectivity framework standards may define the mechanisms for monitoring or may leave them up to the implementations.
1
See [ IIC-IISF2016 ] IIC: PUB: G5: V1.0: PB: 20170228- 32-