Security Framework
2: Motivation
critical infrastructure. With a geographically distributed IIoT system, care must be taken to ensure that disruption of an isolated system does not cascade to have global effects.
Organizations must take these risks seriously; they must use their expertise to make their IIoT systems trustworthy. The use of sensors and actuators in an industrial environment is not the typical Information Technology( IT) experience, nor are systems that span many organizations and organizational systems. IT and OT prioritize system characteristics differently. For example, resilience in IT is less important than in OT, and security is less important in OT than in IT, as illustrated in Figure 2-1. These characteristics interact with each other, and can conflict. In IIoT systems, these system characteristics must converge and be reconciled with each other into overall system trustworthiness.
Figure 2-1: Convergence of IT and OT Trustworthiness
IIoT organizations must place increased importance on safety and resilience beyond the levels expected in many traditional IT environments. IIoT systems may also have data flows that include intermediaries and involve multiple organizations, requiring more sophisticated security approaches than, for example, link encryption. Unfortunately, IT departments rarely speak the same language as those concerned with control systems and OT. The two perceive risk differently, and they cannot be combined for positive gain without a balanced consideration of their differing motivations.
The highest priority of many OT systems is safety: do not cause injury or death, do not put public at risk and protect the environment from harm. The second and third priorities are often quality of production and meeting production targets, which depend on the reliability and resilience of the system. Reliability and resilience are required to prevent the interruption of society-critical processes such as the electric grid, and to avoid idling machinery that represents large investments in physical infrastructure. Security aspects are considered in OT, but given that most systems are not connected it is mostly physical security.( Some industries, such as healthcare, must protect patient data.) Security concepts such as user-based access control applies less often in OT systems than they do in IT.
IIC: PUB: G4: V1.0: PB: 20160926- 14-