Security Framework 7: IISF Functional Viewpoint
7 IISF FUNCTIONAL VIEWPOINT
7.1 SECURITY BUILDING BLOCKS
The functional viewpoint of the security framework comprises six interacting building blocks, as shown in Figure 7-1. They are organized into three layers. The top layer comprises the four core security functions: endpoint protection, communications and connectivity protection, security monitoring and analysis, and security configuration management. These four functions are supported by a data protection layer and a system-wide security model and policy layer. These three layers comprise the functional viewpoint of the industrial internet security framework.
Figure 7-1: Security Framework Functional Building Blocks
Endpoint protection implements defensive capabilities on devices at the edge and in the cloud. Primary concerns include physical security functions, cyber security techniques and an authoritative identity. Endpoint protection alone is insufficient, as the endpoints must communicate with each other, and communications may be a source of vulnerability.
Communications and connectivity protection uses the authoritative identity capability from endpoint protection to implement authentication and authorization of the traffic. Cryptographic techniques for integrity and confidentiality as well as information flow control techniques protect the communications and connectivity.
Once endpoints are protected and communications secured, the system state must be preserved throughout the operational lifecycle by security monitoring and analysis and controlled security configuration management for all components of the system.
These first four building blocks are supported by a common data protection function that extends from data-at-rest in the endpoints to data-in-motion in the communications. It also encompasses all the data gathered as part of monitoring and analysis function and all the system configuration and management data.
IIC: PUB: G4: V1.0: PB: 20160926- 46-