Security Framework Contents
FIGURES
Figure 1-1: IIC Technical Publication Organization..................................................................................... 12 Figure 2-1: Convergence of IT and OT Trustworthiness............................................................................. 14 Figure 3-1: Trustworthiness of an IIoT System........................................................................................... 20 Figure 4-1: IT / OT Convergence................................................................................................................... 22 Figure 5-1 Trustworthiness Management Considerations......................................................................... 35 Figure 6-1: Permeation of Trust.................................................................................................................. 36 Figure 6-2: Trust Relationship between Actors.......................................................................................... 37 Figure 6-3: Trust Relationship between Component Builders.................................................................... 41 Figure 7-1: Security Framework Functional Building Blocks....................................................................... 46 Figure 7-2: Alignment of IISF, IIRA Functional and IIoT System Views....................................................... 48 Figure 7-3: Functional Breakdown for Endpoint Protection....................................................................... 49 Figure 7-4: Functional Breakdown for Communications and Connectivity Protection.............................. 51 Figure 7-5: Functional Breakdown for Security Monitoring and Analysis.................................................. 52 Figure 7-6: Functional Breakdown for Security Configuration and Management...................................... 54 Figure 7-7: Functional Breakdown for Data Protection.............................................................................. 55 Figure 7-8: Functional Breakdown for Security Model and Policy.............................................................. 57 Figure 8-1: Functional Breakdown for Endpoint Protection....................................................................... 60 Figure 8-2: Threat and Vulnerabilities to IIoT Endpoints............................................................................ 61 Figure 8-3: Example of Tokenization in a Medical Record.......................................................................... 74 Figure 8-4: Endpoint and Container Isolation Techniques.......................................................................... 77 Figure 8-5: Virtual Isolation......................................................................................................................... 79 Figure 9-1: Functional Breakdown for Communications and Connectivity Protection.............................. 82 Figure 9-2: Communication and Connectivity Layers................................................................................. 83 Figure 9-3: Example of IIoT core Communication & Connectivity Standards............................................. 85 Figure 9-4 Communications Channels between IIoT Endpoints................................................................. 86 Figure 9-5: Unidirectional Plant Historian Replication............................................................................... 91 Figure 9-6: A Reversible Unidirectional Gateway....................................................................................... 92 Figure 9-7: Protecting Legacy Endpoints and Communication Links Using Gateways............................... 95 Figure 10-1: Functional Breakdown for Security Monitoring and Analysis................................................ 96
IIC: PUB: G4: V1.0: PB: 20160926- vii-