Industrial Internet Security Framework v 1.0 | Page 140
Security Framework
Objective: Integrity
Integrity for roots of
trust
Integrity of endpoint
identity
Hardware integrity
Endpoint
integrity
Software integrity
Annex C: Security Capabilities and Techniques Tables
Example Technique/Process
Protected key store
Identity certificate signed by
trusted certificate authority
Side channel measurements;
silicon scanning
Example Requirements
Integrity of protected storage for key
management
Trusted public-key infrastructure
Open, standards-based specification
Code signing
Trusted public-key infrastructure
Secure software
development;
Risk-based security testing;
Static analysis
Secure software development
methodology
Boot process integrity
Secure patch management
Runtime integrity
Runtime verification
Integrity of
data-at-rest
MACs, hashes/digests;
Digital Signatures
Trusted hardware manufacturer;
Hardware security module or proprietary
implementation of hardware backed
cryptographic boot protection;
Standardized OS firmware interface
(e.g. UEFI)
Patch management plan
Code execution modeling,
instrumentation and monitoring
Securely generated,
distributed and maintained keys;
Standardized and up-to-date algorithms
Integrity of communications
Mutual authentication
between endpoints;
use of MACs and/or digital
signatures during
communication
Securely generated,
distributed and maintained keys;
Standardized and up-to-date algorithms
for mutual authentication and
message exchange integrity
Integrity of management and
monitoring operations
Authentication of
management and monitoring
assets (including workforce);
Integrity verification of asset
changes, asset monitoring
solutions and asset Updates;
Maintaining integrity of logs
and reports
Endpoint integrity for
management and monitoring;
Communication integrity for monitoring,
logging and management of assets;
Security procedures for managing
management and monitoring operations;
Integrity of analytical algorithms;
Integrity of audit or audit path
Holistic assessment of data
integrity in its lifecycle across
the entire IIoT system
Endpoint, communication, monitoring
and management integrity in system
segments
Architectural integrity
evaluation
Holistic security evaluation methodology;
Domain-specific expertise
Enforcing principle of least
privilege;
Access control
Granular access control policies
Integrity of data-inmotion
Architectural
integrity
Mutual impact of
integrity controls on
other key system
characteristics
Mitigating impact of
both insider and
outsider attacks on
system integrity
Table C-2: Techniques and Processes for Enabling System Integrity
Table C-2 lists techniques and processes that aim at realizing integrity requirements in IIoT
systems. Integrity requirements could be categorized into those aiming at:
•
integrity of endpoints,
IIC:PUB:G4:V1.0:PB:20160926
- 140 -