Industrial Internet Security Framework v 1.0 | Page 40
Security Framework
6: Permeation of Trust in the IIoT System Lifecycle
There are cases where the boundary between the roles is less distinct. Members of one role may
take on characteristics of an adjacent role. For example, some manufacturers may wish to
maintain control over and manage the devices they produce. Device management, security
management and predictive maintenance are example use cases where the manufacturer may
wish to play the role of the system builder, specifically the third party operational management
provider or the service publisher, in addition to the manufacturer role.
Similarly, some equipment owners and operators may wish to purchase directly from the
manufacturer and integrate the equipment directly into their environment. In that case, the
owner/operator is acting as the in-house system integrator, potentially even developing their
own solutions in-house.
6.3
TRUST AT COMPONENT BUILDER ROLES
Manufacturers and vendors develop technical components to sell as standard. They can be
adapted for specific usage, but this is the responsibility of the system builder. The deliverer of
the component is responsible for delivering th e capabilities that fulfill the anticipated and implicit
requirements over the lifecycle of the component. The receiver of the component is responsible
for assuring its trustworthiness at the next level of the trust hierarchy.
Trust must permeate down through all the components and their subcomponents, as shown in
Figure 6-3. Component builders must ensure that trust requirements are applied to each of the
subcomponents and their integration.
Hardware component builders must provide trust requirements and assure their compliance
down the chain through the decomposition of all the subcomponents. For example, the original
equipment manufacturer (OEM) delivering a controller is responsible for ensuring the trust of all
the components ranging from the microprocessor, memory, peripherals, power supply and
enclosure.
Some of these components might be delivered as integrated hardware and software
subcomponents. For an example, a device may be delivered with a board that integrates the
application processor, memory module, graphics process and integrate unified extensible
firmware interface (UEFI) firmware. 1 Once again, the component builder responsible for the
aggregated components is responsible for assuring compliance with the trust requirements.
1
See [UEFI]
IIC:PUB:G4:V1.0:PB:20160926
- 40 -