Industrial Internet Security Framework v 1.0 | Page 45
Security Framework
6: Permeation of Trust in the IIoT System Lifecycle
Part III: The Functional and Implementation Viewpoints
An implementation of an Industrial Internet of Things (IIoT) system must provide end-to-end
security from the edge to the cloud. This includes hardening of endpoint devices, protecting
communications, managing and controlling policies and updates, and using analytics and remote
access to manage and monitor the entire security process.
Ideally, security and real-time situational awareness should span Information Technology (IT) and
Operational Technology (OT) subsystems seamlessly without interfering with any operational
business processes. Security must be built into the design and risks should be evaluated early,
rather than trying to bolt-on security as an afterthought.
But greenfield deployments using the most current and secure technologies are not always
feasible. Since the average lifespan of an industrial system is currently 19 years 1, security
technology must often be wrapped around an existing set of legacy systems that are difficult to
change. In both greenfield and brownfield deployments, all affected parties—manufacturers,
systems integrators and equipment owner/operators—must be engaged to create a more secure
and reliable IIoT system.
As there is no single “best way” to implement security and achieve adequately secure behavior,
technological building blocks should support a defense-in-depth strategy that maps logical
defensive levels to security tools and techniques. Due to the highly segregated nature of
industrial systems, security implementation needs to be applied in multiple contexts. Multiple
sub-networks and differing functional zones may have different operating technologies and
security requirements. Security tools and techniques built for IT environments may not always
be well suited for OT environments.
IIoT systems may have constrained system resources that need to meet various requirements
such as system safety and real-time execution. These factors may not allow implementing all
security measures and controls to their fullest extent (as required by defense-in-depth strategy).
The security program implementation considerations should take into account all the required
functional and non-functional aspects of the system behavior, including their relative priorities.
IIoT system security should rely on automation as much as possible, but people must be able to
interact with the security implementation to monitor status, review analytics, make decisions
when needed and plan modifications and improvements. Usable management and control
systems may contribute to security by reducing operator errors.
1
See [NIST-800-82]
IIC:PUB:G4:V1.0:PB:20160926
- 45 -