Industrial Internet Security Framework v 1.0 | Page 45

Security Framework 6: Permeation of Trust in the IIoT System Lifecycle Part III: The Functional and Implementation Viewpoints An implementation of an Industrial Internet of Things (IIoT) system must provide end-to-end security from the edge to the cloud. This includes hardening of endpoint devices, protecting communications, managing and controlling policies and updates, and using analytics and remote access to manage and monitor the entire security process. Ideally, security and real-time situational awareness should span Information Technology (IT) and Operational Technology (OT) subsystems seamlessly without interfering with any operational business processes. Security must be built into the design and risks should be evaluated early, rather than trying to bolt-on security as an afterthought. But greenfield deployments using the most current and secure technologies are not always feasible. Since the average lifespan of an industrial system is currently 19 years 1, security technology must often be wrapped around an existing set of legacy systems that are difficult to change. In both greenfield and brownfield deployments, all affected parties—manufacturers, systems integrators and equipment owner/operators—must be engaged to create a more secure and reliable IIoT system. As there is no single “best way” to implement security and achieve adequately secure behavior, technological building blocks should support a defense-in-depth strategy that maps logical defensive levels to security tools and techniques. Due to the highly segregated nature of industrial systems, security implementation needs to be applied in multiple contexts. Multiple sub-networks and differing functional zones may have different operating technologies and security requirements. Security tools and techniques built for IT environments may not always be well suited for OT environments. IIoT systems may have constrained system resources that need to meet various requirements such as system safety and real-time execution. These factors may not allow implementing all security measures and controls to their fullest extent (as required by defense-in-depth strategy). The security program implementation considerations should take into account all the required functional and non-functional aspects of the system behavior, including their relative priorities. IIoT system security should rely on automation as much as possible, but people must be able to interact with the security implementation to monitor status, review analytics, make decisions when needed and plan modifications and improvements. Usable management and control systems may contribute to security by reducing operator errors. 1 See [NIST-800-82] IIC:PUB:G4:V1.0:PB:20160926 - 45 -