Industrial Internet Security Framework v 1.0 | Page 66
Security Framework
8: Protecting Endpoints
the existing business process with added security controls or false-positive security events.
Security controls should be loosely coupled to the industrial processes to minimize the
interdependencies between them.
The most common technique for implementing security quickly and effectively is to deploy a
security gateway that provides security capabilities to the devices behind it. Common
functionality includes:
Storing and managing identity on the gateway isolates the identities so they can be maintained
for each device behind the gateway. This may limit the number of devices that a single gateway
may manage.
Mutual authentication on behalf of devices behind the gateway with devices in front of the
gateway makes it appear that the brownfield device is capable of maintaining identity and
performing mutual authentication, even though the gateway is performing these tasks.
Authorizing network traffic to filter traffic down to only those flows that are explicitly allowed
between the two devices. This is a network whitelist of allowed communications; all others
should be logged and potentially blocked.
Confidentiality and integrity controls can encrypt the data for confidentiality or to sign the data
for integrity purposes.
Using a gateway is generally quicker and cheaper to implement than modifying the devices in the
environment. Gateways can be deployed relatively quickly to provide a consistent level of
security across all of the devices, and to manage the devices uniformly. Gateways can also
eliminate vendor-specific management inconsistencies between devices. This makes security
independent of the make, model and manufacturer of the device. Gateways provide networklevel security, but not the edge-device integrity and security that would provide fine-level control
and visibility. Gateways are an initial step to achieve a quick increase in security to a consistent
level. Later, device-level security capabilities such as runtime integrity controls can be added.
8.3
ENDPOINT PHYSICAL SECURITY
Endpoints are deployed in a broad range of environments with different security requirements
for protecting assets against theft, tampering, vandalism, or adverse effect from environmental
conditions. This protection may be integral to the endpoint (e.g. detection of changes to
hardware configuration) or provided as part of an enclosure encapsulating the endpoint (e.g.
protective rack enclosure for the device).
Physical access techniques are widely used in industrial systems to prevent unauthorized users
from physical contact with endpoints and communication devices. Examples include physical
perimeter security measures, such as doors and walls where access to unauthorized parties is
prevented with access control techniques (locks, biometrics, RFID cards) and monitored by
surveillance of the assets to be protected. Standards such as NIST SP 800-53 ‘Physical and
IIC:PUB:G4:V1.0:PB:20160926
- 66 -