Industrial Internet Security Framework v 1.0

Security Framework Contents

FIGURES

Figure 1-1 : IIC Technical Publication Organization ..................................................................................... 12 Figure 2-1 : Convergence of IT and OT Trustworthiness ............................................................................. 14 Figure 3-1 : Trustworthiness of an IIoT System ........................................................................................... 20 Figure 4-1 : IT / OT Convergence ................................................................................................................... 22 Figure 5-1 Trustworthiness Management Considerations ......................................................................... 35 Figure 6-1 : Permeation of Trust .................................................................................................................. 36 Figure 6-2 : Trust Relationship between Actors .......................................................................................... 37 Figure 6-3 : Trust Relationship between Component Builders .................................................................... 41 Figure 7-1 : Security Framework Functional Building Blocks ....................................................................... 46 Figure 7-2 : Alignment of IISF , IIRA Functional and IIoT System Views ....................................................... 48 Figure 7-3 : Functional Breakdown for Endpoint Protection ....................................................................... 49 Figure 7-4 : Functional Breakdown for Communications and Connectivity Protection .............................. 51 Figure 7-5 : Functional Breakdown for Security Monitoring and Analysis .................................................. 52 Figure 7-6 : Functional Breakdown for Security Configuration and Management ...................................... 54 Figure 7-7 : Functional Breakdown for Data Protection .............................................................................. 55 Figure 7-8 : Functional Breakdown for Security Model and Policy .............................................................. 57 Figure 8-1 : Functional Breakdown for Endpoint Protection ....................................................................... 60 Figure 8-2 : Threat and Vulnerabilities to IIoT Endpoints ............................................................................ 61 Figure 8-3 : Example of Tokenization in a Medical Record .......................................................................... 74 Figure 8-4 : Endpoint and Container Isolation Techniques .......................................................................... 77 Figure 8-5 : Virtual Isolation ......................................................................................................................... 79 Figure 9-1 : Functional Breakdown for Communications and Connectivity Protection .............................. 82 Figure 9-2 : Communication and Connectivity Layers ................................................................................. 83 Figure 9-3 : Example of IIoT core Communication & Connectivity Standards ............................................. 85 Figure 9-4 Communications Channels between IIoT Endpoints ................................................................. 86 Figure 9-5 : Unidirectional Plant Historian Replication ............................................................................... 91 Figure 9-6 : A Reversible Unidirectional Gateway ....................................................................................... 92 Figure 9-7 : Protecting Legacy Endpoints and Communication Links Using Gateways ............................... 95 Figure 10-1 : Functional Breakdown for Security Monitoring and Analysis ................................................ 96

IIC : PUB : G4 : V1.0 : PB : 20160926 - vii -

Industrial Internet Security Framework v 1.0 | Page 7