Securing the Industrial Internet of Things (IIoT) is a complex process that often exists in isolation and lacks consistent guidelines for implementation. The Industrial Internet Consortium (IIC) hopes to change that with the recently published Industrial Internet Security Framework (IISF).

The IISF emphasizes IIoT characteristics that help establish trustworthiness in IIoT systems. Image source: IICThe IISF emphasizes IIoT characteristics that help establish trustworthiness in IIoT systems. Image source: IICThe IISF emphasizes five IIoT characteristics — safety, reliability, resilience, security, and privacy — that help establish “trustworthiness” in IIoT systems. The framework also defines threats, metrics, and performance indicators with the goal of helping managers protect their organizations through well-designed risk assessments.

“Today, many industrial systems simply do not have adequate security in place,” says Richard Soley, IIC’s executive director, IIC. “In order to add security to an industrial system, you must make sure it won’t interfere with safety and reliability requirements.”

From a functional perspective, the IISF separates security evaluation into endpoint, communications, monitoring and configuration building blocks with subdivisions for each one. business and implementation perspectives also are considered in the framework.

Because IIoT security requires a multilayered approach, the IISF targets component builders, system builders, and the operational users.

To contact the author of this article, email engineering360editors@globalspec.com