The Industrial Internet Consortium (IIC), the global, public-private organisation formed to accelerate adoption of the Industrial Internet of Things (IIoT), has published the Industrial Internet Security Framework (IISF), a common security framework that addresses security issues in IIoT systems.
The IISF framework emphasises the importance of five IIoT characteristics — safety, reliability, resilience, security and privacy — that help define what the IIC says are “trustworthiness” in IIoT systems. The publication also defines risk, assessments, threats, metrics and performance indicators to help business managers protect their organisations.
Dr Richard Soley, executive director, IIC, says IIoT security cannot be considered in isolation.
He says it comprises a complex set of industrial processes and applications as well as “significant safety and reliability requirements”.
{loadposition peter}“For example, although it is desirable to implement predictive maintenance capabilities in high-value electric power generation equipment, doing so may open the door to new threats. Adding security in this scenario can be challenging but without it, there could be serious consequences as a successful attack could cause injury, loss of life, or long-term damage to the environment.”
According to Dr Soley, today, many industrial systems simply do not have adequate security in place.
“The level of security found in the consumer Internet just won't do for the industrial Internet. In order to add security to an industrial system, you must make sure it won’t interfere with safety and reliability requirements. The IISF explores solutions to industrial problems that have plagued the industry for years. The IIC is also putting the IISF vision into practice in our testbed programme.”
The IISF delivers security from business, functional and implementation perspectives. It helps business managers within industrial organisations make informed decisions based on well-designed risk assessments.
“Ensuring a safe and secure digitally connected environment is at the heart of ABB’s Internet of Things, Services and People strategy, and we are pleased to work with the Industrial Internet Consortium on strategies and best practices that put cyber security into a business context and is based on an in-depth understanding of risk management,” said Markus Braendle, head of Cyber Security, ABB.
Greg Gorbach, vice-president, ARC Advisory Group, says every Industrial Internet of Things project must incorporate security throughout, “but doing it properly in an industrial setting means dealing with many levels and dimensions of complexity”.
"The IISF security framework provides a comprehensive approach to ensure that all the bases are covered so risk is minimised."
The IISF is available free of charge. For more information click here.