INDUSTRIAL INTERNET SECURITY FRAMEWORK TECHNICAL REPORT
It is our pleasure to publish this collaborative work – a product of the collective cyber-security wisdom of our members from over 25 different organizations.
The evolution of the Internet of Things includes the emergence of smart electrical grids, connected healthcare devices and hospitals, intelligent transportation, smart factories and other cyber-physical systems. This collection of objects, devices and sensors connected via software solutions continues to grow into the billions. According to IDC research, the number of connected devices will exceed 30 billion by 2020! The resulting immense number of active and passive interconnected devices and associated data poses a complex security challenge.
Cyber-security is a threat that does not discriminate. As a result, enterprises large and small are at risk of being attacked from unexpected sources both inside and outside the system, whether intended or accidental. It represents a major threat to world safety and security. The Industrial Internet Consortium believes that addressing this challenge is critical to the success of the Industrial IoT, Industrie 4.0 and the Industrial Internet revolution. To that end, IIC members have developed a common security framework and an approach to assess cybersecurity in Industrial Internet of Things systems.
A true collaborative project in every sense of the word, The Industrial Internet Security Framework (IISF) is the most in-depth cross-industry-focused security framework comprising expert vision, experience and security best practices. It reflects thousands of hours of knowledge and experiences from security experts, collected, researched and evaluated for the benefit of all IIoT system deployments. Contributors dedicated their value time and expertise in authoring, editing and other ways. In particular, we would like to thank the following contributing member organizations:
- Sven Schrecker - Intel Corporation
- Hamed Soroush - Real-Time Innovations
- Jesus Molina - Fujitsu Limited
- Marcellus Buchheit - Wibu-Systems
- JP LeBlanc - Lynx Software Technologies
- Robert Martin - The MITRE Corporation
- Frederick Hirsch - Fujitsu Limited
- Andrew Ginter - Waterfall Security Solutions
- Harsha Banavara - Schneider Electric
- Shrinath Eswarahally - Infineon Technologies
- Kaveri Raman - AT&T
- Andrew King - University of Pennsylvania
- Qinqing (Christine) Zhang - Johns Hopkins University
- Peter MacKay - GE Wurldtech
- Brian Witten - Symantec
- Fujitsu Limited
- Hitachi, Ltd.
- Infineon Technologies AG
- Intel Corporation
- Johns Hopkins University
- AO Kaspersky Lab
- Lynx Software Technologies
- The Microsoft Corporation
- The MITRE Corporation
- Real-Time Innovations
- Schneider Electric
- University of Pennsylvania
- Waterfall Security Solutions
Podcast Description: This 10 minute interview with the co-chairs of the IIC Security Working Group describes the importance of securing the Industrial Internet and provides a brief overview of the Industrial Internet Consortium’s Security Framework.
- VIDEO: JTG5 Security Demonstration
- The presentation from "Securing IIoT Endpoints", a webinar highlighting the IISF, has now been made available on Slideshare.
- Check out Industrial Internet Security Framework FAQ page here.
- Have questions or comments about the Security Framework? Email the Industrial Internet Consortium technical staff here.
- To download the related Industrial Internet Reference Architecture Technical Report, click here.
- To read the related white paper on The Business Viewpoint of Securing the Industrial Internet, click here.