The Industrial Internet Consortium’s Security Working Group was created to develop a common security framework and a rigorous methodology to assess security in Industrial Internet Systems. This is a direct reflection of the high priority placed by Industrial Internet Consortium members on collaboratively building a safe, reliable and secure Industrial Internet.
A true collaborative project in every sense of the word, The Industrial Security Framework (IISF) is the most in-depth cross-industry-focused security framework comprising expert vision, experience and security best practices. The IISF, published in September 2016, is a comprehensive document, developed by international security experts from the Industrial Internet Consortium, which defines and provides guidance of IIoT security. The objectives of the IISF are to:
- Drive industry consensus
- Promote IIoT security best practices and
- Accelerate the adoption of those practices.
The IISF explains how security fits within the business of industrial operations, defines functional building blocks for addressing security concerns and provides guidance and practical techniques for IIoT security implementation. For answers to frequently asked questions about the IISF, click here.
The review process and suggested practices outlined in the framework will help to improve the protection of a wide range of industry verticals implementing Industrial Internet Systems, from smart cities to critical infrastructures.
The security framework is also a live reference for the different industrial evaluation testbeds hosted by the Industrial Internet Consortium. The Security Working Group is tasked with providing security & privacy guidance to the many testbed teams for the implementation of more mature security solutions.
To learn more about the Security Working Group’s approach to securing Industrial Internet Systems, click here for a summary.
Co-Chaired by Member Representatives from:
- Jesus Molina, Waterfall Security, @verifythentrust
- Sven Shrecker, LHP Engineering Solutions, @svenschrecker
TASK GROUPS
The Automotive Security Task Group seeks to engage with automotive and transportation verticals, focusing initially on the Connected Vehicles Task Group to provide guidance on topics related to trustworthiness, including safety, security, reliability, privacy, resilience and others. Chair: Sven Schrecker, LHP Engineering Solutions; Riaz Zolfonoon, RSA
The Security Applicability Task Group is focused on applying Industrial Internet Consortium Security and Trustworthiness to real world situations. Co-chair: Ron Zahavi, Microsoft; James Clardy, NetFoundry
The Testbed Security Task Group is responsible for applying the security best practices and processes defined within the Security Working Group documents to IIC testbeds. Co-Chairs: Jesus Molina, Waterfall Security; Vyacheslav Zolotnikov, Kaspersky Lab; Suresh Damodaran, The MITRE Corporation
The Trustworthiness Task Group explores aspects of trustworthiness relevant to the IIoT and the IIC's vision of an IIoT ecosystem. Trustworthiness is the degree of confidence one has that the system performs as expected with characteristics including safety, security, privacy, reliability and resilience in the face of environmental disruptions, human errors, system faults and attacks. Co-Chairs: Marcellus Buchheit, Wibu-Systems; Frederick Hirsch, Fujitsu; Bob Martin, The MITRE Corporation