Security Working Group

The Industrial Internet Consortium’s Security Working Group

The Industrial Internet Consortium’s Security Working Group was created to develop a common security framework and a rigorous methodology to assess security in Industrial Internet Systems. This is a direct reflection of the high priority placed by Industrial Internet Consortium members on collaboratively delivering a trustworthy IIoT in which the world's systems and devices are securely connected and controlled to deliver transformational outcomes.

A true collaborative project in every sense of the word, the Industrial Internet Security Framework (IISF) is the most in-depth cross-industry-focused security framework comprising expert vision, experience and security best practices. The IISF is a comprehensive document, developed by international security experts from the Industrial Internet Consortium, which defines and provides guidance of IIoT security. The objectives of the IISF are to:

  • Drive industry consensus
  • Promote IIoT security best practices and
  • Accelerate the adoption of those practices.

The IISF explains how security fits within the business of industrial operations, defines functional building blocks for addressing security concerns and provides guidance and practical techniques for IIoT security implementation. For answers to frequently asked questions about the IISF, click here.

The review process and suggested practices outlined in the framework will help to improve the protection of a wide range of industry verticals implementing industrial internet systems, from smart cities to critical infrastructures.

The IISF is also a live reference for the different industrial evaluation testbeds hosted by the Industrial Internet Consortium. The Security Working Group is tasked with providing security & privacy guidance to the many testbed teams for the implementation of more mature security solutions.

Other essential work within the Security Working Group includes trustworthiness guidance and security maturity modeling. See the full list of security resources offered at left.


Co-Chaired by Member Representatives from:



The Industrial Distributed Ledger Task Group is responsible for the creation, maintenance and adoption of technical documents addressing industrial distributed ledger technologies. Co-chairs: Mike McBrideFutureweiXinxin FanIoTeX

The Security Applicability Task Group is focused on applying Industrial Internet Consortium Security and Trustworthiness to real world situations. Co-chair: Ron Zahavi, Microsoft

The Testbed Security Task Group is responsible for applying the security best practices and processes defined within the Security Working Group documents to IIC testbeds. Co-Chairs: Jesus Molina, Waterfall Security; Vyacheslav Zolotnikov, Kaspersky Lab; Suresh Damodaran, The MITRE Corporation

The Trustworthiness Task Group explores aspects of trustworthiness relevant to the IIoT and the IIC's vision of an IIoT ecosystem. Trustworthiness is the degree of confidence one has that the system performs as expected with characteristics including safety, security, privacy, reliability and resilience in the face of environmental disruptions, human errors, system faults and attacks. Co-Chairs: Marcellus Buchheit, Wibu-Systems; Frederick Hirsch, Fujitsu; Bob Martin, The MITRE Corporation