Industrial Internet Security Framework v 1.0 | Page 15

Security Framework
3 : Key System Characteristics Enabling Trustworthiness
On the other hand , security and privacy are important characteristics for most IT systems , together with reliability . Safety is rarely an issue , and resilience is reserved for specialized systems where business continuity is a motivating factor , for example for financial transactions .
This document offers a framework to balance the security-relevant considerations of the two different cultures , OT and IT . As each culture endeavors to create trustworthy systems that deal with their functional needs , environment , possible disruptions , system faults , human errors and attacks , the considerations need to be made explicit so that members of each can understand and appreciate the needs and motivations of the other .
3 KEY SYSTEM CHARACTERISTICS ENABLING TRUSTWORTHINESS
An Industrial Internet of Things ( IIoT ) system exhibits end-to-end characteristics that emerge as a result of the properties of its various components and the nature of their interactions . The five characteristics that most affect the trust decisions of an IIoT deployment are security , safety , reliability , resilience and privacy . These are referred to as key system characteristics . Others , for example , scalability , usability , maintainability , portability or composability may be important in general too but are not considered “ key ” in respect to trustworthiness . Each key system characteristic must be assured in its own way , but there are some common techniques .
3.1 ASSURANCE OF KEY SYSTEM CHARACTERISTICS
Assurance requires the collection and analysis of evidence that supports the design , construction , deployment and test of the system , and its activities in operation . The evidence must support the claim that the right mixture of innate system capabilities and compensating security controls to mitigate risks has been put in place .
Assurance includes risk analysis to identify hazards and prevent incidents or accidents . Risk , the effect of uncertainty on objectives , takes into consideration the likelihood of an event occurring along with the impact of that event if it were to occur . Rigorous product and system design , including design reviews and testing , intends to prevent faulty operations and improve system resilience to potential events identified in the risk analysis .
When making claims about what has been done to address specific attacks and weaknesses , public knowledge sources 1 should be used when possible so that discussion of these aspects can be grounded in common terminology and the same reference source ( s ).
Assurance cases structure the reasoning behind claimed security behavior , features or absence of vulnerability . They provide evidence about removal of weaknesses by means of protection mechanisms and security features , and provide arguments supporting claims that key system
1
Example of public sources include [ CWE ], [ CAPEC ], [ OWASP ], [ WASC ], [ ATT-CK ] and [ CVE ]
IIC : PUB : G4 : V1.0 : PB : 20160926 - 15 -