Industrial Internet Security Framework v 1.0

Security Framework 6: Permeation of Trust in the IIoT System Lifecycle system is limited to the delivered capabilities that depend on the specified requirements. This realization would quickly exclude such an abuse of the system. All capabilities of the IIoT system are finally delivered here and all trust in the system begins here. The system owner/operator carries the risk of the operational process. Any failures in the system trustworthiness, due to poor security, safety, reliability, resilience or privacy, will directly affect the owner/operator’s business. Failing in these assurances can threaten the existence of an owner/operator. History shows that most of the damage, lost revenue, litigation payments and responsibility for serious injury or death were assigned to the owner/operator because its trust into the delivery was too high and the requirements were not well-enough specified to hold the deliverer responsible. IIC:PUB:G4:V1.0:PB:20160926 - 44 -

Industrial Internet Security Framework v 1.0 | Page 44