Industrial Internet Security Framework v 1.0

Security Framework 7: IISF Functional Viewpoint Figure 7-8: Functional Breakdown for Security Model and Policy The key functions provided in security model and policy are as follows: • • • • • • • System Threat Analysis function is responsible for performing the iterative and continuous process of identifying the threat capabilities, the threat’s possible access to the system and assessing the systems vulnerability to attack. System Security Objectives building block is responsible for setting the security objectives of the system in terms of the confidentiality, integrity, availability and accountability requirements for the system. These objectives serve to guide in the creation of the specific security policy for the IIoT system. Security Policy for the system is the living document that defines the processes, rules, security measures and controls to be enforced throughout the IIoT system. Security Model is the function that provides formal representation for specifying and enforcing the security policies for the IIoT system. Data Protection Security P

Industrial Internet Security Framework v 1.0 | Page 57