Industrial Internet Security Framework v 1.0 | Page 82
Security Framework
9: Protecting Communications and Connectivity
9 PROTECTING COMMUNICATIONS AND CONNECTIVITY
The communications and connectivity function in Industrial Internet of Things systems supports
exchange of information among endpoints. It provides interoperable communications to
facilitate component integration. The level of protection required depends on the threats to such
information exchange. This information can be sensor updates, telemetry data, commands,
alarms, events, logs, status changes or configuration updates.
Figure 9-1: Functional Breakdown for Communications and Connectivity Protection
Historically, industrial systems have emphasized information flow protection over cryptographic
technologies. More recently, IIoT applications employ cryptographic controls such as those
applied at transport layer (e.g. TLS or DTLS) or middleware layer (e.g. DDS) 1. IIoT systems will
most likely use both classes of techniques, as each class of technology protects against different
set of network attacks.
These measures can only be effective if communication and connectivity are available, so risks
associated with denial of service attacks on networks should be assessed and controls put in
place. These controls include physical security, capacity planning, load balancing and caching.
Authorization techniques that enforce principle of least privilege and intrusion detection
techniques that alert or block offending connections also help.
1
See [IETF-RFC5246], [IETF-RFC6347] and [OMG-DDS]
IIC:PUB:G4:V1.0:PB:20160926
- 82 -