Industrial Internet Consortium
Industrial Internet Consortium Defines Trustworthiness for Cyber-Physical Systems
Ensuring safety, security, privacy, reliability, and resilience in the context of application, industry
BOSTON, MA – JULY 15, 2021 – The Industrial Internet Consortium® (IIC™) today published IIoT Trustworthiness Framework Foundations. This foundational document explains the key concepts and benefits of trustworthiness in context, relating it to the real-world supply chain and offering model approaches. Trustworthiness is essential to government and commercial organizations with cyber-physical systems impacting the safety and well-being of people and the environment. These systems include industrial control systems and almost all systems that use digital technology to sense or affect the environment.
"Trustworthiness, and confidence in that trustworthiness, are an essential aspect of cyber-physical systems," said Marcellus Buchheit, President & CEO, Wibu-Systems USA, a Co-Chair of the IIC Trustworthiness Task Group and one of the authors of the document. "Inattention to trustworthiness can lead to loss of human life, long-term environmental impacts, interruption of critical infrastructure, or other consequences such as disclosure of sensitive data, destruction of equipment, economic loss, and reputation damage," continued Buchheit.
The IIoT Trustworthiness Framework Foundations document defines trustworthiness as a combination of security, safety, reliability, resilience, and privacy and the tradeoffs made among them in the face of environmental disturbances, human errors, system faults, and attacks. Ultimately, trustworthiness depends on the strategic intent and motivation of an organization, particularly its top management, to create and operate systems that inspire trust by partners, customers, and other stakeholders, including the community.
"Trustworthiness is the degree of confidence one has that a system performs as expected. It requires an understanding of the system, including interactions and emergent properties," said Frederick Hirsch, Strategy Consultant, Upham Security, Co-Chair of the IIC Trustworthiness Task Group, and one of the authors of the foundational document. "In the digital world, trust and trustworthiness are achieved by understanding and addressing concerns related to the trustworthiness characteristics appropriately for the context of the entire system. Providing evidence of this can give others confidence."
IIoT stakeholders will make different decisions and tradeoffs depending on the nature and or industry of the system. "Concerns in a factory are not the same as those for a hospital operating room," said Bob Martin, Senior Principal Engineer, Cyber Solutions Innovation Center, The MITRE Corporation, Co-Chair of the IIC Trustworthiness Task Group, one of the authors of the document. "Designers must understand the many considerations involved in defining the appropriate trustworthiness implementation, including the supply chain, assembly, operation, and maintenance of a system."
The IIoT Trustworthiness Framework Foundations document builds on the Industrial Internet of Things Security Framework (IISF). It is part of the IIC's Industrial Internet Reference Architecture (IIRA), which provides an architectural framework of Industrial IoT Systems.
You can find IIoT Trustworthiness Framework Foundations and a list of IIC members who contributed to it here. Watch a short overview video. Register for the webinar, Ensuring Trustworthy Industrial Systems on September 1, 2021 at noon PST or 7:00 pm PST.
About Industrial Internet Consortium
The Industrial Internet Consortium is the world's leading organization transforming business and society by accelerating the Industrial Internet of Things (IIoT). The IIC delivers a trustworthy IIoT in which the world's systems and devices are securely connected and controlled to deliver transformational outcomes. The Industrial Internet Consortium is a program of the Object Management Group (OMG). For more information visit www.iiconsortium.org.
Note to editors: Industrial Internet Consortium is a registered trademark of OMG. For a listing of all OMG trademarks, visit https://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.