Security Working Group

The Industrial Internet Consortium’s Security Working Group


The Industrial Internet Consortium's Security Working Group was created to develop a common security framework and a rigorous methodology to assess and develop trustworthy Industrial Internet Systems.

This is a direct reflection of the high priority placed by Industrial Internet Consortium members on collaboratively delivering trustworthy and secure IIoT platforms that support digital transformation, smart manufacturing, digital twins, secure communications, and supply chain assurance.

The Security Working Group takes a collaborative approach to developing technical frameworks, industry best practices, and practical guidance to help industrial companies accelerate their adoption of IIoT. The objectives of the Security Working Group are to:

  1. Promote the importance of developing and implementing trustworthy IIoT systems
  2. Develop technical IIoT security frameworks and best practices
  3. Accelerate the adoption of secure IIoT


The Security Working Group has published numerous technical papers and introduced several programs to help our members assess and build secure IIoT systems. The group's efforts are closely coordinated with the broader IIC resources and activities.

A true collaborative project, the Industrial Internet Security Framework (IISF) is an in-depth cross-industry-focused security framework comprising expert vision, experience and security best practices. The IISF is a comprehensive document, developed by international security experts from the Industrial Internet Consortium that defines and provides guidance of IIoT security. The IISF explains how security fits within the business of industrial operations, defines functional building blocks for addressing security concerns, and provides guidance and practical techniques for IIoT security implementation. For answers to frequently asked questions about the IISF, click here.

The IoT Security Maturity Model (SMM) provides a path for organizations adopting IoT to know where they need to be and how to allocate resources appropriately in sensible security mechanisms that meet their needs and requirements. It identifies the appropriate approach for effective enhancement of security practices where needed.

The IISF is also a live reference for the different industrial evaluation testbeds hosted by the Industrial Internet Consortium. The Security Working Group is tasked with providing security and privacy guidance to the many testbed teams for the implementation of more mature security solutions.

Other essential work within the Security Working Group includes trustworthiness guidance and security maturity modeling.



The Industrial Internet Reference Architecture (IIRA) designates five key system characteristics to support a system's business purpose and to ensure that functions perform adequately without compromise. The five characteristics are: safety, security, reliability, resilience and privacy. A similar list of "dimensions" was created in 1999 by the Committee on Information Systems Trustworthiness to describe the trustworthiness of networked information systems (NIS). In early 2016, IIC adapted the term to its own list of five characteristics, defining the core of trustworthiness. Contemporaneously, NIST also reintroduced the term based on the same characteristics. In addition to the trustworthiness characteristics, IIC also specified four groups of threats that endanger a trustworthy system, which resulted in the following definition:

"Trustworthiness is the degree of confidence one has that the system performs as expected. Characteristics include safety, security, privacy, reliability and resilience in the face of environmental disturbances, human errors, system faults and attacks." These five characteristics are trustworthiness characteristics. There are four classes of trustworthiness threats: environmental disturbances, attacks, human errors and system faults. 

The IIC has worked to develop an understanding, model and best practices related to trustworthiness. Join us to gain an intimate understanding of these elements of trustworthiness.

The Security Working Group is co-chaired by member representatives from:

Check out these IIC security initiatives:

Security Claims Evaluation Testbeds
Testbeds Live
Webinar: Get a True Sense of Security Maturity

Interested in learning more about the IIC's activities and commitment to cybersecurity and trustworthiness? Stay informed by subscribing to our newsletter or emailing us.

Keep me Informed   Email Us