As we’ve mentioned before here at Trusted Computing Group, we have been working actively in the Industrial Internet Consortium on the development of its to-be-published security framework. According to a recent post from the IIC,
“…utilizing the Industrial Internet Reference Architecture (IIRA), published in 2015, the IIC Security Working Group has developed a framework that span all domains: Security Policy, Data Protection, Endpoints, Monitoring and Configuration Management.”
Trustworthy Industrial Systems
Jesus Molina, Security Consultant, Fujitsu & Co-chair IIC Security Working Group, notes as well, “…the creation of trustworthy industrial systems has evolved over time. At the beginning, the only key characteristic for the new machines was to work reliably, without breaking or exploding. Resiliency was added shortly thereafter, to shield the machines from unexpected problems. To this characteristic, safety was later added, to prevent the machine from harming the environment or the people around them. In the Industrial Internet two more key characteristics need to be added: security, so the system cannot be modified by cyber attacks; and privacy, so data collected cannot be misused by unintended parties.
Evolution of IIoT System Trustworthiness
As an example, think back to a time when the only goal of manufactured cars was simply not to break. Resilience features, such a rubber wheels were added later. Then, slowly, safety features were added, including headlamps, windshield wipers, seat belts, ABS brakes and airbags. Now, to improve safety and usability, new cars are getting networked, but in the process, security must be a requirement. Manufacturers need to prevent them from being hijacked by hackers and, respecting privacy, prevent location information and other communications from being disclosed.
Learn more here http://blog.iiconsortium.org/2016/06/the-challenge-of-securing-the-industrial-internet.html. TCG experts also are speaking at a number of events coming soon, including the Peggy Smedley IoT event, the Security of Things Forum, The IoT Solutions World Congress and more (http://www.trustedcomputinggroup.org/news-and-events/events/).
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.