SlideShare a Scribd company logo

Iio t security std

P
Plantconnectiot

Industrial IoT Security standards and frameworks. Presented by Sujata Tilak, MD, Ascent Intellimation

Technology
1 of 21
Download to read offline
Industrial IoT Security Standards & Frameworks SACON, Pune Sujata Tilak, M.D., Ascent Intellimation; President, ISA Pune Section
The Industrial Internet The Industrial Internet is an internet of - things, machines, computers and people, enabling intelligent industrial operations using advanced data analytics for transformational business outcomes. Industrial domain is expected to be largest consumer of IoT devices and systems in terms of value
3 Industrial Ecosystem UbiquitousNetworkConnectivty Pervasive Sensing AdvanceComputing IIoT IIoT embodies convergence of −Operations Technology (OT) −Information Technology (IT) −Industrial Automation & Control Systems (IACS) −Networking and Communications Cyber Physical Nature
Why IIoT Security Standards  Industries will need to use diverse systems and equipment but everything will be integrated on smart factory floor  Legacy systems must be brought under implementation  Legacy approach was to create self sufficient and unconnected silos which now need to be integrated  Every weak link in the chain puts whole factory at RISK  Thus leaving security at the hands of individual IIoT implementers is suicidal
Why IIoT Security Standards STANDARDS AND FRAMEWORKS ARE THE ONLY WAY TO “SECURE” IIOT SYSTEMS “SECURITY”
• CIA triad – Confidentiality – Integrity – Availability • IIoT has two more requirements – Reliability / Resilience – Safety Cybersecurity Requirements
GOI - Draft Policy on Internet of Things 5.3.1 STANDARDS To facilitate global and national participation of industry and research bodies with relevant global Service Setting Organizations for promoting standards around IoT technologies developed in the country. To appoint relevant nodal organization for driving and formalizing globally acceptable standards relating to technology, process, interoperability and services Further a Discussion Group is formed for IoT Security Chaired by: Dr Ajay Kumar, Additional Secretary, Ministry of Electronics and IT Members from: 1. CERT-In 2. Various Companies 3. R & D and Educational institutes
ISA/IEC 62443-1 General Information and Definitions ISA/IEC 62443-2 Policy and Procedures ISA/IEC 62443-3 System Level Requirements ISA/IEC 62443-4 Component Level Requirements ISA / IEC 62443 Standards Image Source: Wikimedia Commons
Onsite / site specific Offsite develops control systems designs and deploys operates and maintains is the base for Control System as a combination of components Host devices Network components Applications Embedded devices 4-1 3-3 4-2 develops components Product Supplier System Integrator Asset Owner Service Provider Industrial Automation and Control System (IACS) + 2-4 3-2 2-1 2-4 Operational policies and procedures Automation solution Basic Process Control System (BPCS) Safety Instrumented System (SIS) Complementary Hardware and Software Maintenance policies and procedures 2-3 3-3 Application of Standard to IACS
IIoT Systems + Operational policies and procedures Automation solution Basic Process Control System (BPCS) Safety Instrumented System (SIS) Complementary Hardware and Software Maintenance policies and procedures Overlay IIoT Edge DevicesEdge DevicesEdge Devices Edge DevicesEdge DevicesGateways IIoT Server
IEC 62443-3-3 and IEC 62443-4-2 Control system capability security levels: SL-C are defined for following areas. In each area, 4 security levels are defined each level progressively advance 1. Identification and authentication control (IAC) 2. Use control (UC) 3. System integrity (SI) 4. Data confidentiality (DC) 5. Restricted data flow (RDF) 6. Timely response to events (TRE) 7. Resource availability (RA) 8. Application Requirements (ACR) 9. Embedded Device Requirements (EDR) 10. Host Device Requirements (HDR) 11. Network Device Requirements (NDR)
Industrial Internet Reference Architecture (IIRA) • Published by Industrial Internet Consortium, www.iiconsortium.org • Latest version, 1.8, published in Jan 2017 • First consolidated framework for IIoT • Objective is to build broad industry consensus to drive interoperability and simplify development of Industrial Internet systems • Safety, Security and Privacy is intrinsic part of the framework and is considered in every aspect
Industrial Internet Security Framework (IISF) • Published in Sept 2016 • Considers divergent views of IT and OT on – Safety – Security – Resilience • Goes beyond Security and looks at Trustworthiness of IIoT Systems • It encompasses - security, safety, reliability, resilience and privacy
Security Perspectives • Managing Risks • Business continuity • Trust • Reputation / IP • Investment Business Viewpoint • Confidentiality • Data integrity / security • Availability • Safety • Resilience • Performance Usage & Functional Viewpoint
Functional Viewpoint Blocks Source: IISF • Four core security functions • Data protection layer • Security model and policy layer
Endpoint Protection Source: IISF
Communication & Connectivity Protection Source: IISF
Data Protection Source: IISF
Implementation Viewpoint • Lists eight design principles for implementation of security capabilities in IIoT systems • For each item in Functional Viewpoint, describes – Security objectives – Architectural considerations – Security lifecycle – Threat vectors – Protection techniques / technologies – brownfield considerations
In a nutshell • IIoT is a huge paradigm shift for OT / Control Systems as well as IT • There are some peculiar security challenges • Security should be considered at design stage • However in large number of brown field installations, security has to be added later • Standards exist for control systems, but they do not consider combined IT + OT + CS impact • IISF is trying to fill this gap and doing a good job
Thank You! sujata.Tilak@aiplindia.com

Recommended

Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
Priyanka Aash
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
Forest Interactive
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
team-WIBU
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB
 
Cybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT NetworksCybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT Networks
Yokogawa1
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
Tonex
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
team-WIBU
 

Recommended

Industrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & FrameworksIndustrial IoT Security Standards & Frameworks
Industrial IoT Security Standards & Frameworks
Priyanka Aash
 
IoT Security Challenges
IoT Security ChallengesIoT Security Challenges
IoT Security Challenges
Forest Interactive
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
team-WIBU
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB
 
Cybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT NetworksCybersecurity for Field IIoT Networks
Cybersecurity for Field IIoT Networks
Yokogawa1
 
IoT security compliance checklist
IoT security compliance checklist IoT security compliance checklist
IoT security compliance checklist
PriyaNemade
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
Tonex
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
team-WIBU
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
majolic
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
Jiunn-Jer Sun
 
Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity Standards
Yokogawa1
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Cybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA NetworksCybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA Networks
George Wainblat
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
Intel® Software
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
Itex Solutions
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Sean R. Bouchard, P.Eng
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
amarprusty
 
Integrating of security activates in agile process
Integrating of security activates in agile processIntegrating of security activates in agile process
Integrating of security activates in agile process
Zubair Rahim
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
North Texas Chapter of the ISSA
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
Abdullahi Arabo Jr (MEng, MBCS, PhD)
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
Community Protection Forum
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) security
ericv83
 
Internet of Things Reference Architectures
Internet of Things Reference ArchitecturesInternet of Things Reference Architectures
Internet of Things Reference Architectures
SofoklisEfremidisAIT
 
Information Security Challenges & Opportunities
Information Security Challenges & OpportunitiesInformation Security Challenges & Opportunities
Information Security Challenges & Opportunities
Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
Usman Anjum
 
IoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR ProposalIoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR Proposal
Syam Madanapalli
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
Industrial Internet Consortium
 

More Related Content

What's hot

Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
majolic
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
Patricia M Watson
 
Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity Standards
Yokogawa1
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
Cybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA NetworksCybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA Networks
George Wainblat
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
North Texas Chapter of the ISSA
 

What's hot (20)

Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
 
Contributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity StandardsContributing to the Development and Application of Cybersecurity Standards
Contributing to the Development and Application of Cybersecurity Standards
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
 
Cybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA NetworksCybridge Secure Content Filter for SCADA Networks
Cybridge Secure Content Filter for SCADA Networks
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
 
Integrating of security activates in agile process
Integrating of security activates in agile processIntegrating of security activates in agile process
Integrating of security activates in agile process
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
CyberSecurity_for_the_IoT
CyberSecurity_for_the_IoTCyberSecurity_for_the_IoT
CyberSecurity_for_the_IoT
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) security
 
Internet of Things Reference Architectures
Internet of Things Reference ArchitecturesInternet of Things Reference Architectures
Internet of Things Reference Architectures
 
Information Security Challenges & Opportunities
Information Security Challenges & OpportunitiesInformation Security Challenges & Opportunities
Information Security Challenges & Opportunities
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 

Similar to Iio t security std

Reports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber SecurityReports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber Security
A. V. Rajabahadur
 
Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing
GlobalSign
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
IJECEIAES
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
John Kingsley
 
Metholodogies and Security Standards
Metholodogies and Security StandardsMetholodogies and Security Standards
Metholodogies and Security Standards
Conferencias FIST
 

Similar to Iio t security std (20)

IoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR ProposalIoT Security Assessment - IEEE PAR Proposal
IoT Security Assessment - IEEE PAR Proposal
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
 
Industry 4.0 Security
Industry 4.0 SecurityIndustry 4.0 Security
Industry 4.0 Security
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of things
 
Internet of Things Reference Architectures
Internet of Things Reference ArchitecturesInternet of Things Reference Architectures
Internet of Things Reference Architectures
 
PSOIOT-1151.pdf
PSOIOT-1151.pdfPSOIOT-1151.pdf
PSOIOT-1151.pdf
 
Reports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber SecurityReports on Industrial Control Systems’ Cyber Security
Reports on Industrial Control Systems’ Cyber Security
 
Securing the IoT Value Chain with AWS
Securing the IoT Value Chain with AWSSecuring the IoT Value Chain with AWS
Securing the IoT Value Chain with AWS
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_Infosecgirls
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DivideFrom IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity Divide
 
Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing Strong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Security Issues in IoT-Based Environments
Security Issues in IoT-Based EnvironmentsSecurity Issues in IoT-Based Environments
Security Issues in IoT-Based Environments
 
Certified Internet of Things Specialist ( CIoTS )
Certified Internet of Things Specialist ( CIoTS ) Certified Internet of Things Specialist ( CIoTS )
Certified Internet of Things Specialist ( CIoTS )
 
Security aspect of IOT.pptx
Security aspect of IOT.pptxSecurity aspect of IOT.pptx
Security aspect of IOT.pptx
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 AgendaiFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
iFluids Cybersecurity Seminar CIC Qatar 2018 Agenda
 
IRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of ThingsIRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of Things
 
15CS81- IoT- VTU- module 3
15CS81- IoT- VTU- module 315CS81- IoT- VTU- module 3
15CS81- IoT- VTU- module 3
 
Metholodogies and Security Standards
Metholodogies and Security StandardsMetholodogies and Security Standards
Metholodogies and Security Standards
 

Recently uploaded

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Recently uploaded (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

Iio t security std

  • 1. Industrial IoT Security Standards & Frameworks SACON, Pune Sujata Tilak, M.D., Ascent Intellimation; President, ISA Pune Section
  • 2. The Industrial Internet The Industrial Internet is an internet of - things, machines, computers and people, enabling intelligent industrial operations using advanced data analytics for transformational business outcomes. Industrial domain is expected to be largest consumer of IoT devices and systems in terms of value
  • 3. 3 Industrial Ecosystem UbiquitousNetworkConnectivty Pervasive Sensing AdvanceComputing IIoT IIoT embodies convergence of −Operations Technology (OT) −Information Technology (IT) −Industrial Automation & Control Systems (IACS) −Networking and Communications Cyber Physical Nature
  • 4. Why IIoT Security Standards  Industries will need to use diverse systems and equipment but everything will be integrated on smart factory floor  Legacy systems must be brought under implementation  Legacy approach was to create self sufficient and unconnected silos which now need to be integrated  Every weak link in the chain puts whole factory at RISK  Thus leaving security at the hands of individual IIoT implementers is suicidal
  • 5. Why IIoT Security Standards STANDARDS AND FRAMEWORKS ARE THE ONLY WAY TO “SECURE” IIOT SYSTEMS “SECURITY”
  • 6. • CIA triad – Confidentiality – Integrity – Availability • IIoT has two more requirements – Reliability / Resilience – Safety Cybersecurity Requirements
  • 7. GOI - Draft Policy on Internet of Things 5.3.1 STANDARDS To facilitate global and national participation of industry and research bodies with relevant global Service Setting Organizations for promoting standards around IoT technologies developed in the country. To appoint relevant nodal organization for driving and formalizing globally acceptable standards relating to technology, process, interoperability and services Further a Discussion Group is formed for IoT Security Chaired by: Dr Ajay Kumar, Additional Secretary, Ministry of Electronics and IT Members from: 1. CERT-In 2. Various Companies 3. R & D and Educational institutes
  • 8. ISA/IEC 62443-1 General Information and Definitions ISA/IEC 62443-2 Policy and Procedures ISA/IEC 62443-3 System Level Requirements ISA/IEC 62443-4 Component Level Requirements ISA / IEC 62443 Standards Image Source: Wikimedia Commons
  • 9. Onsite / site specific Offsite develops control systems designs and deploys operates and maintains is the base for Control System as a combination of components Host devices Network components Applications Embedded devices 4-1 3-3 4-2 develops components Product Supplier System Integrator Asset Owner Service Provider Industrial Automation and Control System (IACS) + 2-4 3-2 2-1 2-4 Operational policies and procedures Automation solution Basic Process Control System (BPCS) Safety Instrumented System (SIS) Complementary Hardware and Software Maintenance policies and procedures 2-3 3-3 Application of Standard to IACS
  • 10. IIoT Systems + Operational policies and procedures Automation solution Basic Process Control System (BPCS) Safety Instrumented System (SIS) Complementary Hardware and Software Maintenance policies and procedures Overlay IIoT Edge DevicesEdge DevicesEdge Devices Edge DevicesEdge DevicesGateways IIoT Server
  • 11. IEC 62443-3-3 and IEC 62443-4-2 Control system capability security levels: SL-C are defined for following areas. In each area, 4 security levels are defined each level progressively advance 1. Identification and authentication control (IAC) 2. Use control (UC) 3. System integrity (SI) 4. Data confidentiality (DC) 5. Restricted data flow (RDF) 6. Timely response to events (TRE) 7. Resource availability (RA) 8. Application Requirements (ACR) 9. Embedded Device Requirements (EDR) 10. Host Device Requirements (HDR) 11. Network Device Requirements (NDR)
  • 12. Industrial Internet Reference Architecture (IIRA) • Published by Industrial Internet Consortium, www.iiconsortium.org • Latest version, 1.8, published in Jan 2017 • First consolidated framework for IIoT • Objective is to build broad industry consensus to drive interoperability and simplify development of Industrial Internet systems • Safety, Security and Privacy is intrinsic part of the framework and is considered in every aspect
  • 13. Industrial Internet Security Framework (IISF) • Published in Sept 2016 • Considers divergent views of IT and OT on – Safety – Security – Resilience • Goes beyond Security and looks at Trustworthiness of IIoT Systems • It encompasses - security, safety, reliability, resilience and privacy
  • 14. Security Perspectives • Managing Risks • Business continuity • Trust • Reputation / IP • Investment Business Viewpoint • Confidentiality • Data integrity / security • Availability • Safety • Resilience • Performance Usage & Functional Viewpoint
  • 15. Functional Viewpoint Blocks Source: IISF • Four core security functions • Data protection layer • Security model and policy layer
  • 17. Communication & Connectivity Protection Source: IISF
  • 19. Implementation Viewpoint • Lists eight design principles for implementation of security capabilities in IIoT systems • For each item in Functional Viewpoint, describes – Security objectives – Architectural considerations – Security lifecycle – Threat vectors – Protection techniques / technologies – brownfield considerations
  • 20. In a nutshell • IIoT is a huge paradigm shift for OT / Control Systems as well as IT • There are some peculiar security challenges • Security should be considered at design stage • However in large number of brown field installations, security has to be added later • Standards exist for control systems, but they do not consider combined IT + OT + CS impact • IISF is trying to fill this gap and doing a good job