Industrial Internet Security Framework v 1.0 | Page 104
Security Framework
10: Security Monitoring and Analysis
During the integration phase, when new modules are added, integrity metrics should be updated
in a cryptographically secure way. All the configuration settings, initialization parameters and
other user settings should be similarly updated. The configuration settings information should be
encrypted with the unique key of the device in protected storage of the secure hardware that
has countermeasures in place to prevent from attacks and tampering.
Without appropriate controls, monitoring, and attestation capabilities, there are many stages in
the supply chain where endpoint integrity cannot be assured and the endpoint should not be
trusted. Creating attestation mechanisms for assessing the integrity of a device as it moves
through the chain of custody stages enables trustworthiness measurements that would
otherwise be absent.
Device manufacturers must ensure integrity throughout the supply chain and lifecycle, and
provide mechanisms to measure its integrity. Service providers must then ensure that overall
systems can be attested to all the way down to the manufacturers integrity measurements.
Equipment owner/operators should measure all the endpoints and services in their environment
to attest to their integrity throughout their lifecycle. Only then can a system be trustworthy.
IIC:PUB:G4:V1.0:PB:20160926
- 104 -