Industrial Internet Security Framework v 1.0 | Page 104

Security Framework 10: Security Monitoring and Analysis During the integration phase, when new modules are added, integrity metrics should be updated in a cryptographically secure way. All the configuration settings, initialization parameters and other user settings should be similarly updated. The configuration settings information should be encrypted with the unique key of the device in protected storage of the secure hardware that has countermeasures in place to prevent from attacks and tampering. Without appropriate controls, monitoring, and attestation capabilities, there are many stages in the supply chain where endpoint integrity cannot be assured and the endpoint should not be trusted. Creating attestation mechanisms for assessing the integrity of a device as it moves through the chain of custody stages enables trustworthiness measurements that would otherwise be absent. Device manufacturers must ensure integrity throughout the supply chain and lifecycle, and provide mechanisms to measure its integrity. Service providers must then ensure that overall systems can be attested to all the way down to the manufacturers integrity measurements. Equipment owner/operators should measure all the endpoints and services in their environment to attest to their integrity throughout their lifecycle. Only then can a system be trustworthy. IIC:PUB:G4:V1.0:PB:20160926 - 104 -