Industrial Internet Security Framework v 1.0 | Page 37

Security Framework

6: Permeation of Trust in the IIoT System Lifecycle

System owners and operators instigate the building of trust by specifying trust-related
requirements as part of the operational system requirements. These requirements are then
issued to the system builders as part of the system specification. System builders in turn break
them down into specific trust requirements for each of the components of the system.
Component builders respond to these requirements by delivering components that meet the
specified requirements.
Compliance of the delivered component capabilities to their specifications is a part of assurance
performed by the vendors prior to delivery, by system builders on receipt and probably by
(potentially independent) third-party agencies. System builders are responsible for integrating all
the assured components and assuring that together, they meet the specified requirements for
the integrated system. The delivered system capabilities are verified and assured in the
operational context by the owner/operator, or an independent third party.
Once operational assurance is achieved, trust is initiated in the system and permeates down from
the owner/operator to the component builders via the system builders.

Figure 6-2: Trust Relationship between Actors

Trust flows down from the owner/operator to all parts of the system but trust must be built from
the bottom up. Figure 6-2 also shows the case where the owner/operator may assign the overall
operation management of the system to a third party. Either way, the owner/operator is
responsible for ensuring the delivered system continues to deliver its business purpose while
meeting operational requirements and maintaining stated levels of trustworthiness.

IIC:PUB:G4:V1.0:PB:20160926

- 37 -