Industrial Internet Security Framework v 1.0 | Page 50
Security Framework
7: IISF Functional Viewpoint
Endpoint Monitoring and Analysis includes integrity checking, detecting malicious usage
patterns, denial of service activities, enforcement of security policies and analytics that track
security performance indicators.
Endpoint Data Protection provides controls to preserve the integrity, confidentiality and
availability of its data.
Endpoint Security Model and Policy governs the implementation of security functions on the
endpoint.
Endpoint protection relies on Endpoint Physical Security and establishing the Endpoint Root of
Trust. The root of trust determines the confidence in the system and its identity, and ensures
integrity and access control to its resources. Once established, the endpoint state must be
maintained and tracked in accordance with the system model and policy.
Endpoint Monitoring & Analysis is responsible for ensuring the prevention, detection and
recovery from any activity deviant from policy, while Endpoint Configuration & Management
ensures that all changes made to the endpoints are performed in a controlled and managed
manner.
Endpoint Data Protection is responsible for protecting access and preventing tampering with
data-at-rest and data-in-use on the endpoint through encryption, isolation and access control.
Data protection spans all data on the endpoint, including configuration, monitoring, and
operational data.
The overall security of endpoint is defined in the security policy and enforced through the security
model for all controls.
7.4
COMMUNICATIONS AND CONNECTIVITY PROTECTION
Protection of communications and connectivity provides physical security of the endpoint
connectivity to the network, protecting Information Flow in the Network, and Cryptographic
Protection of communications between endpoints. These two functions, in the diagram below,
are supported by areas that traverse the four building blocks at the top layer: Network
Configuration & Management, Network Monitoring & Analysis, Communicating Endpoint
Protection, and Physical Security of Connections.
IIC:PUB:G4:V1.0:PB:20160926
- 50 -