Industrial Internet Security Framework v 1.0

Security Framework 9: Protecting Communications and Connectivity 9 PROTECTING COMMUNICATIONS AND CONNECTIVITY The communications and connectivity function in Industrial Internet of Things systems supports exchange of information among endpoints. It provides interoperable communications to facilitate component integration. The level of protection required depends on the threats to such information exchange. This information can be sensor updates, telemetry data, commands, alarms, events, logs, status changes or configuration updates. Figure 9-1: Functional Breakdown for Communications and Connectivity Protection Historically, industrial systems have emphasized information flow protection over cryptographic technologies. More recently, IIoT applications employ cryptographic controls such as those applied at transport layer (e.g. TLS or DTLS) or middleware layer (e.g. DDS) 1. IIoT systems will most likely use both classes of techniques, as each class of technology protects against different set of network attacks. These measures can only be effective if communication and connectivity are available, so risks associated with denial of service attacks on networks should be assessed and controls put in place. These controls include physical security, capacity planning, load balancing and caching. Authorization techniques that enforce principle of least privilege and intrusion detection techniques that alert or block offending connections also help. 1 See [IETF-RFC5246], [IETF-RFC6347] and [OMG-DDS] IIC:PUB:G4:V1.0:PB:20160926 - 82 -

Industrial Internet Security Framework v 1.0 | Page 82