Industrial Internet Consortium’s guide to IIoT trustworthiness
IIC

Industrial Internet Consortium’s guide to IIoT trustworthiness

4 phases to manage trustworthiness in IIoT are covered in the new white paper.

Subscribe

Managing and Assessing Trustworthiness for IIoT in Practice” white paper is available from the Industrial Internet Consortium (IIC). The white paper, an introductory guide to trustworthiness in the Industrial Internet of Things (IIoT) – driven by the convergence of IT with OT – includes a definition of trustworthiness, examples, and a best-practice approach to managing trustworthiness in IIoT systems.

Confidence is essential to business, including confidence that consequences of decisions and processes are acceptable, and that business information is properly handled. The advent of IIoT means confidence is also required in technologies, physical components, and systems in addition to confidence in individuals, organizations, and processes.

“The fact is that it is possible to have too much trustworthiness,” notes Jim Morrish, co-chair of the IIC Business Strategy and Solution Lifecycle Working Group. “Trustworthiness costs, in terms of the costs of devices and associated software, and also often in terms of user experience and functionality.

The white paper’s best-practice approach to managing trustworthiness is comprised of four phases: baselining the system, analyzing potential trustworthiness events, implementing trustworthiness targets and governance, and iterating and maintaining the resulting trustworthiness model.

“This whitepaper demonstrates that trustworthiness is more than just another academic phrase to describe expectations of stakeholders, operators and users of an IIoT system,” says Marcellus Buchheit, president and CEO of Wibu-Systems USA, cofounder of Wibu-Systems AG in Germany and co-chair of the IIC Trustworthiness Task Group. “This paper presents several models that show how trustworthiness can be practically used in business decisions to increase trust in an IIoT system under the impact of business reality and constraints.”

The white paper also highlights that trustworthiness is not a static concept. “An IIoT system must address trustworthiness requirements throughout the lifecycle of the system. This means that industrial IoT trustworthiness is not a project with a finite start and a finite end. It is a journey that must be powered by an established program,” says Bassam Zarkout, founder of IGnPower and co-author of the paper.

“Security is already recognized as one of the most important considerations when designing an IIoT system,” notes Frederick Hirsch who is a standards manager at Fujitsu and co-chair of the IIC Trustworthiness Task Group. “This white paper expands on that thinking by recognizing that safety, privacy, reliability, and resilience need to be considered in conjunction with security to establish trust that IIoT systems will not only be functional but also will not harm people, the environment or society.”

The full IIC Managing and Assessing Trustworthiness for IIoT in Practice white paper and a list of IIC members who contributed can be found on the IIC website.