At the highest level, the Industrial Internet Consortium (IIC) testbed program exists to substantially impact the Industrial Internet of Things (IIoT) market. Testbeds serve as demonstration proof points of interoperability, architectural patterns, and technologies. This lets the IIC establish best practice examples for IIoT system implementers. The IIC does not seek testbeds that address minor applications; testbeds must deliver real technical acceleration with significant economic impact on success. Testbeds must answer real questions. They investigate or test technology, methods, or processes. Testbeds results are public within the IIC, thus feeding real experience back to the guidance and market efforts. They ensure that the IIC’s technical guidance really work. This enables the IIC to extend and prove thought and technology leadership across the IIoT.[i]
In February 2016, the IIC announced its first security assessment-focused testbed: The Security Claims Evaluation Testbed. IIC member companies are collaborating in this testbed to provide an open and highly configurable cybersecurity platform for evaluation of endpoint, gateway and other networked components’ security capabilities. Data sources might include industrial, automotive, medical and other related endpoints requested for secure operation analysis. To learn which organizations are collaborating on the Security Claims Testbed, please visit the Web page.
Since its announcement, the scope of the Security Claims Evaluation Testbed has encompassed best practices including those described in the Industrial Internet Security Framework (IISF) as aligned to the Industrial Internet Reference Architecture (IIRA), and has evolved to incorporate Industry 4.0 RAMI architectural considerations. This includes comprehensive security coverage from endpoint to gateway to cloud. Demonstrations of the Security Claims Evaluation Testbed highlighting these system topology areas of vulnerabilities have been demonstrated at both Embedded World and Hannover Messe.
Industry Impact and why you should get involved?
The Security Claims Evaluation Testbed provides a unique learning opportunity to evaluate security vulnerabilities at a device level as well as at a system level prior to large scale deployment across many key applications driving the IIoT / Industrie 4.0. By connecting their equipment to the testbed, IIC members and non-members are able to evaluate the security of their devices within two different scenarios: individually on a device level, or with a system of other endpoints, gateways, etc. Understanding the security of devices very early in product development can minimize delays for product launch. The testbed aims to enable manufacturers to improve the security posture of their products and verify alignment to the IISF prior to product launch to help accelerate time to market.
As in all the IIC testbeds, the Security Claims Evaluation Testbed is intended to provide an environment for companies and multi-disciplinary stakeholders to team up and bring solutions to life. Therefore, participation means assuming some level of risk. Risk taking is empowering and opens the door to new opportunities. Taking risks creates value and that is what venture capitalism is all about.
Join the free webinar offered by the IIC on Thursday, January 26th at 11:00am to hear Dan describe the results and lessons learned so far from the Security Claims Evaluation Testbed.