AW: IIC reference architecture from Pfaff, Oliver on 2015-06-23 (public-wot-ig@w3.org from June 2015)

From: Pfaff, Oliver <oliver.pfaff@siemens.com>
Date: Tue, 23 Jun 2015 11:17:55 +0000
To: "dsr@w3.org" <dsr@w3.org>, "public-wot-ig@w3.org" <public-wot-ig@w3.org>
Message-ID: <B842481327FC5344B501EC1921E8538E01326996@DEFTHW99EL2MSX.ww902.siemens.net>

For those interested in [IG-SP]: I was asked to digest the IIC Reference Architecture with respect to security and can share that:



The IIC problem statement (p. 18) is kind of cool (nothing presents a surprise, but good to have it explicitly spelled that way by the IIC):

·          Security of industrial control systems today often relies on physical security, the isolation of the systems and the obscurity of proprietary communication protocols. Industrial Internet Systems, on the other hand, are, by nature, connected and distributed. They continually exchange data; they are deeply integrated with enterprise systems; and they evolve over their lifetimes, converging with other IISs. Consequently, their attack surface is significantly larger than isolated industrial control systems.

·          IISs call for an integrated approach to security spanning the physical world (including direct observability), the network world (including preservation of rights to the use of data), and the business world (including property rights and rights to make contracts). They simply cannot treat security as a separate, add-on design concern.

The IIRA contents on security do frame the ‘security picture’ by elaborating on security definitions (what is what), requirements (what is needed) and use cases (what is to be provided). These considerations remain abstract. Actual mechanisms to achieve that are not considered (modulo sporadic remarks e.g. on p.59)

The IIRA announces a Security Reference Architecture document for the future (p.36). I'd expect that to drill things down to the mechanism level



Neat: the IIRA chapter 9 “Security, Trust and Privacy” provides checklists for the [IG-SP] work. We also have the aspects of “what is what”, “what is needed” and “what is to be provided”. We should make sure that [IG-SP] and IIRA security are consistent where possible (our problem space would probably be a superset: IIC is not really interested in IoT use cases related to consumer goods/personal things but WoT is covering capital goods/enterprise things)



Best regards,

Oliver



Von: Dave Raggett [mailto:dsr@w3.org]
Gesendet: Montag, 22. Juni 2015 20:23
An: Public Web of Things IG
Betreff: IIC reference architecture



The Industrial Internet Consortium (IIC)  has published their reference architecture which has lots of useful ideas:



    http://www.iiconsortium.org/IIRA




—

   Dave Raggett <dsr@w3.org<mailto:dsr@w3.org>>

Received on Tuesday, 23 June 2015 11:18:31 UTC