At the 2018 ARC Industry Forum, cybersecurity was the focus of the Monday sessions. In a session, IIoT Cybersecurity Frameworks & Standards, Emerson’s Eric Braun joined a panel with other industry participants.

Here was the session description:

The Industrial Internet of Things (IIoT) spans a wide range of products used to control and monitor industrial systems. This includes traditional equipment like PLCs and DCS systems as well as the many new sensors being added to facilities to collect information that will enable significant improvement in plant performance.

This session will include brief presentations by representatives from various groups involved in developing IIoT standards and validating conformance. Presentations will be followed by a panel discussion where session attendees will be invited to offer their input and discuss their own issues/concerns.

This information will be of benefit to owner-operators, suppliers, and researchers involved with the cybersecurity of Industrial Internet of Things.

ARC Advisory Group’s Sid Snitkin moderated the panel. He opened describing the close coupling of concerns around IIoT and cybersecurity. IIoT includes both the things and the open environment for connectivity of these things with other applications. Security extends past the environment to the supply chain for the technology components and all the processes surrounding it.

Andre Ristaino is the managing director of the ISASecure control systems certification program (IEC 62443). Ken Modeste of UL described how to measure security in terms of component security, service supplier evaluations, implementation, vendor evaluations and system security.

Eric described how WirelessHART technology based on mesh networking to connect plant floor sensors and devices with control and asset management systems via gateways. Eric described the ISA-62443/IEC 62442 standards and his role on the committee on advancing them. Eric described an initiative from the standards committee to look at IIoT devices to see what issues they introduce that the current series of cybersecurity standards do not address.

Dale Nordenberg, with the Medical Device Innovation, Safety, and Security Consortium (MDISS) has focused his career on innovation at the intersection of technology and health sciences to optimize health and business outcomes. There were many questions sent to Dale about medical devices and the need for a greater focus on cybersecurity given their significant role.

The cybersecurity standards efforts continue to advance to address the challenges of continuing technology innovations.