Industrial Internet Consortium Announces Practitioner’s Guide for Assessing the Maturity of IoT System Security

Apr 14, 2019

The Industrial Internet Consortium, now incorporating OpenFog, announces the Security Maturity Model (SMM) Practitioner’s Guide, which provides detailed actionable guidance enabling IoT stakeholders to assess and manage the security maturity of IoT systems. Along with the publication of the SMM Practitioner’s Guide is an update to the IoT SMM: Description and Intended Use White Paper, which provides an introduction to the concepts and approach of the SMM. This white paper has been updated for consistency with the SMM Practitioner’s Guide, including revised diagrams and updated terminology.

As organizations connect their systems to the internet, they become vulnerable to new threats, and they are rightly concerned with security. Addressing these concerns requires investment, but determining investment focus and amount is a difficult business decision. The SMM helps by enabling a structured top-down approach toward setting goals as well as a means toward assessing the current security state, taking into account various specific practices. The SMM allows an organization to trade off investment against risk in a sensible manner.

Building on concepts identified in the IIC Industrial Internet Security Framework published in 2016, the SMM defines levels of security maturity for a company to achieve based on its security goals and objectives as well as its appetite for risk. Organizations may improve their security state by making continued security assessments and improvements over time, up to their required level.

“This is the first model of its kind to assess the maturity of organizations’ IoT systems in a way that includes governance, technology and system management,” said Stephen Mellor, CTO, IIC. “Other models address part of what is addressed by the SMM: they may address a particular industry, IoT but not security, or security but not IoT. The SMM covers all these aspects and points to parts of existing models, where appropriate, to recognize existing work and avoid duplication.”

The practitioner’s guide includes tables describing what must be done to reach a given security comprehensiveness for each security domain, subdomain and practice and can be extended to address specific industry or system scope needs. Following each table is an example using various industry use cases to demonstrate how an organization might use the table to pick a target state or to evaluate a current state.

One example is that of an automotive manufacturer considering the possible threats interfering with the operations of a vehicle key fob. The manufacturer sets its target maturity comprehensiveness level to “1” as it considers some IT threats, such as a Denial of Service attack that may prevent a driver from opening the car door using the key fob. Over time, as new threats emerge, the manufacturer realizes it needs additional threat modeling and enhanced practices so raises its target maturity comprehensiveness level to a higher level “2.”

The practitioner’s guide contains three case studies that show IoT stakeholders how to apply the process based on realistic assessments, showing how the SMM can be applied in practice. The case studies include a smarter data-driven bottling line, an automotive gateway supporting OTA updates and security cameras used in residential settings.

IOT SMM: PRACTITIONER’S GUIDE

The Practitioner’s Guide provides a pragmatic approach, enabling implementation teams to communicate an IoT system’s current state of security through confident discussions with business stakeholders about the desired state of security maturity, where gaps exist and a roadmap for achieving their goal. The Practitioner’s Guide describes how to reach a given security comprehensiveness for each security domain, subdomain and practice and can be extended to address specific industry or system scope needs. Various industry use case examples demonstrate how an organization might select a target state or evaluate a current state.

PRIMARY AUTHORS

Sandy Carielli – Entrust Datacard
Matthew Eble – Praetorian
Frederick Hirsch – Fujitsu
Ekaterina Rudina – Kaspersky Lab
Ron Zahavi – Microsoft Azure IoT

OTHER CONTRIBUTORS

Tata Consultancy Services / NetFoundry
Wibu-Systems

Go HERE to download the report

Latest Articles

Ideal Supply Tradeshow Successful in its Return to an In-Person Event

Ideal Supply returned to an in-person event for their annual trade show held this past week in Stratford, ON. The Welcome Back Tradeshow also featured a weeklong virtual portion to accommodate those that were unable to make the trip the Stratford Rotary Complex where the event was held.

Latest Articles | Featured

The National Electrical Trade Council Launches State of the Art Hoisting and Rigging Training in Ontario

Groundbreaking hoisting and rigging training is poised to be offered in Ontario International Brotherhood of Electrical Workers (IBEW) training centres following development of virtual reality training procured by the National Electrical Training Council (NETCO) and developed by Sudbury based NORCAT.

Latest Articles

Canada Electric Vehicle Scorecard: Ranking Provincial and Territorial Strategies, Policies & Investment

More and more Canadians are looking to switch to electric vehicles (EVs), whether to help the environment, say goodbye to unpredictable gas prices, or to enjoy an improved driving experience.

Latest Articles

Snapshot: 3-Phase Electrical Ltd.

Winnipeg-based 3-Phase Electrical prides themselves on the high calibre of work they produce and their attention to detail, always ensuring that all work is performed to the highest possible standards.

Latest Articles

STANDATA Variance: National Fire Code 2019, Alberta Edition

January 9, 2023 Municipal Affairs and the Safety Codes Council develop Alberta Fire Code STANDATA jointly. Some are issued as province-wide variances or interpretations. Others are information bulletins that provide general advice on related matters. New STANDATA are added on a regular basis. UPDATED December 16, 2022 Go HERE to view all the new STANDATA…

Latest Articles | Featured

Proposed Regulatory Amendments for Licensing of Electrical Contractors and Master Electricians Regulation

The MPBSD is proposing regulatory amendments to O.Reg. 570/05 (Licensing of Electrical Contractors and Master Electricians) to support the Electrical Safety Authority’s (ESA) initiative to modernize its licence renewal process for master electricians and licensed electrical contractors.

Latest Articles

Ideal Supply Tradeshow Successful in its Return to an In-Person Event

Latest Articles | Featured

The National Electrical Trade Council Launches State of the Art Hoisting and Rigging Training in Ontario

Latest Articles

Canada Electric Vehicle Scorecard: Ranking Provincial and Territorial Strategies, Policies & Investment

More and more Canadians are looking to switch to electric vehicles (EVs), whether to help the environment, say goodbye to unpredictable gas prices, or to enjoy an improved driving experience.

Latest Articles

Snapshot: 3-Phase Electrical Ltd.

Latest Articles

STANDATA Variance: National Fire Code 2019, Alberta Edition

Latest Articles | Featured

Proposed Regulatory Amendments for Licensing of Electrical Contractors and Master Electricians Regulation

Latest Articles

Ideal Supply Tradeshow Successful in its Return to an In-Person Event

Latest Articles | Featured

The National Electrical Trade Council Launches State of the Art Hoisting and Rigging Training in Ontario

Latest Articles

Canada Electric Vehicle Scorecard: Ranking Provincial and Territorial Strategies, Policies & Investment

More and more Canadians are looking to switch to electric vehicles (EVs), whether to help the environment, say goodbye to unpredictable gas prices, or to enjoy an improved driving experience.

Latest Articles

Snapshot: 3-Phase Electrical Ltd.

Latest Articles

STANDATA Variance: National Fire Code 2019, Alberta Edition

Latest Articles | Featured

Proposed Regulatory Amendments for Licensing of Electrical Contractors and Master Electricians Regulation

Latest Articles

Peerless Electric’s Journey: 86 Years of Canadian Manufacturing

July 4, 2025 The story of Peerless Electric begins in 1939, at the heart of Montreal, in a time of great global uncertainty. As the world edged toward war and economies struggled to recover from the Great Depression, a small group of innovators dared to dream big: to create lighting solutions that would stand the… Read More…
2025 Industry Research Reveals How to Thrive in a Shifting Electrical and Automation Landscape

July 4, 2025 EFC is proud to share its 2025 Industry Research report — a comprehensive look into the changing dynamics of the Canadian electrical and automation markets. This year’s report dives deep into the evolving expectations of customers as our industry navigates supply chain pressures, digital transformation, and sustainability demands. Based on input from… Read More…
The Growing Presence of Women in Quebec Construction Industry

July 4. 2025 The presence of women in the construction industry continues to grow in Quebec. In 2024, there were 7,885 women working in various trades. 3,589 Quebec contractors hired at least one woman on their construction sites, an all-time high. Of this number, nearly 480 companies operate in the electrical sector. The CMEQ salutes… Read More…
Celebrating 125 Years: Listen to the Story Behind EB Horsman & Son

July 4, 2025 EB Horsman & Son are proud to be celebrating 125 years in business. To mark the milestone, they recorded a special podcast that takes a look back at where they started, how far they’ve come, and the people and values that shaped the journey. Source Read More…

The Growing Presence of Women in Quebec Construction Industry

July 4, 2025
Celebrating 125 Years: Listen to the Story Behind EB Horsman & Son

July 4, 2025
Weidmüller Canada: Committed to Continued Innovation & Growth in Canadian Industry

June 30, 2025
Guide to the Canadian Electrical Code, Part 1[i] – A Road Map: Section 38

June 30, 2025
Doubling Pace of Construction over Next Decade Would Restore Housing Affordability to 2019 levels

June 30, 2025
Canada’s Construction Industry Gets Serious about Investing in Technology as Pressure Mounts to do More with Less

June 30, 2025

Changing Scene

Mac’s II Agencies Announce Addition to Project & Specification Sales Team

July 10, 2025 Mac’s II Agencies is pleased to announce that Drazen Jerkovic will be joining their Project & Specification Sales team in the Lighting Division later this fall. With over 25 years of experience in the lighting and electrical industry, Drazen is a highly respected consultant known for his technical knowledge and deep understanding of project delivery…. Read More…
Intralec Named New Sales Agency Partner for IDEAL Electrical in Central & Southwestern Ontario

July 7, 2025 Intralec Electrical Products is proud to announce our new partnership with IDEAL Electrical as their sales agency for the Central & Southwestern Ontario regions. As a Canadian manufacturer with over 60 years of experience producing quality products—many of which, like the Can-Twist wire connector and Yellow 77 lubricant, are made in Ajax,… Read More…
City of Winnipeg Continues to Improve Online Permits System

July 4, 2025 The City of Winnipeg has launched an improved Permits Online web portal. This upgrade aims to make the permit process more convenient for customers. Permits Online is a one-stop shop to manage the permit process. Now, the web portal is easier to use because customers can navigate it using their mobile device. The portal… Read More…
Schneider Electric Launches Chapter 3 of Sustainability School

July 4, 2025 Schneider Electric, the leader in the digital transformation of energy management and automation, has launched Chapter 3 of its online Sustainability School, a free training program designed to empower its channel ecosystem partners to become leaders in sustainability. This chapter will focus on teaching businesses how to decarbonize and unlock the competitive… Read More…

IOT SMM: PRACTITIONER’S GUIDE

PRIMARY AUTHORS

OTHER CONTRIBUTORS

Related Articles

Our Company

Customer Service

Subscribe to Our Brands…

Visit our Brand Sites…

Subscribe to our Free Weekly Digest