Trust and the Industrial IoT

/by

They say that in business, it all comes down to trust. American author H. L. Mencken once wrote, “It is mutual trust, even more than mutual interest, that holds human associations together.” To succeed in life, we need to trust people. The same holds true for technology. To succeed in today’s world, we need to trust technology―from products like smart phones and cars to the tools and industrial processes that created them. To whatever extent that we trust technology, we apply it to improve our lives.

But just as there are some people we cannot trust, we should not blindly trust any technology that comes along. Some technologies are more trustworthy than others. So how can you know which ones are best? Take the Industrial IoT for example. Although it offers many benefits, engineers are justifiably cautious in adopting the various IoT technologies available, citing concerns for reliability and security.

Addressing this question, the Industrial Internet Consortium recently published a document titled Managing and Assessing Trustworthiness for IIoT in Practice. It defines trustworthiness as “the degree to which the system performs as expected” and to that end states, “Confidence comes from the assurance that several aspects of the system are under control: security of its data and of its equipment, safety for people and the community, protection of assets, privacy protection of data, reliability of operations and subsystems, and resilience of the system.”

Five Aspects of Trust

The document expands on this idea, locating within both OT (operational technology) and IT five basic aspects of trustworthiness: security, safety, privacy, reliability, and resilience. It shows how each of these may be more or less relevant to the requirements of OT or IT taken separately, and how they are all essential to any Industrial IoT solution. As we see it, this underscores the importance of a truly industrial approach to data communications:

  • Secure-by-design communications should not compromise in any way the security measures that are already in place in a production system. Indeed, the IoT system should measure up to those standards.
  • The safety of plant personnel should not be put into jeopardy as a result of connecting to the IoT.
  • Privacy of data has to be maintained, so that each connecting party gains access only to the information meant for them.
  • Reliability of data transfer must be ensured to the extent possible, given the fact that Internet connections are not 100% stable. Data protocols must be able to indicate the quality (trustworthiness) of the data at every moment so that clients can act accordingly.
  • Resilience of the connection, including the ability to optimize high-speed or low-speed connections over wide or narrow bandwidths, and to recover quickly and gracefully from an outage, keeps the data flowing in the best way possible.

“The network must be built with the expectation of heavy damage,” wrote Paul Baran, one of the developers of ARPANET, precursor to the Internet, back in 1964. So, too, should be the implementation of industrial data communications over the Internet of Things. As with personal relationships, it may be difficult to achieve 100% trustworthiness for this technology. But the value of any Industrial IoT system should be considered in light of how close it comes to that goal.