The Industrial Internet Consortium (IIC), an organization for accelerating the adoption of the Industrial Internet of Things (IIoT), recently announced the publication of its Software Trustworthiness Best Practices Whitepaper. Written for developers, owner-operators and decision makers, the whitepaper addresses various aspects of creating, acquiring and protecting software for IIoT systems. It also reportedly provides practical and actionable best practices for recognizing, addressing, managing and mitigating risks and their sources, and includes numerous use cases.
“You cannot talk about the trustworthiness of today's systems without an in-depth understanding of the trustworthiness of the software in these systems,” said Mark Hermeling, one of the authors of the whitepaper and Senior Director, Product Marketing, GrammaTech (News - Alert). “This paper concisely lays out the topics to consider when reasoning about the trustworthiness of software, during the entire lifecycle of the system, from inception to disposal.”
“Systems depend on software to function in potentially hostile environments that are inherently untrustworthy,” said Simon Rix, one of the authors of the whitepaper, and Security Evangelist at Irdeto (News - Alert). “As a security practitioner, I like the practical nature of this whitepaper as it presents techniques and methodologies to ensure that software is protected and not a target of attacks, thereby enabling successful business objectives in hostile, untrustworthy environments.”
“Software is an essential part of almost all modern systems,” said Frederick Hirsch of Fujitsu (News - Alert), co-chair of the IIC Trustworthiness Task Group and another one of the authors of the whitepaper. “Ensuring that software is trustworthy is essential to assuring the trustworthiness of these systems, to make them appropriately secure, safe, reliable, resilient and privacy protecting.”
“The specific aspects of trustworthiness in a system depend on the system, the industry and the consequences of failure,” said Marcellus Buchheit, another author of the whitepaper, co-chair of the IIC Trustworthiness Task Group, President & CEO, Wibu-Systems. “Confidence is not only dependent on the quality of the software itself but also on an organization and its processes. If you want to convince others that your software should be trusted, you must be transparent, providing concrete evidence of best practices.”
“This new whitepaper addresses the critical and often misunderstood aspects of creating trustworthy systems,” said Bob Martin (News - Alert), one of the authors of the whitepaper, co-chair of the IIC Trustworthiness Task Group, member of the IIC Steering Committee and Senior Principal Engineer from MITRE's Trust & Assurance Cyber Technologies Department. “It will help anyone who uses software and systems to create, buy, operate and maintain them in a trustworthy manner.”