Market Research on IIoT Standard Compliance Monitoring Providers and deriving Attributes for IIoT Compliance Monitoring

Adapting security architectures to common standards like IEC 62443 or ISO 27000 in the Industrial Internet of Things (IIoT) involves complex processes and compliance reports. Automatic monitoring of compliance status would enhance this process. Despite limited research, practical applications exist. This paper conducts a market study on providers implementing IEC 62443 in IIoT, aiming to formulate a catalog of monitorable attributes aligned with the standard. The study reveals challenges, such as a lack of formal separation in security architectures, limiting visibility. Despite these challenges, practical implementations share commonalities, providing insights into viable monitoring properties. The research serves as a crucial entry point into developing a comprehensive catalog of monitorable attributes for IEC 62443 standards in IIoT. Aligned with the IEC 62443 SR catalog of document 3-3, monitorable attributes are derived based on current research about IIoT security and Expert Knowledge. The provided tables serve as an exemplary extract, not exhaustive, defining three types of attributes based on their origin of creation.