Industry IoT Consortium’s Trustworthiness framework foundations


In Episode S3E9 we depart from our normal format and interview four guests at once. The panel for this episode is made up of Karen Quatromoni, the Director of PR at Object Management Group, and three co-chairs of the Trustworthiness Task Group for the Industry IoT Consortium, they are:

Marcellus Buchheit – Co-founder and Chairman of the Board at WIBU-Systems.

Frederick Hirsch – An independent consultant in the area of trustworthiness and security.

Bob Martin – Leads the supply chain and security efforts within MITRE, a non-profit organization that runs federally funded research and development centers.

We discuss the business need and context for trustworthiness and how it relates to safety and security, what a trustworthy supply chain means and how companies can gain assurance of trustworthiness from their downstream partners, IICs Trustworthiness Framework, and more.

Please join us for this informative and relevant conversation around trustworthiness, safety, and security. 

Click the image below to listen to this episode on Brilliance Security Magazine Podcast.

Karen Quatromoni is responsible for media and analyst relations for all Object Management Group (OMG) Consortia. She strategizes and executes thought leadership campaigns that result in increased awareness and visibility of Consortia messages through media and analysts, executive speaking engagements at target events, and content in the Consortia’s online publications. Karen holds a bachelor’s degree in music composition from Berklee College of Music and a Master of Education from U. Mass Boston. She is also an accomplished jazz guitarist.

Marcellus Buchheit is co-founder and Chairman of the Board of WIBU-SYSTEMS AG in Karlsruhe, Germany. He currently serves as the President and CEO of Wibu-Systems USA Inc., located in Edmonds, WA where he resides.

Marcellus earned his Master of Science degree in computing science at the University of Karlsruhe, Germany in 1989. In the same year, he co-founded Wibu-Systems together with Oliver Winzenried. As the original architect of the company’s successful WibuKey, CodeMeter, and SmartShelter product lines, he is well known in his field for his expertise in designing innovative techniques to protect software against reverse-engineering, tampering, and debugging. The products he designed have never been cracked by hackers in multiple public global contests.

Marcellus is an active member of the Industrial Internet Consortium, where he is involved with security, trustworthiness, and monetization initiatives. He is one of the editors and authors of the Industrial Internet Security Framework document.

Frederick Hirsch is an independent consultant and serves as a co-chair of the Trustworthiness Task Group within the Industrial Internet Consortium (IIC). He is a co-author of the IIC IoT Trustworthiness Foundations Framework, the IIC IoT Security Maturity Model Practitioner’s Guide, and the IIC Industrial Internet Security Framework. He also has written numerous white papers and standards related to security, privacy, and web technologies. He has worked in many standards organizations, including OASIS, both as a Board member and technical contributor, as well as the W3C (in both chair and editor positions). He has a background in software development.

Bob Martin, leads supply chain security efforts within MITRE and with industry and is the elected chair of the Industrial Internet Consortium Steering Committee and co-chair of the Trustworthiness Task Group within the IIC. Bob created the community standard for software security weaknesses used globally as well as over 40 global standards addressing the interplay of enterprise risk management, cybersecurity, and critical infrastructure protection.


Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Instagram, and LinkedIn.