Towards the Evaluation of End-to-End Resilience Through External Consistency

“…Clédel et al [51] provided a framework to compare the resilience potential of different systems or configurations of the same system. The described model and metric cannot be used to determine if a system is resilient to a specific threat but it is used to determine if a system has more resilience potential than another one.…”

“…As a consequence, this concept of resilience implies the management of adversarial events. Other approaches (see, e.g., [42,48,49,51] ) do not represent events that could impact a system but focus on system' s capacities and potentials that are available to handle events. This way, the specific case of adversarial events can be considered without having to explicitly represent them.…”

“…However, more generic approaches do not always clearly describe what are system services and system performance. Only a few models (see, e.g., [51] ) provide a framework that makes the description of system services possible.…”

“…However, this kind of approach could be less pertinent if the threat is not well defined: its probability of occurrence is vague, its detection is uncertain, and its dynamic behavior, as well as the system response to this threat, are unclear. The authors of [48][49][50][51] suggested that assessing the resilience potential of a system could be more relevant than determining whether a system is resilient. Fuzzy logic is used by all four groups to describe this potential for resilience, but other approaches may be considered to assess resilience in a non-binary way.…”

Resilience properties and metrics: how far have we gone?

“…Clédel et al [51] provided a framework to compare the resilience potential of different systems or configurations of the same system. The described model and metric cannot be used to determine if a system is resilient to a specific threat but it is used to determine if a system has more resilience potential than another one.…”

“…As a consequence, this concept of resilience implies the management of adversarial events. Other approaches (see, e.g., [42,48,49,51] ) do not represent events that could impact a system but focus on system' s capacities and potentials that are available to handle events. This way, the specific case of adversarial events can be considered without having to explicitly represent them.…”

“…However, more generic approaches do not always clearly describe what are system services and system performance. Only a few models (see, e.g., [51] ) provide a framework that makes the description of system services possible.…”

“…However, this kind of approach could be less pertinent if the threat is not well defined: its probability of occurrence is vague, its detection is uncertain, and its dynamic behavior, as well as the system response to this threat, are unclear. The authors of [48][49][50][51] suggested that assessing the resilience potential of a system could be more relevant than determining whether a system is resilient. Fuzzy logic is used by all four groups to describe this potential for resilience, but other approaches may be considered to assess resilience in a non-binary way.…”

Resilience properties and metrics: how far have we gone?

“…For example, network virtualization helps provide defense in depth, while sensor redundancy helps provide faulttolerance. We use [3] to model deployments of these mechanisms in order to determine, and compare, their collective effectiveness at providing resilience in the testbed. For example, the rescue station is configured with weak credentials that allow an attacker to make a dictionary attack.…”

Science Hackathons for Cyberphysical System Security Research