ABSTRACT
The more services and functionalities are expected from contemporary systems, the more difficult it is to protect every part of them, to secure every access point or to watch on every connection and message. It is currently considered that security is less and less likely to be flawless and that some part or sub-system can fail or be under attack. In this case, what matters is the impact, not only on the affected part but on the whole system, of the failure or the attack. Resilience is the key property that describes systems' ability to handle these situations but only few metrics exist to evaluate systems' resilience. Some among them aim at predicting systems' resilience by considering systems' configurations and compositions, without considering a specific threat. However this kind of approach can be biased for some systems' configurations because of inaccuracies in the resilience evaluation model. One of these inaccuracies, called the double counting problem, is described in this article and a solution is given to limit its impact on the evaluation of resilience.
- Mohamed Al-Kuwaiti, Nicholas Kyriakopoulos, and Sayed Hussein. 2009. A comparative analysis of network dependability, fault-tolerance, reliability, security, and survivability. IEEE Communications Surveys & Tutorials 11, 2 (2009), 106--124. Google ScholarDigital Library
- Reza Arghandeh, Alexandra von Meier, Laura Mehrmanesh, and Lamine Mili. 2016. On the definition of cyber-physical resilience in power systems. Renewable and Sustainable Energy Reviews 58 (2016), 1060--1069.Google ScholarCross Ref
- Algirdas Avizienis, Jean-Claude Laprie, Brian Randell, and Carl E. Landwehr. 2004. Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Trans. Dependable Sec. Comput. 1, 1 (2004), 11--33. Google ScholarDigital Library
- David D. Clark and David R. Wilson. 1987. A comparison of commercial and military computer security policies. In Security and Privacy, 1987 IEEE Symposium on. IEEE, 184--184. http://ieeexplore.ieee.org/abstract/document/6234890/Google Scholar
- Thomas Clédel, Simon N. Foley, Nora Cuppens, Frédéric Cuppens, Yvon Kermarrec, Frédéric Dubois, Youssef Laarouchi, and Gérard Le Comte. 2018. Towards the Evaluation of End-to-End Resilience Through External Consistency. In Cyberspace Safety and Security - 10th International Symposium, CSS 2018, Amalfi, Italy, October 29-31, 2018, Proceedings (Lecture Notes in Computer Science), Arcangelo Castiglione, Florin Pop, Massimo Ficco, and Francesco Palmieri (Eds.), Vol. 11161. Springer, 99--114.Google Scholar
- Luciano da Fontoura Costa. 2004. Reinforcing the resilience of complex networks. Physical Review E 69, 6 (2004), 066127.Google ScholarCross Ref
- Didier Dubois and Henri Prade. 1985. A review of fuzzy set aggregation connectives. Inf. Sci. 36, 1-2 (1985), 85--121.Google ScholarCross Ref
- Simon N. Foley, Fabien Autrel, Edwin Bourget, Thomas Clédel, Stephane Grunenwald, Jose Rubio-Hernan, Alexandre Kabil, Raphael Larsen, Vivien M. Rooney, and Kirsten Vanhulst. 2018. Science Hackathons for Cyberphysical System Security Research: Putting CPS testbed platforms to good use. In Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, CPS-SPC@CCS 2018, Toronto, ON, Canada, October 19, 2018, David Lie and Mohammad Mannan (Eds.). ACM, 102--107. Google ScholarDigital Library
- Royce Francis and Behailu Bekera. 2014. A metric and frameworks for resilience analysis of engineered and infrastructure systems. Reliability Engineering & System Safety 121 (2014), 90--103.Google ScholarCross Ref
- Yezekael Hayel and Quanyan Zhu. 2015. Resilient and secure network design for cyber attack-induced cascading link failures in critical infrastructures. In Information Sciences and Systems (CISS), 2015 49th Annual Conference on. IEEE, 445 HOES LANE, PISCATAWAY, NJ 08855-4141 USA, 1--3.Google ScholarCross Ref
- Crawford S Holling. 1973. Resilience and stability of ecological systems. Annual review of ecology and systematics 4, 1 (1973), 1--23.Google Scholar
- Jean-Claude Laprie. 2008. From dependability to resilience. In 38th IEEE/IFIP Int. Conf. On Dependable Systems and Networks. Citeseer, IEEE, 445 HOES LANE, PISCATAWAY, NJ 08855-4141 USA, G8--G9.Google Scholar
- Donggang Liu. 2007. Resilient cluster formation for sensor networks. In 27th International Conference on Distributed Computing Systems (ICDCS'07). IEEE, 40--40. Google ScholarDigital Library
- Luthar. 2003. Resilience and Vulnerability: Adaptation in the Context of Childhood Adversities. Cambridge University Press.Google Scholar
- Craig G Rieger, David I Gertman, and Miles A McQueen. 2009. Resilient control systems: next generation design research. In 2009 2nd Conference on Human System Interactions. IEEE, 632--636. Google ScholarDigital Library
- Berthold Schweizer and Abe Sklar. {n. d.}. Probabilistic Metric Spaces. 1983. ({n. d.}).Google Scholar
- Paulo Sousa, Nuno Ferreira Neves, and Paulo Verissimo. 2005. How resilient are distributed f fault/intrusion-tolerant systems?. In 2005 International Conference on Dependable Systems and Networks (DSN'05). IEEE, 98--107. Google ScholarDigital Library
- James P.G. Sterbenz, David Hutchison, Egemen K. Çetinkaya, Abdul Jabbar, Justin P. Rohrer, Marcus Schöller, and Paul Smith. 2010. Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines. Computer Networks 54, 8 (2010), 1245--1265. Resilient and Survivable networks. Google ScholarDigital Library
- Eric D Vugrin, Drake E Warren, and Mark A Ehlen. 2011. A resilience assessment framework for infrastructure and economic systems: Quantitative and qualitative resilience analysis of petrochemical supply chains to a hurricane. Process Safety Progress 30, 3 (2011), 280--290.Google ScholarCross Ref
- Dong Wei and Kun Ji. 2010. Resilient industrial control system (RICS): Concepts, formulation, metrics, and insights. In Resilient Control Systems (ISRCS), 2010 3rd International Symposium on. IEEE, 15--22.Google ScholarCross Ref
- Emmy E Werner, Jessie M Bierman, and Fern E French. 1971. The children of Kauai: A longitudinal study from the prenatal period to age ten. University of Hawaii Press.Google Scholar
- Wiley Online Library 2016. A new resilience taxonomy. Vol. 26. Wiley Online Library. Issue 1.Google Scholar
- James G. Williams and Leonard J. La Padula. 1993. Automated support for external consistency. In Computer Security Foundations Workshop VI, 1993. Proceedings. IEEE, 71--81. http://ieeexplore.ieee.org/abstract/document/246637/Google Scholar
- Quanyan Zhu and Tamer Başar. 2012. A dynamic game-theoretic approach to resilient control system design for cascading failures. In Proceedings of the 1st international conference on High Confidence Networked Systems. ACM, 41--46. Google ScholarDigital Library
Recommendations
Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines
The Internet has become essential to all aspects of modern life, and thus the consequences of network disruption have become increasingly severe. It is widely recognised that the Internet is not sufficiently resilient, survivable, and dependable, and ...
Resilience in computer systems and networks
ICCAD '09: Proceedings of the 2009 International Conference on Computer-Aided DesignThe term resilience is used differently by different communities. In general engineering systems, fast recovery from a degraded system state is often termed as resilience. Computer networking community defines it as the combination of trustworthiness (...
CapOS: Capacitor Error Resilience for Energy Harvesting Systems
Energy harvesting systems have emerged as an alternative to battery-operated Internet of Things (IoT) devices. To deal with frequent power outages in the absence of battery, energy harvesting systems rely on a capacitor-backed checkpoint mechanism also ...
Comments