The Resilience Model Supporting IIoT System Trustworthiness
Anticipate is to maintain a state of informed preparedness for adversity.
The need for preparedness for adverse conditions should be addressed by assurance on the proper choice of one or more parameters for the generic control function F: control algorithms, parameters of control and the available resources. Assurance on control algorithms means the verification of their behavior against adversity. Assurance of parameters and resources means checking their adequacy and sufficiency for supporting that behavior.
Maintaining the state of informed preparedness requires the situational awareness based on the indicators of possible compromise. For this purpose validation of input data D x and monitoring of environmental data D S should be continuously performed.
Withstand is to continue the essential mission or business functions despite adversity.
The violation of requirements for continuous mission execution means that the predicate P is FALSE for some period of time.
∃ad i, ∃T ad: P( Y( T ad), Z) = FALSE
To support the required property we need to reduce the time period Tad. Thus, supporting resilient execution turns to the optimization problem T ad → min. This approach to the system resilience by withstanding the adverse conditions is best illustrated by the interpretation referred to earlier of resilience through the quality of service.
Adapt is to modify the mission or business functions and / or supporting capabilities to predicted changes in the technical, operational or threat environments. Adaptation may be required when the attack is successful:
∃ad i, ∃T suc: P( Y( T suc), Z ∗) = FALSE
Tsuc is the time period to reduce T suc → min. during this period the current system behavior does not satisfy Z ∗.
Adaptation helps to withstand the adverse conditions and recover in minimal time( for example, by changing the parameters of the generic control function F) but it also leaves the system in a configuration better prepared for further adversity.
A variety of adaptations may enhance resilience, including: a) Adaptation of requirements ∀t∀s i P( Y( t), Z ∗) = TRUE; The set of requirements may be reduced to the set of essential requirements, the minimal set for which system functioning remains satisfactory. b) Parametric adaptation ∀t∀s i ∃C ∗ ≠ C: P( U( F < ST, C ∗, R >( D x, D SIoT)( t), Z) = TRUE The set of parameters determining how the system functions may be changed. c) Algorithmic adaptation ∀t∀s i ∃ST ∗ ≠ ST: P( U( F < ST ∗, C, R >( D x, D SIoT)( t), Z) = TRUE; The algorithms of the process control may be changed. d) Resource adaptation
September 2018- 124-