The Resilience Model Supporting IIoT System Trustworthiness
These are the attacks that cause the
problems of routing (such as BGP hijacking)
and any general problems on transit network
equipment. The third level is L4, at which
attacks to exploit the weaknesses of the
transport protocol. The most known
example is the SYN flood attack. The fourth
level, L7, is degrading the web application by
various methods, from the simple GET/POST
flood to the specifically formed search
requests targeting the database, memory or
disk space depletion on the server. 15 The
most damaging DDoS attacks mix volumetric
attacks with targeted, application-specific
attacks. 16
resilience
to
exploit
the
specific
vulnerabilities by attackers. At runtime, non-
persistent services and connectivity are
usually used to minimize the downtime
period (for example, through promptly
changing the hosting provider). Dynamic
segmentation and isolation serve similar
purposes for the complex environment
under attack.
The set of parameters for the algorithms
(C): At the design phase, the architect can
consider
the
trust-based
privilege
management where trust is determined
through the set of attributes and current
threat landscape. Dynamic reconfiguration
of attributes values and attribute-based
usage restriction at runtime will help to rule
out the parasite traffic.
It is worth mentioning that these attack
tactics against the data historian would be
an overkill. For the financially relevant web
service, their existence imposes the
advanced strategy for supporting a resilient
execution of the services. The separate
measures employ the techniques and
approaches linked to the factors as listed
below.
System resources used to perform the
operations (R): Redundancy is the most
known factor supporting continuous
operation under challenging conditions.
However, it is not only about the additional
disk capacity. The website architecture
supporting purposing, offloading and asset
mobility is not only sustainable, it also
facilitates dynamic resource reallocation and
reasonable reservation scenarios. These
scenarios may implement different
strategies to cure a failure through
infrastructural means. This may be
automated, for example, through the use of
high-availability clusters (also known as fail-
over clusters) that are the groups of
Algorithmic structure of the functions
determining the control process behavior
(ST): At the design phase, the architect
performs consistency analysis to identify
bottlenecks, minimize potential cascading
failures and cover gaps. Orchestration helps
to coordinate the mechanisms at different
network layers. Proper privilege restrictions
should help in containing attacks. As a
supportive measure, diversity may foster the
15
The level numbers correspond the OSI model level at which the attacks are implemented
16
Stephen Gates. Understanding and Defending Against the Modern DDoS Threat. RSA Conference 2014: Asia Pacific and Japan.
https://www.rsaconference.com/writable/presentations/file_upload/cle-t09-understanding-and-defending-against-the-
modern-ddos-threat.pdf
- 129 -
IIC Journal of Innovation