This chart illustrates the methodology applied in this guide to both proactive and reactive resilience assurance.
We start with a failure model , an abstract description of typical failures, obtained by analysis of various case studies. The failure model includes a description of various failure modes, due to hazards.
For each of the hazards we propose various defenses: firewalls for preventing some of the hazards, and facilitators to enabling recovery from the hazards.
Finally, we translate the defenses to guidelines, enabling system engineers to integrate them in common practices of system development.
Updated on 12 Dec 2016.