This report provides an initial identification relationships between cyber resiliency constructs (e.g., design principles, techniques) and cyber survivability attributes, based on publicly available sources. This identification is intended to help systems engineers understand how to use cyber resiliency to improve cyber survivability, and vice versa.
Relationships Between Cyber Resiliency Constructs and Cyber Survivability Attributes
Cyber resiliency and cyber survivability are closely related concepts, sharing similar technologies and practices. For historical reasons, these concepts have been built out into different frameworks, which define different constructs for describing the problem and solution domains. Cyber resiliency constructs enable system requirements to be defined, metrics and security controls to be identified, and solutions to be identified and analyzed. The identification of relationships between cyber resiliency constructs and cyber survivability attributes (CSAs) in this paper is intended to help systems engineers understand how to use cyber resiliency to improve cyber survivability, and vice versa.