Advanced

A Method for Assessing Resilience of Socio-Technical IT-Systems

Landegren, Finn LU ; Sulaman, Sardar Muhammad LU ; Möller, Peter LU ; Höst, Martin LU and Johansson, Jonas LU (2016) European Safety and Reliability Conference (ESREL 2016) In Risk, Reliability and Safety: Innovating Theory and Practice p.2199-2206
Abstract
Modern society is increasingly dependent on IT-systems. Due to this dependence it is important
that IT-networks are designed to be resilient, meaning that they will either maintain or quickly recover their
functionality when exposed to strain. Simulation-based methods that consider supply network topology as well
as system responsible for repairing supply network have previously been used and found to be beneficial for
assessing resilience of electricity and water distribution systems. A method of this kind is here applied for ITnetworks.
The aim of the present research is to test if such a method is applicable for assessing resilience of
IT-systems, meaning that: 1) it is possible to use based on available data, in... (More)
Modern society is increasingly dependent on IT-systems. Due to this dependence it is important
that IT-networks are designed to be resilient, meaning that they will either maintain or quickly recover their
functionality when exposed to strain. Simulation-based methods that consider supply network topology as well
as system responsible for repairing supply network have previously been used and found to be beneficial for
assessing resilience of electricity and water distribution systems. A method of this kind is here applied for ITnetworks.
The aim of the present research is to test if such a method is applicable for assessing resilience of
IT-systems, meaning that: 1) it is possible to use based on available data, in this case gathered mainly through
interviews with focus groups, 2) the results are relevant for users/owners/maintainers. The method is tested in
a case study on the IT-network of one department of Lund university as well as the university core network.
Results show that the method is applicable for the studied IT-network and that we can obtain the resilience
metrics sought for. It is found that the method can enable system owners to see if and for what levels of strain
they are presently reaching their desired targets concerning system resilience. While applicable to the studied
system, feedback from system experts indicates that the method will primarily be useful for IT-systems whose
failure would 1) result in large economic values (e.g. IT-system of major private companies) or 2) lead to loss
of health or safety (e.g. IT-systems of governmental organizations and hospitals). (Less)
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
in
Risk, Reliability and Safety: Innovating Theory and Practice
pages
2199 - 2206
publisher
CRC Press
conference name
European Safety and Reliability Conference (ESREL 2016)
external identifiers
  • scopus:85016197917
DOI
10.1201/9781315374987-332
language
English
LU publication?
yes
id
69a51124-240a-4a7d-9d3f-ee80948ae5d8
date added to LUP
2016-06-14 10:26:20
date last changed
2017-04-09 04:46:42
@inproceedings{69a51124-240a-4a7d-9d3f-ee80948ae5d8,
  abstract     = {Modern society is increasingly dependent on IT-systems. Due to this dependence it is important<br/>that IT-networks are designed to be resilient, meaning that they will either maintain or quickly recover their<br/>functionality when exposed to strain. Simulation-based methods that consider supply network topology as well<br/>as system responsible for repairing supply network have previously been used and found to be beneficial for<br/>assessing resilience of electricity and water distribution systems. A method of this kind is here applied for ITnetworks.<br/>The aim of the present research is to test if such a method is applicable for assessing resilience of<br/>IT-systems, meaning that: 1) it is possible to use based on available data, in this case gathered mainly through<br/>interviews with focus groups, 2) the results are relevant for users/owners/maintainers. The method is tested in<br/>a case study on the IT-network of one department of Lund university as well as the university core network.<br/>Results show that the method is applicable for the studied IT-network and that we can obtain the resilience<br/>metrics sought for. It is found that the method can enable system owners to see if and for what levels of strain<br/>they are presently reaching their desired targets concerning system resilience. While applicable to the studied<br/>system, feedback from system experts indicates that the method will primarily be useful for IT-systems whose<br/>failure would 1) result in large economic values (e.g. IT-system of major private companies) or 2) lead to loss<br/>of health or safety (e.g. IT-systems of governmental organizations and hospitals).},
  author       = {Landegren, Finn and Sulaman, Sardar Muhammad and Möller, Peter and Höst, Martin and Johansson, Jonas},
  booktitle    = {Risk, Reliability and Safety: Innovating Theory and Practice},
  language     = {eng},
  pages        = {2199--2206},
  publisher    = {CRC Press},
  title        = {A Method for Assessing Resilience of Socio-Technical IT-Systems},
  url          = {http://dx.doi.org/10.1201/9781315374987-332},
  year         = {2016},
}