Ellison and colleagues have designed a method of analysis called Survivable Systems Analysis. This is used to assess vulnerabilities in systems and to support the design of system architectures and features that promote system survivability.
Survivable systems analysis is a four-stage process that analyzes the current or proposed system requirements and architecture; identifies critical services, attack scenarios, and system ‘softspots’; and proposes changes to improve the survivability of a system. The key activities in each of these stages are as follows:
1. System understanding: For an existing or proposed system, review the goals of the system (sometimes called the mission objectives), the system requirements, and the system architecture.
2. Critical service identification: The services that must always be maintained and the components that are required to maintain these services are identified.
3. Attack simulation: Scenarios or use cases for possible attacks are identified along with the system components that would be affected by these attacks.
4. Survivability analysis: Components that are both essential and compromisable by an attack are identified and survivability strategies based on resistance, recognition, and recovery are identified.
