{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,2]],"date-time":"2026-06-02T09:28:58Z","timestamp":1780392538074,"version":"3.54.1"},"reference-count":148,"publisher":"Association for Computing Machinery (ACM)","issue":"8","license":[{"start":{"date-parts":[[2024,4,26]],"date-time":"2024-04-26T00:00:00Z","timestamp":1714089600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2024,8,31]]},"abstract":"<jats:p>Cyber resilience has become a major concern for both academia and industry due to the increasing number of data breaches caused by the expanding attack surface of existing IT infrastructure. Cyber resilience refers to an organisation\u2019s ability to prepare for, absorb, recover from, and adapt to adverse effects typically caused by cyber-attacks that affect business operations. In this survey, we aim to identify the significant domains of cyber resilience and measure their effectiveness. We have selected these domains based on a literature review of frameworks, strategies, applications, tools, and technologies. We have outlined the cyber resilience requirements for each domain and explored solutions related to each requirement in detail. We have also compared and analysed different studies in each domain to find other ways of enhancing cyber resilience. Furthermore, we have compared cyber resilience frameworks and strategies based on technical requirements for various applications. We have also elaborated on techniques for improving cyber resilience. In the supplementary section, we have presented applications that have implemented cyber resilience. This survey comprehensively compares various popular cyber resilience tools to help researchers, practitioners, and organisations choose the best practices for enhancing cyber resilience. Finally, we have shared key findings, limitations, problems, and future directions.<\/jats:p>","DOI":"10.1145\/3649218","type":"journal-article","created":{"date-parts":[[2024,2,23]],"date-time":"2024-02-23T12:03:46Z","timestamp":1708689826000},"page":"1-48","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":41,"title":["A Survey on Cyber Resilience: Key Strategies, Research Challenges, and Future Directions"],"prefix":"10.1145","volume":"56","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5033-9710","authenticated-orcid":false,"given":"Saleh Mohamed","family":"Alhidaifi","sequence":"first","affiliation":[{"name":"The University of Glasgow, Glasgow, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9607-376X","authenticated-orcid":false,"given":"Muhammad Rizwan","family":"Asghar","sequence":"additional","affiliation":[{"name":"University of Surrey, Guildford, United Kingdom and The University of Auckland, Auckland, New Zealand"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8461-6547","authenticated-orcid":false,"given":"Imran Shafique","family":"Ansari","sequence":"additional","affiliation":[{"name":"The University of Glasgow, Glasgow, United Kingdom"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2024,4,26]]},"reference":[{"key":"e_1_3_3_2_2","article-title":"A threat modelling approach to analyze and mitigate botnet attacks in smart home use case","author":"Syed Ghazanfar Abbas,","year":"2020","unstructured":"Ghazanfar Abbas, Syed, Shahzaib Zahid, Faisal Hussain, Ghalib A. Shah, and Muhammad Husnain. 2020. A threat modelling approach to analyze and mitigate botnet attacks in smart home use case. Proceedings of the 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE\u201920). 122\u2013129. arXiv:2101.02147.","journal-title":"Proceedings of the 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE\u201920)."},{"issue":"12","key":"e_1_3_3_3_2","first-page":"542","article-title":"Improving cyber resilience in mobile field hospitals: Towards an assessment model","volume":"14","author":"Ahmed Nasir Baba","year":"2020","unstructured":"Nasir Baba Ahmed, Nicolas Daclin, Marc Olivaux, and Gilles Dusserre. 2020. Improving cyber resilience in mobile field hospitals: Towards an assessment model. International Journal of Computer and Information Engineering 14, 12 (2020), 542\u2013548.","journal-title":"International Journal of Computer and Information Engineering"},{"key":"e_1_3_3_4_2","doi-asserted-by":"publisher","DOI":"10.1145\/3594638"},{"key":"e_1_3_3_5_2","doi-asserted-by":"crossref","unstructured":"Christopher Alberts Audrey Dorofee James Stevens and Carol Woody. 2003. Introduction to the OCTAVE Approach. Carnegie Mellon University Pittsburgh PA.","DOI":"10.21236\/ADA634134"},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/TETC.2022.3231692"},{"key":"e_1_3_3_7_2","doi-asserted-by":"publisher","DOI":"10.1109\/ASCC.2015.7244713"},{"key":"e_1_3_3_8_2","unstructured":"Apache Metron. 2020. What Apache Metron Does. Retrieved September 9 2021 from http:\/\/metron.apache.org\/"},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1145\/3109761.3109793"},{"key":"e_1_3_3_10_2","article-title":"Distributed ledger technologies in supply chain security management: A comprehensive survey","author":"Asante Mary","year":"2021","unstructured":"Mary Asante, Gregory Epiphaniou, Carsten Maple, Haider Al-Khateeb, Mirko Bottarelli, and Kayhan Zrar Ghafoor. 2021. Distributed ledger technologies in supply chain security management: A comprehensive survey. IEEE Transactions on Engineering Management. Published Online, March 1, 2021.","journal-title":"IEEE Transactions on Engineering Management."},{"key":"e_1_3_3_11_2","unstructured":"Ram Babu. 2016. Best Practices to Increase Cyber Resilience of Smart Electricity of Gridwith Focus on Advance Metering and Distribution Infrastructure. World Energy Council."},{"key":"e_1_3_3_12_2","first-page":"9","article-title":"Framework for improving critical infrastructure cybersecurity","volume":"535","author":"Barrett Matt","year":"2018","unstructured":"Matt Barrett. 2018. Framework for improving critical infrastructure cybersecurity. Proceedings of the Annual ISA Analysis Division Symposium 535 (2018), 9\u201325.","journal-title":"Proceedings of the Annual ISA Analysis Division Symposium"},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2018.06.004"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.23919\/CISTI52073.2021.9476324"},{"issue":"5","key":"e_1_3_3_15_2","first-page":"1","article-title":"Cyber resilience meta-modelling: The railway communication case study","volume":"10","author":"Bellini Emanuele","year":"2021","unstructured":"Emanuele Bellini, Stefano Marrone, and Fiammetta Marulli. 2021. Cyber resilience meta-modelling: The railway communication case study. Electronics (Switzerland) 10, 5 (2021), 1\u201326.","journal-title":"Electronics (Switzerland)"},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","DOI":"10.1201\/9781003310501"},{"key":"e_1_3_3_17_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-62840-6_9"},{"key":"e_1_3_3_18_2","volume-title":"Advances in Intelligent Systems and Computing, Vol. 353. Springer, 311\u2013316","author":"Bj\u00f6rck Fredrik","year":"2015","unstructured":"Fredrik Bj\u00f6rck, Martin Henkel, Janis Stirna, and Jelena Zdravkovic. 2015. Cyber resilience\u2014Fundamentals for a definition. In New Contributions in Information Systems and Technology. Advances in Intelligent Systems and Computing, Vol. 353. Springer, 311\u2013316."},{"key":"e_1_3_3_19_2","doi-asserted-by":"crossref","unstructured":"Dan Blum. 2020. Rational Cybersecurity for Business. Springer.","DOI":"10.1007\/978-1-4842-5952-8"},{"key":"e_1_3_3_20_2","article-title":"Resiliency techniques for systems-of-systems extending and applying the cyber resiliency engineering framework to the space domain","author":"Bodeau Deborah","year":"2014","unstructured":"Deborah Bodeau, John Brtis, Richard Graubart, and Jonathan Salwen. 2014. Resiliency techniques for systems-of-systems extending and applying the cyber resiliency engineering framework to the space domain. In Proceedings of the 7th International Symposium on Resilient Control Systems (ISRCS\u201914). 1\u20136.","journal-title":"Proceedings of the 7th International Symposium on Resilient Control Systems (ISRCS\u201914)."},{"key":"e_1_3_3_21_2","unstructured":"Deborah Bodeau and Richard Graubart. 2011. Cyber Resiliency Engineering Framework. MITRE."},{"key":"e_1_3_3_22_2","unstructured":"Deborah Bodeau and Richard Graubart. 2013. Cyber Resiliency Assessment: Enabling Architectural Improvement. MITRE."},{"key":"e_1_3_3_23_2","unstructured":"Deborah Bodeau and Richard Graubart. 2016. Cyber Resilience Metrics: Key Observations. MITRE."},{"key":"e_1_3_3_24_2","unstructured":"Deborah Bodeau and Richard Graubart. 2017. Cyber Resiliency Design Principles. MITRE."},{"key":"e_1_3_3_25_2","unstructured":"Deborah Bodeau Richard Graubart William Heinbockel and Ellen Laderman. 2015. Cyber Resiliency Engineering Aid. MITRE."},{"key":"e_1_3_3_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/TVCG.2011.185"},{"key":"e_1_3_3_27_2","doi-asserted-by":"crossref","unstructured":"Ioannis Bothos Vasileios Vlachos Dimitris M. Kyriazanos Ioannis Stamatiou Konstantinos Georgios Thanos Pantelis Tzamalis Sotirios Nikoletseas and Stelios C. A. Thomopoulos. 2021. Modelling cyber-risk in an economic perspective. In Proceedings of the 2021 IEEE International Conference on Cyber Security and Resilience (CSR\u201921). 372\u2013377.","DOI":"10.1109\/CSR51186.2021.9527994"},{"key":"e_1_3_3_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2875890"},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.22215\/timreview\/888"},{"key":"e_1_3_3_30_2","article-title":"A threat to cyber resilience: A malware rebirthing botnet","author":"Brand M.","year":"2011","unstructured":"M. Brand, C. Valli, and A. Woodward. 2011. A threat to cyber resilience: A malware rebirthing botnet. In Proceedings of the 2nd International Cyber Resilience Conference. 7.","journal-title":"Proceedings of the 2nd International Cyber Resilience Conference."},{"key":"e_1_3_3_31_2","doi-asserted-by":"publisher","DOI":"10.3390\/info10010027"},{"key":"e_1_3_3_32_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSSA54161.2022.9870952"},{"key":"e_1_3_3_33_2","doi-asserted-by":"publisher","DOI":"10.3390\/app10217393"},{"key":"e_1_3_3_34_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3026063"},{"key":"e_1_3_3_35_2","doi-asserted-by":"publisher","DOI":"10.3390\/s19010138"},{"key":"e_1_3_3_36_2","doi-asserted-by":"publisher","DOI":"10.1145\/2809826.2809837"},{"key":"e_1_3_3_37_2","doi-asserted-by":"publisher","DOI":"10.22215\/timreview\/886"},{"key":"e_1_3_3_38_2","article-title":"Cyber Resilience in Asia-Pacific\u2014A Review of National Cybersecurity Strategies","author":"Christine Debora","year":"2020","unstructured":"Debora Christine and Mamello Thinyane. 2020. Cyber Resilience in Asia-Pacific\u2014A Review of National Cybersecurity Strategies. United Nations University.","journal-title":"United Nations University."},{"key":"e_1_3_3_39_2","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2013.448"},{"key":"e_1_3_3_40_2","first-page":"1","article-title":"Teaching cyber resilience for critical infrastructure systems","volume":"1","author":"Conklin William Arthur","year":"2017","unstructured":"William Arthur Conklin. 2017. Teaching cyber resilience for critical infrastructure systems. Journal of the Colloquium for Information System Security Education 1 (2017), 1\u201315.","journal-title":"Journal of the Colloquium for Information System Security Education"},{"key":"e_1_3_3_41_2","article-title":"Cyber-Risk Management Feasibility Study Technologies (RESET)","author":"Culler Megan J.","year":"2022","unstructured":"Megan J. Culler, Justin J. Welch, Jakob P. Meng, Dylan W. Reen, and Kurt S. Myers. 2022. Cyber-Risk Management Feasibility Study Technologies (RESET). Idaho National Laboratory.","journal-title":"Idaho National Laboratory."},{"key":"e_1_3_3_42_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ejor.2023.05.003"},{"key":"e_1_3_3_43_2","unstructured":"Michal Danilak. 2016. What\u2019s the difference between cyber security and cyber resilience? https:\/\/ascentor.co.uk\/cyber-security-resources\/the-difference-between-cyber-security-and-cyber-resilience\/"},{"key":"e_1_3_3_44_2","doi-asserted-by":"publisher","DOI":"10.22215\/timreview\/887"},{"key":"e_1_3_3_45_2","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2014.23025"},{"key":"e_1_3_3_46_2","unstructured":"Frank Dickson and Phil Goodwin. 2019. Five Key Technologies for Enabling a Cyber-Resilience Framework. IBM."},{"key":"e_1_3_3_47_2","first-page":"22","article-title":"JUMP: Modelling and simulation of cyber resilience for mission impact assessment","author":"Dudman Tim","year":"2017","unstructured":"Tim Dudman, Antony Waldock, and Steve Barrington. 2017. JUMP: Modelling and simulation of cyber resilience for mission impact assessment. CEUR Workshop Proceedings 2040 (March 2017), 22\u201329.","journal-title":"CEUR Workshop Proceedings"},{"key":"e_1_3_3_48_2","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyz013"},{"key":"e_1_3_3_49_2","article-title":"A framework to support the development of cyber resiliency with situational awareness capability","author":"\u00c5hlfeldt Rose-Mharie","year":"2015","unstructured":"Edgar Tashiro Yano, Welton De Abreu, Per M. Gustavsson, and Rose-Mharie \u00c5hlfeldt. 2015. A framework to support the development of cyber resiliency with situational awareness capability. In Proceedings of the 20th International Command and Control Research and Technology Symposium. 1\u201311.","journal-title":"Proceedings of the 20th International Command and Control Research and Technology Symposium."},{"key":"e_1_3_3_50_2","article-title":"NATO Smart Defense and Cyber Resilience","author":"Efthymiopoulos Marios P.","year":"2016","unstructured":"Marios P. Efthymiopoulos. 2016. NATO Smart Defense and Cyber Resilience. Tufts University.","journal-title":"Tufts University."},{"key":"e_1_3_3_51_2","doi-asserted-by":"crossref","unstructured":"Eric D. Vugrin and Jennifer Turgeon. 2014. Advancing cyber resilience analysis with performance-based metrics from infrastructure assessments. In Cyber Behavior: Concepts Methodologies Tools and Applications. IGI Global 1\u201323.","DOI":"10.4018\/978-1-4666-5942-1.ch107"},{"key":"e_1_3_3_52_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2022.107111"},{"key":"e_1_3_3_53_2","article-title":"Towards a resilience metric framework for cyber-physical systems","author":"Friedberg Ivo","year":"2016","unstructured":"Ivo Friedberg, Kieran McLaughlin, Paul Smith, and Markus Wurzenberger. 2016. Towards a resilience metric framework for cyber-physical systems. In Proceedings of the 2016 4th International Symposium for ICS and SCADA Cyber Security Research. 19\u201322.","journal-title":"Proceedings of the 2016 4th International Symposium for ICS and SCADA Cyber Security Research."},{"key":"e_1_3_3_54_2","doi-asserted-by":"publisher","DOI":"10.1109\/CSR57506.2023.10224995"},{"key":"e_1_3_3_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/INFORMATICS.2017.8327227"},{"key":"e_1_3_3_56_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2022.3229486"},{"key":"e_1_3_3_57_2","doi-asserted-by":"publisher","DOI":"10.1016\/S2589-7500(19)30005-6"},{"key":"e_1_3_3_58_2","doi-asserted-by":"publisher","DOI":"10.1111\/risa.12729"},{"key":"e_1_3_3_59_2","doi-asserted-by":"publisher","DOI":"10.1109\/THS.2011.6107877"},{"key":"e_1_3_3_60_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2019.107094"},{"key":"e_1_3_3_61_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2020.02.008"},{"key":"e_1_3_3_62_2","doi-asserted-by":"publisher","unstructured":"Eman Hammad Abhijit Kumar Nag Anitha Chennamaneni Mohsen Aghashahi and Erdogan Dogdu. 2021. A Deep-defense approach for next-gen cyber-resilient inter-dependent critical infrastructure systems. In Proceedings of Resilience Week 2021 (RWS\u201921). DOI:10.1109\/RWS52686.2021.9611790","DOI":"10.1109\/RWS52686.2021.9611790"},{"key":"e_1_3_3_63_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISI.2018.8587398"},{"key":"e_1_3_3_64_2","article-title":"ICS-CRAT: A cyber resilience assessment tool for industrial control systems","author":"Haque Md. Ariful","year":"2019","unstructured":"Md. Ariful Haque, Sachin Shetty, and Bheshaj Krishnappa. 2019. ICS-CRAT: A cyber resilience assessment tool for industrial control systems. In Proceedings of the 5th IEEE International Conference Big Data Security. 273\u2013281.","journal-title":"Proceedings of the 5th IEEE International Conference Big Data Security."},{"key":"e_1_3_3_65_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2020.100204"},{"key":"e_1_3_3_66_2","doi-asserted-by":"publisher","DOI":"10.1111\/1467-9256.12035"},{"key":"e_1_3_3_67_2","doi-asserted-by":"publisher","DOI":"10.1093\/jcde\/qwaa029"},{"key":"e_1_3_3_68_2","doi-asserted-by":"publisher","DOI":"10.5604\/01.3001.0053.7401"},{"key":"e_1_3_3_69_2","doi-asserted-by":"publisher","DOI":"10.5220\/0010233604580466"},{"key":"e_1_3_3_70_2","volume-title":"The Cyber Resilient Organization","author":"Institute Ponemon","year":"2019","unstructured":"Ponemon Institute. 2019. The Cyber Resilient Organization. Technical Report. Ponemon Institute. https:\/\/www.ibm.com\/downloads\/cas\/GAVGOVNV"},{"key":"e_1_3_3_71_2","unstructured":"Jeffrey Pinckard Michael Rattigan and Robert Vrtis. 2016. A Mapping of the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool (CAT) to the Cyber Resilience Review (CRR). Carnegie Mellon University."},{"key":"e_1_3_3_72_2","unstructured":"Joseph Steinberg. 2019. Cyber-Resilience vs. Cyber-Security: Business Leaders Must Understand the Difference. Ramsac."},{"key":"e_1_3_3_73_2","unstructured":"P\u00f6yh\u00f6nen Jouni Nuojua Viivi Lehto Martti and Rajam\u00e4ki Jyri. 2018. Application of cyber resilience review to an electricity company. LAUREA June (2018) 380\u2013389."},{"key":"e_1_3_3_74_2","unstructured":"Sathya Prakash Kadhirvelan and Andrew S\u00f6derberg-Rivkin. 2014. Threat Modelling and Risk Assessment. Master\u2019s Thesis. Chalmers University of Technology."},{"key":"e_1_3_3_75_2","doi-asserted-by":"publisher","DOI":"10.1109\/SmartNets55823.2022.9993997"},{"key":"e_1_3_3_76_2","unstructured":"Bissell Kelly LaSalle Ryan Dool Floris and Kennedy-White Joshua. 2018. Gaining Ground on the Cyber Attacker 2018 State of Cyber Resilience. Technical Report. Accenture Security. 1\u201328."},{"key":"e_1_3_3_77_2","unstructured":"Kevin G. Partridge and Lisa R. Young. 2011. CERT\u00aeResilienceManagement Model Publication 800-66 Crosswalk. Carnegie Mellon University."},{"key":"e_1_3_3_78_2","doi-asserted-by":"crossref","unstructured":"Yasir Imtiaz Khan and Ehab Al-shaer. 2015. Cyber resilience-by-construction: Modeling measuring & verifying. In Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense (SafeConfig\u201915). 9\u201314.","DOI":"10.1145\/2809826.2809836"},{"key":"e_1_3_3_79_2","doi-asserted-by":"publisher","DOI":"10.3390\/s23062914"},{"key":"e_1_3_3_80_2","doi-asserted-by":"publisher","DOI":"10.1002\/9781119491774.ch3"},{"key":"e_1_3_3_81_2","doi-asserted-by":"crossref","unstructured":"Irina Kolosok and Elena Korkina. 2018. Cyber Resilience of SCADA at the Level of Energy Facilities. Atlantis Press.","DOI":"10.2991\/iwci-18.2018.18"},{"key":"e_1_3_3_82_2","unstructured":"Alexander Kott Benjamin Blakely Diane Henshel Gregory Wehner James Rowell Nathaniel Evans Luis Mu\u00f1oz-Gonz\u00e1lez Nandi Leslie Donald W. French Donald Woodard Kerry Krutilla Amanda Joyce Igor Linkov Carmen Mas-Machuca Janos Sztipanovits Hugh Harney Dennis Kergl Perri Nejib Edward Yakabovicz Steven Noel Tim Dudman Pierre Trepagnier Sowdagar Badesha and Alfred M\u00f8ller. 2018. Approaches to enhancing cyber resilience: Report of the North Atlantic Treaty Organization (NATO) workshop IST-153. arXiv:1804.07651 (2018)."},{"key":"e_1_3_3_83_2","doi-asserted-by":"crossref","unstructured":"Chye Lee Cher Guan Tan Teik Vishal Sharma and Jianying Zhou. 2021. Quantum computing threat modelling on a generic CPS setup. In Applied Cryptography and Network Security Workshops. Lecture Notes in Computer Science Vol. 12809. Springer 171\u2013190.","DOI":"10.1007\/978-3-030-81645-2_11"},{"key":"e_1_3_3_84_2","doi-asserted-by":"publisher","DOI":"10.1109\/CSR54599.2022.9850312"},{"key":"e_1_3_3_85_2","article-title":"Redundancy cyber resiliency technique based on fast rerouting under security metric","author":"Lemeshko Oleksandr","year":"2021","unstructured":"Oleksandr Lemeshko, Oleksandra Yeremenko, Maryna Yevdokymenko, and Dmytro Ageyev. 2021. Redundancy cyber resiliency technique based on fast rerouting under security metric. In Proceedings of the 2020 IEEE International Conference on Problems of Infocommunications Science and Technology (PIC S&T\u201920).","journal-title":"Proceedings of the 2020 IEEE International Conference on Problems of Infocommunications Science and Technology (PIC S&T\u201920)."},{"key":"e_1_3_3_86_2","doi-asserted-by":"publisher","unstructured":"Oleksandr Lemeshko Oleksandra Yeremenko Maryna Yevdokymenko Anastasiia Shapovalova Ahmad M. Hailan and Amal Mersni. 2019. Cyber resilience approach based on traffic engineering fast reroute with policing. In Proceedings of the 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS\u201919). 117\u2013122. 10.1109\/IDAACS.2019.8924294","DOI":"10.1109\/IDAACS.2019.8924294"},{"key":"e_1_3_3_87_2","unstructured":"Tingting Li Cheng Feng and Chris Hankin. 2018. Improving ICS cyber resilience through optimal diversification of network resources. arXiv:1811.00142v2 (2018)."},{"key":"e_1_3_3_88_2","doi-asserted-by":"publisher","DOI":"10.1109\/EMR.2021.3074288"},{"key":"e_1_3_3_89_2","doi-asserted-by":"publisher","DOI":"10.1021\/es403443n"},{"key":"e_1_3_3_90_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10669-013-9485-y"},{"key":"e_1_3_3_91_2","unstructured":"Igor Linkov and Alexander Kott. 2019. Cyber Resilience of Systems and Networks. Risk Systems and Decisions Series. Springer."},{"key":"e_1_3_3_92_2","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(20)30019-1"},{"key":"e_1_3_3_93_2","doi-asserted-by":"publisher","DOI":"10.1109\/GIOTS.2018.8534523"},{"key":"e_1_3_3_94_2","doi-asserted-by":"publisher","DOI":"10.3390\/s19010019"},{"key":"e_1_3_3_95_2","article-title":"State-of-the-Art in Cyber Threat Models and Methodologies","author":"Magar Alan","year":"2016","unstructured":"Alan Magar. 2016. State-of-the-Art in Cyber Threat Models and Methodologies. Sphyma Security.http:\/\/cradpdf.drdc-rddc.gc.ca\/PDFS\/unc225\/p803699_A1b.pdf","journal-title":"Sphyma Security."},{"key":"e_1_3_3_96_2","doi-asserted-by":"crossref","unstructured":"Alex Mathew. 2019. Airport cyber security and cyber resilience controls. arXiv:1908.09894 (2019).","DOI":"10.5121\/csit.2019.91007"},{"key":"e_1_3_3_97_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNC.2017.7876213"},{"key":"e_1_3_3_98_2","doi-asserted-by":"crossref","unstructured":"Sukarno Mertoguno Ryan M. Craven Matthew S. Mickelson and David P. Koller. 2019. A physics-based strategy for cyber resilience of CPS. In Proceedings of SPIE 11009 Autonomous Systems: Sensors Processing and Security for Vehicles and Infrastructure.","DOI":"10.1117\/12.2517604"},{"key":"e_1_3_3_99_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.12.008"},{"key":"e_1_3_3_100_2","unstructured":"Microsoft Docs. 2017. Microsoft Threat Modeling Tool Overview\u2014Azure. Microsoft."},{"key":"e_1_3_3_101_2","doi-asserted-by":"publisher","unstructured":"Michael Mylrea Sri Nikhil Gupta Gourisetti and Andrew Nicholls. 2018. An introduction to buildings cybersecurity framework. In Proceedings of the 2017 IEEE Symposium on Computational Intelligence (SCCI\u201917). 1\u20137. DOI:10.1109\/SSCI.2017.8285228","DOI":"10.1109\/SSCI.2017.8285228"},{"key":"e_1_3_3_102_2","unstructured":"N-Stalker. 2010. N-Stalker the Web Security Specialists. Retrieved July 22 2021 from https:\/\/www.nstalker.com\/"},{"issue":"1","key":"e_1_3_3_103_2","first-page":"111","article-title":"Cyber attack challenges and resilience for smart grids","volume":"134","author":"Nazir Sajid","year":"2015","unstructured":"Sajid Nazir, Hassan Hamdoun, and Jafar Alzubi. 2015. Cyber attack challenges and resilience for smart grids. European Journal of Scientific Research 134, 1 (2015), 111\u2013120.","journal-title":"European Journal of Scientific Research"},{"issue":"17","key":"e_1_3_3_104_2","first-page":"6","article-title":"Big-data graph knowledge bases for cyber resilience","volume":"2040","author":"Noel Steven","year":"2017","unstructured":"Steven Noel, Deborah Bodeau, and Rosalie McQuaid. 2017. Big-data graph knowledge bases for cyber resilience. CEUR Workshop Proceedings 2040, 17 (2017), 6\u201321.","journal-title":"CEUR Workshop Proceedings"},{"key":"e_1_3_3_105_2","doi-asserted-by":"publisher","DOI":"10.1016\/bs.host.2016.07.001"},{"issue":"2","key":"e_1_3_3_106_2","first-page":"1","article-title":"A review of asset-centric threat modelling approaches","volume":"11","author":"Livinus Obiora Nweke,","year":"2020","unstructured":"Obiora Nweke, Livinus and Stephen D. Wolthusen. 2020. A review of asset-centric threat modelling approaches. International Journal of Advanced Computer Science and Applications 11, 2 (2020), 1\u20136. https:\/\/www.ijacsa.thesai.org","journal-title":"International Journal of Advanced Computer Science and Applications"},{"key":"e_1_3_3_107_2","doi-asserted-by":"publisher","DOI":"10.1145\/2957792.2957803"},{"key":"e_1_3_3_108_2","volume-title":"Cyber Resilience Review","author":"Communications The Department of Homeland Security\u2019s (DHS) Office of Cybersecurity &","year":"2011","unstructured":"The Department of Homeland Security\u2019s (DHS) Office of Cybersecurity & Communications. 2011. Cyber Resilience Review. Technical Report. DHS. https:\/\/www.dhs.gov\/pcii"},{"key":"e_1_3_3_109_2","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSA49311.2020.9139685"},{"key":"e_1_3_3_110_2","unstructured":"OSSEC Project Team. 2019. OSSEC\u2014World\u2019s Most Widely Used Host Intrusion Detection System\u2014HIDS. Retrieved March 1 2024 from https:\/\/www.ossec.net\/"},{"key":"e_1_3_3_111_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2023.01.295"},{"key":"e_1_3_3_112_2","article-title":"The Third Annual Study on the Cyber Resilient Organization: Asia-Pacific","author":"Institute Ponemon","year":"2018","unstructured":"Ponemon Institute. 2018. The Third Annual Study on the Cyber Resilient Organization: Asia-Pacific. Ponemon Institute.","journal-title":"Ponemon Institute."},{"key":"e_1_3_3_113_2","article-title":"A Mapping of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule to the Cyber Resilience Review (CRR)","author":"Porter Greg","year":"2018","unstructured":"Greg Porter, Heinz College, and Robert A. Vrtis. 2018. A Mapping of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule to the Cyber Resilience Review (CRR). Carnegie Mellon University.","journal-title":"Carnegie Mellon University."},{"issue":"3","key":"e_1_3_3_114_2","first-page":"1","article-title":"Developing of cyber resilience system of the international trade facilitations: Specific reference Indonesia","volume":"9","author":"Putranti Ika Riswanti","year":"2015","unstructured":"Ika Riswanti Putranti. 2015. Developing of cyber resilience system of the international trade facilitations: Specific reference Indonesia. Indonesia National Resilience Institute 9, 3 (2015), 1\u201328.","journal-title":"Indonesia National Resilience Institute"},{"key":"e_1_3_3_115_2","doi-asserted-by":"publisher","DOI":"10.1109\/SmartGridComm47815.2020.9303004"},{"key":"e_1_3_3_116_2","volume-title":"Cyber Resilience in the Digital Age","year":"2017","unstructured":"Raddad Ayoub, Clinton M. Firth, and Mohamed Nayaz. 2017. Cyber Resilience in the Digital Age. Technical Report. EY."},{"key":"e_1_3_3_117_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cirpj.2021.09.008"},{"issue":"4","key":"e_1_3_3_118_2","first-page":"1607","article-title":"Threat modelling methodologies: A survey","volume":"26","author":"Rasool Ghulam","year":"2014","unstructured":"Ghulam Rasool, Sajid Iqbal, Shafiq Hussain, Asif Kamal, and Shabir Ahmad. 2014. Threat modelling methodologies: A survey. Science International (Lahore) 26, 4 (2014), 1607\u20131609.","journal-title":"Science International (Lahore)"},{"key":"e_1_3_3_119_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.rser.2015.12.193"},{"key":"e_1_3_3_120_2","article-title":"Resilient control systems practical metrics basis for defining mission impact","author":"Rieger Craig G.","year":"2014","unstructured":"Craig G. Rieger. 2014. Resilient control systems practical metrics basis for defining mission impact. In Proceedings of the 7th International Symposium on Resilient Control Systems (ISRCS\u201914).","journal-title":"Proceedings of the 7th International Symposium on Resilient Control Systems (ISRCS\u201914)."},{"key":"e_1_3_3_121_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-16486-1"},{"key":"e_1_3_3_122_2","article-title":"Measurement of Cyber Resilience from an Economic Perspective","author":"Rose A.","year":"2017","unstructured":"A. Rose, N. Miller, S. Chatterjee, and R. Brigantic. 2017. Measurement of Cyber Resilience from an Economic Perspective. University of Southern California.","journal-title":"University of Southern California."},{"key":"e_1_3_3_123_2","unstructured":"RSI Security. 2020. Cyber Security Resilience Framework: How to Get Started. Retrieved March 1 2024 from https:\/\/blog.rsisecurity.com\/cyber-security-resilience-framework-how-to-get-started\/"},{"key":"e_1_3_3_124_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3282182"},{"key":"e_1_3_3_125_2","article-title":"Trike v.1 methodology document","author":"Saitta Paul","year":"2005","unstructured":"Paul Saitta, Brenda Larcom, and Michael Eddington. 2005. Trike v.1 methodology document. Draft. OCTOTRIKE.","journal-title":"OCTOTRIKE."},{"key":"e_1_3_3_126_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101996"},{"key":"e_1_3_3_127_2","article-title":"Threat Modelling: A Summary of Available Methods","author":"Shevchenko Nataliya","year":"2018","unstructured":"Nataliya Shevchenko, Timothy A. Chick, Paige O. Riordan, Thomas Patrick Scanlon, and Carol Woody. 2018. Threat Modelling: A Summary of Available Methods. Carnegie Mellon University, Software Engineering Institute.","journal-title":"Carnegie Mellon University, Software Engineering Institute."},{"key":"e_1_3_3_128_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2023.3241552"},{"key":"e_1_3_3_129_2","doi-asserted-by":"publisher","DOI":"10.34190\/iccws.18.1.960"},{"key":"e_1_3_3_130_2","unstructured":"Stuart Rance. 2014. Cyber Resilience: Bridging the Business and Technology Divide. White Paper. AXELOS."},{"key":"e_1_3_3_131_2","doi-asserted-by":"publisher","DOI":"10.1365\/s43439-023-00087-w"},{"key":"e_1_3_3_132_2","doi-asserted-by":"publisher","DOI":"10.1109\/CCWC57344.2023.10099196"},{"key":"e_1_3_3_133_2","article-title":"Cyber resilience strategy and attribution in the context of international law","author":"Tehrani Pardis Moslemzadeh","year":"2019","unstructured":"Pardis Moslemzadeh Tehrani. 2019. Cyber resilience strategy and attribution in the context of international law. In Proceedings of the European Conference on Information Warfare and Security (ECCWS\u201919). 501\u2013507.","journal-title":"Proceedings of the European Conference on Information Warfare and Security (ECCWS\u201919)."},{"key":"e_1_3_3_134_2","first-page":"39","article-title":"Toolsmith Microsoft threat modeling tool 2014: Identify & mitigate","year":"2014","unstructured":"Russ McRee. 2014. Toolsmith Microsoft threat modeling tool 2014: Identify & mitigate. ISSA Journal 2014 (May 2014), 39\u201342.","journal-title":"ISSA Journal"},{"key":"e_1_3_3_135_2","doi-asserted-by":"publisher","DOI":"10.1080\/23738871.2016.1165716"},{"key":"e_1_3_3_136_2","unstructured":"Tobias Kiesling and Marcus Kreuzer. 2017. Recommendations to Strengthen the Cyber-Resilience of the Air Traffic System. Retrieved March 1 2024 from http:\/\/lb-campus.de\/images\/content\/ARIEL_Recommendations_v2.0.pdf"},{"key":"e_1_3_3_137_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-024-1123-2"},{"key":"e_1_3_3_138_2","doi-asserted-by":"publisher","DOI":"10.1002\/9781118988374"},{"key":"e_1_3_3_139_2","doi-asserted-by":"publisher","DOI":"10.1109\/DASC\/PiCom\/CBDCom\/Cy55231.2022.9928023"},{"key":"e_1_3_3_140_2","doi-asserted-by":"publisher","DOI":"10.22215\/timreview\/886"},{"key":"e_1_3_3_141_2","doi-asserted-by":"publisher","DOI":"10.5220\/0007764200002179"},{"key":"e_1_3_3_142_2","article-title":"Enhancing IT Systems Cyber Resilience through Threat Modeling: Cyber Security Analysis of Enterprise Systems and Connected Vehicles","author":"Xiong Wenjun","year":"2021","unstructured":"Wenjun Xiong. 2021. Enhancing IT Systems Cyber Resilience through Threat Modeling: Cyber Security Analysis of Enterprise Systems and Connected Vehicles. Ph.D. Thesis. KTH Royal Institute of Technology.","journal-title":"Ph.D. Thesis. KTH Royal Institute of Technology."},{"key":"e_1_3_3_143_2","article-title":"Is Cyber Resilience in Medical Practice Security Achievable?","author":"Williams Patricia","year":"2010","unstructured":"Patricia Williams. 2010. Is Cyber Resilience in Medical Practice Security Achievable? Edith Cowan University.","journal-title":"Edith Cowan University."},{"key":"e_1_3_3_144_2","article-title":"Small business\u2014A cyber resilience vulnerability","author":"Williams Patricia","year":"2010","unstructured":"Patricia Williams and Rachel J. Manheke. 2010. Small business\u2014A cyber resilience vulnerability. In Proceedings of the International Cyber Resilience Conference.","journal-title":"Proceedings of the International Cyber Resilience Conference."},{"key":"e_1_3_3_145_2","unstructured":"World Economic Forum. 2012. Partnering for Cyber Resilience. World Economic Forum."},{"key":"e_1_3_3_146_2","unstructured":"Xavier J. Merino Aguilera. 2017. Managed Containers for Increased Cyber-Resilience. Master\u2019s Thesis. Florida Institute of Technology."},{"key":"e_1_3_3_147_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2022.3191315"},{"key":"e_1_3_3_148_2","article-title":"A Review of cyber-physical security for photovoltaic systems","author":"Ye Jin","year":"2021","unstructured":"Jin Ye, Annarita Giani, Ahmed Elasser, Sudip K. Mazumder, Chris Farnell, Homer Alan Mantooth, Taesic Kim, Jianzhe Liu, Bo Chen, Gab-Su Seo, Wenzhan Song, Mateo D. Roig Greidanus, Subham Sahoo, Frede Blaabjerg, Jinan Zhang, Lulu Guo, Bohyun Ahn, Mohammad B. Shadmand, Nanditha R. Gajanur, and Mohammad A. Abbaszada. 2021. A Review of cyber-physical security for photovoltaic systems. IEEE Journal of Emerging and Selected Topics in Power Electronics. Published Online, September 10, 2021.","journal-title":"IEEE Journal of Emerging and Selected Topics in Power Electronics."},{"key":"e_1_3_3_149_2","doi-asserted-by":"crossref","unstructured":"Bo Zou Pooria Choobchian and Julie Rozenberg. 2020. Cyber Resilience of Autonomous Mobility Systems: Cyber Attacks and Resilience-Enhancing Strategies. Policy Research Working Papers. World Bank Group.","DOI":"10.1596\/1813-9450-9135"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3649218","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3649218","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:17:47Z","timestamp":1750295867000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3649218"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,26]]},"references-count":148,"journal-issue":{"issue":"8","published-print":{"date-parts":[[2024,8,31]]}},"alternative-id":["10.1145\/3649218"],"URL":"https:\/\/doi.org\/10.1145\/3649218","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,4,26]]},"assertion":[{"value":"2022-09-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-01-31","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-04-26","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}