PSI - Issue 22

Jerzy STANIK et al. / Procedia Structural Integrity 22 (2019) 322–333 "Author name" / Structural Integrity Procedia 00 (2019) 000 – 000

326

5

Control system for IT usability properties

Risk management system

Deciding entity

A set of control decisions

Controlling

properties

DECISION

utility

RISK

Controlling system

potentials

(Resources)

Information on the level of IT usability

Information about system states

IT

System A IT

System 1

Collection threats

Systems supporting IT

they own

Systems

basic IT

they protect against

use

they own

A set of IT usable features: Reliability, Security, Business continuity, functionality, Efficiency, Complexity

System N IT

System K

Collection vulnerability of IT systems and security

Collection security

they own

Fig. 1. IT illustration from the point of view of controlling its usefulness features. Source: Own study.

This figure emphasizes two important basic elements:  the system for controlling the IT usefulness properties,  the basic elements of the engineering infrastructure from the point of view of maintaining the required usefulness and risk management. Maintaining an acceptable level of risk in relation to individual IT usefulness features also requires the existence of appropriate mechanisms, e.g.: automatic airworthiness control (SAK) systems, properly prepared IT systems (SI), enabling determination of real and hypothetical potentials that individual IT systems have in relation to particular IT usefulness features, namely:  the potential of real infrastructure losses reflecting the quantitative (operational) level of effects resulting from the loss of usefulness feature for all IT or a specific subset of basic systems,  potential of real (actual) hazards Ζ , interacting on IT or its systems in relation to the u-th usefulness feature,  the potential of the real capabilities of the safeguard system , constituting a protective shield of IT or its basic systems in relation to the u-th usefulness feature,  potential weaknesses of the vulnerability system, understood as the potential of actual ∆ IT vulnerabilities detected by the implemented solutions both in the safeguard system and in the basic IT systems, in relation to the u-th feature of usefulness.