Abstract
The advancement of cyber resilience requires a preliminary stage of characterizing the trade-off space of mitigation options and how these might affect the stability and determinism of an operational technology (OT). This first step will set the stage for the proper cyber-secure and cyber-resilient design and confirm the affects that can be considered and approved by the OT and the security groups. To provide a baseline for this discussion, this paper provides a consideration of the cyber-physical interactions, possible mitigation steps against certain attacks and their corresponding affects that lend to the security design planning and evaluation process. As an integral part of the proposed scheme this work introduces the concept of system-wide fuzzer, i.e., a tool that manipulates the system state in an effort to determine mitigation response sequences that minimize detriments and maximize benefit in accordance with specified operational requirements.