Clédel et al. J Surveill Secur Saf 2020;1:119­39  I http://dx.doi.org/10.20517/jsss.2020.08  Page 123 of 139


               Another similar definition was given by Haimes [28]  as resilience is “the ability of a system to withstand a major
               disruption within acceptable degradation parameters and to recover within an acceptable time and composite
               costs and risks”. Compared to the previously described definitions, Haimes pointed at the need to estimate the
               cost of the recovery process.


                                                                     [2]
               Another definition of resilience was considered by Mauthe et al. . This definition is applied to communica-
               tion networks: “Resilience of a communication network is its ability to maintain the same level of functionality
               in the face of internal changes and external disturbances as a result of large-scale natural disasters and corre-
               sponding failures, weather-based disruptions, technology-related disasters, and malicious human activities.”

               However, some definitions do not consider the amplitude of disruptions. Dinh et al. [29]  defined resilience as
               “the ability to recover as soon as possible after an unexpected situation”. The authors nevertheless pointed out
               the need to minimize disruptions consequences but only with a view of faster recovery.

                       [3]
               Hollnagel defined resilience as “the ability of a system or an organization to react to and recover from distur-
               bances at an early stage, with minimal effect on the dynamic stability.” Hale and Heijer’s definition describes
               resilience as “the characteristic of managing the organisation’s activities to anticipate and circumvent threats
               to its existence and primary goals” [30] . Resilience is also “the ability of systems to prevent or adapt to changing
               conditions in order to maintain (control over) a system property” [31] . On the other hand, Sundström and
               Hollnagel described resilience as “an organizations ability to adjust successfully to the compounded impact of
               internal and external events over a significant time period” [32] . Another definition from Wreathall describes
               resilience as “the ability of an organization (system) to keep, or recover quickly to, a stable state, allowing it to
               continue operations during and after a major mishap or in the presence of continuous significant stresses” [18] .


               2.4 Other definitions
               Recent work suggests looking at resilience with a different perspective. Thompson [33]  considered a system
               as a set of resources for which particular states are expected, such as ensuring personal safety, preserving
               confidentiality of a database, etc. Security is the system capacity to maintain expected states of resources.
               However, security breaches can occur and resilience is defined as “the maintenance of a nominated state of
               security”. This resilience is achieved by detecting, containing, and resolving a security breach. While many
               approaches only consider resilience of accidental faults, this one seems to focus only on attacks. We provide a
               classification of resilience definitions in Table 1



               3. DESCRIPTION OF RESILIENT SYSTEMS
               It is commonly accepted that resilience of a system is supported by three system capacities. These capacities
               were first described in 1973 [11] . Holling compared the resilience of a population with a game “in which the
               only payoff is to stay in the game”. Thus, a resilient population has “a high capability of absorbing periodic
               extremes of fluctuation”, maintains “flexibility above all else”, and can “restore its ability to respond to subse-
               quent unpredictable environmental changes”. They are known as absorbability, adaptability, and restorability
               and are considered so central to the notion of resilience that they are frequently used to define resilience [15,34] ..

               3.1. Absorbability
               This capacity is “the degree to which a system can automatically absorb the impacts of systems perturba-
               tions and minimize consequences with little effort” [26] . Considering power systems, Arghandeh et al. [25]
               explained that the absorbing potential of a system “depends on the components” design characteristics, the
               system topology, the control philosophy, and the protection coordination”. Indeed, features such as robust-
               ness, redundancy, diversity, and defense in-depth enhance the absorbability of a system and provide higher
               survivability [20] . This capacity is sometimes designed as buffering capacities [35]  and corresponds to the maxi-