Page 130 of 139           Clédel et al. J Surveill Secur Saf 2020;1:119­39  I http://dx.doi.org/10.20517/jsss.2020.08


               enablingresiliencefactorssuchasdetectionandemergencyresponse. Thesepotentialsarerepresentedbyfuzzy
               attributes and are given a value defined within [0, 1]. Uncertainties’ attributes, such as the relative importance
               of resilience potentials for a specific process, are also considered and are given a similar value. Then, values
               assigned to all these fuzzy attributes, resilience potentials, and uncertainties are combined using membership
               functions to produce an estimation of the system resilience .

               Azadeh et al. [50]  used nine resilient factors/potentials contributing to a complex system resilience. While six
               of them were described [18]  and used by Shirali et al. in a semi-quantitative metric [43] , the authors added
               three factors: teamwork, redundancy, and fault-tolerance. Because these nine factors depend on each other,
               fuzzy cognitive maps are used to represent their interconnections and evaluate their contribution to system
               resilience. Following Aleksic  et al. [49] , membership functions are associated with each factor in order to
               evaluate the system resilience.

               Clédel etal. [51]  provided a framework tocompare the resilience potential of different systems or configurations
               of the same system. The described model and metric cannot be used to determine if a system is resilient to
               a specific threat but it is used to determine if a system has more resilience potential than another one. A sys-
               tem is represented as a network of components. Components are service users of their previous components
               in the network and service providers of their next components. Services are represented through a partially
               ordered set of attributes, called data dimensions. Components inputs are fuzzy values associated with some
               dimensions. A value assigned to a dimension corresponds to the likelihood of this dimension to be exter-
               nally consistent [52,53] . The article shows how these fuzzy values can be aggregated and manipulated so that
               components output fuzzy values associated with a set of data dimensions. Resilience is evaluated as follows:
               some nodes are the system client and their input values are fuzzy values for some expected dimensions. These
               expected dimensions correspond to services expected to be provided by the system, and their corresponding
               values are the likelihood for these services to be provided.

               4.4. Frameworks
               Some articles do not provide metrics or methods to evaluate the current resilience of a system. In place, they
               proposemethodologies,guidelines,andgoodpracticesthataretobefollowedtodesign,maintain,andenhance
               the resilience of a system.

               A framework for resilience, based on PAR risk assessment model [54]  was proposed by Arghandeh et al. [25] .
               They claimed that, contrary to a risk assessment framework, the temporal dimension of disturbances and re-
               sponse time of remedies are to be considered in a resilience framework. Moreover, probabilities of occurrence
               of disturbance are not crucial except if the system has not yet recovered from a previous disturbance. A re-
               silient system life cycle consists in three steps: (1) system identification, which is the establishment of network
               topology, physical characteristics, system behaviors, etc. (2) vulnerability analysis, which is basically an ongo-
               ing risk analysis taking into consideration the temporal aspect of the disruptions; and (3) resilience operations,
               which define new settings to improve recovery and absorbing potentials of the system. Once these changes
               have been made, a new identification phase begins.

               Linkov et al. [55,56]  provided a 4 × 4 matrix of resilience metrics. Each cell of the matrix corresponds to one of
               the four stages of event management cycle and one of the four system domains. Domains are different system
               layers: physical, information, cognitive, and social, and the stages correspond to one pre-event phase (Prepare)
               and three event handling phases (Absorb, Recover, and Adapt). Instead of providing a metric for resilience, the
               authors proposed to use cells of thematrix as guidelines to build metrics that, oncecombined, allow measuring
               the overall system resilience.