A Cyber Resilience Analysis Case Study of an Industrial Operational Technology Environment

Kirsty Perrett, Ian Wilson*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

5 Downloads (Pure)


Cyber resilience is an active research area offering a novel approach to Cyber Security. The term appeared due to the concerning number of cyber-attacks on critical infrastructure. The National Institute of Standards and Technology (NIST) developed a framework to assist organisations with techniques and approaches to improving cyber resilience. However, there is a sparsity of case studies that speak to the adoption or measurement of these novel approaches within a complex industrial control environment. This paper presents a case study analysis of a manufacturing plant assessment drawing on key themes from the NIST literature.

The paper presents how well NIST constructs can be adopted to find cyber resilient enhancement opportunities and to decide if an evaluation of the results could supply a quantitative baseline measure of an organisation’s overall resilience. Conclusions drawn show that although the framework did partially aid with the analysis process, the frameworks ease of adoption assumes an organisation has a conventional cyber security foundation; NIST should make this clear within their guidance. Furthermore, the accompanying evaluation process was not sufficient to quantitatively measure the overall cyber resilience maturity for this case study.
Original languageEnglish
Article number09895
Pages (from-to)178-190
Number of pages13
JournalEnvironment Systems and Decisions
Issue number2
Early online date31 Jan 2023
Publication statusPublished - Jun 2023


  • Cyber Resilience
  • NIST
  • Case Study
  • industrial control system (ICS)
  • Operational Technology
  • Critical Infrastructure


Dive into the research topics of 'A Cyber Resilience Analysis Case Study of an Industrial Operational Technology Environment'. Together they form a unique fingerprint.

Cite this