10. Create and test business continuity and recovery plans

During an event, different IoT systems could behave in different ways. Before those events occur, you must define parameters relevant to your use case (should a system fail open or fail shut, does the system attempt recovery automatically or require human intervention, do you need to enable or disable manual controls) and then test those rigorously. Again, use the risk assessment and criticality assignments performed early in this process to ensure you apply the right amount of scrutiny and resources to this phase. Don’t forget about defining when to return to the baseline state in your recovery plans.

Define important parameters (such as overall availability) for your stakeholders.
Define the resilience requirements for the system and analyze failure modes to ensure adherence.
Test recovery plans periodically and adapt them according to lessons learned from tests and actual security incidents.
Perform threat and risk assessment of supporting IT systems and develop written procedures on how to return to the normal, well-defined, state of operation tailored to the assessment’s results.
Include third-party aspects (such as network communications, software, and support).
Use resiliency features at the edge to support data resiliency and backup needs.
Use cloud services for backup and business continuity.

Supporting AWS resources

AWS provides the following assets and services to help you create and test business continuity and recovery plans:

AWS IoT Lens for AWS Well-Architected Framework – A document that covers commonly encountered IoT use cases and identified key solution elements to ensure that your workload architecture uses established best practices.
Resilience in AWS IoT Greengrass
Backup and Restore Use Cases with AWS
CloudEndure Disaster Recovery
AWS Backup

These general best practices apply across all IoT deployments, but as mentioned previously, different industries will have different threat and risk models. In the next section we will dive into examples across these industries and demonstrate prescriptive approaches that are more targeted.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Create incident response playbooks, and build automation

Augmenting security practices for industrial control systems, operational technology, and industrial IoT