Concerns for the resilience of Cyber-Physical Systems (CPS) in critical infrastructure are growing. CPS integrate sensing, computation, control and networking into physical objects and mission-critical services, connecting traditional infrastructure to internet technologies. While this integration increases service efficiency, it has to face the possibility of new threats posed by the new functionalities. This leads to cyber-threats, such as denial-of-service, modification of data, information leakage, spreading of malware, and many others. Cyber-resilience refers to the ability of a CPS to prepare, absorb, recover, and adapt to the adverse effects associated with cyber-threats, e.g., physical degradation of the CPS performance resulting from a cyber-attack. Cyber-resilience aims at ensuring CPS survival, by keeping the core functionalities of the CPS in case of extreme events. The literature on cyber-resilience is rapidly increasing, leading to a broad variety of research works addressing this new topic. In this article, we create a systematization of knowledge about existing scientific efforts of making CPS cyber-resilient. We systematically survey recent literature addressing cyber-resilience with a focus on techniques that may be used on CPS. We first provide preliminaries and background on CPS and threats, and subsequently survey state-of-the-art approaches that have been proposed by recent research work applicable to CPS. In particular, we aim at differentiating research work from traditional risk management approaches, based on the general acceptance that it is unfeasible to prevent and mitigate all possible risks threatening a CPS. We also discuss questions and research challenges, with a focus on the practical aspects of cyber-resilience, such as the use of metrics and evaluation methods, as well as testing and validation environments.

翻译：关键基础设施中信息物理系统的弹性问题日益受到关注。信息物理系统将感知、计算、控制与网络融入物理对象及关键任务服务，使传统基础设施与互联网技术相连接。虽然这种集成提升了服务效率，但也必须面对新功能带来的潜在威胁。由此引发网络威胁，例如拒绝服务、数据篡改、信息泄露、恶意软件传播等。网络弹性指的是信息物理系统在面对网络威胁（如网络攻击导致系统性能物理退化）时进行准备、吸收、恢复并适应不良影响的能力。网络弹性的目标是通过在极端事件中维持信息物理系统的核心功能来确保其生存。关于网络弹性的文献迅速增长，催生了大量针对这一新兴课题的研究工作。本文对现有实现信息物理系统网络弹性的科学成果进行了系统化知识梳理。我们系统性地调研了近期聚焦于网络弹性且可能应用于信息物理系统的技术文献。首先阐述信息物理系统及其威胁的相关基础与背景，随后综述近期研究提出的适用于信息物理系统的最新方法。特别地，我们旨在将相关研究与传统风险管理方法区分开来，其依据在于普遍认同"预防并缓解所有可能威胁信息物理系统的风险是不现实的"这一观点。我们还讨论了相关问题与研究挑战，重点关注网络弹性的实践层面，例如指标与评估方法的使用，以及测试与验证环境。