Control SafeControlSetting

A Thing that is able to affect aspects of the physical environment in ways defined by data sent to it. A Controller has no console allowing login, but it may have an interface allowing some interaction with a human user.

The IoT controller device Controller can be set to operate within safety limits such that it poses no danger to the physical system it regulates, even without real-time control inputs. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it may trigger other threats, or produce some loss of efficiency or function in the physical system.

The IoT controller device Controller has been set to operate within safety limits in response to an interruption in real-time control inputs, such that it poses no danger to the physical system it regulates. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user HostManager who is responsible for managing the device. The Safe IoT Controller control shoud be deselected only when the restrictions on Controller have been lifted.