Control SafetyTraining

An individual user role within the socio-technical system that uses and/or manages assets.

The IoT controller device Controller can be set to operate within safety limits such that it poses no danger to the physical system it regulates, even without real-time control inputs. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it may trigger other threats, or produce some loss of efficiency or function in the physical system.

The IoT controller device Controller has been set to operate within safety limits in response to an interruption in real-time control inputs, such that it poses no danger to the physical system it regulates. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user HostManager who is responsible for managing the device. The Safe IoT Controller control shoud be deselected only when the restrictions on Controller have been lifted.

The IoT controller device Controller can be disabled if it becomes unreliable, to prevent it causing problems in the physical environment where it operates. This strategy represents a contingency plan, which can be used to reduce risk from some threats. However, it will trigger threats representing the resulting loss of availability.

The IoT controller device Controller has been disabled when it becomes unreliable, to prevent it causing problems in the physical environment where it operates. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, signal user HostManager who is responsible for managing the device. The Disabled Host control should be deselected only when the host has been restarted.