Identification of Minimal Unacceptable Combinations of Simultaneous Component Failures in Information Systems

Large-scale disasters may cause simultaneous failures of many components in information systems. In the design for disaster recovery, operational procedures to recover from simultaneous component failures need to be determined so as to satisfy the time-to-recovery objective within the limited budget. For this purpose, it is beneficial to identify the minimal unacceptable combination of component failures which violates the requirements for time-to-recovery or the required cost. The identified combination allows us to know the limitation of the recovery capability of the designed recovery operation procedure. In this paper, we propose a technique to identify the minimal unacceptable combination of component failures by predicting the required time and cost for recovery from each combination of component failures. We synthesize analytic models from the description of recovery operation procedure in the form of SysML Activity Diagram, and solve the models to predict the time-to-recovery and the cost. The feasibility of the proposed technique is evaluated in an example of recovery operation procedures for a commercial database management system.