Researchers involved directly with the security of information-processing systems know that many such systems do not have the levels of integrity and sustainability that are much more prevalent for safety-critical systems. Safety-critical systems, many of which are industrial process control systems, are generally built and tested to much higher standards for handling system failure or aberrant behavior than is typical for even mission-critical information-processing systems. There is a long history of stringent standards for creating, running and sustaining safety-critical systems, particularly avionics, military systems, and the like. For example, international standard DO-178B, which was developed specifically for avionics but has been adopted by other fields, is acknowledged by the Federal Aviation Administration (FAA) and European Aviation Safety Agency (EASA) as a certification standard for avionics software. Also, NIST's Special Publication 800-82 “Guide to Industrial Control Systems (ICS) Security” provides guidance as to securing “Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC).” In the U.S. government, the Federal Information Security Management Act of 2002 (FISMA) defines security objectives for information and information systems according to the traditional triad of confidentiality, integrity and availability. FISMA defines three levels of potential impact - low, moderate, high - on organizations or individuals were a security breach to occur. Many private-sector organizations do in fact categorize information processing systems according to business criticality. Certain key sectors, such as financial services, are obliged to classify systems as critical in order to comply with legal and regulatory requirements. For key critical operations, systems must incorporate sufficient resiliency so as to mitigate the risk of failure. ...