Reconsidering Reconstitution

Resilience is largely described by the contributions of four system attributes: avoidance, robustness, recovery, and reconstitution. Three of these attributes seem largely intuitive: avoidance, robustness, and recovery. Avoidance is the probability that a threat will be avoided and there will be no impact upon mission capabilities. Robustness is the degree to which the system maintains its capabilities in the event that the threat is not avoided. And recovery is conventionally used in the space sector to describe methods of restoring capabilities through the quick replacement of a system component such as switching to a redundant unit on a satellite. Reconstitution tends to be used in a much more limited sense, such as describing “rapid reconstitution” of a larger system element such as a satellite to replace a lost spacecraft. This implies a larger effort taking more time than a recovery action. There is also some confusion due to a perceived overlap in the definitions of recovery and reconstitution and how they contribute independently to resilience. So how to provide some additional clarity?

Referring to the seminal DoD Fact Sheet from 2011, clear definitions of resilience, recovery, and reconstitution can be found. To recap, here is the relevant text below. My caveat is that I have intentionally interchanged the definitions of recovery and reconstitution to conform to industry standard use of the term recovery, but otherwise these terms are quoted from the fact sheet verbatim.

“Resilience is the ability of an architecture to support the functions necessary for mission success in spite of hostile action or adverse conditions. An architecture is “more resilient” if it can provide these functions with higher probability, shorter periods of reduced capability, and across a wider range of scenarios, conditions, and threats. Resilience may leverage cross-domain or alternative government, commercial, or international capabilities.”

• Recovery: plans and operations to replenish lost or diminished functions to an acceptable level for a particular mission, operation, or contingency

 • Reconstitution: program execution and space support operations to re-establish full operational capability and capacity for the full range of missions, operations, or contingencies

Of note is the differentiation between recovery resulting in restoration of functions for a particular mission, vs. reconstitution which is intended to restore “full operational capability.” This is an acknowledgment that a space system usually simultaneously supports multiple missions and delivers multiple mission capabilities. Recovery is, in that sense, more limited than reconstitution even though they both restore a certain amount of lost capability. This is not to imply that for certain special cases the two might not converge. For any single capability the resilience can be expressed mathematically by the equation:

R = 1 - (1 - RAV)(1 - RRO)(1 - RRV)(1 - RRC)

Where RAV, RRO, RRV, and RRC are each quantitative values for avoidance, robustness, recovery, and reconstitution, taking on values of 0 to 1 inclusive. From here it seems that the effect upon resilience for all four variable is symmetric, such that either recovery or reconstitution may have the same impact. Theoretically this is the case for certain scenarios, but in other scenarios it’s clear that recovery is more practically limited.

In particular a common question is: Based on the above definition, is there such a thing as partial reconstitution. To some it may appear as though the reconstitution value should either be 0 or 1, since reconstitution by definition involves fully restoring all remaining lost capability. And if the above equation is taken at face value that may be a reasonable conclusion. However, in fact these variables describe the time domain capability response of the system to the threat, and time is an inherent factor in the definition of resilience: “shorter periods of reduced capability.” So restoring a capability sooner is more resilient than delivering it later. Figure 1 shows an example of such a response, normalized for both capability value and tactically relevant timeline. The relative contribution to resilience of each attribute is highlighted.

Since the reconstituted capability is not restored immediately its value (RRC) must be less than 1 even though all capability is eventually restored. In fact in this example the value can be calculated to be 0.681, which means that approximately 68% of the remaining lost capability, following recovery, has been reconstituted. Note that some of it was not, in fact, available for reconstitution at t = 0.3 because it some of what has been lost is now in the past. This is one interpretation of “partial reconstitution.”

There is another interpretation when multiple capabilities across multiple missions are considered. This case is illustrated in Figure 2 in which two separate capabilities (C1, C2) are shown on a single graph, delivered by the same system. Recovery provides some improvement for both capabilities at t = 0.1, and then both are fully restored through reconstitution at t = 0.3. In this example the two reconstitution values are 0.681 (as before) and 0.636. However, if reconstitution efforts were to only provide restoration to one of the two capabilities then this could also result in a “partial reconstitution” now across both time and capability spaces, meaning that there are two contributors. This is much more likely in practice as shared systems are becoming more prevalent as network convergence extends to the space layer.

To summarize, reconstitution is a useful means of increasing resilience if available. It is distinct from recovery in the scope of its effects (for most cases), providing a broader remedy to multiple missions and capabilities. And like avoidance, robustness, and recovery, its effectiveness is not binary, it can provide intermediate or partial restoration and this can be accommodated mathematically when modeling resilience.