power, and critical systems are plugged into the UPS system. If power
               fails, the battery backup will provide continuous power to the systems

               for a short period of time. Line-interactive UPS are becoming popular,
               and they provide additional services beyond a basic UPS. They include
               a variable-voltage transformer that can adjust to the overvoltage and
               undervoltage events without draining the battery. When power is lost,
               the battery will provide power to the system for a short period of time.

               Generators provide power to systems during long-term power outages.

               The length of time that a generator will provide power is dependent on
               the fuel, and it’s possible for a site to stay on generator power as long
               as it has fuel and the generator remains functional. In the lengthy
               aftermath of Hurricane Irma in Puerto Rico in 2017, generators were
               called on to operate for extended periods and began to fail after weeks
               and months of continuous operation.

               Generators also require a steady fuel supply—they commonly use

               diesel fuel, natural gas, or propane. In addition to making sure that
               you have sufficient fuel on hand, you should also take steps to ensure
               that you can be delivered fuel on a regular basis in the event of an
               extended emergency. Remember, if the disaster is widespread, there
               will be significant demand for a limited fuel supply. If you have
               contracts in place with suppliers, you’re much more likely to receive
               fuel in a timely manner.



               Trusted Recovery

               Trusted recovery provides assurances that after a failure or crash, the
               system is just as secure as it was before the failure or crash occurred.
               Depending on the failure, the recovery may be automated or require
               manual intervention by an administrator. However, in either case
               systems can be designed to ensure that they support trusted recovery.


               Systems can be designed so that they fail in a fail-secure state or a fail-
               open state. A fail-secure system will default to a secure state in the
               event of a failure, blocking all access. A fail-open system will fail in an
               open state, granting all access. The choice is dependent on whether
               security or availability is more important after a failure.

               For example, firewalls provide a significant amount of security by