Availability

Availability focuses on keeping services usable for legitimate users. It is supported by redundancy, capacity planning, incident response, and protections against denial-of-service attacks.

The property of being accessible and usable upon demand.

In cybersecurity, applies to assets such as information or information systems.

The property of a system or a system resource being accessible, or usable or operational upon demand, by an authorized system entity, according to performance specifications for the system; i.e., a system is available if it provides services according to the system design whenever users request them. (See: critical, denial of service. Compare: precedence, reliability, survivability.)

"The property of being accessible and usable upon demand by an authorized entity." [I7498-2]

"Timely, reliable access to data and information services for authorized users." [C4009]

Deprecated Definition: IDOCs SHOULD NOT use the term with definition 3; the definition mixes "availability" with "reliability", which is a different property. (See: reliability.)

Tutorial: Availability requirements can be specified by quantitative metrics, but sometimes are stated qualitatively, such as in the following:

• "Flexible tolerance for delay" may mean that brief system outages do not endanger mission accomplishment, but extended outages may endanger the mission.
• "Minimum tolerance for delay" may mean that mission accomplishment requires the system to provide requested services in a short time.