Restoration Dependency Analyzer (NIST RC.RP)
Get Started with This SkillOverview
Draft and validate System Restoration Sequence & Integrity Verification plans aligned with NIST CSF 2.0 RC.RP. Ensures restoration order respects service dependencies (e.g. database before application server) and that backup verification and security integrity checks are explicit before go-live. One extension tool, clean_backup_protocol_audit, runs on the restoration plan document and fails when the plan assumes “restore from backup” without an explicit step to verify the backup was not corrupted or encrypted by an attacker.
Example Conversation
You: We’re drafting a restoration runbook for our multi-tier app. We restore the database from last night’s backup, then bring up the app servers. Can you draft the sequence and run your validations?
Agent: I’ll draft the restoration sequence with a service map (network → DB → app servers) and run clean_backup_protocol_audit on the draft. If the plan mentions restoring from backup, the audit will require an explicit backup verification step (NIST RC.RP).
Agent: I’ve written the runbook in
restoration-runbook.md. Running clean_backup_protocol_audit…
Agent: Result of clean_backup_protocol_audit:
=== CLEAN BACKUP PROTOCOL AUDIT === Result: FAIL Document: restoration-runbook.md Plan mentions restoring from backup (e.g. last night, backup copy). No explicit backup verification or integrity-check step found. FAIL: Plan assumes restore from backup but does not include a step to verify the backup itself was not corrupted or encrypted by an attacker. Add a Security Integrity Verification step before restore (NIST CSF 2.0 RC.RP).
I’ll add a step before the database restore: “Verify backup integrity (checksum / integrity check; confirm backup was not corrupted or encrypted by attacker).” Then I’ll re-run the audit.
Agent: Re-running clean_backup_protocol_audit…
=== CLEAN BACKUP PROTOCOL AUDIT === Result: PASS Plan mentions restoring from backup. Backup integrity / verification step found. Protocol is acceptable: backup verification is documented.
The runbook now passes. I’ve also added a pre-go-live step: security integrity verification (e.g. malware scan) before returning traffic to the restored system.
Output Excerpt
After the agent drafts the restoration plan and resolves any audit failures, the document typically includes a service map, ordered steps with dependencies, backup verification, and a pre-go-live integrity check. Excerpt:
# System Restoration Sequence — Multi-tier application (NIST RC.RP)
## Service map and dependency order
1. Core network / DNS
2. IAM / directory (depends: network)
3. Primary database (depends: network, IAM)
4. Application servers (depends: network, IAM, database)
5. API gateway / load balancer (depends: app servers)
Restoration steps must follow this order; database is restored before application servers.
## Restoration sequence
1. **Restore core network and DNS** — Bring up network and DNS so dependent systems can resolve and connect.
2. **Verify backup integrity** — Before restoring from backup: run checksum or integrity check on the database backup; confirm the backup was not corrupted or encrypted by an attacker. Do not proceed to restore until verification passes. (Security Integrity Verification — NIST RC.RP.)
3. **Restore database from last known good backup** — Restore primary database from the verified backup. Start replication if applicable.
4. **Restore application servers** — Start app tier; confirm connectivity to database and IAM.
5. **Security integrity verification (pre-go-live)** — Scan restored systems for persistent malware, backdoors, or unexpected changes (e.g. file integrity, malware scan). Do not return production traffic until this step passes.
6. **Restore API gateway and resume traffic** — Bring gateway online and restore user traffic.
Running clean_backup_protocol_audit on this document would pass: the plan mentions restoring from backup and includes an explicit backup verification step before the restore.
Extension Tool and Validations
The skill includes one validation tool that runs on the restoration plan document (Markdown or text).
clean_backup_protocol_audit — Run on the restoration plan draft before finalizing. Ensures that any “restore from backup” assumption is preceded by a documented backup verification step (NIST CSF 2.0 RC.RP).
What it checks:
- Restore-from-backup detection — The tool looks for phrases such as: “restore from last night”, “restore from backup”, “recover from backup”, “restore the database from backup”, “use last night’s backup”, “restore from last known good”. If none are found, the audit passes (no backup restore assumed).
- Backup verification detection — If restore-from-backup is present, the tool looks for an explicit backup integrity or verification step. It accepts phrases such as: “verify the backup”, “backup integrity”, “verify backup was not corrupted/encrypted”, “backup integrity verification”, “checksum verification of backup”, “validate backup before restore”, “pre-restore verification”, “security integrity verification”, “backup not corrupted/encrypted by attacker”, “integrity check of backup”, “corruption/encryption check on backup”.
- Result — PASS when either (1) the plan does not mention restoring from backup, or (2) it mentions restore-from-backup and also includes at least one backup verification phrase. FAIL when the plan mentions restore-from-backup but has no backup verification step — with a message to add a Security Integrity Verification step before restore.
Run this tool after drafting the restoration sequence and before finalizing the runbook. Resolve FAIL by adding a clear step that verifies the backup (e.g. checksum, integrity check, confirm not corrupted or encrypted by attacker) before any restore-from-backup step.
Getting Started
Add your source materials to the project workspace, then activate the Restoration Dependency Analyzer (NIST RC.RP) skill. The agent will guide you through the service map, restoration sequence, integrity steps, and audit. Run clean_backup_protocol_audit on the plan document and fix any FAIL before finalizing.