Liubomyr S. Sikora,Nataliia K. Lysa,Yevhen I. Tsikalo,Olga Yu. Fedevych

DOI: https://doi.org/10.13052/jcsm2245-1439.123.7

2023-05-18

Journal of Cyber Security and Mobility

Abstract:The complication of technological processes due to the modernization of complex technological processes aggregates with a distributed spatial infrastructure requires the use of new control systems and computer and information network technologies. Accordingly, this poses the problem of revising the basic concepts of information-measuring systems building, developing software and hardware for the implementation of the target management process. This requires development of new approaches to presentation, processing, and display of data about the aggregates state of energy-active objects and the entire information structure. For management under threat conditions, it is necessary to take into account the features of the information infrastructure, data selection and processing methods, methods and algorithms for classifying the situation, which are formed from blocks of data obtained from each unit and the technological process as a whole. Information about the current state of system and infrastructure is necessary for the formation, adoption and implementation of management decisions which is the basis for coordination strategies synthesis. Appropriate target orientation, reasonable indicators of real process trajectories divergence from the target state determine the probability of object attack. Knowledge and decision-making procedures for the coordination of managerial actions is based on the strategic target orientation of the structure, their professionalism and the level of intellectual, cognitive and scientific training which is the basis for correct situation interpretation of countermeasures against threats formation. In the event of active threats complex on man-made systems in a certain region (resource, cognitive, system, information) and natural disasters or military operations, the threats lead to active destruction or failure of the production process. In order to functionally withstand related production structures, when loyal to the industrial relations concept, they need to integrate at the strategic management level on common goal basis to reduce risks. If necessary, to increase sustainability, they can be integrated at operational management level using interconnections at the production and resource levels. To do this, it is necessary to develop a strategic and goal-oriented management system behaviour line, which requires informational and intelligent data processing at the highest level using cognitive creative methods. For each level of the infrastructure hierarchy, oriented towards strategic goals in the global infrastructure dynamic environment, methods of assessing the situation to detect failures and the actions of attacks have been developed, based on which countermeasures are formed depending on the type of threats.

Yu.S. Tverskoy,I.A. Kolesov,A.V. Golubev,I.K. Muravyov,J.A. Gaidina,,,,,

DOI: https://doi.org/10.17588/2072-2672.2022.3.045-056

2022-06-30

Vestnik IGEU

Abstract:Modern production machinery is equipped with multifunctional automated process control systems (APCS) based on software and hardware complexes (SHC) of a network hierarchical structure. The experience of designing and operating multifunctional process control systems proves that the efficiency of the systems being developed significantly depends on the array of problems at different stages of the technology design and system modernization. It is to be developed, both at the fundamental level of local automatic control systems and at a higher level of hierarchical system structure. At the same time, special attention is paid to the software failure, which is fixed, as a rule, by periodically updating all the content. For process control systems, such an approach under the operation conditions of power equipment is unacceptable. In this regard, the effectivity problems of complex systems are to be classified in terms of technological process factors, the theory of automatic control and instrumental factors associated with the proper software implementation. As a theoretical basis to solve the problem of information sufficiency and synthesis of structurally stable systems, the methods of potentials and coordinates of the thermodynamics of irreversible processes are used. The testing method is applied as a tool to analyze and diagnose software and hardware tools. The authors have defined three groups of factors: system, controller and local. The task to analyze the conformity of information and algorithmic support means to expert and verify the absence of defects in the software of a multifunctional system and the fulfillment of the declared requirements. The automated testing system is a unified environment to analyze the execution of test scenarios. It provides continuous validation and verification of the information and algorithmic support of the SHC. In particular, a methodology has been developed to carry out resource tests of the software and hardware complex and checking the operation of the mechanisms for backing up, synchronizing, and replacing its components by simulating failures in the processor modules, hardware and software components. A set of methodological factors has been defined to develop advanced software and hardware systems for process control systems. It significantly affects the adequacy of the information and algorithmic support of a complex system. A technology of automated testing of software and hardware tools of the SHC has been developed. Methods to solve interdisciplinary problems are generalized. The authors recommend solving the problems at the earlier stages of a complex system design. The proposed technology to develop and diagnose automatically software and hardware of the SHC by implementing a single environment to study, compare and detect the defects of the SHC software throughout the entire life cycle of the process control system allows you to identify and eliminate the mutual negative influence of the SHC components both at the development stage and at the stage of the subsequent system organization, including solving the problem of information security at the stage of system installation and operation. The developed approach to solve complex interdisciplinary problems that require solution at the early stages of designing complex systems makes it possible to avoid fundamentally erroneous decisions and increase the competitiveness of the SHC as a systemically important APCS complex at the time of installation.

Ю.В. Корыпаева,Н.А. Алейникова,Н.Е. Красова

DOI: https://doi.org/10.26102/2310-6018/2020.28.1.009

2020-02-02

Abstract:Рассматривается задача дублирования ответственного узла радиотехнического устройства несколькими резервными блоками в случае возможности короткого замыкания или другой потенциальной опасности внезапного отключения устройства. Для исследования подобных ситуаций при моделировании возможного внезапного выхода агрегата из строя вводится малый положительный параметр в знаменателях интенсивностей отказов основного устройства и дублирующих блоков. В связи с этим система уравнений Колмогорова для рассматриваемого случая будет являться сингулярно возмущенной. Для полученной модели найдены основные характеристики надежности устройства: вероятность потери работоспособности, математическое ожидание времени выхода из строя последнего дублирующего блока, дисперсия и опасность отказа агрегата. Аналогичные характеристики найдены для соответствующей задачи без резервирования. На основании сравнительного анализа полученных результатов для характеристик надежности основной задачи и их сравнения с результатами для системы без резервирования выявлен ряд особенностей и сделаны выводы о целесообразности резервирования в рассматриваемом случае. Для конкретных значений числа дублирующих блоков, интенсивностей отказов и малого параметра приведена таблица результатов для математического ожидания времени выхода из строя последнего устройства и сделаны выводы. The problem of duplicating the responsible node of a radio engineering device with several backup units in the event of a short circuit or other potential danger of sudden disconnection of the device is considered. To study such situations, when modeling a possible sudden failure of the unit, a small positive parameter is introduced in the denominators of the failure rates of the main device and backup units. In this regard, the system of Kolmogorov equations for the considered case will be singularly perturbed. For the received model key features device reliability: the probability of loss of function of the expected time of failure of the last overlapping block variance and the risk of failure of the unit. Similar characteristics are found for the corresponding problem without reservation. On the basis of a comparative analysis of the results obtained for the reliability characteristics of the main task and their comparison with the results for the system without redundancy, a number of features are identified and conclusions are made about the feasibility of redundancy in this case. For specific values of the number of duplicate blocks, failure rates and small parameter, a table of results for the mathematical expectation of the time of failure of the last device is given and conclusions are made.

Vladislav Voevodin

DOI: https://doi.org/10.24143/2072-9502-2022-2-66-75

2022-04-29

Abstract:Methods of mathematical statistics and probability theory are deeply studied and can be successfully used as a means of assessing the stability of the functioning of informatization objects (OI) in the normal conditions of its application. The standard conditions allow us to obtain representative descriptive statistics, evaluate the corresponding probabilistic characteristics and apply the methods of probability theory. Ensuring the reliability of the functioning of OI in normal conditions is provided by effective operational cover. However, for massive computer attacks (MCA), the dynamics of OI behavior and the development of the situation are unpredictable, and the events themselves are rare, which does not allow the above methods to be correctly applied. The significance and novelty of the study lies in the positive assessment of the applicability of the Monte Carlo method for assessing the survivability of the restored OI, which is subject to MCA and has temporary redundancy (recoverability). Assessing OI survivability is considered from the point of view of the need to implement a methodology for ensuring the risks of information security associated with MCA. The statement of the problem, the modeling algorithm, and solution examples are given, on the basis of which it is possible to recommend the Monte Carlo method for solving the set problem. The enlarged stages of the statistical modeling procedure are given, the solution of the actual problem of assessing OI stability for MCA conditions is described. The obtained partial conclusions may be of interest for planning further scientific research in the direction of improving the processes of decision making to ensure the sustainability of the functioning of OI in conditions of targeted aggressive influences. A case of statistical modeling is given, taking into account possible scenarios for applying MCA and interpreting the simulation results

M. A. Mukasheva

DOI: https://doi.org/10.14489/vkit.2021.12.pp.030-034

2021-12-01

Abstract:Relevance of the topic: methods of automating algorithms for the operation of network equipment are currently carried out using various tools and solutions for faster and more efficient execution of routine tasks, as well as for obtaining deterministic results. Production processes need algorithmization of ACS as a tool for saving time resource for management, coordinating production schedules, technical and technological limitations. You can form an alternative to quickly respond to precedents in production that have not predicted to change the course of technological processes. Most automation options today have disadvantages and advantages. The most popular way is queuing theory. Optimization of global search, additive method of criteria convolution, APS (Advanced Planning and Scheduling) systems for the most perfect planning are relevant. The specified software systematically synchronizes the planning process deployed for optimization and combines actions on the links that make up the supply chain, accentuates the framework and specifics determined by production and the industry. Most often, the network equipment is controlled by a software module that loads the machines and mechanisms needed by the enterprise for the production of products. Developers design systems to control timeslots and production lines. Known for the high efficiency of algorithms, the execution of which occurs through the automated control system, and the installation is carried out at an industrial enterprise to control loading operations. In the structure of external software, an algorithm is required. The program module contains commands for loading operations. They are distributed for technological lines, divided along the time axis. We see a rational solution to simulate a complex using simulation and analytics based on an automation product within the network equipment configured by the program. This will allow, under the conditions of the experiment, to determine how most likely traffic will be distributed in time, to prepare methods for automatic collection of information. Input traffic parameters, settings or the current load arriving at the equipment are set arbitrarily.

М.А. Стрижко,В.В. Червинский

DOI: https://doi.org/10.36622/1729-6501.2024.20.2.008

2024-07-05

ВЕСТНИК ВОРОНЕЖСКОГО ГОСУДАРСТВЕННОГО ТЕХНИЧЕСКОГО УНИВЕРСИТЕТА

Abstract:предложена система интеллектуального управления транспортными потоками на перекрестках со светофорным регулированием в качестве одного из возможных решений проблемы транспортных задержек в условиях мегаполиса. Данное решение позволяет сократить периоды простоя автомобилей на красный свет, при отсутствии трафика в направлении с разрешенным движением за счет динамического изменения длительностей фаз регулирования на основании информации о параметрах транспортных потоков. Целью исследования является повышение эффективности проезда транспортных средств через перекрестки со светофорным регулированием. Предложенная система управления основана на нечеткой логике. Принцип её работы максимально приближен к действиям регулировщика. За счет использования технических средств обнаружения трафика существенно расширен объем информации о параметрах транспортного потока, что позволяет повысить качество управления. В статье описана структура предложенной системы управления, конфигурация аппарата нечеткой логики, обоснован выбор основных параметров и ограничений системы. Оценка качества управления разработанной системы произведена при помощи компьютерного моделирования работы светофорных объектов на участке улично-дорожной сети города. Результаты моделирования и сравнения разработанной системы с существующими системами управления транспортными потоками на перекрестках показали, что применение предложенной системы позволило повысить эффективность дорожного регулирования на 13 % и 39 % по сравнению с существующими системами «гибкого» и «жесткого» управления, соответственно. Предложенная система управления транспортными потоками демонстрирует наибольшую эффективность в условиях высокой динамики изменения интенсивности транспортных потоков на перекрестках, что достаточно распространено в современных мегаполисах the paper proposes a system of intelligent traffic flow control at intersections with traffic light regulation as one of the possible solutions to the problem of traffic delays in a megacity. This solution makes it possible to reduce the periods of idle time for cars at red light when there is no traffic in the direction of green light by dynamically changing the duration of the control phases based on information about the parameters of traffic flows. The purpose of the study is to increase the efficiency of vehicles passing through intersections with traffic light regulation. The proposed control system is based on fuzzy logic. The principle of its operation is similar to the actions of the police officer. Due to the use of technical means of traffic detection, the amount of information about the parameters of the traffic flow has been significantly expanded, which makes it possible to improve the quality of control. The article describes the structure of the proposed control system, the configuration of the fuzzy logic controller and the choice of the main parameters and limitations of the system. The assessment of the control quality of the developed system was carried out using computer simulation of traffic lights on a section of the city's road network. The results of modeling and comparing the developed system with existing traffic flow control systems at intersections showed that the application of the proposed system made it possible to increase the efficiency of road regulation by 13% and 39 % compared with existing "flexible" and "rigid" control systems, respectively. The proposed traffic flow control system demonstrates the greatest efficiency in conditions of high dynamics of changes in the intensity of traffic flows at intersections, which is quite common in modern megacities

П. Є. Григоровський,В. О. Басанський,А. П. Григоровський

DOI: https://doi.org/10.36750/2524-2555.73.9-18

2023-05-22

Building production

Abstract:Problem. Organizational and technological design, that is, the development of the project of construction organization and the project of execution of construction works requires the study of research materials, the state of the surrounding environment, the capabilities of the construction organization, its technical base, etc., that is, it takes a long time. If it is necessary to carry out emergency rescue work immediately after a disaster or an accident, when there is a threat to human life, there is no such time. Therefore, it is necessary to develop measures to minimize the time and risk of making ineffective decisions in conditions of insufficient information about the damaged object. Currently, there are no organizational and technological solutions that are able to simultaneously combine objective urgency and rational justification of their implementation. Increasing the efficiency and safety of works to eliminate emergency destruction, due to overtime effects on largepanel buildings, by choosing the optimal option of urgent emergency measures using information and mathematical modeling and databases on typical destruction, technical, technological and organizational solutions is an urgent technical and economic problem. Method. Optimizing the decisionmaking process in conditions of uncertainty is possible with the prior development of databases of typical organizational and technological emergency measures and the methodology of their use at typical facilities. Linking existing, predeveloped solutions using typical information and mathematical models to a specific emergency object based on the principle of pattern recognition will allow to speed up the choice of option and ensure maximum safety of emergency rescue operations, will contribute to the rescue of possible accident victims. Originality. Forecasting the consequences of overtime impacts on the loadbearing capacity and stability of largepanel buildings in the absence of initial information about the technical condition of damaged parts of the building, i.e. in conditions of uncertainty, is possible only with the help of computational mathematical models. The availability of a database of typical strengthening solutions and the availability of a calculation model will allow, with accepted probability, to quickly choose a method of strengthening emergency structures, which in conditions of uncertainty will be more justified than an emotionally accepted, subjective technical decision. Practical value. The given algorithm makes it possible to create databases of necessary measures and readymade solutions for the stabilization of a largepanel building that has been affected by overtime load. Filling the database when performing variable calculations, regarding different places of application of overtime impacts and their intensity, taking into account various structural and technological schemes, will allow to significantly speed up decisionmaking regarding the stabilization of buildings affected by overtime loads.

L. N. Berkman,O. V. Drobyk,A. H. Zakharzhevskyy,V. O. Vlasenko,

DOI: https://doi.org/10.31673/2412-9070.2023.031020

2023-01-01

Connectivity

Abstract:The problem of creating secure special-purpose information communication networks based on public access channels with a priori unknown structure and functioning algorithms optimized according to the criteria of structural and functional integrity requires further consideration and resolution. The found ways of solving the scientific problem will contribute to the construction of special-purpose protected information communication networks based on public access channels using a mathematical apparatus for determining the saddle point in the process of network optimization, which will ensure the reliability and survivability of the network in emergency situations.

Irina Kolosok,Liudmila Gurina,,

DOI: https://doi.org/10.21681/2311-3456-2021-6-2-11

2021-01-01

Voprosy kiberbezopasnosti

Abstract:Purpose of the study: The study aims to design an algorithm for determining the cyber resilience indices of information collection, transmission, and processing systems (SCADA, WAMS) to control electric power systems. This algorithm makes it possible to factor in possible states and measures to restore such systems when cyber resilience is lost. Research methods include the probability theory, methods of power system reliability analysis, and Markov methods. Result of the research: The analysis of the reliability of WAMS, which is necessary for assessing the cyber resilience of the EPS, has been carried out. A cyber resilience model is proposed, on the basis of which an algorithm for determining the cyber resilience index of SCADA, WAMS systems with a low quality of measurement information used in EPS control has been developed. To take into account possible states of SCADA, WAMS systems and measures for their restoration (detection, mitigation and response) in case of violation of cyber resilience, the algorithm uses the tools of probability theory and Markov methods. The effectiveness of the application of the developed algorithm is confirmed by the example of calculating the WAMS cyber resilience index with a low quality of PMU data. The results obtained can be useful in making decisions on the formation of control actions on the EPS to ensure its cybersecurity in the context of cyber-attacks on information collection, transmission, and processing systems.

П. ШЕВЧУК В

DOI: https://doi.org/10.25791/asu.11.2023.1471

2023-11-28

Abstract:В работе рассмотрены основные атаки на беспроводные сети Wi-Fi. При описании каждой из них были разобраны причины возникновения уязвимостей, которые и повлекли за собой возможность компрометации сети со стороны злоумышленника, а также приведены возможные способы их исправления. В первую очередь информация о данных недостатках безопасности представлена для ознакомления, ведь для того, чтобы понять, как обезопасить свою беспроводную сеть, для начала следует выяснить, какие уязвимости существуют и как от них можно защититься. Кроме того, в статье была рассмотрена роль беспроводной сети в общей модели безопасности локальной сети. Analysis of modern production facilities, analysis of metrological characteristics of the instrument park and diagnostic tasks, analysis of existing application software packages for diagnostics of measuring instruments allow us to recommend the use of a structural model of an automated workplace of a metrologist (ARM) industrial enterprise in the form of an expert system and a software and hardware complex. The ARM expert system consists of a knowledge base management subsystem, a data mining subsystem, a forecasting and decision-making subsystem, as well as a subsystem for generating output documents. The knowledge base consists of a database of experimental data, knowledge about the static and dynamic properties of elements of measuring canals and monitoring systems, knowledge about the metrological characteristics of measuring canals and monitoring systems, as well as knowledge about the dynamic characteristics of diagnostic objects. Knowledge base, half-duplex communication, connected to a network of industrial logic controllers...

Kateryna Shumilova,Dmytro Shumilov,Anatoly Maltsev

DOI: https://doi.org/10.7225/toms.v13.n01.w20

2024-03-15

Transactions on Maritime Science

Abstract:Modern digital transformation in the shipping industry Shipping 4.0 is accompanied by increased automation and autonomy of the ship. This means strengthening the digitization of the ship's navigation systems (cyber systems). Therefore, the safe operation and navigation of modern ships depends on the adequate operation of cyber-physical systems, which are created on the basis of information and operational technologies. Such interconnections of ship information systems inevitably increase the vulnerability of the ship's digital navigation infrastructure to cyber-attacks. The article examines methods of controlling cyber risks of various origins, which determine the priority of flows, their internal interconnection and relations with the sources of messages that form them. The formalization of the qualitative and quantitative properties of information flows of the voyage cycle using matrix and graph-analytical modeling methods has been carried out. A decomposition of information was built and a cluster of information security of ship maneuvering control was defined, with its access closed for cyber-attacks. In the event of cyber-attacks, it is very important for the navigator to determine the moment of it’s appearance and the state of navigational devices of the bridge. Usually, the working state of the device is determined by the presence of electric current in it. However, only the presence of current in the device during cyber-attacks is not enough to assess its working condition. Inspection and verification of 11 navigation devices on the bridge takes a lot of time, which the navigator does not have in the event of a cyber-attack. Therefore, we propose to introduce an additional function of controlling the working status of each navigational device, and to transmit the results of all devices to a separate navigation cluster Mk of the navigation bridge via shielded cable lines of the vessel without other methods. This will make it possible to gather information about all the devices in one place on the bridge, protect it from cyberattacks, and quickly determine the operating status of all the navigation devices on the bridge. Descriptive modeling of the meaningful categories of the information space of maritime routes during cyberattacks was performed. The proposed classification of cyber risks has a logical structure based on the grouping of message flows, using the cluster connection coefficient between them. This makes it possible to assess the criticality of the impact of cyber-attacks on the ship and to choose ways to reduce their impact on the maneuvering of the ship in the voyage cycle.

V. M. Batsamut,S. O. Hodlevsky

DOI: https://doi.org/10.15588/1607-3274-2023-1-13

2023-02-27

Abstract:Context. The relevance of the article is determined by the need for further development of models of collective behavior of systems with multi-agent structure construction endowed with intelligence that ensures synchronization of the joint efforts of various agents while achieving the goals set for the system. The method proposed in the article solves the problem of competition between different agents of a multi-agent system, which is important while performing search, rescue, and monitoring tasks in crisis areas of various origins. Objective is to develop a method for determining the sufficient population of a multi-agent system and the optimal routes of movement of its individual elements in a stationary network for the most complete examination of a technological disaster zone (any given zone based on a certain transport network). Method. We implemented the concept of a dynamic programming to search for all possible edge-simple longest paths connecting the directed subsets of vertices-sources and vertices-sinks in the structure of the model weighted directed graph. To this end, the modified Dijkstra method was applied. The modification comprises representing the weights of the arcs of the modeling directed graph with the negative values, which are further used in calculations according to the Dijkstra method. After finding the next edgesimple longest path, the arcs that make up it are fixed in the memory of the computer system (in the route plan) and removed from the graph structure, and the process is iteratively repeated. The search for paths takes place as long as the transitive closure between the vertices that are part of the specified subsets of source vertices and sink vertices is preserved. The developed method makes it possible to find such a set of traffic routes for the elements of the multi-agent system, which maximizes the area examined by them in a technological disaster zone (or the number of checked objects on the traffic routes) in one “wave” of the search and distributes the elements of a multi-agent system by routes that do not have common areas. A derivative of the application of the developed method is the determination of a sufficient population of a multi-agent system for effective search activities within the defined zone. Results. 1) A method of routing a group of mobile robots in a stationary network for searching the missing objects in a technological disaster zone has been developed. 2) The working expression of the Dijkstra method for searching in the structure of a network object (in the structure of a model graph) for the longest paths has been formalized. 3) We have suggested a set of indicators for a comprehensive evaluation of route plans of a multi-agent system. 4) The method has been verified on test problems. Conclusions. Theoretical studies and several experiments confirm the efficiency of the developed method. The solutions made using the developed method are accurate, which allows recommending it for practical use in determining in an automated mode route plans for multi-agent systems, as well as the required number of agents in such systems to perform the required amount of search tasks in a particular crisis area.

L. Ozirkovskyy,B. Matiiv,N. Pryimak,

DOI: https://doi.org/10.23939/ictee2023.01.098

2023-06-01

Abstract:The article presents the results of the study of the influence of monitoring and diagnostic means on the values of reliability and functional safety indicators of fault-tolerant information transmission systems. The study was carried out by modeling several variants of a fault-tolerant information transmission system. As a modeling method, an improved state transition diagram with automated construction of a graph of states and transitions is used. On the basis of the obtained results, recommendations for the selection of reliability indicators of control and diagnostic means are formulated to ensure a minimum reduction in the reliability of a fault-tolerant information transmission system.

Igor Kotenko,Igor Saenko,Roman Zakharchenko,Dmitry Velichko,,,,

DOI: https://doi.org/10.21681/2311-3456-2023-1-13-27

2023-01-01

Voprosy kiberbezopasnosti

Abstract:The purpose of the article: conducting a system analysis of the requirements for the subsystem for preventing computer attacks on critical information infrastructure in order to substantiate the directions for further improved scientific and methodological apparatus for the full functioning of the subsystem for preventing computer attacks. Research method: theoretical and systematic analysis of the requirements of legal acts, scientific publications, protection technologies and means of their implementation in departmental systems for detecting and counteringcomputer attacks.The result obtained: the rationale for the need to build mechanisms for preventing computer attacks on critical information infrastructure objects and the requirements for the subsystem for preventing computer attacks was carried out, an approach was proposed to prevent computer attacks at the stages of reconnaissance by an attacker of critical information infrastructure objects, based on the introduction of a security event correlation mechanism with automatic adaptation to the analyzed information infrastructure and the functions it performs at the current time and a detailed specification of the correlation rules.Scope of the proposed approach: a subsystem for preventing computer attacks of departmental systems for detecting and countering computer attacks, which should identify and prevent attempts to conduct computer attacks on critical information infrastructure objects in advance.The scientific novelty consists in a comprehensive analysis of the need to build mechanisms for preventing computer attacks on critical information infrastructure objects, an analysis of the requirements for the computer attack prevention subsystem, its functions and means of implementation. It is shown that the functions of preventing computer attacks in domestic technical solutions are not fully implemented, and that there is a substitution of the concept of “subsystem for preventing computer attacks” by the concept of “control and technical measures”. It is substantiated that for the implementation of the functions of preventing computer attacks, there is a technological backlog in the form of a ready-made technology based on the technology for building SIEM systems. It is shown that there is a need to refine the scientific and methodological apparatus for implementing computer warning functions based on artificial intelligence methods and big data technologies.Contribution: Kotenko I.V. - analysis of the functionality of the subsystem for preventing computer attacks, setting the task and proposals for developing the functionality of the subsystem for preventing computer attacks on critical information infrastructure objects; Saenko I.B. - analysis of the subsystem for preventing computer attacks in the general context of the theory of information security, substantiation of the implementation of the functions of preventing computer attacks based on the technology of building SIEM systems and big data; Zakharchenko R.I. - analysis of technical solutions that ensure the implementation of the subsystem for preventing computer attacks, Velichko D.V. - an approach to detecting computer attacks at the stages of reconnaissance by an attacker of objects of critical information infrastructure. All authors participated in the writing of the article.

Tatiana Karkoszka

DOI: https://doi.org/10.3390/su152416848

IF: 3.9

2023-12-15

Sustainability

Abstract:The simultaneous fulfillment of quality, environmental, and occupational safety requirements is a difficult task. The process flow is influenced by numerous factors, and different operational objectives are pursued in different ways. Methodologies reflecting the use of various models, methods, and tools in the integration and implementation of operational goals dedicated to sustainable operation are becoming increasingly important. The subject of the study is an operational control model considering the integrated risk and the steps taken under the conditions of "supervised risk" ensured by the monitoring of the operational criteria. The method was developed for coherent risk management, covering its identification, analysis, assessment, and acceptability estimation in the technological process. The methodology for the assessment, considering the quality, environmental, and occupational safety criteria, and based on the application of the unit risk ratio, allows for the determination of the key operational features, and the methodology of the identification of the key technological parameters applying the integrated risk ratio ensures that the crucial technological parameters are highlighted. The application of the algorithm in the heat treatment process confirms both the effectiveness of the proposed model and the correctness of the thesis: the different requirements set for the technological processes can be simultaneously fulfilled via the application of integrated operational control.

environmental sciences,environmental studies,green & sustainable science & technology

LIU Jie-ling,LING Xiao-bo,ZHANG Lei,WANG Bo,WANG Zhi-liang,LI Zi-mu,ZHANG Hui,YANG Jia-hai,WU Cheng-nan

DOI: https://doi.org/10.11896/jsjkx.210600171

2022-01-01

Computer Science

Abstract:Power system network is one of the important targets of cyber attack.In order to ensure the safe operation of power system,network managers need to evaluate the network security risk.Usually,existing network security risk assessment framework only aims at a single scenario,and can not find the strategic attackers who use a variety of low-risk methods to achieve high-risk threat targets from large quantities of network security alerts.In order to meet the above challenges,this paper proposes a network security risk assessment method based on tactical correlation.In this method,the warning information generated on va-rious network security detection devices when an attacker implements a multi-step attack is associated to form an attack chain,and the security risk of the organization intranet is evaluated by calculating the threat,vulnerability,impact score of each node in the attack chain and the risk score of the whole attack chain.In order to verify the effectiveness and robustness of the proposed method,this paper selects a representative example to illustrate the specific implementation process of the proposed method for network security risk assessment in the organizational intranet.The example shows that the network security risk assessment framework based on the tactical association can correctly assess the harm of multi-step attack caused by low-risk alarm association to achieve high-risk targets,and is more robust than the traditional single scenario analysis method,which can better provide decision-making basis for organization decision-makers in network security risk management.

Irina Bolodurina,Evgeny Speshilov,,,

DOI: https://doi.org/10.15593/2499-9873/2023.2.09

2023-07-10

Applied Mathematics and Control Sciences

Abstract:In the current geopolitical and economic conditions, the issue of making operational management decisions for the effective functioning of the country's enterprises is particularly acute, taking into account organizational and technological features, as well as increasing levels of risk and uncertainty associated, among other things, with the need to process flows of specific rapidly changing information. In this regard, intelligent decision support systems are becoming increasingly popular, containing modules for collecting, processing and modeling formalized data and having both a universal character and adaptation to a specific range of issues relevant to a certain group or even a single enterprise. The purpose of the presented study was to develop such a system for managing cargo flows. Based on the analysis, the developed intelligent decision support system is proposed, which is used to improve the efficiency of the cargo flow management process. Its main blocks and their logical relationship are described. The mathematical support consists of a complex of classical models adapted to individual modules, as well as developed generalized models of cargo planning and placement. When forming a set of alternative routes, Yandex Maps are used. To automate the selection of the cargo transportation route, algorithms of fuzzy logic rules are used, with the implementation of calculations in the Yandex DataLens environment. The main attention is paid to the subsystem of cargo transportation process management. A generalized functional scheme of digitalization of the formation of waybills and control is presented, as well as a block diagram of the algorithm based on a software product developed and implemented at a number of enterprises that automates the process of filling out waybills, taking into account the specifics of the fleet and selected routes. Within the framework of the synthesis of the structure and algorithm of the intelligent system, which allows to optimize the process of organizing cargo transportation, the approbation of individual proposed modules and approaches was carried out, which showed an increase in the efficiency of forming and choosing routes for organizing cargo flows, reducing the time to find an operational solution, as well as the costs of transportation and control of cargo movement in the conditions of emerging problems associated with accidental factors. The intelligent decision support system is aimed at small firms, as well as enterprises engaged, among other things, also in the organization of cargo transportation by means of their vehicles, since they are in a greater risk zone than large companies whose main economic activity is the provision of cargo transportation services and having a wide network of representative offices, logistics centers and the composition of vehicles.

П.С. ИВЛИЧЕВ,Н.А. ИВЛИЧЕВА

DOI: https://doi.org/10.34925/eip.2023.159.10.192

2023-12-04

Экономика и предпринимательство

Abstract:В статье проводится анализ модели CVSS для информационных систем предприятий с одним периметром безопасности. Определяются условия, при котором угроза кибербезопасности будет являться критической. Сформулированы основные положения управления рисками безопасности информационной системы организации. Приведены рекомендации по применению методов защиты информации для нейтрализации критических угроз информационной безопасности. The article analyzes the CVSS model for enterprise information systems with a single security perimeter. The conditions under which the threat to cybersecurity will be critical are determined. The main provisions of the organization's information system security risk management are formulated. Recommendations on the use of information protection methods to neutralize critical threats to information security are given.

V. A. Voevodin,V. S. Chernyaev,D. S. Burenok,I. V. Vinogradov

DOI: https://doi.org/10.21822/2073-6185-2023-50-1-62-74

2023-05-09

Abstract:Objective . The purpose of the study is to develop a methodology for assessing the security of an automated control system of critical information infrastructure from DDoS attacks. The purpose of the methodology development is to provide the decision–maker with a scientifically sound tool for assessing the risk of implementing a DDoS attack. Method. To achieve the stated goal of the study, simulation modeling based on the Monte Carlo method was used. Result . The expediency of using Monte Carlo simulation to assess the probability of server failure under DDoS attacks is confirmed. It was concluded that the server can be considered as a queuing system, however, the flow of incoming applications under DDoS attacks is not Poisson, so the use of analytical expressions to assess the probability of failure is considered incorrect. The simulation results allow the decision-maker to assess the probability of server failure and make organizational and technical decisions to increase the level of security. Analysis of the simulation results showed the effectiveness of improving server performance by increasing service channels. Conclusion. Thus, the developed methodology will be useful in conducting an information security audit of an organization to justify the amount of its insurance premium in the framework of cyber risk insurance. A possible direction for further research is to study the issue of computer network security, taking into account the features of a specific topology.

Vladyslav Kuz

DOI: https://doi.org/10.20535/tacs.2664-29132023.2.280377

2023-11-06

Theoretical and Applied Cybersecurity

Abstract:Today, interaction between people and objects, including industrial ones, has become an integral part of our everyday life. Access to communications, finance, and all forms of information management and permission to use them can be obtained from almost anywhere using compact devices. For example, operators can remotely control individual sectors and control operations in several areas at the same time, surgeons can operate on patients thousands of miles away, and car manufacturers can detect when one of their vehicles has been in an accident within a few seconds after the accident. As a result of the spread of the Internet and wireless data networks, the interconnection of so much data, technology and network equipment and devices has quickly become the basis of modern society. At present, we have become a knowledge-based society that often relies on technology to execute or support almost all tasks and functions of human life. Undoubtedly, this has greatly expanded the range of tasks to be solved, but at the same time, the society became much more vulnerable to threats in information and communication systems. The vulnerability is explained by the fact that at some point most of the production of different directions and industries is supported by the introduction, storage and search of data/information in a interconnected network of hard disks and data servers, locally or remotely located. And at each of these stages there is an opportunity to steal data, bypass protection, manipulate or replace information. But the risks associated with unintentional accidents caused by human errors, system failures, incompatibility or other unexpected problems, as well as “natural disasters,” must also be taken into account. Therefore, the security of computer or cyber systems is a matter of national security. Actually, cyber-threats are so great that more and more security experts are pointing out that protection of cyber systems and data is more of a problem than terrorism. Given the scale of the threat (in terms of cyberattacks) and the actual damage it can be argued, certain systems and structures are at risk [1, 2]. It is proved that hackers can break into government and business websites, steal personal data, change the traffic light scheme, accelerate and slow down travel, and much more. As an example, the implementation of a specially created malware program - Stuxnet. The effects of its use were the self-destruction in 2010 of dozens of centrifuges, which supported Iranʼs nuclear program [3, 4]. Some experts think that Stuxnet was created not by independent attackers and possibly with the support of the government. Thus, as a conclusion, it can be confirmed that hackers operate from anywhere in the world, and the links and boundaries between cyberspace and physical systems are sufficiently leveled. Thus, as a conclusion, it can be confirmed that intruders operate from anywhere in the world, and the links and borders between cyberspace and physical systems are sufficiently leveled. Society is increasingly faced with the fact that a group or even a person armed with a complex computer virus or knowledge about the vulnerability of software or hardware can cause a lot of physical damage to people’s lives or physical destruction, impose significant social or economic damage, and so on. For example, there are facts published by the Financial times on May 8, 2012 (http://on.ft.com/1wviXHW) that an unknown group for many years is trying to penetrate into the systems of managing the networks of gas pipelines of the USA. At the end of 2014, the National Oceanic and Atmospheric Administration of the United States announced that hackers from China successfully broke and destroyed American satellite networks, causing loss of services related to the prediction of various natural cataclysms, air flight corridors, navigation and other industries within a few days (http://wapo.st/1u7N9dJ). As a rule, the critical infrastructure includes power and transport main networks, oil and gas pipelines, sea ports, high-speed and governmental communication channels, systems of life support (water and heat supply) of mega-cities, waste management, emergency services and emergency response services, high-tech enterprises and enterprises of military-industrial complex, as well as central authorities. The government critical information infrastructure is only one of many important systems and networks that create our modern society. Therefore, the state and society are fully dependent on the functioning of different objects and subjects of critical information infrastructure, and the loss of integrity of any of them can lead to various kinds of failures (termination of production and transfer of electricity, temporary and long-term interruptions, improper access to medical care, and much more). Each state is a separate critical information infrastructure, but cooperation between states takes place within the framework of global critical information infrastructure. At the same time, large investments in each sector of critical information infrastructure have led to an increase in economic development rates and improvement in the quality of life.