MODEL OF CURRENT RISK INDICATOR OF IMPLEMENTATION OF THREATS TO INFORMATION AND COMMUNICATION SYSTEMS
DOI:
https://doi.org/10.28925/2663-4023.2020.10.113122Keywords:
information and communication transport systems, mathematical model, current risk indicator, cybersecurity, information protectionAbstract
The article proposes a model for estimating the quantitative indicator of current risks of threats and cyber attacks on transport information and communication systems (TICS). The model differs from the existing one in taking into account the degree of impact of each threat or cyber attack within the class on the probability of an accident that occurs during cyberattacks on components of transport information and communication systems, which in many cases can be attributed to critical computer systems. It is shown that the current risks may be insignificant if all potentially dangerous parameters of transport information and communication systems are maintained within the established limits, or increase, becoming threatening, when such parameters deviate from the norm. The necessity to describe the degree of current danger of risks of threats and cyberattacks with the help of some quantitative indicator is substantiated. The value of this indicator may depend on the deviations of the parameters related to the cyber security of information and communication systems of transport. An appropriate calculation formula is proposed to determine the current risk of the threat to information and communication systems of transport. To test the proposed model, a simulation experiment was conducted, the results of which are also presented in the article. Simulation modeling was also performed to verify the adequacy of the proposed model and the algorithm for estimating the current risk indicator for components of transport information and communication systems. It is taken into account that many components of transport information and communication systems work in real time. It is shown that the proposed model takes into account the current values of information security metrics and new classes of cyber threats for transport information and communication systems.
Downloads
References
Al Hadidi, M., Ibrahim, Y. K., Lakhno, V., Korchenko, A., Tereshchuk, A., & Pereverzev, A. (2016). Intelligent systems for monitoring and recognition of cyber attacks on information and communication systems of transport. International Review on Computers and Software, 11(12), pp. 1167-1177.
Alcaraz, C., Zeadally, S. (2013). Critical control system protection in the 21st century, Computer, 46 (10), pp. 74-83. DOI: https://doi.org/10.1109/MC.2013.69
Vacca, J.R. (2010). Managing Information Security, Syngress, p. 320.
Lopez, I., Aguado, M. (2015). Cyber security analysis of the European train control system, IEEE Communications Magazine, 53 (10), pp. 110-116. DOI: https://doi.org/10.1109/MCOM.2015.7295471
Lakhno, V., & Hrabariev, A. (2016). Improving the transport cyber security under destructive impacts on information and communication systems. Eastern-European Journal of Enterprise Technologies, 1(3), 4, pp. 4-11. DOI: https://doi.org/10.15587/1729-4061.2016.60711
Dunn, W. (2002). Practical Design of Safety-Critical Systems, Reliability Press, Cambridg.
Lakhno, V. (2016). Creation of the adaptive cyber threat detection system on the basis of fuzzy feature clustering, Eastern-European Journal of Enterprise Technologies, Vol. 2, Iss. 9, 2016, pp. 18-25. DOI: https://doi.org/10.15587/1729-4061.2016.66015
Beketova, G. S., Akhmetov, B. S., Korchenko, A. G. Etc. (2017). Optimization backup model for critical important information systems. Bulletin of the national academy of sciences of the republic of Kazakhstan, (5), pp. 37-44.
Lakhno, V.A., Kravchuk, P.U., Malyukov, V.P., Domrachev, V.N., Myrutenko, L.V., Piven, O.S. (2017). Developing of the cyber security system based on clustering and formation of control deviation signs, Journal of Theoretical and Applied Information Technology, Vol. 95, Iss. 21, pp. 5778-5786.
Lakhno, V., Zaitsev, S., Tkach, Y. Etc. (2019). Adaptive expert systems development for cyber attacks recognition in information educational systems on the basis of signs’ clustering, Advances in Intelligent Systems and Computing, 1st International Conference on Computer Science, Engineering and Education Applications, ICCSEEA 2018; Kiev; Ukraine; 18 January 2018, Vol. 754, pp. 673-682. DOI: https://doi.org/10.1007/978-3-319-91008-6_66
Akhmetov, B., Lakhno, V., Akhmetov, B., Alimseitova, Z. (2019). Development of sectoral intellectualized expert systems and decision making support systems in cybersecurity, Advances in Intelligent Systems and Computing, 2nd Computational Methods in Systems and Software, comesyso 2018; Szczecin; Poland; 12 September 2018, Vol. 860, pp. 162-171. DOI: https://doi.org/10.1007/978-3-030-00184-1_15