CYBERSECURITY MANAGEMENT MODEL FOR SOFTWARE IMPLEMENTATION
DOI:
https://doi.org/10.28925/2663-4023.2025.28.841Keywords:
cybersecurity, management model, management requirements, risk modeling, risk assessment, requirements prioritization, software, fuzzy logic, Bayesian network, mathematical programming, resource optimization, international standards, cybersecurity standardsAbstract
In today’s digital world, cybersecurity has become a critical factor in software implementation across various domains. The increasing complexity of systems, the dynamic threat landscape, and limited resources require software developers and stakeholders to adopt effective mechanisms for managing cybersecurity requirements. This article presents an integrated mathematical model for managing cybersecurity requirements during software implementation. The relevance of this problem is driven by the growing complexity of modern information systems, the need for compliance with international security standards, and resource constraints during project execution. The proposed model combines several mathematical techniques, including the Analytic Hierarchy Process (AHP), fuzzy logic, Bayesian networks, and mathematical programming, ensuring a systematic decision-making approach. The model developed by the authors enables prioritization of requirements, evaluation of compliance under uncertainty, risk modeling, and optimal resource allocation while considering budget constraints and security objectives. An experimental study based on the NIST SP 800-53 standard confirmed the effectiveness of the proposed approach in reducing risks without exceeding available resources. The results are practically significant for organizations implementing software solutions in alignment with modern cybersecurity requirements. Future research will focus on optimizing the model and applying it to other international standards.
Downloads
References
Li, L., et al. (2024). LogicEdu: Enhancing computational logic understanding through web-based Boolean logic simplification tool. 2024 21st International SoC Design Conference (ISOCC), Sapporo, Japan, 390–391. https://doi.org/10.1109/ISOCC62682.2024.10762040
Deepak, S., Shah, J. A., Chetan, N., & Sharda, H. (2023). New decision-making process based on set theory: Towards application of set theory. 2023 IEEE International Conference on ICT in Business Industry & Government (ICTBIG), Indore, India, 1–6. https://doi.org/10.1109/ICTBIG59752.2023.10456045
Wang, H. (2022). Network graph theory and organization model analysis based on mathematical modeling with the dynamic systematic data perspective. 2022 6th International Conference on Trends in Electronics and Informatics (ICOEI), Tirunelveli, India, 915–919. https://doi.org/10.1109/ICOEI53556.2022.9776767
Bhadra, S. (2022). A stochastic Petri net model of continuous integration and continuous delivery. 2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), Charlotte, NC, USA, 114–117. https://doi.org/10.1109/ISSREW55968.2022.00050
Suresh Kumar, K., Sudha, R., Suguna, T., & Dharani, M. K. (n.d.). An intelligent heartbeat management system utilizing fuzzy logic. In Advances in Fuzzy-Based Internet of Medical Things (IoMT), 211–223. Wiley. https://doi.org/10.1002/9781394242252.ch14
Yu, Q., & Li, Z. (2020). A Bayesian model averaging method for software reliability assessment. 2020 Asia-Pacific International Symposium on Advanced Reliability and Maintenance Modeling (APARM), Vancouver, BC, Canada, 1–5. https://doi.org/10.1109/APARM49247.2020.9209504
Yang, B., et al. (2024). A critical and comprehensive handbook for game theory applications on new power systems: Structure, methodology, and challenges. Protection and Control of Modern Power Systems. https://doi.org/10.23919/PCMP.2024.000297
Shukla, P., Singh, S. K., Khamparia, A., & Goyal, A. (n.d.). Nature-inspired optimization techniques. In Nature-Inspired Optimization Algorithms: Recent Advances in Natural Computing and Biomedical Applications, 137–152. De Gruyter.
Beniwal, R., Kumar, V., & Sharma, V. (2024). Metaheuristics approaches towards secure and optimized routing in IoT: A systematic literature review. 2024 International Conference on Electrical Electronics and Computing Technologies (ICEECT), Greater Noida, India, 1–6. https://doi.org/10.1109/ICEECT61758.2024.10739076
Zin, T. T., Moe, A. S. T., Phyo, C. N., & Tin, P. (2024). Fusion of strategic queueing theory and AI for smart city telecommunication system. 2024 IEEE 21st International Conference on Mobile Ad-Hoc and Smart Systems (MASS), Seoul, Republic of Korea, 653–657. https://doi.org/10.1109/MASS62177.2024.00104
Zhang, N., Chen, Y., Yang, W., Zhang, Z., Liu, Y., & Mao, W. (2021). Application of fault tree analysis for reliability evaluation and weak link identification of stadium power supply system using Monte Carlo simulation. 2021 IEEE Sustainable Power and Energy Conference (iSPEC), Nanjing, China, 4209–4214. https://doi.org/10.1109/iSPEC53008.2021.9735815
Kim, D., Jeon, B., & Koo, K. C. (2023). Addressing timely AI technology standardization challenges through a hierarchical analysis approach. 2023 14th International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Republic of Korea, 1431–1433. https://doi.org/10.1109/ICTC58733.2023.10393654
Sydorenko, V., Gnatyuk, S., Tolbatov, A., Fesenko, A., Yevchenko, Y., & Sotnichenko, Y. (2020). Experimental FMECA-based assessment of the critical information infrastructure importance in aviation. CEUR Workshop Proceedings, 2732, 136–156.
Hnatyuk, S. O., Berdybayev, R. Sh., Sydorenko, V. M., Zhigarevych, O. K., & Smirnova, T. V. (2023). Event correlation and cybersecurity incident management system at critical infrastructure facilities. Cybersecurity: Education, Science, Technology, 3(19), 176–196.
Polozhentsev, A. A., & Sydorenko, V. M. (2024). IT threat management method for critical information infrastructure facilities. Science-Intensive Technologies, 2(62), 143–153.
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Вікторія Сидоренко, Сергій Гнатюк, Анатолій Скуратівський
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
