RESEARCH OF METHODS, MODELS AND MODERN IT SOLUTIONS TO SUPPORT TECHNOLOGICAL PROCESSES IN CRITICAL INFRASTRUCTURE OF THE STATE
DOI:
https://doi.org/10.28925/2663-4023.2025.30.962Keywords:
critical infrastructure security, information technology, technological processes, Internet of Things, security requirements, reliability requirementsAbstract
The paper analyzes critical infrastructure in Europe, Asia, the USA and Ukraine (concept, structure, threats and challenges). It is determined that in the context of cyber threats, global digitalization and the need for rapid response to emergencies, there is a need to use modern methods and models of technological process support that provide flexibility, scalability and a high level of reliability. It is determined that modern technological process support is based on a combination of cloud technologies, IIoT, digital twins, big data analytics and cyber protection, critical infrastructure enterprise management, integrated into a single infrastructure of information and communication technologies based on modern network protocols. For critical infrastructure enterprises, the main criterion for selecting IT solutions is to ensure the continuity and stability of technological processes while simultaneously meeting the requirements of reliability, security (confidentiality, integrity, availability (CIA)), scalability and cost-effectiveness. The main methods and models of support (management, monitoring, efficiency assessment) of technological processes, determined as a result of the analysis of modern scientific publications and research projects in the field of support of technological processes in critical infrastructure, are presented. It is established that despite the large number of scientific studies in this area, there are a number of unresolved problems that need to be solved.
Downloads
References
Potii, O., & Tsyplinsky, Y. (2020). Methods of classification and assessment of critical information infrastructure objects. 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies (DESSERT), 389–393. Kyiv, Ukraine. https://doi.org/10.1109/DESSERT50317.2020.9125028
Gnatyuk, S., Yudin, O., Sydorenko, V., Smirnova, T., & Polozhentsev, A. (2022). The model for calculating the quantitative criteria for assessing the security level of information and telecommunication systems. CEUR Workshop Proceedings, 3156, 390–399.
Toliupa, S., Parkhomenko, I., & Shvedova, H. (2019). Security and regulatory aspects of the critical infrastructure objects functioning and cyberpower level assessment. 2019 3rd International Conference on Advanced Information and Communications Technologies (AICT), 463–468. Lviv, Ukraine. https://doi.org/10.1109/AIACT.2019.8847746
Habiba, M., & Criveti, M. (2022). Hybrid cloud infrastructure and operations explained: Accelerate your application migration and modernization journey on the cloud with IBM and Red Hat. Packt Publishing.
Gnatyuk, S., Berdibayev, R., Smirnova, T., Avkurova, Z., & Iavich, M. (2021). Cloud-based cyber incidents response system and software tools. Communications in Computer and Information Science, 1486, 169–184.
Svanadze, V., Iavich, M., & Gnatyuk, S. (2024). Challenges and solutions for cybersecurity and information security management in organizations. CEUR Workshop Proceedings, 3654, 497–504.
Dong, Z. (2022). Research of big data information mining and analysis: Technology based on Hadoop technology. 2022 International Conference on Big Data, Information and Computer Network (BDICN), 173–176. Sanya, China. https://doi.org/10.1109/BDICN55575.2022.00041
Cybersecurity and Infrastructure Security Agency. (2025, August 15). Critical infrastructure sectors. https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors
The White House. (2024, April 30). National security memorandum on critical infrastructure security and resilience. https://bidenwhitehouse.archives.gov/briefing-room/presidential-actions/2024/04/30/national-security-memorandum-on-critical-infrastructure-security-and-resilience
European Commission. (2025, August 15). NIS2 directive: Securing network and information systems. https://digital-strategy.ec.europa.eu/en/policies/nis2-directive
Critical entities resilience directive (CER). (2025, August 15). https://www.critical-entities-resilience-directive.com
Cyber Security Agency of Singapore. (2025, August 15). Cybersecurity Act: Information on the Cybersecurity Act. https://www.csa.gov.sg/legislation/cybersecurity-act
Ministry of Finance of India. (2025, August 16). Critical information infrastructure (India). https://financialservices.gov.in/beta/en/page/cii
Government of India. (2025, August 16). Section 70 of IT Act (India). https://www.indiacode.nic.in/show-data?actid=AC_CEN_45_76_00001_200021_1517807324077&orderno=91
National Center of Incident Readiness and Strategy for Cybersecurity. (2024). Overview of cybersecurity policy for CIP (Japan). https://www.nisc.go.jp/eng/pdf/cip_policy_abst_2024_eng.pdf
Cybersecurity Law of the People's Republic of China. (2025, August 16). https://www.lawinfochina.com/Display.aspx?Id=22826&Lib=law&LookType=3
Translation: Critical information infrastructure security protection regulations (Effective Sept. 1, 2021). (2025, August 16). https://digichina.stanford.edu/work/translation-critical-information-infrastructure-security-protection-regulations-effective-sept-1-2021
Korea Legislation Research Institute. (2025, August 16). Framework Act on National Informatization (Republic of Korea). https://elaw.klri.re.kr/eng_service/lawView.do?hseq=42620&lang=ENG
Korea Legislation Research Institute. (2025, August 16). Act on promotion of information and communications network utilization and information protection (Republic of Korea). https://elaw.klri.re.kr/eng_service/lawView.do?hseq=38422&lang=ENG
National Security Committee of the Republic of Kazakhstan. (2025, August 15). Cyber Shield. https://www.gov.kz/memleket/entities/knb/activities/250
UK Government. (2016). Investigatory Powers Act 2016. https://www.legislation.gov.uk/ukpga/2016/25/contents
UK Government. (2022). Government cyber security strategy: 2022 to 2030. https://www.gov.uk/government/publications/government-cyber-security-strategy-2022-to-2030
UK Government. (2021). National Security and Investment Act 2021. https://www.legislation.gov.uk/ukpga/2021/25/contents
Кабінет Міністрів України. (2022). Порядок віднесення об’єктів до критичної інфраструктури (Постанова № 1109, в ред. від 16 грудня 2022 р. № 1384). https://zakon.rada.gov.ua/laws/show/1109-2020-%D0%BF#n42
Patias, I. (2025). Cost distribution in ICT infrastructure during the AI era: A model for data centers, power grids, and telecommunications. 2025 7th International Congress on Human-Computer Interaction, Optimization and Robotic Applications (ICHORA), 1–8. Ankara, Turkiye. https://doi.org/10.1109/ICHORA65333.2025.11017137
Zeng, R., et al. (2024). A general real-time cyberattack risk assessment method for distribution network involving the influence of feeder automation system. IEEE Transactions on Smart Grid, 15(2), 2102–2115. https://doi.org/10.1109/TSG.2023.3302287
Penedo, D. (2006). Technical infrastructure of a CSIRT. International Conference on Internet Surveillance and Protection (ICISP’06), 27–27. Cote d’Azur, France. https://doi.org/10.1109/ICISP.2006.32
Otero-Mosquera, J., Meleiro-Estévez, A., Fondo-Ferreiro, P., Luque-Schempp, F., Gil-Castineira, F., & Merino, P. (2025). Reproducible key performance indicator (KPI) measurement experiments in 6G networks under mobility conditions. 2025 Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit), 446–451. Poznan, Poland. https://doi.org/10.1109/EuCNC/6GSummit63408.2025.11036984
Semertzis, I., Rajkumar, V. S., Ştefanov, A., Fransen, F., & Palensky, P. (2022). Quantitative risk assessment of cyber attacks on cyber-physical systems using attack graphs. 2022 10th Workshop on Modelling and Simulation of Cyber-Physical Energy Systems (MSCPES), 1–6. Milan, Italy. https://doi.org/10.1109/MSCPES55116.2022.9770140
Deffenbaugh, G., & Kameneni, S. (2025). Cyber resilience strategies throughout the system development lifecycle. 2025 IEEE International Conference on Cyber Security and Resilience (CSR), 504–509. Chania, Crete, Greece. https://doi.org/10.1109/CSR64739.2025.11129978
Smirnova, T., Al-Oraiqat, A. M., Drieiev, O., Smirnov, O., Polishchuk, L., Khan, S., Hasan, Y. M. Y., Amro, A. M., & AlRawashdeh, H. S. (2022). Method for determining treated metal surface quality using computer vision technology. Sensors, 22(16), 6223. https://www.scopus.com/pages/publications/85137126823
Smirnova, T., Odarchenko, R., Smirnov, O., Bondar, S., & Volosheniuk, D. (2023). Optimal structure construction of private 5G network for the needs of enterprises. Lecture Notes on Data Engineering and Communications Technologies, 178, 208–223. https://www.scopus.com/pages/publications/85162950840
Al-Mudhafar, A. M., Smirnova, T., Buravchenko, K., & Smirnov, O. (2023). The method of assessing and improving the user experience of subscribers in software-configured networks based on the use of machine learning. Advanced Information Systems, 7(2), 49–56. https://www.scopus.com/pages/publications/85176960353
Al-Azzeh, J., Ayyoub, B., Mesleh, A., Smirnova, T., Gnatyuk, S., Drieiev, O., Smirnov, O., & Dorenskyi, O. (2025). Cloud-based information system for evaluating caverns in the process of blasting metal surfaces of details. International Review on Modelling and Simulations, 18(1), 32–42. https://doi.org/10.15866/iremos.v18i1.25596
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Олексій Смірнов, Тетяна Смірнова
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
