MODEL OF CURRENT RISK INDICATOR OF IMPLEMENTATION OF THREATS TO INFORMATION AND COMMUNICATION SYSTEMS

Abstract

The article proposes a model for estimating the quantitative indicator of current risks of threats and cyber attacks on transport information and communication systems (TICS). The model differs from the existing one in taking into account the degree of impact of each threat or cyber attack within the class on the probability of an accident that occurs during cyberattacks on components of transport information and communication systems, which in many cases can be attributed to critical computer systems. It is shown that the current risks may be insignificant if all potentially dangerous parameters of transport information and communication systems are maintained within the established limits, or increase, becoming threatening, when such parameters deviate from the norm. The necessity to describe the degree of current danger of risks of threats and cyberattacks with the help of some quantitative indicator is substantiated. The value of this indicator may depend on the deviations of the parameters related to the cyber security of information and communication systems of transport. An appropriate calculation formula is proposed to determine the current risk of the threat to information and communication systems of transport. To test the proposed model, a simulation experiment was conducted, the results of which are also presented in the article. Simulation modeling was also performed to verify the adequacy of the proposed model and the algorithm for estimating the current risk indicator for components of transport information and communication systems. It is taken into account that many components of transport information and communication systems work in real time. It is shown that the proposed model takes into account the current values of information security metrics and new classes of cyber threats for transport information and communication systems.