On certain aspects of standardization and operating conditions of automated systems

Herald of Dagestan State Technical University. Technical Sciences Pub Date : 2024-01-22 DOI:10.21822/2073-6185-2023-50-4-101-108

A. O. Efimov, I. I. Livshits, M. O. Meshcheryakov, E. A. Rogozin, V. R. Romanova

{"title":"On certain aspects of standardization and operating conditions of automated systems","authors":"A. O. Efimov, I. I. Livshits, M. O. Meshcheryakov, E. A. Rogozin, V. R. Romanova","doi":"10.21822/2073-6185-2023-50-4-101-108","DOIUrl":null,"url":null,"abstract":"Objective. In this paper, the main aspects of the operating conditions of the AS are considered, as well as the issues of standardization of the stages of the life cycle of the AS (creation, commissioning, maintenance, etc.) at the state level. In this subject area, the technological features of building an AS based on various technical architectures are briefly considered, since both foreign processors based on x86-64 architectures and processors of domestic development based on the Advanced RISC Machine architecture are currently applicable. The use of various components of the AS requires additional study in terms of ordering the composition and configuration of specific SPI. Since each processor has a multi-level architecture, this fact objectively complicates the possibilities for full security testing and detection of all vulnerabilities. Method. In the course of the work, the threats and vulnerabilities of individual components of the AS from the point of view of intentional and unintentional threats are considered. The information on the main state standards applied to ensure the protection of information in the AS at the present time is summarized. Result. The main features of the operating conditions of the AS are considered and it is determined that the vulnerabilities of the components are due to the imperfection of the procedures for developing and covering testing of hardware and software. It is determined that in order to protect information in the AS, it is necessary to build a multi-level protection system with state accreditation. Conclusion. Proposals are presented for the application of state standardization for the protection of information in the AS, taking into account the current and prospective threat landscape, including taking into account the design features (undeclared capabilities) of the components. Overcoming threats is possible with the creation of a multi-level information protection system with state accreditation.","PeriodicalId":202454,"journal":{"name":"Herald of Dagestan State Technical University. Technical Sciences","volume":"23 10","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Herald of Dagestan State Technical University. Technical Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21822/2073-6185-2023-50-4-101-108","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Objective. In this paper, the main aspects of the operating conditions of the AS are considered, as well as the issues of standardization of the stages of the life cycle of the AS (creation, commissioning, maintenance, etc.) at the state level. In this subject area, the technological features of building an AS based on various technical architectures are briefly considered, since both foreign processors based on x86-64 architectures and processors of domestic development based on the Advanced RISC Machine architecture are currently applicable. The use of various components of the AS requires additional study in terms of ordering the composition and configuration of specific SPI. Since each processor has a multi-level architecture, this fact objectively complicates the possibilities for full security testing and detection of all vulnerabilities. Method. In the course of the work, the threats and vulnerabilities of individual components of the AS from the point of view of intentional and unintentional threats are considered. The information on the main state standards applied to ensure the protection of information in the AS at the present time is summarized. Result. The main features of the operating conditions of the AS are considered and it is determined that the vulnerabilities of the components are due to the imperfection of the procedures for developing and covering testing of hardware and software. It is determined that in order to protect information in the AS, it is necessary to build a multi-level protection system with state accreditation. Conclusion. Proposals are presented for the application of state standardization for the protection of information in the AS, taking into account the current and prospective threat landscape, including taking into account the design features (undeclared capabilities) of the components. Overcoming threats is possible with the creation of a multi-level information protection system with state accreditation.

查看原文本刊更多论文

关于自动化系统标准化和运行条件的某些方面

目的。本文考虑了自动系统运行条件的主要方面，以及国家层面自动系统生命周期各阶段（创建、调试、维护等）的标准化问题。在这一主题领域，简要考虑了在各种技术架构基础上建立自动系统的技术特点，因为基于 x86-64 架构的外国处理器和基于高级 RISC 机器架构的国内开发的处理器目前都适用。要使用 AS 的各种组件，还需要对具体 SPI 的组成和配置顺序进行额外的研究。由于每种处理器都有多级架构，这一事实客观上使全面安全测试和检测所有漏洞的可能性变得更加复杂。方法。在工作过程中，从有意和无意威胁的角度考虑了 AS 单个组件的威胁和漏洞。总结了目前用于确保 AS 中信息保护的主要国家标准的信息。结果。考虑了 "自动系统 "运行条件的主要特点，确定组件的脆弱性是由于硬件和软件的开发和测试程序不完善造成的。为了保护 "自动系统 "中的信息，有必要建立经国家认证的多级保护系统。结论。考虑到当前和未来的威胁形势，包括考虑到组件的设计特点（未宣布的能力），提出了应用国家标准化保护 "自动系统 "中的信息的建议。通过建立国家认证的多层次信息保护系统，可以克服威胁。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Herald of Dagestan State Technical University. Technical Sciences

自引率

0.00%

发文量