{"title":"Complex of Models for Network Security Assessment of Industrial Automated Control Systems","authors":"R. Fatkieva","doi":"10.15622/sp.2020.19.3.6","DOIUrl":null,"url":null,"abstract":"The modern enterprises apply network technologies to their automated industrial control systems. Along with advantages of the above approach the risk of network attacks on automated control systems increases significantly. Hence there is an urgent need to develop automated monitoring means being capable of unauthorized access detection and of an adequate response to it. The enterprise security system should take into account components interaction and involve the ability of self-renewal throughout the entire life cycle. \nThe partial models of functioning of automated control systems of an enterprise under information threats are offered taking into account parameters of states of the enterprise at its different levels, realization of network threats, counteraction measures, etc. For each model it is possible to form the state space of a part of an enterprise and on the basis of the series of tests to define state transition parameters thus enabling model representation in the form of a marked graph. The sequences of states possess the properties of semi-Markov processes so semi-Markov apparatus is applicable. Probabilities of state transitions could be computed as a result of numerical solution of the corresponding system of integral equations by Lagrange-Stieltjes technique. \nApplication of Semi-Markov apparatus for the detection of non-authorized activities during data transfer under network scanning attack proved the validity of the above methods. In addition its application results in creation of a set of security assurance measures to be undertaken. Having obtained state transition probabilities the development of integral security indicator becomes possible thus contributing to the enterprise performance enhancement.","PeriodicalId":53447,"journal":{"name":"SPIIRAS Proceedings","volume":"4 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SPIIRAS Proceedings","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.15622/sp.2020.19.3.6","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Mathematics","Score":null,"Total":0}
引用次数: 1
Abstract
The modern enterprises apply network technologies to their automated industrial control systems. Along with advantages of the above approach the risk of network attacks on automated control systems increases significantly. Hence there is an urgent need to develop automated monitoring means being capable of unauthorized access detection and of an adequate response to it. The enterprise security system should take into account components interaction and involve the ability of self-renewal throughout the entire life cycle.
The partial models of functioning of automated control systems of an enterprise under information threats are offered taking into account parameters of states of the enterprise at its different levels, realization of network threats, counteraction measures, etc. For each model it is possible to form the state space of a part of an enterprise and on the basis of the series of tests to define state transition parameters thus enabling model representation in the form of a marked graph. The sequences of states possess the properties of semi-Markov processes so semi-Markov apparatus is applicable. Probabilities of state transitions could be computed as a result of numerical solution of the corresponding system of integral equations by Lagrange-Stieltjes technique.
Application of Semi-Markov apparatus for the detection of non-authorized activities during data transfer under network scanning attack proved the validity of the above methods. In addition its application results in creation of a set of security assurance measures to be undertaken. Having obtained state transition probabilities the development of integral security indicator becomes possible thus contributing to the enterprise performance enhancement.
期刊介绍:
The SPIIRAS Proceedings journal publishes scientific, scientific-educational, scientific-popular papers relating to computer science, automation, applied mathematics, interdisciplinary research, as well as information technology, the theoretical foundations of computer science (such as mathematical and related to other scientific disciplines), information security and information protection, decision making and artificial intelligence, mathematical modeling, informatization.