Open AccessEXPERIENCE IN TRAINING PERSONNEL TO ENSURE THE COMPUTER SECURITY OF THE TRANSPORT INDUSTRY
Author(s) -
A. E. Vodyasov,
D. M. Kiryukhin,
G. V. Sidorenko
Publication year - 2021
Publication title -
avtomatika na transporte
Language(s) - English
Resource type - Journals
eISSN - 2658-4468
pISSN - 2412-9186
DOI - 10.20295/2412-9186-2021-7-2-315-335
Subject(s) - exploit , computer science , process (computing) , context (archaeology) , training (meteorology) , training system , engineering management , computer security , engineering , paleontology , physics , meteorology , economics , biology , economic growth , operating system
In the context of the pandemic, the role of computer security specialists in solving the problems of uninterrupted operation of transport enterprises has increased many times. The article is devoted to summing up and analyzing the experience accumulated in the RUT (MIIT) for 20 years of training specialists in the specialty “Computer Security”, determining the prospects for the development of the educational program. The article presents a methodology for using freely distributed software created by the authors of the article in the learning process in cases where it is impossible or unsafe on real objects. The main advantage of this technique is that it takes into account the experience gained by specialists in solving real cases, allows you to reproduce real system vulnerabilities without harming real systems for training purposes, makes it possible to diagnose these vulnerabilities, exploit them, choose and compare different ways to remove them from the system. The article contains an analysis of publications devoted to the experience of training personnel in the specialty “Computer Security” in different countries using various tools. The article provides an overview of the educational program and formulates the principles that form the basis of training at our university, demonstrates examples of the use of digital doubles in the learning process, focuses on the formation of interdisciplinary con nections, skills of applying theoretical knowledge to solve practical problems and analyze the results obtained. The review of the subjects of the discipline “Methods of risk management analysis”, statistical analysis of the results of the implementation of the methodology developed by the authors in practice, and their graphical interpretation is carried out. Examples of the application of risk theory to solving computer security problems are given. The article contains examples of students ‘ participation in research activities, the creation of methodological support for the relevant educational program, and various events outside the university.