Open AccessМЕТОДОЛОГІЧНІ ЗАСАДИ ОЦІНЮВАННЯ ТА ЗАБЕЗПЕЧЕННЯ БЕЗПЕКИ КРИТИЧНИХ ІНФОРМАЦІЙНИХ ІНФРАСТРУКТУР
Author(s) -
Євген Віталійович Брежнєв,
Герман Вікторович Фесенко,
Вячеслав Сергійович Харченко
Publication year - 2018
Publication title -
radìoelektronnì ì komp'ûternì sistemi
Language(s) - English
Resource type - Journals
eISSN - 2663-2012
pISSN - 1814-4225
DOI - 10.32620/reks.2018.4.08
Subject(s) - critical infrastructure , critical infrastructure protection , risk analysis (engineering) , computer science , computer security , information system , quality (philosophy) , information technology , critical system , set (abstract data type) , information security , business , engineering , philosophy , epistemology , electrical engineering , programming language , operating system
The world trends in increasing of threats of natural and man-made nature, a level of terrorist threats, the number and complexity of cyberattacks have caused the actualization of needs for critical information infrastructure protection and improvement it's informational security and functional safety. A critical information infrastructure is considered as a set of information and telecommunication systems, improper operation of which may lead to the occurrence of an accident of critical infrastructure (energy, transport, etc.), as well as to decrease in quality of its services. The subject of paper’s study is the mechanisms for ensuring the safety (protection) of critical information infrastructures. The purpose of the paper is to substantiate the approach to the development of methodological foundations and technologies for assessing and ensuring the safety (protection) of critical information infrastructures taking into account the state and capabilities of modern information technologies. The methods used are: systems analysis methods, mathematical optimization methods, safety, and risk theory methods. The following results were obtained. The main tasks of the critical infrastructure protection system are formulated. The necessity of using the system of protection of critical information infrastructure as part of the system of protection of critical infrastructure is substantiated. The concept and principles of the methodology for assessing and ensuring the safety (protection) of critical information infrastructures are developed, working hypotheses, methods and models necessary for their implementation are suggested. The way of interaction of the elements of the proposed methodology, tasks and elements of the critical infrastructure protection system is shown. The results obtained are aimed at solving of one fundamental problem such as the existence of a contradiction between the intensive development of critical information infrastructures, negative influences and threats of various nature and the lack of methodological foundations, models, methods and information technologies for assessment and assurance of critical information infrastructure security and safety. The results obtained should be used to create elements of informational and analytical support for the decision maker in solving tasks related to the assessment and security (protection) of critical infrastructure