ABSTRACTS OF ARTICLES OF THE JOURNAL "INFORMATION TECHNOLOGIES".
No. 4. Vol. 26. 2020

DOI: 10.17587/it.26.213-221

V. I. Vasilyev, Professor, e-mail: vasilyev@ugatu.ac.ru, A. M. Vulfin, Associate Professor, e-mail: vulfin.alexey@gmail.com, M. B. Guzairov, Professor, e-mail: guzairov@ugatu.su, V. M. Kartak, Professor, e-mail: kvmail@mail.ru, L. R. Chernyakhovskaya, Professor, e-mail: lrchern@yandex.ru, Ufa State Aviation Technical University, Ufa, 450077, Russian Federation

Cybersecurity Risk Assessment of Industrial Objects' ACS of TP on the Basis of Nested Fuzzy Cognitive Maps Technology

The paper is devoted to methodical aspects of quantitative assessment of cybersecurity risks for automated systems of control and checking the technological processes (ACS of TP) of modern industrial companies which are at present more often the objects of targeted attacks leading to widescale losses. As the basic approach to obtain the quantitative risk estimates, it is offered to use the system risk-oriented approach laid down in the series of international and national standards IEC 62443 and GOST R 62443. As the development of this approach, the authors offer the technique of ACS cybersecurity risks analysis consisting in formation on the basis of preliminary comprehensive examination of protected object its detailed cognitive model, reflecting the main factors leading to these risks, their interdependencies (cause-effect links) and final effects caused by these risks. The peculiarity of this cognitive model is its creation in the class of nested fuzzy grey cognitive maps, accumulating generally the information about both the global nature of risks character and the local mechanisms of their occurrence and propagation in the explored object. The application of mathematical apparatus of Fuzzy Grey Cognitive Maps (FGCM) here provides a possibility to obtain more reliable quantitative (interval) estimates of risks indices with account of disposable real statistical data. The example of using the offered technique of risks analysis for quantitative assessment of security level (integrity) of telemetric information used for monitoring and checking the parameters of onboard aviation systems condition at the stations of ground technical service is considered. The software tool "Cognitive Map Constructor" allowing to automate the main stages of applying this technique is developed.
Keywords: cybersecurity, risk assessment, cognitive modeling, Fuzzy Grey Cognitive Map

To the contents