Method of assessing the protection of computerbased control systems under information technology interference

The aim of this paper is to develop models that would enable a standardized representation of the structure, functions of computer-based control systems (CBCS) and quantification of the risk (fault tolerance) of automated control systems and their primary components, i.e. CBCS, under information technology interference (ITI). The paper shows the relevance and importance of CBCS models and estimation of the risk of operation of automated process control systems (APCS) under various ITI (computer attacks). Intruder ITI under consideration includes hardware, firmware and software-based interference able of blocking communication channels, disrupting information availability and integrity, as well as targeted and lasting information technology interference with an automated system, namely with the use of malware. The structural and functional model of a computer-based control system as the primary component of a higher-level system (APCS) developed in this paper is composed of a set of diagrams and descriptions of functions. The structural and functional model includes the following: channel structure of the control system’s main cycle (reading, processing of data, recording of output values, as well as communication subsystem operations), structural and functional diagram of CBCS of various types depending on the availability and utilization of a communication channel within the structure of the control cycles, standard vulnerability certificate. The diagrams detail the standard functions, operating procedures and information interaction of CBCS modules with the environment via communication channels. The ITI-specific risk model of APCS and CBCS as its part is described by indicators that characterize the conditional harm and condition of the control system, in which it is able to recover its operability, or whether external intervention is required that would affect not only the control system itself, but the controlled process as well. The following indicators were examined: characteristic points and parameters of risk function based on the Weibull-Gnedenko distribution, statistical estimation of CBCS protection, risk function, dynamic estimation of the risk of successful implementation of ITI against CBCS. It is assumed that the values of the parameters required for the calculation of the risk parameters and CBCS protection were obtained:

 - empirically based on structural and parametric analysis of the design features, functional dynamics and vulnerabilities of CBCS

 - as part of testbed simulation of CBCS as computer network users under ITI

 - experimentally based on the frequency of successful ITI threats,

and the protection indicators are also extrapolated to the whole CBCS lifecycle by means of a dynamic risk function-based correction using the Weibull-Gnedenko distribution. In the conclusion it is noted that the developed method of assessment of CBCS protection under ITI allows evaluating the risks of successful implementation by an intruder of malicious actions against CBCS and APCS in general, which predetermines the requirement for timely elimination of CBCS vulnerabilities and adoption of additional organizational and technical measures aimed at improving information security of automated control systems.

1. Klimov SM, Kupin SV, Kupin DS. Models of malicious software and fault tolerance of information communication networks. Dependability 2017;4:36-43. DOI: 10.21683/1729-2640-2017-17-4

2. Collective of authors. «Umnye» sredy, «umnye» sistemy, «umnye» proizvodstva: seriya dokladov (seriya zelenykh knig) v ramkakh proekta «Promyshlennyy i tekhnologicheskiy forsayt Rossiyskoy Federatsii» [“Smart” environments, “smart” systems, “smart” plants: a series of reports (a series of green books) as part of the project Industrial and technological foresight of the Russian Federation]. Saint Petersburg: Center for Strategic Research North-West; 2012 [in Russian].

3. GOST R 50779.27-2017. Statistical methods. Weibull [3]. distribution. Data analysis [in Russian].

4. Kapur K, Lamberson L. Reliability in Engineering Design. Moscow: Mir; 1980.

5. Klimov SM, Astrakhov АV, Sychiov МP. Metodicheskie osnovy protivodeystvia kompiuternim atakam [Basic methods of computer attack response]. Moscow: Bauman MSTU; 2013 [in Russian].

6. Klimov SM, Astrakhov АV, Sychiov МP. Tekhologicheskiye osnovy protivodeystvia kompiuternim atakam [Basic processes of computer attack response]. Moscow: Bauman MSTU; 2013 [in Russian].

7. Shubinsky IB. Nadiozhnie otkazoustoychivie informatsionnie sistemy. Metody sinteza [Dependable failsafe information systems. Synthesis methods]. Ulianovsk: Oblastnaya tipografia Pechatny dvor; 2016 [in Russian].

8. GOST R 56546-2015. Information protection. Vulnerabilities in information systems. The classification of vulnerabilities in information systems [in Russian].

9. Klimov SM, Kotyashev NN. Method of risk management for automated systems under conditions of cyber attacks. Dependability 2013;2:101-107 [in Russian].

10. Antonov SG, Klimov SM. Method for risk evaluation of functional instability of hardware and software systems under external information technology interference. Dependability 2017;17(1):32-39.

11. Klimov SM, Polovnikov AYu, Sergeev AP. Amodel of function-level fault tolerance of navigation signals provision processes in adverse conditions. Dependability 2017;17(2):41-47.

12. Klimov SM, Polikarpov SV, Fedchenko AV. Method of increasing fault tolerance of satellite communication networks under information technology interference. Dependability 2017:17(3):32-40.

13. Gapanovich VA, Shubinsky IB, Zamyshliaev AM. Risk assessment of a system with diverse elements. Dependability 2016;16(2):49-53.

14. Gapanovich VA, Rozenberg EN, Shubinsky IB. Some concepts of fail-safety and cyber protection of control systems. Dependability 2014;2:88-94 [in Russian].