The paper examines the reliability of an information management system as its ability to provide the required services that can be justifiably trusted. It is assumed that the system functions without an operator. The aim is to ensure the dependability of a multimodule control system, when the problem-solving results are affected by failures, faults and errors of problem-solution by the system’s computation modules (CMs). Conventional fault tolerance methods do not provide the desired effect, as even under infinite structural redundancy yet real capabilities of on-line detection of CM failures or faults the system’s dependability is significantly lower than expected. The paper proposes and evaluates the methods of adaptive dependability. They are to ensure the observability of control systems under limited capabilities of component CM operability supervision, as well as achieving the required levels of dependability of information management systems in cases of insignificant float time and structural redundancy. These goals are achieved through active (and automatic) reassignment of the available computational resources for on-line information processing. The methods of adaptive dependability enable – with no interruption of computational processes and while solving real-world problems – timely automatic detection and elimination of failures, faults of CMs and errors in the solution of specified problems through on-line localization of faulty modules and subsequent automatic reconfiguration of the system with the elimination of such modules from operation.

In the context of various tasks related to dependability estimation of systems by probabilistic physical methods the most important a priori information that ensures effective solutions is the information on the variation coefficient of the time to failure. Given the low failure statistics, the estimation of the variation coefficient of the time to failure is complicated due to significant sample censoring. In these cases, methods of variation coefficient evaluation with additional a priori information and the method of quantiles are used. The solution of a number of dependability-related tasks that require taking into consideration various failure distributions is significantly simplified if the functions of such distributions are tabulated in the relative operation time and variation coefficient parameters. An effective solution of dependability-related tasks with the use of tables of DN distribution function was first proposed for the parametrization of distribution in parameters x and v, where x is the scale parameter, relative operation time x = at; v is the shape parameter, variation coefficient v = V; a is the average degradation rate. That allowed performing tabulation out of real time, simplifying function tabulation and its use in a number of dependability-related tasks by method of quantiles. The paper analyzed the effectiveness of the method of quantiles in the estimation of the variation coefficient of the time to failure, that is at the same time the shape parameter of the DN distribution, under scarce failure statistics and based on it proposes a new, more effective, method. The method of estimation of the variation coefficient using low and ultralow-level quantiles is based on the behaviour analysis of function a_i = f(t) obtained using the method of quantiles. It is considered that the best choice of the a priori value of v is a choice under which the dependence graph a_i = f(t) is most accurately described by a straight horizontal line, which is in complete compliance with the hypothesis of constant degradation rate accepted in the context of DN distribution formalization. In cases when the dependence graph a_i = f(t) does not easily allow concluding on the best choice of the a priori value v (it is especially difficult to make a choice based on the statistics of first failures), the following formal criterion can be used: the most acceptable a priori value of the shape parameter v lies within the range of values, where the sign of the trend of the average degradation rate (h) in graph a_i = f(t) changes. Studies have established that the most significant errors in the estimation of the variation coefficient are associated with first failures. When processing the results of dependability tests it is assumed the first failures in a sample have the lowest information weight, as their occurrence is due to serious defects not detected by final quality inspection of products. The first failures normally “fall out” of the overall statistical pattern, and it is recommended to omit them from further analysis. The proposed method of estimation of the variation coefficient of the time to failure based on ultralow-level quantiles enables – in the context of limited failure statistics, when other methods are inefficient – for sufficiently accurate identification of not only the variation coefficient of the time to failure and DN distribution parameters, but also make conclusions regarding the feasibility and legitimacy of equalization (description) of the considered sample using this diffusion distribution, i.e. it can be used as a kind of criterion of compliance of the empirical failure distribution under consideration with the chosen theoretical dependability model. The described process of finding the truest values of the variation coefficient of the time to failure using the formal criterion can be computerized.

The paper is dedicated to the improvement of the evaluation methods of one of the most important operating characteristics of gas compression units (GCUs), i.e. dependability, under the conditions of decreasing pipeline utilization rate. Currently, the dependability of units is characterized by a set of parameters based on the identification of the time spent by a unit in certain operational state. The paper presents the primary findings regarding the dependability coefficients of GPA-Ts-18 units, 41 of which are operated in multi-yard compressor stations (CSs) of one of Gazprom’s subsidiaries. The dependability indicators (technical state coefficient, availability coefficient, operational availability coefficient) identified as part of the research are given as well. GCUs were classified into groups depending on the coefficient values. The feasibility of using integral indicators in the analysis of GCU groups’ dependability was examined. It was proposed to use confidence intervals for identification of the integral level of dependability of the operated GCU stock and the ways of maintaining the operability of units under the conditions of decreasing main gas pipeline utilization rate. The Gini index was suggested for the purpose of generalized estimation of GCU groups’ dependability. It is shown that the advantage of the Gini coefficient is that is allows taking into account the ranks of the analyzed features in groups. The graphic interpretation of the findings was executed with a Lorenz curve. The paper implements the sigma rule that characterizes the probability of the actual coefficient value being within the confidence interval, i.e. prediction limits (upper and lower), within which the actual values will fall with a given probability. The confidence intervals were identified by the type of coefficients distribution and a standard deviation, ć. A histogram of an interval range of technical utilization coefficient distribution is given as an example. Testing of the hypothesis of the distribution type at confidence level 0.95 showed that the distribution of coefficients is normal. Using the moment method, the mathematical expectation and mean square deviation for the distribution of the values of each type of dependability indicators were established. Using the sigma rule, all extreme outliers among the GCUs in terms of the level of factor attribute were excluded from the body of input data. All units whose factor attribute value does not fall in the interval were excluded. According to the three sigma rule, 3 and 2 GCUs did not fall in the confidence interval (µ±3σ) in terms of the utilization factor and availability factor respectively. The performed analysis of causes of low availability coefficients of the above GCUs showed that the systems had been long in maintenance. The paper sets forth summary data on the maximum allowable value of the Gini index of dependability coefficients (C_TU, C_A, C_OA) depending on the sample size (the complete sample of 41 units and samples with the interval of 1, 2, 3 sigma). In case of higher values of Gini index it is recommended to adopt measures to individual units in order to improve the dependability of the operated GCU stock.

The problem of increasing the dependability of the engine, which is the most complex and expensive unit of an automotive vehicle, cannot be solved without objective and reliable information on the failures and malfunctions of its components, their causes, actual life, as well as the factors affecting such indicators in real operational conditions. Manufacturing factories do not always have such information, hence design deficiency failures associated with design and development flaws are among the most common causes of loss of engine operability.

The aim of this paper is to study the engine operational dependability using the results of their maintenance and repair.

The methods are based on operational tests of engines that yield the most complete and objective information on their dependability, as they were conducted in typical operational conditions of automobile operating companies in the course of vehicle maintenance and repair. The results of the studies processed with the standard Statistica 6.0 are represented in the form the statistical evaluations of the dependability of primary structural engine components (times to failure, changes in the probability of nofailure depending on the travelled distance). The analysis of the obtained information allows estimating the level of actual dependability of the engine, identifying design flaws, developing specific measures aiming to increase operational dependability. Information obtained during such tests is useful not only to the engine manufacturers, but to the operators as well, as it enables a scientific substantiation of the norms of operability. For the purpose of identification and localization in the process of maintenance and repair of specific engine malfunctions, the paper substantiates a set of diagnostic parameters and their standard values.

Conclusions. The research allowed elaborating a set of diagnostic parameters for evaluation of the technical condition of primary engine systems (cylinder-piston group, crank and gas distributing mechanisms) that define and limit its dependability. The application of the findings in the automobile maintenance and repair processes enables a significant improvement of the engines’ operational dependability and reduction of the costs of ensuring their operability.

Aim. Calculations are an integral part of the development of any complex technical object. Normally, they are subdivided into the calculations to confirm product operability (kinematic, electrical, thermal, strength, hydraulic and pneumatic systems analysis, etc.) and calculations to confirm its dependability (calculation of reliability, longevity, maintainability, storability and other indicators). As it is understood and provided in statutory documents, dependability calculation involves procedures of identification of an object’s dependability indicators using methods based on their calculation using reference information on the object’s components dependability, on the dependability of analog objects, on the properties of the materials and other information available at the time of calculation. However, in the case of development of unique highly vital systems, obtaining statistical data for dependability calculation is impossible due to two conflicting conditions, i.e. the limited number of produced objects and the requirement of high accuracy of the input information. Nevertheless, in the author’s opinion dependability calculations must be performed. The only question is how to calculate the dependability and what such calculation should mean.

Methods. In the classic dependability theory, the conventional understanding of probability of no-failure is the frequency of failures in time, yet for unique highly vital systems the failure rate must tend to zero over the entire period of operation (preferably, there should be no failures at all). For this reason the concept of “failure” in the context of unique highly vital systems should probably be interpreted not as an event, i.e. any fact, which as a result of experience can occur or not occur, but as possible risk, i.e. an undesirable situation or circumstance that is characterized by the probability of occurrence and potentially negative consequences. Then, an event in the form of a real or potential failure in operation can be associated with a risk in the form of probability of failure with negative consequences, which in terms of the consequences is equally unacceptable with regard to unique highly vital systems. In this case dependability calculation can be reasonably substituted with risk assessment, a process that encompasses risk identification, risk analysis and comparative risk assessment. Thus, risk assessment enables the achievement of the target dependability directly by substantiating the stability of manifestation of a specific product’s properties and not indirectly through undependability caused by failures of analog products.

Results. The paper shows the procedure of risk assessment for unique highly vital systems. Using the example of a mechanical system with actuated parts represented by a spacecraft single-section pivoted rod the risk assessment procedures are shown. The feasibility of risk assessment with the use of design engineering analysis of dependability is demonstrated.

Conclusions. It is shown that the absence of statistical data on the dependability of analogs of unique highly vital systems does not prevent dependability calculation in the form of risk assessment. Moreover, the results of such calculations can be a source and guidelines for adopting design and process engineering solutions in the development of products with target dependability indicators. However, legalizing the method of such calculations requires the modifications of the technical rules and regulations to allow for dependability calculation by other means than with the use of statistical data on the failures of analogs.

The aim of this paper is to develop models that would enable a standardized representation of the structure, functions of computer-based control systems (CBCS) and quantification of the risk (fault tolerance) of automated control systems and their primary components, i.e. CBCS, under information technology interference (ITI). The paper shows the relevance and importance of CBCS models and estimation of the risk of operation of automated process control systems (APCS) under various ITI (computer attacks). Intruder ITI under consideration includes hardware, firmware and software-based interference able of blocking communication channels, disrupting information availability and integrity, as well as targeted and lasting information technology interference with an automated system, namely with the use of malware. The structural and functional model of a computer-based control system as the primary component of a higher-level system (APCS) developed in this paper is composed of a set of diagrams and descriptions of functions. The structural and functional model includes the following: channel structure of the control system’s main cycle (reading, processing of data, recording of output values, as well as communication subsystem operations), structural and functional diagram of CBCS of various types depending on the availability and utilization of a communication channel within the structure of the control cycles, standard vulnerability certificate. The diagrams detail the standard functions, operating procedures and information interaction of CBCS modules with the environment via communication channels. The ITI-specific risk model of APCS and CBCS as its part is described by indicators that characterize the conditional harm and condition of the control system, in which it is able to recover its operability, or whether external intervention is required that would affect not only the control system itself, but the controlled process as well. The following indicators were examined: characteristic points and parameters of risk function based on the Weibull-Gnedenko distribution, statistical estimation of CBCS protection, risk function, dynamic estimation of the risk of successful implementation of ITI against CBCS. It is assumed that the values of the parameters required for the calculation of the risk parameters and CBCS protection were obtained:

 - empirically based on structural and parametric analysis of the design features, functional dynamics and vulnerabilities of CBCS

 - as part of testbed simulation of CBCS as computer network users under ITI

 - experimentally based on the frequency of successful ITI threats,

and the protection indicators are also extrapolated to the whole CBCS lifecycle by means of a dynamic risk function-based correction using the Weibull-Gnedenko distribution. In the conclusion it is noted that the developed method of assessment of CBCS protection under ITI allows evaluating the risks of successful implementation by an intruder of malicious actions against CBCS and APCS in general, which predetermines the requirement for timely elimination of CBCS vulnerabilities and adoption of additional organizational and technical measures aimed at improving information security of automated control systems.

Aim. The variety of activity types and the corresponding unfavorable outcomes has led to a dramatic diversity in terminology interpretations of the concepts related to risk, including ones in regulatory documents. This circumstance contradicts the primary purpose of the scientific and technical terminology standardization, which is the establishment of unambiguous and non-contradictory terminology in all types of documentation involved in the standardization activities or using the results of such activities. Given the above, this paper aims to estimate the conformity of the definitions of the concept of “risk” in the set of risk management standards with the requirements of the regulatory documents of the Russian standardization system and development of proposals regarding a new interpretation of this concept.

Methods. The need for updating the existing definitions of risk and developing a definition complying with all the requirements of the regulatory documents of the Russian standardization system was based on the methods of terminological, logical-semantic and system analysis.

Results. An analysis of compliance of the existing definitions of the term “risk” with the requirements of the Russian standardization system has been conducted and revealed that none of them fully meets such requirements, therefore the interpretation of the concept of “risk” requires a revision. The paper substantiates the interpretation of risk as one of the properties of the quality of a decision made in situations of uncertainty. This property characterizes the possibility and consequences of not achieving the goal of human activities in the situation of decision-making regarding the selection of further actions under uncertainty. Hence is given the following new definition of the term risk, i.e. one of the properties of the quality of a decision made in a situation of uncertainty that characterizes the possibility and consequences of not achieving the stated goals. The advantages of the proposed interpretation of risk over the existing definitions have been considered.

Conclusions. The paper proposes and substantiates a new definition of the term “risk” that can be considered preferable over the existing versions. The proposed definition is based on most important concepts in terms of the theory and practice of management, i.e. “property”, “quality”, “decision”, “situation”, “goals” that are among the basic categories of human knowledge. This enables the use of both the existing quantitative characteristics of risk and the extension of the system of substantiated characteristics of risk, including those borrowed from the toolboxes of assessment of the manifestation rate of various objects’ properties adopted in other domains of science. The authors show such special features of the proposed interpretation of risk as complexity, situation awareness and goal orientation. The complex and goal-oriented nature of risk prompts to consider actual capabilities to achieve the target characteristics of safety, performance, resource intensity and timeliness of reaching the specified goals of activities. The situational nature of risk as a property of a decision in a specific situation prompts the examination of the entirety of the associated contributing properties of the situation, i.e. the composition of the objects and subjects of human activity, as well as the conditions and circumstances that create specific relations between them. This approach significantly improves the precision of identification of the inventory and nature of the risk factors and therefore expands choices of risk management means and methods.

Due to the nature of its operations, the transportation industry in itself is a potential source of danger. In case of unlawful aggressive intrusions the danger becomes real and fraught with grave consequences. The statistics of the last 10 to 15 years show that 50 to 70% of accomplished terrorist attacks were associated with transportation. Individual measures cannot ensure transportation security. The problem must be approached comprehensively and systemically. Transportation security greatly contributes to the national security of the Russian Federation. The Federal Law of February 9, 2007 no. 16-FZ On transportation security, for the first time in Russian practice, raised the question of securing the entire transportation industry of the Russian Federation, established the legal foundations of the activities related to the protection of transportation infrastructure and vehicles against acts of unlawful interference, including those of terrorist nature. For the first time, a single systemic approach to anti-terrorist protection is provided for all means of transportation. The transportation industry is quite vulnerable to terrorist attacks. We are talking about vehicles, transportation lines, stations, vehicles carrying dangerous loads. The vulnerability of transportation is due to the possibility of damage to signalling, automation and communication assets, whose protection is complicated due to the scale and extent of Russia’s railways. Despite the problems and objective difficulties related to the legislation in the area of transportation security, the workers of the Russian railway industry make their best effort to ensure protection of transportation infrastructure and vehicles against acts of unlawful interference. Promptly reacting to other challenges and threats, they ensure reliable operation of the transportation industry, thus preserving the peace and safety of our citizens. This paper examines matters related to ensuring efficient safety of transportation infrastructure. A significant emphasis is placed on the systems that enable detection of intrusions into protected areas of a facility.