Model and Method for Determining the Optimal Structure of the Security System for Critical Information Infrastructure

The article investigates the problem of information security of critical information infrastructures. The features of critical objects from the point of view of collecting, processing, storing and transmitting information are analysed. The set of functions performed by the information security system in critical infrastructures and the dependencies between these functions are studied. A model of the security system is proposed and the require ments for this model are defined. At the same time, the set of relations between objects and threats is represented in the form of an object-threat relationship graph, in which an edge connecting the j-th object with the i-th threat exists only when the i-th threat can directly affect the j-th object. To protect objects of critical information infrastructures from possible threats, a set of necessary methods and tools has been introduced into the model of the security system, which converts a two-sided graph into a three-sided one, such as “object – method – threat”. Further in the article, the problem of determining the optimal structure of the security system for critical information infrastructure objects is considered. It is assumed here that each threat can affect several objects, and that any object can be affected by more than one threat. The solution of this problem makes it possible to minimize the material costs to implement the methods and tools for protection and minimize damage from a security breach. 

1. Gasimov V. A., Amashov Y. A., Aliyeva F. P., Mustafayeva E. A., Mutin D. I. Bolnokin V. E. (2019) Development of the Information Security System Effective Structure for the Distributed Computer Networks. IOP Conf. Series: Materials Science and Engineering. 537. https://iopscience.iop.org/article/10.1088/1757- 899X/537/5/052034/pdf.

2. Knapp E., Langill J. (2014) Industrial Network Security. Securing Critical Infrastructure Networks for Smart Grid SCADA, and Other Industrial Control Systems. Syngress Publ. 2nd ed. 460.

3. Mammadov J. I., Mammadov Z. M., Badalov E. E. (2020) Analysis of Information Threats and Risks in Critical Infrastructures, Determination of Information Protection Directions. Collection of Scientific Works of AAHM named after Heydar Aliyev. (1) (in Azeerb.).

4. Bautov A. (2002) An Economic View of the Problems of Information Security. Open Systems. SMDB. (2). https://www.osp.ru/os/2002/02/181118/ (in Russian).

5. Gasimov V. A. (1998) Construction and Realization Methods of Effective Structures of Security Service Systems in Open Computer Networks. Abstract of the Thesis for the Degree of Candidate of Technical Sciences. Baku. 26.

6. Abbasov A. M., Alguliev R. M., Gasimov V. A. (1998) Problems of Information Security in Computer Networks. Baku, Elm Publ. 235 (in Russian).

7. Gasimov V. A., Mamedov S. Z. (2007) Development of an Effective Structure of Information Security System for Corporate Computer Networks. Scientific Works of the Odessa National Academy of Communications named after O. S. Popova. (2), 70–73 (in Russian).