ASSESSMENT OF THE LEVEL OF SECURITY IN CYBERPHYSICAL SYSTEMS

Abstract

The article presents a new approach to risk assessment and the formation of preventive security measures based on the Lotka-Volterra model. Proposed models of security of cyber-physical systems: "predator-prey" taking into account computing capabilities and targeting of targeted cyber-attacks, " predator-prey" taking into account the possible competition of attackers in relation to the "prey", "predator-prey" taking into account the relationships between "species" by "preys" and "predator species", "predator-prey" taking into account the interrelationships between "prey species" and "predator species" allow to provide a view of the possibility of forming a vector of threats, as well as their dependence on the development of digital technologies and new directions of digital services . Based on the proposed approach, the coefficients of the Lotka-Volterra model α=0.39, β=0.32, γ=0.29, φ=0.27 were obtained, which take into account the synergy and hybridity of modern threats, funding for the formation and improvement of the defense system, and also allows you to determine the financial and computing capabilities of the attacker based on the identified threats. The evaluation mechanism also takes into account the physical component of cyber-physical systems, which are formed, as a rule, from two environments - the physical level and the management level. This view of cyber-physical systems requires the design of multi-circuit information protection systems, as well as the formation of objectivity in the assessment of threats to both the internal (physical level) loop of the information protection system and the external loop (management level). The proposed method of assessing the security of cyber-physical systems is based on the basis of the developed threat classifier, allows to assess the current level of security and dynamically form recommendations for the distribution of limited protection resources based on an expert assessment of known threats. This approach allows for dynamic modeling in off-line mode, which allows timely identification of the capabilities of attackers and the formation of preventive protection measures based on threat analysis. Simulation can use actual bases of assessment of real threats and incidents on cyber-physical systems, which allows for an expert assessment of their impact on both individual security services and security components (cyber security, information security, and security of information).